From 0bd968921c03dd61c1487f85dd884c4ed11ff486 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <clokep@users.noreply.github.com>
Date: Fri, 18 Jun 2021 13:41:33 -0400
Subject: Fix a missing await when in the spaces summary. (#10208)

This could cause a minor data leak if someone defined a non-restricted join rule
with an allow key or used a restricted join rule in an older room version, but this is
unlikely.

Additionally this starts adding unit tests to the spaces summary handler.
---
 synapse/handlers/space_summary.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'synapse')

diff --git a/synapse/handlers/space_summary.py b/synapse/handlers/space_summary.py
index e953a8afe6..17fc47ce16 100644
--- a/synapse/handlers/space_summary.py
+++ b/synapse/handlers/space_summary.py
@@ -445,14 +445,13 @@ class SpaceSummaryHandler:
             member_event_id = state_ids.get((EventTypes.Member, requester), None)
 
             # If they're in the room they can see info on it.
-            member_event = None
             if member_event_id:
                 member_event = await self._store.get_event(member_event_id)
                 if member_event.membership in (Membership.JOIN, Membership.INVITE):
                     return True
 
             # Otherwise, check if they should be allowed access via membership in a space.
-            if self._event_auth_handler.has_restricted_join_rules(
+            if await self._event_auth_handler.has_restricted_join_rules(
                 state_ids, room_version
             ):
                 allowed_rooms = (
-- 
cgit 1.4.1