diff options
author | Brendan Abolivier <babolivier@matrix.org> | 2019-06-05 13:38:01 +0100 |
---|---|---|
committer | Brendan Abolivier <babolivier@matrix.org> | 2019-06-05 13:38:01 +0100 |
commit | 40596aec0ec6da1e8918255b75eb5329292901ab (patch) | |
tree | a918b5ebfc4b48f8996b247df7ca75cd7cbb5d0f /synapse/rest/admin/_base.py | |
parent | Lint (diff) | |
parent | Clean up debug logging (#5347) (diff) | |
download | synapse-40596aec0ec6da1e8918255b75eb5329292901ab.tar.xz |
Merge branch 'develop' into m-heroes-empty-room-name
Diffstat (limited to 'synapse/rest/admin/_base.py')
-rw-r--r-- | synapse/rest/admin/_base.py | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/synapse/rest/admin/_base.py b/synapse/rest/admin/_base.py new file mode 100644 index 0000000000..881d67b89c --- /dev/null +++ b/synapse/rest/admin/_base.py @@ -0,0 +1,59 @@ +# -*- coding: utf-8 -*- +# Copyright 2019 New Vector Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from twisted.internet import defer + +from synapse.api.errors import AuthError + + +@defer.inlineCallbacks +def assert_requester_is_admin(auth, request): + """Verify that the requester is an admin user + + WARNING: MAKE SURE YOU YIELD ON THE RESULT! + + Args: + auth (synapse.api.auth.Auth): + request (twisted.web.server.Request): incoming request + + Returns: + Deferred + + Raises: + AuthError if the requester is not an admin + """ + requester = yield auth.get_user_by_req(request) + yield assert_user_is_admin(auth, requester.user) + + +@defer.inlineCallbacks +def assert_user_is_admin(auth, user_id): + """Verify that the given user is an admin user + + WARNING: MAKE SURE YOU YIELD ON THE RESULT! + + Args: + auth (synapse.api.auth.Auth): + user_id (UserID): + + Returns: + Deferred + + Raises: + AuthError if the user is not an admin + """ + + is_admin = yield auth.is_server_admin(user_id) + if not is_admin: + raise AuthError(403, "You are not a server admin") |