Merge pull request #3474 from matrix-org/erikj/py3_auth

Fix up auth check
author: Erik Johnston <erikj@jki.re> 2018-07-04 09:41:33 +0100
committer: GitHub <noreply@github.com> 2018-07-04 09:41:33 +0100
commit: 40252d13d14dfda187ccc28e1c14379a136da08c (patch)
tree: 5c2540c3d03f6ee9957373f890ae539478425b87 /synapse
parent: Reject invalid server names (#3480) (diff)
parent: Newsfile (diff)
download: synapse-40252d13d14dfda187ccc28e1c14379a136da08c.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index f512d88145..cdf99fd140 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -76,6 +76,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
         return
 
     if event.type == EventTypes.Create:
+        sender_domain = get_domain_from_id(event.sender)
         room_id_domain = get_domain_from_id(event.room_id)
         if room_id_domain != sender_domain:
             raise AuthError(
@@ -524,7 +525,11 @@ def _check_power_levels(event, auth_events):
                     "to your own"
                 )
 
-        if old_level > user_level or new_level > user_level:
+        # Check if the old and new levels are greater than the user level
+        # (if defined)
+        old_level_too_big = old_level is not None and old_level > user_level
+        new_level_too_big = new_level is not None and new_level > user_level
+        if old_level_too_big or new_level_too_big:
             raise AuthError(
                 403,
                 "You don't have permission to add ops level greater "
author	Erik Johnston <erikj@jki.re>	2018-07-04 09:41:33 +0100
committer	GitHub <noreply@github.com>	2018-07-04 09:41:33 +0100
commit	40252d13d14dfda187ccc28e1c14379a136da08c (patch)
tree	5c2540c3d03f6ee9957373f890ae539478425b87 /synapse
parent	Reject invalid server names (#3480) (diff)
parent	Newsfile (diff)
download	synapse-40252d13d14dfda187ccc28e1c14379a136da08c.tar.xz