diff options
| author | David Robertson <davidr@element.io> | 2023-01-30 21:29:30 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-30 21:29:30 +0000 |
| commit | 510d4b06e7d346b4f94cb5598da90c9f668b62bb (patch) | |
| tree | a8e39c1fe3e43f6dd8329f2df4d48e83416d46f9 /tests/test_event_auth.py | |
| parent | Bump types-pillow from 9.4.0.3 to 9.4.0.5 (#14938) (diff) | |
| download | synapse-510d4b06e7d346b4f94cb5598da90c9f668b62bb.tar.xz | |
Handle malformed values of `notification.room` in power level events (#14942)
* Better test for bad values in power levels events The previous test only checked that Synapse didn't raise an exception, but didn't check that we had correctly interpreted the value of the dodgy power level. It also conflated two things: bad room notification levels, and bad user levels. There _is_ logic for converting the latter to integers, but we should test it separately. * Check we ignore types that don't convert to int * Handle `None` values in `notifications.room` * Changelog * Also test that bad values are rejected by event auth * Docstring * linter scripttttttttt
Diffstat (limited to 'tests/test_event_auth.py')
| -rw-r--r-- | tests/test_event_auth.py | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/tests/test_event_auth.py b/tests/test_event_auth.py index f4d9fba0a1..0a7937f1cc 100644 --- a/tests/test_event_auth.py +++ b/tests/test_event_auth.py @@ -13,7 +13,7 @@ # limitations under the License. import unittest -from typing import Collection, Dict, Iterable, List, Optional +from typing import Any, Collection, Dict, Iterable, List, Optional from parameterized import parameterized @@ -728,6 +728,36 @@ class EventAuthTestCase(unittest.TestCase): pl_event.room_version, pl_event2, {("fake_type", "fake_key"): pl_event} ) + def test_room_v10_rejects_other_non_integer_power_levels(self) -> None: + """We should reject PLs that are non-integer, non-string JSON values. + + test_room_v10_rejects_string_power_levels above handles the string case. + """ + + def create_event(pl_event_content: Dict[str, Any]) -> EventBase: + return make_event_from_dict( + { + "room_id": TEST_ROOM_ID, + **_maybe_get_event_id_dict_for_room_version(RoomVersions.V10), + "type": "m.room.power_levels", + "sender": "@test:test.com", + "state_key": "", + "content": pl_event_content, + "signatures": {"test.com": {"ed25519:0": "some9signature"}}, + }, + room_version=RoomVersions.V10, + ) + + contents: Iterable[Dict[str, Any]] = [ + {"notifications": {"room": None}}, + {"users": {"@alice:wonderland": []}}, + {"users_default": {}}, + ] + for content in contents: + event = create_event(content) + with self.assertRaises(SynapseError): + event_auth._check_power_levels(event.room_version, event, {}) + # helpers for making events TEST_DOMAIN = "example.com" |