Merge tag 'v0.31.2'

SECURITY UPDATE: Prevent unauthorised users from setting state events in a room when there is no `m.room.power_levels` event in force in the room. (PR #3397) Discussion around the Matrix Spec change proposal for this change can be followed at https://github.com/matrix-org/matrix-doc/issues/1304.
author: Richard van der Hoff <richard@matrix.org> 2018-06-14 16:35:33 +0100
committer: Richard van der Hoff <richard@matrix.org> 2018-06-14 16:35:33 +0100
commit: 53969e196004659c6a9f138f5d8abd86f4957d74 (patch)
tree: 321c7b3feae12392ae8fbc0b88aa237f93de8cf7 /tests/test_state.py
parent: Merge tag 'v0.31.1' (diff)
parent: link to spec proposal from changelog (diff)
download: synapse-53969e196004659c6a9f138f5d8abd86f4957d74.tar.xz
1 files changed, 14 insertions, 2 deletions
diff --git a/tests/test_state.py b/tests/test_state.py
index a5c5e55951..71c412faf4 100644
--- a/tests/test_state.py
+++ b/tests/test_state.py
@@ -606,6 +606,14 @@ class StateTestCase(unittest.TestCase):
             }
         )
 
+        power_levels = create_event(
+            type=EventTypes.PowerLevels, state_key="",
+            content={"users": {
+                "@foo:bar": "100",
+                "@user_id:example.com": "100",
+            }}
+        )
+
         creation = create_event(
             type=EventTypes.Create, state_key="",
             content={"creator": "@foo:bar"}
@@ -613,12 +621,14 @@ class StateTestCase(unittest.TestCase):
 
         old_state_1 = [
             creation,
+            power_levels,
             member_event,
             create_event(type="test1", state_key="1", depth=1),
         ]
 
         old_state_2 = [
             creation,
+            power_levels,
             member_event,
             create_event(type="test1", state_key="1", depth=2),
         ]
@@ -633,7 +643,7 @@ class StateTestCase(unittest.TestCase):
         )
 
         self.assertEqual(
-            old_state_2[2].event_id, context.current_state_ids[("test1", "1")]
+            old_state_2[3].event_id, context.current_state_ids[("test1", "1")]
         )
 
         # Reverse the depth to make sure we are actually using the depths
@@ -641,12 +651,14 @@ class StateTestCase(unittest.TestCase):
 
         old_state_1 = [
             creation,
+            power_levels,
             member_event,
             create_event(type="test1", state_key="1", depth=2),
         ]
 
         old_state_2 = [
             creation,
+            power_levels,
             member_event,
             create_event(type="test1", state_key="1", depth=1),
         ]
@@ -659,7 +671,7 @@ class StateTestCase(unittest.TestCase):
         )
 
         self.assertEqual(
-            old_state_1[2].event_id, context.current_state_ids[("test1", "1")]
+            old_state_1[3].event_id, context.current_state_ids[("test1", "1")]
         )
 
     def _get_context(self, event, prev_event_id_1, old_state_1, prev_event_id_2,
author	Richard van der Hoff <richard@matrix.org>	2018-06-14 16:35:33 +0100
committer	Richard van der Hoff <richard@matrix.org>	2018-06-14 16:35:33 +0100
commit	53969e196004659c6a9f138f5d8abd86f4957d74 (patch)
tree	321c7b3feae12392ae8fbc0b88aa237f93de8cf7 /tests/test_state.py
parent	Merge tag 'v0.31.1' (diff)
parent	link to spec proposal from changelog (diff)
download	synapse-53969e196004659c6a9f138f5d8abd86f4957d74.tar.xz