From a124025dab9f64b72cac0ae42c2e0a78f58f301f Mon Sep 17 00:00:00 2001 From: Neil Johnson Date: Tue, 29 Jan 2019 11:37:56 +0000 Subject: enforce auth for capabilities endpoint --- synapse/rest/client/v2_alpha/capabilities.py | 27 ++++++++++++++++--------- tests/rest/client/v2_alpha/test_capabilities.py | 23 +++++++++++++++++---- 2 files changed, 36 insertions(+), 14 deletions(-) diff --git a/synapse/rest/client/v2_alpha/capabilities.py b/synapse/rest/client/v2_alpha/capabilities.py index 61319a7a2e..767e6c9798 100644 --- a/synapse/rest/client/v2_alpha/capabilities.py +++ b/synapse/rest/client/v2_alpha/capabilities.py @@ -12,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +from twisted.internet import defer from synapse.http.servlet import RestServlet @@ -28,20 +29,26 @@ class CapabilitiesRestServlet(RestServlet): """ super(CapabilitiesRestServlet, self).__init__() self.hs = hs + self.auth = hs.get_auth() + @defer.inlineCallbacks def on_GET(self, request): - return 200, { - "capabilities": { - "m.room_versions": { - "default": "1", - "available": { - "1": "stable", - "2": "stable", - "state-v2-test": "unstable", + + yield self.auth.get_user_by_req(request, allow_guest=True) + defer.returnValue( + (200, { + "capabilities": { + "m.room_versions": { + "default": "1", + "available": { + "1": "stable", + "2": "stable", + "state-v2-test": "unstable", + } } } - } - } + }) + ) def register_servlets(hs, http_server): diff --git a/tests/rest/client/v2_alpha/test_capabilities.py b/tests/rest/client/v2_alpha/test_capabilities.py index 1a0ed8d12f..f9f80c8969 100644 --- a/tests/rest/client/v2_alpha/test_capabilities.py +++ b/tests/rest/client/v2_alpha/test_capabilities.py @@ -14,23 +14,38 @@ # limitations under the License. from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS -from synapse.rest.client.v2_alpha.capabilities import register_servlets - +from synapse.rest.client.v2_alpha import capabilities +from synapse.rest.client.v1 import login, admin from tests import unittest class CapabilitiesTestCase(unittest.HomeserverTestCase): - servlets = [register_servlets] + + servlets = [ + admin.register_servlets, + capabilities.register_servlets, + login.register_servlets, + ] def make_homeserver(self, reactor, clock): self.url = b"/_matrix/client/r0/capabilities" hs = self.setup_test_homeserver() return hs - def test_get_room_version_capabilities(self): + def test_check_auth_required(self): request, channel = self.make_request("GET", self.url) self.render(request) + + self.assertEqual(channel.code, 401) + + def test_get_room_version_capabilities(self): + self.register_user("user", "pass") + access_token = self.login("user", "pass") + + request, channel = self.make_request("GET", self.url, access_token=access_token) + self.render(request) capabilities = channel.json_body['capabilities'] + self.assertEqual(channel.code, 200) for room_version in capabilities['m.room_versions']['available'].keys(): self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version) -- cgit 1.4.1