Merge branch 'develop' of github.com:matrix-org/synapse into erikj/receipts

2025-12-15 21:33:48 -05:00 · 2015-07-13 13:50:57 +01:00 · 2015-07-13 13:50:57 +01:00 · 5989637f37
commit 5989637f37
parent e5991af629 532fcc997a
23 changed files with 1330 additions and 222 deletions
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@ -31,6 +31,8 @@ from synapse.crypto.event_signing import (
 )
 from synapse.types import UserID

+from synapse.events.utils import prune_event
+
 from synapse.util.retryutils import NotRetryingDestination

 from twisted.internet import defer
@ -222,6 +224,56 @@ class FederationHandler(BaseHandler):
                    "user_joined_room", user=user, room_id=event.room_id
                )

+    @defer.inlineCallbacks
+    def _filter_events_for_server(self, server_name, room_id, events):
+        states = yield self.store.get_state_for_events(
+            room_id, [e.event_id for e in events],
+        )
+
+        events_and_states = zip(events, states)
+
+        def redact_disallowed(event_and_state):
+            event, state = event_and_state
+
+            if not state:
+                return event
+
+            history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
+            if history:
+                visibility = history.content.get("history_visibility", "shared")
+                if visibility in ["invited", "joined"]:
+                    # We now loop through all state events looking for
+                    # membership states for the requesting server to determine
+                    # if the server is either in the room or has been invited
+                    # into the room.
+                    for ev in state.values():
+                        if ev.type != EventTypes.Member:
+                            continue
+                        try:
+                            domain = UserID.from_string(ev.state_key).domain
+                        except:
+                            continue
+
+                        if domain != server_name:
+                            continue
+
+                        memtype = ev.membership
+                        if memtype == Membership.JOIN:
+                            return event
+                        elif memtype == Membership.INVITE:
+                            if visibility == "invited":
+                                return event
+                    else:
+                        return prune_event(event)
+
+            return event
+
+        res = map(redact_disallowed, events_and_states)
+
+        logger.info("_filter_events_for_server %r", res)
+
+        defer.returnValue(res)
+
    @log_function
    @defer.inlineCallbacks
    def backfill(self, dest, room_id, limit, extremities=[]):
@ -882,6 +934,8 @@ class FederationHandler(BaseHandler):
            limit
        )

+        events = yield self._filter_events_for_server(origin, room_id, events)
+
        defer.returnValue(events)

    @defer.inlineCallbacks
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@ -113,11 +113,21 @@ class MessageHandler(BaseHandler):
            "room_key", next_key
        )

+        if not events:
+            defer.returnValue({
+                "chunk": [],
+                "start": pagin_config.from_token.to_string(),
+                "end": next_token.to_string(),
+            })
+
+        events = yield self._filter_events_for_client(user_id, room_id, events)
+
        time_now = self.clock.time_msec()

        chunk = {
            "chunk": [
-                serialize_event(e, time_now, as_client_event) for e in events
+                serialize_event(e, time_now, as_client_event)
+                for e in events
            ],
            "start": pagin_config.from_token.to_string(),
            "end": next_token.to_string(),
@ -125,6 +135,52 @@ class MessageHandler(BaseHandler):

        defer.returnValue(chunk)

+    @defer.inlineCallbacks
+    def _filter_events_for_client(self, user_id, room_id, events):
+        states = yield self.store.get_state_for_events(
+            room_id, [e.event_id for e in events],
+        )
+
+        events_and_states = zip(events, states)
+
+        def allowed(event_and_state):
+            event, state = event_and_state
+
+            if event.type == EventTypes.RoomHistoryVisibility:
+                return True
+
+            membership_ev = state.get((EventTypes.Member, user_id), None)
+            if membership_ev:
+                membership = membership_ev.membership
+            else:
+                membership = Membership.LEAVE
+
+            if membership == Membership.JOIN:
+                return True
+
+            history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
+            if history:
+                visibility = history.content.get("history_visibility", "shared")
+            else:
+                visibility = "shared"
+
+            if visibility == "public":
+                return True
+            elif visibility == "shared":
+                return True
+            elif visibility == "joined":
+                return membership == Membership.JOIN
+            elif visibility == "invited":
+                return membership == Membership.INVITE
+
+            return True
+
+        events_and_states = filter(allowed, events_and_states)
+        defer.returnValue([
+            ev
+            for ev, _ in events_and_states
+        ])
+
    @defer.inlineCallbacks
    def create_and_send_event(self, event_dict, ratelimit=True,
                              client=None, txn_id=None):
@ -321,6 +377,10 @@ class MessageHandler(BaseHandler):
                    ]
                ).addErrback(unwrapFirstError)

+                messages = yield self._filter_events_for_client(
+                    user_id, event.room_id, messages
+                )
+
                start_token = now_token.copy_and_replace("room_key", token[0])
                end_token = now_token.copy_and_replace("room_key", token[1])
                time_now = self.clock.time_msec()
@ -426,6 +486,10 @@ class MessageHandler(BaseHandler):
            consumeErrors=True,
        ).addErrback(unwrapFirstError)

+        messages = yield self._filter_events_for_client(
+            user_id, room_id, messages
+        )
+
        start_token = now_token.copy_and_replace("room_key", token[0])
        end_token = now_token.copy_and_replace("room_key", token[1])

--- a/synapse/handlers/register.py
+++ b/synapse/handlers/register.py
@ -192,6 +192,35 @@ class RegistrationHandler(BaseHandler):
        else:
            logger.info("Valid captcha entered from %s", ip)

+    @defer.inlineCallbacks
+    def register_saml2(self, localpart):
+        """
+        Registers email_id as SAML2 Based Auth.
+        """
+        if urllib.quote(localpart) != localpart:
+            raise SynapseError(
+                400,
+                "User ID must only contain characters which do not"
+                " require URL encoding."
+                )
+        user = UserID(localpart, self.hs.hostname)
+        user_id = user.to_string()
+
+        yield self.check_user_id_is_valid(user_id)
+        token = self._generate_token(user_id)
+        try:
+            yield self.store.register(
+                user_id=user_id,
+                token=token,
+                password_hash=None
+            )
+            yield self.distributor.fire("registered_user", user)
+        except Exception, e:
+            yield self.store.add_access_token_to_user(user_id, token)
+            # Ignore Registration errors
+            logger.exception(e)
+        defer.returnValue((user_id, token))
+
    @defer.inlineCallbacks
    def register_email(self, threepidCreds):
        """
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@ -213,6 +213,7 @@ class RoomCreationHandler(BaseHandler):
                "events": {
                    EventTypes.Name: 100,
                    EventTypes.PowerLevels: 100,
+                    EventTypes.RoomHistoryVisibility: 100,
                },
                "events_default": 0,
                "state_default": 50,
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@ -292,6 +292,51 @@ class SyncHandler(BaseHandler):
            next_batch=now_token,
        ))

+    @defer.inlineCallbacks
+    def _filter_events_for_client(self, user_id, room_id, events):
+        states = yield self.store.get_state_for_events(
+            room_id, [e.event_id for e in events],
+        )
+
+        events_and_states = zip(events, states)
+
+        def allowed(event_and_state):
+            event, state = event_and_state
+
+            if event.type == EventTypes.RoomHistoryVisibility:
+                return True
+
+            membership_ev = state.get((EventTypes.Member, user_id), None)
+            if membership_ev:
+                membership = membership_ev.membership
+            else:
+                membership = Membership.LEAVE
+
+            if membership == Membership.JOIN:
+                return True
+
+            history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
+            if history:
+                visibility = history.content.get("history_visibility", "shared")
+            else:
+                visibility = "shared"
+
+            if visibility == "public":
+                return True
+            elif visibility == "shared":
+                return True
+            elif visibility == "joined":
+                return membership == Membership.JOIN
+            elif visibility == "invited":
+                return membership == Membership.INVITE
+
+            return True
+        events_and_states = filter(allowed, events_and_states)
+        defer.returnValue([
+            ev
+            for ev, _ in events_and_states
+        ])
+
    @defer.inlineCallbacks
    def load_filtered_recents(self, room_id, sync_config, now_token,
                              since_token=None):
@ -313,6 +358,9 @@ class SyncHandler(BaseHandler):
            (room_key, _) = keys
            end_key = "s" + room_key.split('-')[-1]
            loaded_recents = sync_config.filter.filter_room_events(events)
+            loaded_recents = yield self._filter_events_for_client(
+                sync_config.user.to_string(), room_id, loaded_recents,
+            )
            loaded_recents.extend(recents)
            recents = loaded_recents
            if len(events) <= load_limit: