diff options
author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2022-06-17 14:56:46 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-17 13:56:46 +0000 |
commit | e16ea87d0f8c4c30cad36f85488eb1f647e640b0 (patch) | |
tree | 0ae8bd49de90c12e0e02ef2c5e7e70fa94346323 /tests/test_event_auth.py | |
parent | Add type hints to event push actions tests. (#13099) (diff) | |
download | synapse-e16ea87d0f8c4c30cad36f85488eb1f647e640b0.tar.xz |
Fix inconsistencies in event validation for `m.room.create` events (#13087)
* Extend the auth rule checks for `m.room.create` events ... and move them up to the top of the function. Since the no auth_events are allowed for m.room.create events, we may as well get the m.room.create event checks out of the way first. * Add a test for create events with prev_events
Diffstat (limited to '')
-rw-r--r-- | tests/test_event_auth.py | 45 |
1 files changed, 43 insertions, 2 deletions
diff --git a/tests/test_event_auth.py b/tests/test_event_auth.py index e8e458cfd3..ed7a3cbcee 100644 --- a/tests/test_event_auth.py +++ b/tests/test_event_auth.py @@ -109,6 +109,47 @@ class EventAuthTestCase(unittest.TestCase): ) ) + def test_create_event_with_prev_events(self): + """A create event with prev_events should be rejected + + https://spec.matrix.org/v1.3/rooms/v9/#authorization-rules + 1: If type is m.room.create: + 1. If it has any previous events, reject. + """ + creator = f"@creator:{TEST_DOMAIN}" + + # we make both a good event and a bad event, to check that we are rejecting + # the bad event for the reason we think we are. + good_event = make_event_from_dict( + { + "room_id": TEST_ROOM_ID, + "type": "m.room.create", + "state_key": "", + "sender": creator, + "content": { + "creator": creator, + "room_version": RoomVersions.V9.identifier, + }, + "auth_events": [], + "prev_events": [], + }, + room_version=RoomVersions.V9, + ) + bad_event = make_event_from_dict( + {**good_event.get_dict(), "prev_events": ["$fakeevent"]}, + room_version=RoomVersions.V9, + ) + + event_store = _StubEventSourceStore() + + get_awaitable_result( + event_auth.check_state_independent_auth_rules(event_store, good_event) + ) + with self.assertRaises(AuthError): + get_awaitable_result( + event_auth.check_state_independent_auth_rules(event_store, bad_event) + ) + def test_random_users_cannot_send_state_before_first_pl(self): """ Check that, before the first PL lands, the creator is the only user @@ -564,8 +605,8 @@ class EventAuthTestCase(unittest.TestCase): # helpers for making events - -TEST_ROOM_ID = "!test:room" +TEST_DOMAIN = "example.com" +TEST_ROOM_ID = f"!test_room:{TEST_DOMAIN}" def _create_event( |