summary refs log tree commit diff
path: root/synapse/handlers/event_auth.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-231-1/+1
| | | | | | | The presence of this method was confusing, and mostly present for backwards compatibility. Let's get rid of it. Part of #11733
* Check *all* auth events for room id and rejection (#11009)Richard van der Hoff2021-10-181-2/+1
| | | | | | | | | | | This fixes a bug where we would accept an event whose `auth_events` include rejected events, if the rejected event was shadowed by another `auth_event` with same `(type, state_key)`. The approach is to pass a list of auth events into `check_auth_rules_for_event` instead of a dict, which of course means updating the call sites. This is an extension of #10956.
* Split `event_auth.check` into two parts (#10940)Richard van der Hoff2021-09-291-9/+6
| | | | | | | | | | | | | Broadly, the existing `event_auth.check` function has two parts: * a validation section: checks that the event isn't too big, that it has the rught signatures, etc. This bit is independent of the rest of the state in the room, and so need only be done once for each event. * an auth section: ensures that the event is allowed, given the rest of the state in the room. This gets done multiple times, against various sets of room state, because it forms part of the state res algorithm. Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think that makes everything hard to follow. Instead, we split the function in two and call each part separately where it is needed.
* Require type hints in the handlers module. (#10831)Patrick Cloke2021-09-201-1/+6
| | | | | | | Adds missing type hints to methods in the synapse.handlers module and requires all methods to have type hints there. This also removes the unused construct_auth_difference method from the FederationHandler.
* Clarify error message when joining a restricted room. (#10572)Patrick Cloke2021-08-111-1/+1
|
* Support MSC3289: Room version 8 (#10449)Patrick Cloke2021-08-091-1/+1
| | | This adds support for MSC3289: room version 8. This is room version 7 + MSC3083.
* Update the MSC3083 support to verify if joins are from an authorized server. ↵Patrick Cloke2021-07-261-4/+81
| | | | (#10254)
* Move methods involving event authentication to EventAuthHandler. (#10268)Patrick Cloke2021-07-011-2/+60
| | | Instead of mixing them with user authentication methods.
* Update MSC3083 support per changes in the MSC. (#10189)Patrick Cloke2021-06-171-18/+27
| | | Adds a "type" field and generalize "space" to "room_id".
* Allow a user who could join a restricted room to see it in spaces summary. ↵Patrick Cloke2021-05-201-21/+83
| | | | | | (#9922) This finishes up the experimental implementation of MSC3083 by showing the restricted rooms in the spaces summary (from MSC2946).
* Refactor checking restricted join rules (#10007)Patrick Cloke2021-05-181-16/+35
| | | | | To be more consistent with similar code. The check now automatically raises an AuthError instead of passing back a boolean. It also absorbs some shared logic between callers.
* Check for space membership during a remote join of a restricted room (#9814)Patrick Cloke2021-04-231-0/+86
| | | | | | When receiving a /send_join request for a room with join rules set to 'restricted', check if the user is a member of the spaces defined in the 'allow' key of the join rules. This only applies to an experimental room version, as defined in MSC3083.
* Revert "Check for space membership during a remote join of a restricted ↵Patrick Cloke2021-04-141-82/+0
| | | | | | | | room. (#9763)" This reverts commit cc51aaaa7adb0ec2235e027b5184ebda9b660ec4. The PR was prematurely merged and not yet approved.
* Check for space membership during a remote join of a restricted room. (#9763)Patrick Cloke2021-04-141-0/+82
When receiving a /send_join request for a room with join rules set to 'restricted', check if the user is a member of the spaces defined in the 'allow' key of the join rules. This only applies to an experimental room version, as defined in MSC3083.