summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorKegan Dougal <kegan@matrix.org>2015-04-01 14:05:24 +0100
committerKegan Dougal <kegan@matrix.org>2015-04-01 14:05:24 +0100
commit813e54bd5b332e4514ecfea71d33d27f106fe5ff (patch)
treed31732038d54fda3f776f23b023b022b73850ca7 /synapse
parentMerge pull request #116 from matrix-org/application-services-registration-script (diff)
downloadsynapse-813e54bd5b332e4514ecfea71d33d27f106fe5ff.tar.xz
Fix more AS sender ID thinkos.
Specifically, the ASes own user ID wasn't being treated as 'exclusive' so
a human could nab it. Also, the HS would needlessly send user queries to the
AS for its own user ID.
Diffstat (limited to '')
-rw-r--r--synapse/appservice/__init__.py5
-rw-r--r--synapse/handlers/appservice.py9
2 files changed, 12 insertions, 2 deletions
diff --git a/synapse/appservice/__init__.py b/synapse/appservice/__init__.py
index ab0a6955f0..63a18b802b 100644
--- a/synapse/appservice/__init__.py
+++ b/synapse/appservice/__init__.py
@@ -211,7 +211,10 @@ class ApplicationService(object):
         return self._matches_regex(room_id, ApplicationService.NS_ROOMS)
 
     def is_exclusive_user(self, user_id):
-        return self._is_exclusive(ApplicationService.NS_USERS, user_id)
+        return (
+            self._is_exclusive(ApplicationService.NS_USERS, user_id)
+            or user_id == self.sender
+        )
 
     def is_exclusive_alias(self, alias):
         return self._is_exclusive(ApplicationService.NS_ALIASES, alias)
diff --git a/synapse/handlers/appservice.py b/synapse/handlers/appservice.py
index 59cf15b037..492a630fdc 100644
--- a/synapse/handlers/appservice.py
+++ b/synapse/handlers/appservice.py
@@ -180,7 +180,14 @@ class ApplicationServicesHandler(object):
             return
 
         user_info = yield self.store.get_user_by_id(user_id)
-        defer.returnValue(len(user_info) == 0)
+        if len(user_info) > 0:
+            defer.returnValue(False)
+            return
+
+        # user not found; could be the AS though, so check.
+        services = yield self.store.get_app_services()
+        service_list = [s for s in services if s.sender == user_id]
+        defer.returnValue(len(service_list) == 0)
 
     @defer.inlineCallbacks
     def _check_user_exists(self, user_id):