summary refs log tree commit diff
path: root/synapse/api/auth.py
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/api/auth.py')
-rw-r--r--synapse/api/auth.py25
1 files changed, 22 insertions, 3 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 87f19a96d6..1a8785e890 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -21,7 +21,7 @@ from synapse.api.constants import Membership, JoinRules
 from synapse.api.errors import AuthError, StoreError, Codes, SynapseError
 from synapse.api.events.room import (
     RoomMemberEvent, RoomPowerLevelsEvent, RoomRedactionEvent,
-    RoomJoinRulesEvent, RoomCreateEvent,
+    RoomJoinRulesEvent, RoomCreateEvent, RoomAliasesEvent,
 )
 from synapse.util.logutils import log_function
 from syutil.base64util import encode_base64
@@ -63,6 +63,10 @@ class Auth(object):
                     # FIXME
                     return True
 
+                # FIXME: Temp hack
+                if event.type == RoomAliasesEvent.TYPE:
+                    return True
+
                 if event.type == RoomMemberEvent.TYPE:
                     allowed = self.is_membership_change_allowed(event)
                     if allowed:
@@ -144,6 +148,17 @@ class Auth(object):
 
     @log_function
     def is_membership_change_allowed(self, event):
+        membership = event.content["membership"]
+
+        # Check if this is the room creator joining:
+        if len(event.prev_events) == 1 and Membership.JOIN == membership:
+            # Get room creation event:
+            key = (RoomCreateEvent.TYPE, "", )
+            create = event.old_state_events.get(key)
+            if event.prev_events[0][0] == create.event_id:
+                if create.content["creator"] == event.state_key:
+                    return True
+
         target_user_id = event.state_key
 
         # get info about the caller
@@ -159,8 +174,6 @@ class Auth(object):
 
         target_in_room = target and target.membership == Membership.JOIN
 
-        membership = event.content["membership"]
-
         key = (RoomJoinRulesEvent.TYPE, "", )
         join_rule_event = event.old_state_events.get(key)
         if join_rule_event:
@@ -255,6 +268,12 @@ class Auth(object):
             level = power_level_event.content.get("users", {}).get(user_id)
             if not level:
                 level = power_level_event.content.get("users_default", 0)
+        else:
+            key = (RoomCreateEvent.TYPE, "", )
+            create_event = event.old_state_events.get(key)
+            if (create_event is not None and
+                create_event.content["creator"] == user_id):
+                return 100
 
         return level