diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index e1302553d7..d4f284bd60 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -24,6 +24,7 @@ from synapse.api.events.room import (
RoomJoinRulesEvent, RoomCreateEvent,
)
from synapse.util.logutils import log_function
+from syutil.base64util import encode_base64
import logging
@@ -61,8 +62,6 @@ class Auth(object):
# FIXME
return True
- self._can_send_event(event)
-
if event.type == RoomMemberEvent.TYPE:
allowed = self.is_membership_change_allowed(event)
if allowed:
@@ -71,6 +70,8 @@ class Auth(object):
logger.debug("Denying! %s", event)
return allowed
+ self._can_send_event(event)
+
if event.type == RoomPowerLevelsEvent.TYPE:
self._check_power_levels(event)
@@ -311,6 +312,54 @@ class Auth(object):
def is_server_admin(self, user):
return self.store.is_server_admin(user)
+ @defer.inlineCallbacks
+ def add_auth_events(self, event):
+ if event.type == RoomCreateEvent.TYPE:
+ event.auth_events = []
+ return
+
+ auth_events = []
+
+ key = (RoomPowerLevelsEvent.TYPE, "", )
+ power_level_event = event.old_state_events.get(key)
+
+ if power_level_event:
+ auth_events.append(power_level_event.event_id)
+
+ key = (RoomJoinRulesEvent.TYPE, "", )
+ join_rule_event = event.old_state_events.get(key)
+
+ key = (RoomMemberEvent.TYPE, event.user_id, )
+ member_event = event.old_state_events.get(key)
+
+ if join_rule_event:
+ join_rule = join_rule_event.content.get("join_rule")
+ is_public = join_rule == JoinRules.PUBLIC if join_rule else False
+
+ if event.type == RoomMemberEvent.TYPE:
+ if event.content["membership"] == Membership.JOIN:
+ if is_public:
+ auth_events.append(join_rule_event.event_id)
+ elif member_event:
+ auth_events.append(member_event.event_id)
+
+ if member_event:
+ if member_event.content["membership"] == Membership.JOIN:
+ auth_events.append(member_event.event_id)
+
+ hashes = yield self.store.get_event_reference_hashes(
+ auth_events
+ )
+ hashes = [
+ {
+ k: encode_base64(v) for k, v in h.items()
+ if k == "sha256"
+ }
+ for h in hashes
+ ]
+ event.auth_events = zip(auth_events, hashes)
+
+
@log_function
def _can_send_event(self, event):
key = (RoomPowerLevelsEvent.TYPE, "", )
diff --git a/synapse/api/events/__init__.py b/synapse/api/events/__init__.py
index 513a48f568..e5980c4be3 100644
--- a/synapse/api/events/__init__.py
+++ b/synapse/api/events/__init__.py
@@ -61,7 +61,6 @@ class SynapseEvent(JsonEncodedObject):
"replaces_state",
"redacted_because",
"origin_server_ts",
- "auth_events",
]
internal_keys = [
@@ -75,6 +74,7 @@ class SynapseEvent(JsonEncodedObject):
"hashes",
"signatures",
"prev_state",
+ "auth_events",
]
required_keys = [
diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index 2613fa7fce..f630280031 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -18,11 +18,6 @@ from twisted.internet import defer
from synapse.api.errors import LimitExceededError
from synapse.util.async import run_on_reactor
from synapse.crypto.event_signing import add_hashes_and_signatures
-from synapse.api.events.room import (
- RoomCreateEvent, RoomMemberEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent,
-)
-from synapse.api.constants import Membership, JoinRules
-from syutil.base64util import encode_base64
import logging
@@ -60,53 +55,6 @@ class BaseHandler(object):
)
@defer.inlineCallbacks
- def _add_auth(self, event):
- if event.type == RoomCreateEvent.TYPE:
- event.auth_events = []
- return
-
- auth_events = []
-
- key = (RoomPowerLevelsEvent.TYPE, "", )
- power_level_event = event.old_state_events.get(key)
-
- if power_level_event:
- auth_events.append(power_level_event.event_id)
-
- key = (RoomJoinRulesEvent.TYPE, "", )
- join_rule_event = event.old_state_events.get(key)
-
- key = (RoomMemberEvent.TYPE, event.user_id, )
- member_event = event.old_state_events.get(key)
-
- if join_rule_event:
- join_rule = join_rule_event.content.get("join_rule")
- is_public = join_rule == JoinRules.PUBLIC if join_rule else False
-
- if event.type == RoomMemberEvent.TYPE:
- if event.content["membership"] == Membership.JOIN:
- if is_public:
- auth_events.append(join_rule_event.event_id)
- elif member_event:
- auth_events.append(member_event.event_id)
-
- if member_event:
- if member_event.content["membership"] == Membership.JOIN:
- auth_events.append(member_event.event_id)
-
- hashes = yield self.store.get_event_reference_hashes(
- auth_events
- )
- hashes = [
- {
- k: encode_base64(v) for k, v in h.items()
- if k == "sha256"
- }
- for h in hashes
- ]
- event.auth_events = zip(auth_events, hashes)
-
- @defer.inlineCallbacks
def _on_new_room_event(self, event, snapshot, extra_destinations=[],
extra_users=[], suppress_auth=False):
yield run_on_reactor()
@@ -115,7 +63,7 @@ class BaseHandler(object):
yield self.state_handler.annotate_state_groups(event)
- yield self._add_auth(event)
+ yield self.auth.add_auth_events(event)
logger.debug("Signing event...")
diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
index f0448a05d8..09593303a4 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -317,6 +317,7 @@ class FederationHandler(BaseHandler):
snapshot.fill_out_prev_events(event)
yield self.state_handler.annotate_state_groups(event)
+ yield self.auth.add_auth_events(event)
self.auth.check(event, raises=True)
pdu = self.pdu_codec.pdu_from_event(event)
diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py
index 48ad4d864f..96adf20c89 100644
--- a/synapse/storage/__init__.py
+++ b/synapse/storage/__init__.py
@@ -310,6 +310,7 @@ class DataStore(RoomMemberStore, RoomStore,
"room_id": event.room_id,
"auth_id": auth_id,
},
+ or_ignore=True,
)
(ref_alg, ref_hash_bytes) = compute_event_reference_hash(event)
|
