diff options
Diffstat (limited to 'synapse/api')
-rw-r--r-- | synapse/api/auth.py | 39 | ||||
-rw-r--r-- | synapse/api/constants.py | 1 | ||||
-rw-r--r-- | synapse/api/events/__init__.py | 3 | ||||
-rw-r--r-- | synapse/api/events/factory.py | 7 | ||||
-rw-r--r-- | synapse/api/events/room.py | 10 | ||||
-rw-r--r-- | synapse/api/notifier.py | 4 | ||||
-rw-r--r-- | synapse/api/streams/event.py | 3 |
7 files changed, 37 insertions, 30 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 91ec0995f9..646f6dc06c 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -19,8 +19,7 @@ from twisted.internet import defer from synapse.api.constants import Membership from synapse.api.errors import AuthError, StoreError, Codes -from synapse.api.events.room import (RoomTopicEvent, RoomMemberEvent, - MessageEvent, FeedbackEvent) +from synapse.api.events.room import RoomMemberEvent import logging @@ -44,19 +43,19 @@ class Auth(object): be raised only if raises=True. """ try: - if event.type in [RoomTopicEvent.TYPE, MessageEvent.TYPE, - FeedbackEvent.TYPE]: - self._check_joined_room( - member=snapshot.membership_state, - user_id=snapshot.user_id, - room_id=snapshot.room_id, - ) - defer.returnValue(True) - elif event.type == RoomMemberEvent.TYPE: - allowed = yield self.is_membership_change_allowed(event) - defer.returnValue(allowed) + if hasattr(event, "room_id"): + if event.type == RoomMemberEvent.TYPE: + allowed = yield self.is_membership_change_allowed(event) + defer.returnValue(allowed) + else: + self._check_joined_room( + member=snapshot.membership_state, + user_id=snapshot.user_id, + room_id=snapshot.room_id, + ) + defer.returnValue(True) else: - raise AuthError(500, "Unknown event type %s" % event.type) + raise AuthError(500, "Unknown event: %s" % event) except AuthError as e: logger.info("Event auth check failed on event %s with msg: %s", event, e.msg) @@ -83,6 +82,8 @@ class Auth(object): @defer.inlineCallbacks def is_membership_change_allowed(self, event): + target_user_id = event.state_key + # does this room even exist room = yield self.store.get_room(event.room_id) if not room: @@ -100,7 +101,7 @@ class Auth(object): # get info about the target try: target = yield self.store.get_room_member( - user_id=event.target_user_id, + user_id=target_user_id, room_id=event.room_id) except: target = None @@ -114,12 +115,12 @@ class Auth(object): raise AuthError(403, "You are not in room %s." % event.room_id) elif target_in_room: # the target is already in the room. raise AuthError(403, "%s is already in the room." % - event.target_user_id) + target_user_id) elif Membership.JOIN == membership: # Joins are valid iff caller == target and they were: # invited: They are accepting the invitation # joined: It's a NOOP - if event.user_id != event.target_user_id: + if event.user_id != target_user_id: raise AuthError(403, "Cannot force another user to join.") elif room.is_public: pass # anyone can join public rooms. @@ -129,10 +130,10 @@ class Auth(object): elif Membership.LEAVE == membership: if not caller_in_room: # trying to leave a room you aren't joined raise AuthError(403, "You are not in room %s." % event.room_id) - elif event.target_user_id != event.user_id: + elif target_user_id != event.user_id: # trying to force another user to leave raise AuthError(403, "Cannot force %s to leave." % - event.target_user_id) + target_user_id) else: raise AuthError(500, "Unknown membership %s" % membership) diff --git a/synapse/api/constants.py b/synapse/api/constants.py index 1ff1af76ec..2af5424029 100644 --- a/synapse/api/constants.py +++ b/synapse/api/constants.py @@ -23,6 +23,7 @@ class Membership(object): JOIN = u"join" KNOCK = u"knock" LEAVE = u"leave" + LIST = (INVITE, JOIN, KNOCK, LEAVE) class Feedback(object): diff --git a/synapse/api/events/__init__.py b/synapse/api/events/__init__.py index 921fd08832..f9653e0b2a 100644 --- a/synapse/api/events/__init__.py +++ b/synapse/api/events/__init__.py @@ -41,16 +41,17 @@ class SynapseEvent(JsonEncodedObject): "room_id", "user_id", # sender/initiator "content", # HTTP body, JSON + "state_key", ] internal_keys = [ "is_state", - "state_key", "prev_events", "prev_state", "depth", "destinations", "origin", + "outlier", ] required_keys = [ diff --git a/synapse/api/events/factory.py b/synapse/api/events/factory.py index b61dac7acd..c2cdcddf41 100644 --- a/synapse/api/events/factory.py +++ b/synapse/api/events/factory.py @@ -33,16 +33,21 @@ class EventFactory(object): RoomConfigEvent ] - def __init__(self): + def __init__(self, hs): self._event_list = {} # dict of TYPE to event class for event_class in EventFactory._event_classes: self._event_list[event_class.TYPE] = event_class + self.clock = hs.get_clock() + def create_event(self, etype=None, **kwargs): kwargs["type"] = etype if "event_id" not in kwargs: kwargs["event_id"] = random_string(10) + if "ts" not in kwargs: + kwargs["ts"] = int(self.clock.time_msec()) + if etype in self._event_list: handler = self._event_list[etype] else: diff --git a/synapse/api/events/room.py b/synapse/api/events/room.py index 42459f3f21..2a7b5e8aba 100644 --- a/synapse/api/events/room.py +++ b/synapse/api/events/room.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +from synapse.api.constants import Membership +from synapse.api.errors import SynapseError from . import SynapseEvent @@ -59,15 +61,15 @@ class RoomMemberEvent(SynapseEvent): TYPE = "m.room.member" valid_keys = SynapseEvent.valid_keys + [ - "target_user_id", # target + # target is the state_key "membership", # action ] def __init__(self, **kwargs): - if "target_user_id" in kwargs: - kwargs["state_key"] = kwargs["target_user_id"] if "membership" not in kwargs: kwargs["membership"] = kwargs.get("content", {}).get("membership") + if not kwargs["membership"] in Membership.LIST: + raise SynapseError(400, "Bad membership value.") super(RoomMemberEvent, self).__init__(**kwargs) def get_content_template(self): @@ -108,7 +110,7 @@ class InviteJoinEvent(SynapseEvent): TYPE = "m.room.invite_join" valid_keys = SynapseEvent.valid_keys + [ - "target_user_id", + # target_user_id is the state_key "target_host", ] diff --git a/synapse/api/notifier.py b/synapse/api/notifier.py index 9f622df6bb..ec9c4e513d 100644 --- a/synapse/api/notifier.py +++ b/synapse/api/notifier.py @@ -56,11 +56,11 @@ class Notifier(object): # invites MUST prod the person being invited, who won't be in the room. if (event.type == RoomMemberEvent.TYPE and event.content["membership"] == Membership.INVITE): - member_list.append(event.target_user_id) + member_list.append(event.state_key) # similarly, LEAVEs must be sent to the person leaving if (event.type == RoomMemberEvent.TYPE and event.content["membership"] == Membership.LEAVE): - member_list.append(event.target_user_id) + member_list.append(event.state_key) for user_id in member_list: if user_id in self.stored_event_listeners: diff --git a/synapse/api/streams/event.py b/synapse/api/streams/event.py index a5c8b2b31f..fe44a488bc 100644 --- a/synapse/api/streams/event.py +++ b/synapse/api/streams/event.py @@ -19,9 +19,6 @@ from twisted.internet import defer from synapse.api.errors import EventStreamError from synapse.api.events import SynapseEvent -from synapse.api.events.room import ( - RoomMemberEvent, MessageEvent, FeedbackEvent, RoomTopicEvent -) from synapse.api.streams import PaginationStream, StreamData import logging |