diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 31852b29a5..385f93763a 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -44,15 +44,15 @@ class Auth(object):
be raised only if raises=True.
"""
try:
- if event.type in [RoomTopicEvent.TYPE, MessageEvent.TYPE,
- FeedbackEvent.TYPE]:
- yield self.check_joined_room(event.room_id, event.user_id)
- defer.returnValue(True)
- elif event.type == RoomMemberEvent.TYPE:
- allowed = yield self.is_membership_change_allowed(event)
- defer.returnValue(allowed)
+ if hasattr(event, "room_id"):
+ if event.type == RoomMemberEvent.TYPE:
+ allowed = yield self.is_membership_change_allowed(event)
+ defer.returnValue(allowed)
+ else:
+ yield self.check_joined_room(event.room_id, event.user_id)
+ defer.returnValue(True)
else:
- raise AuthError(500, "Unknown event type %s" % event.type)
+ raise AuthError(500, "Unknown event: %s" % event)
except AuthError as e:
logger.info("Event auth check failed on event %s with msg: %s",
event, e.msg)
@@ -77,6 +77,8 @@ class Auth(object):
@defer.inlineCallbacks
def is_membership_change_allowed(self, event):
+ target_user_id = event.state_key
+
# does this room even exist
room = yield self.store.get_room(event.room_id)
if not room:
@@ -94,7 +96,7 @@ class Auth(object):
# get info about the target
try:
target = yield self.store.get_room_member(
- user_id=event.target_user_id,
+ user_id=target_user_id,
room_id=event.room_id)
except:
target = None
@@ -108,12 +110,12 @@ class Auth(object):
raise AuthError(403, "You are not in room %s." % event.room_id)
elif target_in_room: # the target is already in the room.
raise AuthError(403, "%s is already in the room." %
- event.target_user_id)
+ target_user_id)
elif Membership.JOIN == membership:
# Joins are valid iff caller == target and they were:
# invited: They are accepting the invitation
# joined: It's a NOOP
- if event.user_id != event.target_user_id:
+ if event.user_id != target_user_id:
raise AuthError(403, "Cannot force another user to join.")
elif room.is_public:
pass # anyone can join public rooms.
@@ -123,10 +125,10 @@ class Auth(object):
elif Membership.LEAVE == membership:
if not caller_in_room: # trying to leave a room you aren't joined
raise AuthError(403, "You are not in room %s." % event.room_id)
- elif event.target_user_id != event.user_id:
+ elif target_user_id != event.user_id:
# trying to force another user to leave
raise AuthError(403, "Cannot force %s to leave." %
- event.target_user_id)
+ target_user_id)
else:
raise AuthError(500, "Unknown membership %s" % membership)
|
