diff options
| author | reivilibre <38398653+reivilibre@users.noreply.github.com> | 2021-08-31 10:09:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-31 10:09:58 +0100 |
| commit | 52c7a51cfc568ed61d800df99dcca25dc3b5fe3e (patch) | |
| tree | 60d4a8ba77d6f3d8c06dcd81259a2233900c97bd /synapse/handlers | |
| parent | Fix incompatibility with Twisted < 21. (#10713) (diff) | |
| download | synapse-52c7a51cfc568ed61d800df99dcca25dc3b5fe3e.tar.xz | |
Merge pull request from GHSA-3x4c-pq33-4w3q
* Add some tests to characterise the problem Some failing. Current states: RoomsMemberListTestCase test_get_member_list ... [OK] test_get_member_list_mixed_memberships ... [OK] test_get_member_list_no_permission ... [OK] test_get_member_list_no_permission_former_member ... [OK] test_get_member_list_no_permission_former_member_with_at_token ... [FAIL] test_get_member_list_no_room ... [OK] test_get_member_list_no_permission_with_at_token ... [FAIL] * Correct the tests * Check user is/was member before divulging room membership * Pull out only the 1 membership event we want. * Update tests/rest/client/v1/test_rooms.py Co-authored-by: Erik Johnston <erik@matrix.org> * Fixup tests (following apply review suggestion) Co-authored-by: Erik Johnston <erik@matrix.org>
Diffstat (limited to 'synapse/handlers')
| -rw-r--r-- | synapse/handlers/message.py | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py index 8a0024ce84..101a29c6d3 100644 --- a/synapse/handlers/message.py +++ b/synapse/handlers/message.py @@ -183,20 +183,37 @@ class MessageHandler: if not last_events: raise NotFoundError("Can't find event for token %s" % (at_token,)) + last_event = last_events[0] + + # check whether the user is in the room at that time to determine + # whether they should be treated as peeking. + state_map = await self.state_store.get_state_for_event( + last_event.event_id, + StateFilter.from_types([(EventTypes.Member, user_id)]), + ) + + joined = False + membership_event = state_map.get((EventTypes.Member, user_id)) + if membership_event: + joined = membership_event.membership == Membership.JOIN + + is_peeking = not joined visible_events = await filter_events_for_client( self.storage, user_id, last_events, filter_send_to_client=False, + is_peeking=is_peeking, ) - event = last_events[0] if visible_events: room_state_events = await self.state_store.get_state_for_events( - [event.event_id], state_filter=state_filter + [last_event.event_id], state_filter=state_filter ) - room_state: Mapping[Any, EventBase] = room_state_events[event.event_id] + room_state: Mapping[Any, EventBase] = room_state_events[ + last_event.event_id + ] else: raise AuthError( 403, |