From adb04b1e572d13b75541f4684aac3683e94d70b8 Mon Sep 17 00:00:00 2001 From: Mark Haines Date: Tue, 6 Jan 2015 13:21:39 +0000 Subject: Update copyright notices --- synapse/api/__init__.py | 2 +- synapse/api/auth.py | 2 +- synapse/api/constants.py | 2 +- synapse/api/errors.py | 2 +- synapse/api/ratelimiting.py | 2 +- synapse/api/urls.py | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) (limited to 'synapse/api') diff --git a/synapse/api/__init__.py b/synapse/api/__init__.py index f9811bfa04..c488b10d3c 100644 --- a/synapse/api/__init__.py +++ b/synapse/api/__init__.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 70245aba04..e31482cfaa 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/synapse/api/constants.py b/synapse/api/constants.py index 4fc8b79a40..7ee6dcc46e 100644 --- a/synapse/api/constants.py +++ b/synapse/api/constants.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/synapse/api/errors.py b/synapse/api/errors.py index e250b9b211..2b049debf3 100644 --- a/synapse/api/errors.py +++ b/synapse/api/errors.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/synapse/api/ratelimiting.py b/synapse/api/ratelimiting.py index b25358090f..3f9ad4ce89 100644 --- a/synapse/api/ratelimiting.py +++ b/synapse/api/ratelimiting.py @@ -1,4 +1,4 @@ -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/synapse/api/urls.py b/synapse/api/urls.py index d7625127f8..a299392049 100644 --- a/synapse/api/urls.py +++ b/synapse/api/urls.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright 2014 OpenMarket Ltd +# Copyright 2014, 2015 OpenMarket Ltd # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. -- cgit 1.4.1 From 9cb4f75d53d99634e79e791de22cb7de718248d6 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Wed, 7 Jan 2015 15:16:31 +0000 Subject: SYN-154: Better error messages when joining an unknown room by ID. The simple fix doesn't work here because room creation also involves unknown room IDs. The check relies on the presence of m.room.create for rooms being created, whereas bogus room IDs have no state events at all. --- synapse/api/auth.py | 11 ++++++++++- synapse/handlers/federation.py | 4 ++-- synapse/handlers/room.py | 8 +++++--- 3 files changed, 17 insertions(+), 6 deletions(-) (limited to 'synapse/api') diff --git a/synapse/api/auth.py b/synapse/api/auth.py index e31482cfaa..8a3455ec54 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -98,7 +98,16 @@ class Auth(object): defer.returnValue(member) @defer.inlineCallbacks - def check_host_in_room(self, room_id, host): + def check_host_in_room(self, room_id, host, context=None): + if context: + # XXX: check_host_in_room should really return True for a new + # room created by this home server. There are no m.room.member + # join events yet so we need to check for the m.room.create event + # instead. + if (u"m.room.create", u"") in context.auth_events: + defer.returnValue(True) + return + curr_state = yield self.state.get_current_state(room_id) for event in curr_state: diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index d26975a88a..d0de6fd04d 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -617,8 +617,8 @@ class FederationHandler(BaseHandler): @defer.inlineCallbacks @log_function - def on_backfill_request(self, origin, context, pdu_list, limit): - in_room = yield self.auth.check_host_in_room(context, origin) + def on_backfill_request(self, origin, room_id, pdu_list, limit): + in_room = yield self.auth.check_host_in_room(room_id, origin) if not in_room: raise AuthError(403, "Host not in room.") diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index 59719a1fae..3cb7e324fc 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -423,12 +423,13 @@ class RoomMemberHandler(BaseHandler): is_host_in_room = yield self.auth.check_host_in_room( event.room_id, - self.hs.hostname + self.hs.hostname, + context=context ) if is_host_in_room: should_do_dance = False - elif room_host: + elif room_host: # TODO: Shouldn't this be remote_room_host? should_do_dance = True else: # TODO(markjh): get prev_state from snapshot @@ -442,7 +443,8 @@ class RoomMemberHandler(BaseHandler): should_do_dance = not self.hs.is_mine(inviter) room_host = inviter.domain else: - should_do_dance = False + # return the same error as join_room_alias does + raise SynapseError(404, "No known servers") if should_do_dance: handler = self.hs.get_handlers().federation_handler -- cgit 1.4.1 From 4c68460392ef032b156b8d006f4aec5496ceedcb Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Wed, 7 Jan 2015 16:09:00 +0000 Subject: SYN-154: Tweak how the m.room.create check is done. Don't perform the check in auth.is_host_in_room but instead do it in _do_join and also assert that there are no m.room.members in the room before doing so. --- synapse/api/auth.py | 11 +---------- synapse/handlers/room.py | 13 +++++++++++-- 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'synapse/api') diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 8a3455ec54..e31482cfaa 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -98,16 +98,7 @@ class Auth(object): defer.returnValue(member) @defer.inlineCallbacks - def check_host_in_room(self, room_id, host, context=None): - if context: - # XXX: check_host_in_room should really return True for a new - # room created by this home server. There are no m.room.member - # join events yet so we need to check for the m.room.create event - # instead. - if (u"m.room.create", u"") in context.auth_events: - defer.returnValue(True) - return - + def check_host_in_room(self, room_id, host): curr_state = yield self.state.get_current_state(room_id) for event in curr_state: diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index 3cb7e324fc..16c6628292 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -423,9 +423,18 @@ class RoomMemberHandler(BaseHandler): is_host_in_room = yield self.auth.check_host_in_room( event.room_id, - self.hs.hostname, - context=context + self.hs.hostname ) + if not is_host_in_room: + # is *anyone* in the room? + room_member_keys = [ + v for (k,v) in context.current_state.keys() if k == "m.room.member" + ] + if len(room_member_keys) == 0: + # has the room been created so we can join it? + create_event = context.current_state.get(("m.room.create", "")) + if create_event: + is_host_in_room = True if is_host_in_room: should_do_dance = False -- cgit 1.4.1