diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index 938eb29de7..3115a5065d 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2014, 2015 OpenMarket Ltd
+# Copyright 2014 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -55,8 +55,7 @@ class BaseHandler(object):
self.event_builder_factory = hs.get_event_builder_factory()
@defer.inlineCallbacks
- def _filter_events_for_client(self, user_id, events, is_guest=False,
- require_all_visible_for_guests=True):
+ def _filter_events_for_client(self, user_id, events, is_guest=False):
# Assumes that user has at some point joined the room if not is_guest.
def allowed(event, membership, visibility):
@@ -117,17 +116,6 @@ class BaseHandler(object):
if should_include:
events_to_return.append(event)
- if (require_all_visible_for_guests
- and is_guest
- and len(events_to_return) < len(events)):
- # This indicates that some events in the requested range were not
- # visible to guest users. To be safe, we reject the entire request,
- # so that we don't have to worry about interpreting visibility
- # boundaries.
- raise AuthError(403, "User %s does not have permission" % (
- user_id
- ))
-
defer.returnValue(events_to_return)
def ratelimit(self, user_id):
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index e64b67cdfd..62e82a2570 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2014, 2015 OpenMarket Ltd
+# Copyright 2014 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -408,7 +408,7 @@ class AuthHandler(BaseHandler):
macaroon = pymacaroons.Macaroon.deserialize(login_token)
auth_api = self.hs.get_auth()
auth_api.validate_macaroon(macaroon, "login", True)
- return self._get_user_from_macaroon(macaroon)
+ return self.get_user_from_macaroon(macaroon)
except (pymacaroons.exceptions.MacaroonException, TypeError, ValueError):
raise AuthError(401, "Invalid token", errcode=Codes.UNKNOWN_TOKEN)
@@ -421,7 +421,7 @@ class AuthHandler(BaseHandler):
macaroon.add_first_party_caveat("user_id = %s" % (user_id,))
return macaroon
- def _get_user_from_macaroon(self, macaroon):
+ def get_user_from_macaroon(self, macaroon):
user_prefix = "user_id = "
for caveat in macaroon.caveats:
if caveat.caveat_id.startswith(user_prefix):
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index a1bed9b0dc..5805190ce8 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2014, 2015 OpenMarket Ltd
+# Copyright 2014 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -685,7 +685,7 @@ class MessageHandler(BaseHandler):
).addErrback(unwrapFirstError)
messages = yield self._filter_events_for_client(
- user_id, messages, is_guest=is_guest, require_all_visible_for_guests=False
+ user_id, messages, is_guest=is_guest,
)
start_token = now_token.copy_and_replace("room_key", token[0])
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py
index baf7c14e40..6f111ff63e 100644
--- a/synapse/handlers/register.py
+++ b/synapse/handlers/register.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2014, 2015 OpenMarket Ltd
+# Copyright 2014 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,12 +40,13 @@ class RegistrationHandler(BaseHandler):
def __init__(self, hs):
super(RegistrationHandler, self).__init__(hs)
+ self.auth = hs.get_auth()
self.distributor = hs.get_distributor()
self.distributor.declare("registered_user")
self.captcha_client = CaptchaServerHttpClient(hs)
@defer.inlineCallbacks
- def check_username(self, localpart):
+ def check_username(self, localpart, guest_access_token=None):
yield run_on_reactor()
if urllib.quote(localpart) != localpart:
@@ -62,14 +63,29 @@ class RegistrationHandler(BaseHandler):
users = yield self.store.get_users_by_id_case_insensitive(user_id)
if users:
- raise SynapseError(
- 400,
- "User ID already taken.",
- errcode=Codes.USER_IN_USE,
- )
+ if not guest_access_token:
+ raise SynapseError(
+ 400,
+ "User ID already taken.",
+ errcode=Codes.USER_IN_USE,
+ )
+ user_data = yield self.auth.get_user_from_macaroon(guest_access_token)
+ if not user_data["is_guest"] or user_data["user"].localpart != localpart:
+ raise AuthError(
+ 403,
+ "Cannot register taken user ID without valid guest "
+ "credentials for that user.",
+ errcode=Codes.FORBIDDEN,
+ )
@defer.inlineCallbacks
- def register(self, localpart=None, password=None, generate_token=True):
+ def register(
+ self,
+ localpart=None,
+ password=None,
+ generate_token=True,
+ guest_access_token=None
+ ):
"""Registers a new client on the server.
Args:
@@ -89,7 +105,7 @@ class RegistrationHandler(BaseHandler):
password_hash = self.auth_handler().hash(password)
if localpart:
- yield self.check_username(localpart)
+ yield self.check_username(localpart, guest_access_token=guest_access_token)
user = UserID(localpart, self.hs.hostname)
user_id = user.to_string()
@@ -100,7 +116,8 @@ class RegistrationHandler(BaseHandler):
yield self.store.register(
user_id=user_id,
token=token,
- password_hash=password_hash
+ password_hash=password_hash,
+ was_guest=guest_access_token is not None,
)
yield registered_user(self.distributor, user)
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py
index 13f66e0df0..48a07e4e35 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2014, 2015 OpenMarket Ltd
+# Copyright 2014 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -115,6 +115,8 @@ class RoomCreationHandler(BaseHandler):
except:
raise SynapseError(400, "Invalid user_id: %s" % (i,))
+ invite_3pid_list = config.get("invite_3pid", [])
+
is_public = config.get("visibility", None) == "public"
if room_id:
@@ -220,6 +222,20 @@ class RoomCreationHandler(BaseHandler):
"content": {"membership": Membership.INVITE},
}, ratelimit=False)
+ for invite_3pid in invite_3pid_list:
+ id_server = invite_3pid["id_server"]
+ address = invite_3pid["address"]
+ medium = invite_3pid["medium"]
+ yield self.hs.get_handlers().room_member_handler.do_3pid_invite(
+ room_id,
+ user,
+ medium,
+ address,
+ id_server,
+ token_id=None,
+ txn_id=None,
+ )
+
result = {"room_id": room_id}
if room_alias:
@@ -879,14 +895,12 @@ class RoomContextHandler(BaseHandler):
user.to_string(),
results["events_before"],
is_guest=is_guest,
- require_all_visible_for_guests=False
)
results["events_after"] = yield self._filter_events_for_client(
user.to_string(),
results["events_after"],
is_guest=is_guest,
- require_all_visible_for_guests=False
)
if results["events_after"]:
diff --git a/synapse/handlers/sync.py b/synapse/handlers/sync.py
index 2ec42ee503..257bd2bfee 100644
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-# Copyright 2015 OpenMarket Ltd
+# Copyright 2015 - 2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -118,7 +118,7 @@ class SyncResult(collections.namedtuple("SyncResult", [
events.
"""
return bool(
- self.presence or self.joined or self.invited
+ self.presence or self.joined or self.invited or self.archived
)
GuestRoom = collections.namedtuple("GuestRoom", ("room_id", "membership"))
@@ -690,7 +690,6 @@ class SyncHandler(BaseHandler):
sync_config.user.to_string(),
loaded_recents,
is_guest=sync_config.is_guest,
- require_all_visible_for_guests=False
)
loaded_recents.extend(recents)
recents = loaded_recents
|
