summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorShay <hillerys@element.io>2024-03-19 10:52:53 -0700
committerGitHub <noreply@github.com>2024-03-19 17:52:53 +0000
commit8fb5b0f335b3dc54962aea102c71a7e449497487 (patch)
tree698b5e92f822198a51131108a15fe61ac1501358 /synapse
parentBump pydantic from 2.6.0 to 2.6.4 (#17004) (diff)
downloadsynapse-8fb5b0f335b3dc54962aea102c71a7e449497487.tar.xz
Improve event validation (#16908)
As the title states.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/api/constants.py2
-rw-r--r--synapse/handlers/message.py13
-rw-r--r--synapse/handlers/sync.py12
3 files changed, 26 insertions, 1 deletions
diff --git a/synapse/api/constants.py b/synapse/api/constants.py

index d25aff98ff..98884b4967 100644
--- a/synapse/api/constants.py
+++ b/synapse/api/constants.py
@@ -129,6 +129,8 @@ class EventTypes:
 
     Reaction: Final = "m.reaction"
 
+    CallInvite: Final = "m.call.invite"
+
 
 class ToDeviceEventTypes:
     RoomKeyRequest: Final = "m.room_key_request"
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py

index 0ce6eeee15..ccaa5508ff 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -34,6 +34,7 @@ from synapse.api.constants import (
     EventTypes,
     GuestAccess,
     HistoryVisibility,
+    JoinRules,
     Membership,
     RelationTypes,
     UserTypes,
@@ -1325,6 +1326,18 @@ class EventCreationHandler:
 
         self.validator.validate_new(event, self.config)
         await self._validate_event_relation(event)
+
+        if event.type == EventTypes.CallInvite:
+            room_id = event.room_id
+            room_info = await self.store.get_room_with_stats(room_id)
+            assert room_info is not None
+
+            if room_info.join_rules == JoinRules.PUBLIC:
+                raise SynapseError(
+                    403,
+                    "Call invites are not allowed in public rooms.",
+                    Codes.FORBIDDEN,
+                )
         logger.debug("Created event %s", event.event_id)
 
         return event, context
diff --git a/synapse/handlers/sync.py b/synapse/handlers/sync.py

index 0aedb37f16..3aa2e2b7ba 100644
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@@ -41,6 +41,7 @@ from synapse.api.constants import (
     AccountDataTypes,
     EventContentFields,
     EventTypes,
+    JoinRules,
     Membership,
 )
 from synapse.api.filtering import FilterCollection
@@ -675,13 +676,22 @@ class SyncHandler:
                         )
                     )
 
-                loaded_recents = await filter_events_for_client(
+                filtered_recents = await filter_events_for_client(
                     self._storage_controllers,
                     sync_config.user.to_string(),
                     loaded_recents,
                     always_include_ids=current_state_ids,
                 )
 
+                loaded_recents = []
+                for event in filtered_recents:
+                    if event.type == EventTypes.CallInvite:
+                        room_info = await self.store.get_room_with_stats(event.room_id)
+                        assert room_info is not None
+                        if room_info.join_rules == JoinRules.PUBLIC:
+                            continue
+                    loaded_recents.append(event)
+
                 log_kv({"loaded_recents_after_client_filtering": len(loaded_recents)})
 
                 loaded_recents.extend(recents)
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-12 06:13:42 +0000