diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 4a13f7e2e1..b9c3e6d2c4 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -207,6 +207,13 @@ class Auth(object):
user_id, room_id
))
+ if membership == Membership.LEAVE:
+ forgot = yield self.store.did_forget(user_id, room_id)
+ if forgot:
+ raise AuthError(403, "User %s not in room %s" % (
+ user_id, room_id
+ ))
+
defer.returnValue(member)
@defer.inlineCallbacks
@@ -853,7 +860,7 @@ class Auth(object):
redact_level = self._get_named_level(auth_events, "redact", 50)
- if user_level > redact_level:
+ if user_level >= redact_level:
return False
redacter_domain = EventID.from_string(event.event_id).domain
diff --git a/synapse/api/filtering.py b/synapse/api/filtering.py
index 18f2ec3ae8..19f30c273c 100644
--- a/synapse/api/filtering.py
+++ b/synapse/api/filtering.py
@@ -50,7 +50,7 @@ class Filtering(object):
# many definitions.
top_level_definitions = [
- "presence"
+ "presence", "account_data"
]
room_level_definitions = [
@@ -139,6 +139,10 @@ class FilterCollection(object):
self.filter_json.get("presence", {})
)
+ self.account_data = Filter(
+ self.filter_json.get("account_data", {})
+ )
+
def timeline_limit(self):
return self.room_timeline_filter.limit()
@@ -151,6 +155,9 @@ class FilterCollection(object):
def filter_presence(self, events):
return self.presence_filter.filter(events)
+ def filter_account_data(self, events):
+ return self.account_data.filter(events)
+
def filter_room_state(self, events):
return self.room_state_filter.filter(events)
|
