diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 886e132e10..ef3604077d 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -33,7 +33,7 @@ class Auth(object):
self.store = hs.get_datastore()
@defer.inlineCallbacks
- def check(self, event, raises=False):
+ def check(self, event, snapshot, raises=False):
""" Checks if this event is correctly authed.
Returns:
@@ -48,7 +48,11 @@ class Auth(object):
allowed = yield self.is_membership_change_allowed(event)
defer.returnValue(allowed)
else:
- yield self.check_joined_room(event.room_id, event.user_id)
+ self._check_joined_room(
+ member=snapshot.membership_state,
+ user_id=snapshot.user_id,
+ room_id=snapshot.room_id,
+ )
defer.returnValue(True)
else:
raise AuthError(500, "Unknown event: %s" % event)
@@ -66,14 +70,16 @@ class Auth(object):
room_id=room_id,
user_id=user_id
)
- if not member or member.membership != Membership.JOIN:
- raise AuthError(403, "User %s not in room %s" %
- (user_id, room_id))
+ self._check_joined_room(member, user_id, room_id)
defer.returnValue(member)
except AttributeError:
pass
defer.returnValue(None)
+ def _check_joined_room(self, member, user_id, room_id):
+ if not member or member.membership != Membership.JOIN:
+ raise AuthError(403, "User %s not in room %s" % (user_id, room_id))
+
@defer.inlineCallbacks
def is_membership_change_allowed(self, event):
target_user_id = event.state_key
|
