Implement rules change

author: Brendan Abolivier <babolivier@matrix.org> 2019-06-17 19:21:58 +0100
committer: Brendan Abolivier <babolivier@matrix.org> 2019-06-17 20:24:22 +0100
commit: 073dd7778e0f9fdfdfcce53ef4c9d8a96cffeb63 (patch)
tree: 7179a4c139aa8ae78b842211a4ee61fdf1929c15 /synapse/tchap/event_rules.py
parent: Improve doc (diff)
download: synapse-073dd7778e0f9fdfdfcce53ef4c9d8a96cffeb63.tar.xz
1 files changed, 40 insertions, 1 deletions
diff --git a/synapse/tchap/event_rules.py b/synapse/tchap/event_rules.py
index 7a2bec8072..18d6d3bd6f 100644
--- a/synapse/tchap/event_rules.py
+++ b/synapse/tchap/event_rules.py
@@ -105,7 +105,10 @@ class TchapEventRules(object):
         defer.returnValue(True)
 
     def check_event_allowed(self, event, state_events):
-        # TODO: add rules for sending the access rules event
+        # Special-case the access rules event.
+        if event.type == ACCESS_RULES_TYPE:
+            return self._on_rules_change(event, state_events)
+
         rule = self._get_rule_from_state(state_events)
 
         if rule == ACCESS_RULE_RESTRICTED:
@@ -121,6 +124,42 @@ class TchapEventRules(object):
 
         return ret
 
+    def _on_rules_change(self, event, state_events):
+        new_rule = event.content.get("rule")
+
+        # Check for invalid values.
+        if (
+            new_rule != ACCESS_RULE_DIRECT
+            and new_rule != ACCESS_RULE_RESTRICTED
+            and new_rule != ACCESS_RULE_UNRESTRICTED
+        ):
+            return False
+
+        # Make sure we don't apply "direct" if the room has more than two members.
+        if new_rule == ACCESS_RULE_DIRECT:
+            member_events_count = 0
+            for key, event in state_events.items():
+                if key[0] == EventTypes.Member:
+                    member_events_count += 1
+
+            if member_events_count > 2:
+                return False
+
+        prev_rules_event = state_events.get((ACCESS_RULES_TYPE, ""))
+
+        # Now that we know the new rule doesn't break the "direct" case, we can allow any
+        # new rule in rooms that had none before.
+        if prev_rules_event is None:
+            return True
+
+        prev_rule = prev_rules_event.content.get("rule")
+
+        # Currently, we can only go from "restricted" to "unrestricted".
+        if prev_rule == ACCESS_RULE_RESTRICTED and new_rule == ACCESS_RULE_UNRESTRICTED:
+            return True
+
+        return False
+
     def _apply_restricted(self, event):
         # "restricted" currently means that users can only invite users if their server is
         # included in a limited list of domains.
author	Brendan Abolivier <babolivier@matrix.org>	2019-06-17 19:21:58 +0100
committer	Brendan Abolivier <babolivier@matrix.org>	2019-06-17 20:24:22 +0100
commit	073dd7778e0f9fdfdfcce53ef4c9d8a96cffeb63 (patch)
tree	7179a4c139aa8ae78b842211a4ee61fdf1929c15 /synapse/tchap/event_rules.py
parent	Improve doc (diff)
download	synapse-073dd7778e0f9fdfdfcce53ef4c9d8a96cffeb63.tar.xz