Sanitise error messages when user doesn't have permission to invite

author: Erik Johnston <erik@matrix.org> 2018-10-03 14:13:07 +0100
committer: Erik Johnston <erik@matrix.org> 2018-10-03 14:13:07 +0100
commit: 52e6e815bef4379773fde257c85c4fc4d11cd181 (patch)
tree: 645e3435ef69cd878d0572977e3189aafe04fd7d /synapse
parent: Newsfile (diff)
download: synapse-52e6e815bef4379773fde257c85c4fc4d11cd181.tar.xz
1 files changed, 2 insertions, 5 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index c6c011b6b6..af3eee95b9 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -155,10 +155,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
 
         if user_level < invite_level:
             raise AuthError(
-                403, (
-                    "You cannot issue a third party invite for %s." %
-                    (event.content.get("display_name", "<Unknown>"),)
-                )
+                403, "You don't have permission to invite users",
             )
         else:
             logger.debug("Allowing! %s", event)
@@ -305,7 +302,7 @@ def _is_membership_change_allowed(event, auth_events):
 
             if user_level < invite_level:
                 raise AuthError(
-                    403, "You cannot invite user %s." % target_user_id
+                    403, "You don't have permission to invite users",
                 )
     elif Membership.JOIN == membership:
         # Joins are valid iff caller == target and they were:
author	Erik Johnston <erik@matrix.org>	2018-10-03 14:13:07 +0100
committer	Erik Johnston <erik@matrix.org>	2018-10-03 14:13:07 +0100
commit	52e6e815bef4379773fde257c85c4fc4d11cd181 (patch)
tree	645e3435ef69cd878d0572977e3189aafe04fd7d /synapse
parent	Newsfile (diff)
download	synapse-52e6e815bef4379773fde257c85c4fc4d11cd181.tar.xz