mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2025-01-12 04:59:29 -05:00
Implement MSC2176: Updated redaction rules (#8984)
An experimental room version ("org.matrix.msc2176") contains the new redaction rules for testing.
This commit is contained in:
parent
111b673fc1
commit
9dde9c9f01
1
changelog.d/8984.feature
Normal file
1
changelog.d/8984.feature
Normal file
@ -0,0 +1 @@
|
||||
Implement [MSC2176](https://github.com/matrix-org/matrix-doc/pull/2176) in an experimental room version.
|
@ -51,11 +51,11 @@ class RoomDisposition:
|
||||
class RoomVersion:
|
||||
"""An object which describes the unique attributes of a room version."""
|
||||
|
||||
identifier = attr.ib() # str; the identifier for this version
|
||||
disposition = attr.ib() # str; one of the RoomDispositions
|
||||
event_format = attr.ib() # int; one of the EventFormatVersions
|
||||
state_res = attr.ib() # int; one of the StateResolutionVersions
|
||||
enforce_key_validity = attr.ib() # bool
|
||||
identifier = attr.ib(type=str) # the identifier for this version
|
||||
disposition = attr.ib(type=str) # one of the RoomDispositions
|
||||
event_format = attr.ib(type=int) # one of the EventFormatVersions
|
||||
state_res = attr.ib(type=int) # one of the StateResolutionVersions
|
||||
enforce_key_validity = attr.ib(type=bool)
|
||||
|
||||
# bool: before MSC2261/MSC2432, m.room.aliases had special auth rules and redaction rules
|
||||
special_case_aliases_auth = attr.ib(type=bool)
|
||||
@ -64,9 +64,11 @@ class RoomVersion:
|
||||
# * Floats
|
||||
# * NaN, Infinity, -Infinity
|
||||
strict_canonicaljson = attr.ib(type=bool)
|
||||
# bool: MSC2209: Check 'notifications' key while verifying
|
||||
# MSC2209: Check 'notifications' key while verifying
|
||||
# m.room.power_levels auth rules.
|
||||
limit_notifications_power_levels = attr.ib(type=bool)
|
||||
# MSC2174/MSC2176: Apply updated redaction rules algorithm.
|
||||
msc2176_redaction_rules = attr.ib(type=bool)
|
||||
|
||||
|
||||
class RoomVersions:
|
||||
@ -79,6 +81,7 @@ class RoomVersions:
|
||||
special_case_aliases_auth=True,
|
||||
strict_canonicaljson=False,
|
||||
limit_notifications_power_levels=False,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
V2 = RoomVersion(
|
||||
"2",
|
||||
@ -89,6 +92,7 @@ class RoomVersions:
|
||||
special_case_aliases_auth=True,
|
||||
strict_canonicaljson=False,
|
||||
limit_notifications_power_levels=False,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
V3 = RoomVersion(
|
||||
"3",
|
||||
@ -99,6 +103,7 @@ class RoomVersions:
|
||||
special_case_aliases_auth=True,
|
||||
strict_canonicaljson=False,
|
||||
limit_notifications_power_levels=False,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
V4 = RoomVersion(
|
||||
"4",
|
||||
@ -109,6 +114,7 @@ class RoomVersions:
|
||||
special_case_aliases_auth=True,
|
||||
strict_canonicaljson=False,
|
||||
limit_notifications_power_levels=False,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
V5 = RoomVersion(
|
||||
"5",
|
||||
@ -119,6 +125,7 @@ class RoomVersions:
|
||||
special_case_aliases_auth=True,
|
||||
strict_canonicaljson=False,
|
||||
limit_notifications_power_levels=False,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
V6 = RoomVersion(
|
||||
"6",
|
||||
@ -129,6 +136,18 @@ class RoomVersions:
|
||||
special_case_aliases_auth=False,
|
||||
strict_canonicaljson=True,
|
||||
limit_notifications_power_levels=True,
|
||||
msc2176_redaction_rules=False,
|
||||
)
|
||||
MSC2176 = RoomVersion(
|
||||
"org.matrix.msc2176",
|
||||
RoomDisposition.UNSTABLE,
|
||||
EventFormatVersions.V3,
|
||||
StateResolutionVersions.V2,
|
||||
enforce_key_validity=True,
|
||||
special_case_aliases_auth=False,
|
||||
strict_canonicaljson=True,
|
||||
limit_notifications_power_levels=True,
|
||||
msc2176_redaction_rules=True,
|
||||
)
|
||||
|
||||
|
||||
@ -141,5 +160,6 @@ KNOWN_ROOM_VERSIONS = {
|
||||
RoomVersions.V4,
|
||||
RoomVersions.V5,
|
||||
RoomVersions.V6,
|
||||
RoomVersions.MSC2176,
|
||||
)
|
||||
} # type: Dict[str, RoomVersion]
|
||||
|
@ -79,13 +79,15 @@ def prune_event_dict(room_version: RoomVersion, event_dict: dict) -> dict:
|
||||
"state_key",
|
||||
"depth",
|
||||
"prev_events",
|
||||
"prev_state",
|
||||
"auth_events",
|
||||
"origin",
|
||||
"origin_server_ts",
|
||||
"membership",
|
||||
]
|
||||
|
||||
# Room versions from before MSC2176 had additional allowed keys.
|
||||
if not room_version.msc2176_redaction_rules:
|
||||
allowed_keys.extend(["prev_state", "membership"])
|
||||
|
||||
event_type = event_dict["type"]
|
||||
|
||||
new_content = {}
|
||||
@ -98,6 +100,10 @@ def prune_event_dict(room_version: RoomVersion, event_dict: dict) -> dict:
|
||||
if event_type == EventTypes.Member:
|
||||
add_fields("membership")
|
||||
elif event_type == EventTypes.Create:
|
||||
# MSC2176 rules state that create events cannot be redacted.
|
||||
if room_version.msc2176_redaction_rules:
|
||||
return event_dict
|
||||
|
||||
add_fields("creator")
|
||||
elif event_type == EventTypes.JoinRules:
|
||||
add_fields("join_rule")
|
||||
@ -112,10 +118,16 @@ def prune_event_dict(room_version: RoomVersion, event_dict: dict) -> dict:
|
||||
"kick",
|
||||
"redact",
|
||||
)
|
||||
|
||||
if room_version.msc2176_redaction_rules:
|
||||
add_fields("invite")
|
||||
|
||||
elif event_type == EventTypes.Aliases and room_version.special_case_aliases_auth:
|
||||
add_fields("aliases")
|
||||
elif event_type == EventTypes.RoomHistoryVisibility:
|
||||
add_fields("history_visibility")
|
||||
elif event_type == EventTypes.Redaction and room_version.msc2176_redaction_rules:
|
||||
add_fields("redacts")
|
||||
|
||||
allowed_fields = {k: v for k, v in event_dict.items() if k in allowed_keys}
|
||||
|
||||
|
@ -365,7 +365,7 @@ class RoomCreationHandler(BaseHandler):
|
||||
creation_content = {
|
||||
"room_version": new_room_version.identifier,
|
||||
"predecessor": {"room_id": old_room_id, "event_id": tombstone_event_id},
|
||||
}
|
||||
} # type: JsonDict
|
||||
|
||||
# Check if old room was non-federatable
|
||||
|
||||
|
@ -34,11 +34,17 @@ def MockEvent(**kwargs):
|
||||
|
||||
|
||||
class PruneEventTestCase(unittest.TestCase):
|
||||
""" Asserts that a new event constructed with `evdict` will look like
|
||||
`matchdict` when it is redacted. """
|
||||
|
||||
def run_test(self, evdict, matchdict, **kwargs):
|
||||
self.assertEquals(
|
||||
"""
|
||||
Asserts that a new event constructed with `evdict` will look like
|
||||
`matchdict` when it is redacted.
|
||||
|
||||
Args:
|
||||
evdict: The dictionary to build the event from.
|
||||
matchdict: The expected resulting dictionary.
|
||||
kwargs: Additional keyword arguments used to create the event.
|
||||
"""
|
||||
self.assertEqual(
|
||||
prune_event(make_event_from_dict(evdict, **kwargs)).get_dict(), matchdict
|
||||
)
|
||||
|
||||
@ -55,54 +61,80 @@ class PruneEventTestCase(unittest.TestCase):
|
||||
)
|
||||
|
||||
def test_basic_keys(self):
|
||||
"""Ensure that the keys that should be untouched are kept."""
|
||||
# Note that some of the values below don't really make sense, but the
|
||||
# pruning of events doesn't worry about the values of any fields (with
|
||||
# the exception of the content field).
|
||||
self.run_test(
|
||||
{
|
||||
"event_id": "$3:domain",
|
||||
"type": "A",
|
||||
"room_id": "!1:domain",
|
||||
"sender": "@2:domain",
|
||||
"event_id": "$3:domain",
|
||||
"state_key": "B",
|
||||
"content": {"other_key": "foo"},
|
||||
"hashes": "hashes",
|
||||
"signatures": {"domain": {"algo:1": "sigs"}},
|
||||
"depth": 4,
|
||||
"prev_events": "prev_events",
|
||||
"prev_state": "prev_state",
|
||||
"auth_events": "auth_events",
|
||||
"origin": "domain",
|
||||
"origin_server_ts": 1234,
|
||||
"membership": "join",
|
||||
# Also include a key that should be removed.
|
||||
"other_key": "foo",
|
||||
},
|
||||
{
|
||||
"event_id": "$3:domain",
|
||||
"type": "A",
|
||||
"room_id": "!1:domain",
|
||||
"sender": "@2:domain",
|
||||
"event_id": "$3:domain",
|
||||
"state_key": "B",
|
||||
"hashes": "hashes",
|
||||
"depth": 4,
|
||||
"prev_events": "prev_events",
|
||||
"prev_state": "prev_state",
|
||||
"auth_events": "auth_events",
|
||||
"origin": "domain",
|
||||
"origin_server_ts": 1234,
|
||||
"membership": "join",
|
||||
"content": {},
|
||||
"signatures": {},
|
||||
"signatures": {"domain": {"algo:1": "sigs"}},
|
||||
"unsigned": {},
|
||||
},
|
||||
)
|
||||
|
||||
def test_unsigned_age_ts(self):
|
||||
# As of MSC2176 we now redact the membership and prev_states keys.
|
||||
self.run_test(
|
||||
{"type": "B", "event_id": "$test:domain", "unsigned": {"age_ts": 20}},
|
||||
{
|
||||
"type": "B",
|
||||
"event_id": "$test:domain",
|
||||
"content": {},
|
||||
"signatures": {},
|
||||
"unsigned": {"age_ts": 20},
|
||||
},
|
||||
{"type": "A", "prev_state": "prev_state", "membership": "join"},
|
||||
{"type": "A", "content": {}, "signatures": {}, "unsigned": {}},
|
||||
room_version=RoomVersions.MSC2176,
|
||||
)
|
||||
|
||||
def test_unsigned(self):
|
||||
"""Ensure that unsigned properties get stripped (except age_ts and replaces_state)."""
|
||||
self.run_test(
|
||||
{
|
||||
"type": "B",
|
||||
"event_id": "$test:domain",
|
||||
"unsigned": {"other_key": "here"},
|
||||
"unsigned": {
|
||||
"age_ts": 20,
|
||||
"replaces_state": "$test2:domain",
|
||||
"other_key": "foo",
|
||||
},
|
||||
},
|
||||
{
|
||||
"type": "B",
|
||||
"event_id": "$test:domain",
|
||||
"content": {},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
"unsigned": {"age_ts": 20, "replaces_state": "$test2:domain"},
|
||||
},
|
||||
)
|
||||
|
||||
def test_content(self):
|
||||
"""The content dictionary should be stripped in most cases."""
|
||||
self.run_test(
|
||||
{"type": "C", "event_id": "$test:domain", "content": {"things": "here"}},
|
||||
{
|
||||
@ -114,11 +146,35 @@ class PruneEventTestCase(unittest.TestCase):
|
||||
},
|
||||
)
|
||||
|
||||
# Some events keep a single content key/value.
|
||||
EVENT_KEEP_CONTENT_KEYS = [
|
||||
("member", "membership", "join"),
|
||||
("join_rules", "join_rule", "invite"),
|
||||
("history_visibility", "history_visibility", "shared"),
|
||||
]
|
||||
for event_type, key, value in EVENT_KEEP_CONTENT_KEYS:
|
||||
self.run_test(
|
||||
{
|
||||
"type": "m.room." + event_type,
|
||||
"event_id": "$test:domain",
|
||||
"content": {key: value, "other_key": "foo"},
|
||||
},
|
||||
{
|
||||
"type": "m.room." + event_type,
|
||||
"event_id": "$test:domain",
|
||||
"content": {key: value},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
)
|
||||
|
||||
def test_create(self):
|
||||
"""Create events are partially redacted until MSC2176."""
|
||||
self.run_test(
|
||||
{
|
||||
"type": "m.room.create",
|
||||
"event_id": "$test:domain",
|
||||
"content": {"creator": "@2:domain", "other_field": "here"},
|
||||
"content": {"creator": "@2:domain", "other_key": "foo"},
|
||||
},
|
||||
{
|
||||
"type": "m.room.create",
|
||||
@ -129,6 +185,68 @@ class PruneEventTestCase(unittest.TestCase):
|
||||
},
|
||||
)
|
||||
|
||||
# After MSC2176, create events get nothing redacted.
|
||||
self.run_test(
|
||||
{"type": "m.room.create", "content": {"not_a_real_key": True}},
|
||||
{
|
||||
"type": "m.room.create",
|
||||
"content": {"not_a_real_key": True},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
room_version=RoomVersions.MSC2176,
|
||||
)
|
||||
|
||||
def test_power_levels(self):
|
||||
"""Power level events keep a variety of content keys."""
|
||||
self.run_test(
|
||||
{
|
||||
"type": "m.room.power_levels",
|
||||
"event_id": "$test:domain",
|
||||
"content": {
|
||||
"ban": 1,
|
||||
"events": {"m.room.name": 100},
|
||||
"events_default": 2,
|
||||
"invite": 3,
|
||||
"kick": 4,
|
||||
"redact": 5,
|
||||
"state_default": 6,
|
||||
"users": {"@admin:domain": 100},
|
||||
"users_default": 7,
|
||||
"other_key": 8,
|
||||
},
|
||||
},
|
||||
{
|
||||
"type": "m.room.power_levels",
|
||||
"event_id": "$test:domain",
|
||||
"content": {
|
||||
"ban": 1,
|
||||
"events": {"m.room.name": 100},
|
||||
"events_default": 2,
|
||||
# Note that invite is not here.
|
||||
"kick": 4,
|
||||
"redact": 5,
|
||||
"state_default": 6,
|
||||
"users": {"@admin:domain": 100},
|
||||
"users_default": 7,
|
||||
},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
)
|
||||
|
||||
# After MSC2176, power levels events keep the invite key.
|
||||
self.run_test(
|
||||
{"type": "m.room.power_levels", "content": {"invite": 75}},
|
||||
{
|
||||
"type": "m.room.power_levels",
|
||||
"content": {"invite": 75},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
room_version=RoomVersions.MSC2176,
|
||||
)
|
||||
|
||||
def test_alias_event(self):
|
||||
"""Alias events have special behavior up through room version 6."""
|
||||
self.run_test(
|
||||
@ -146,8 +264,7 @@ class PruneEventTestCase(unittest.TestCase):
|
||||
},
|
||||
)
|
||||
|
||||
def test_msc2432_alias_event(self):
|
||||
"""After MSC2432, alias events have no special behavior."""
|
||||
# After MSC2432, alias events have no special behavior.
|
||||
self.run_test(
|
||||
{"type": "m.room.aliases", "content": {"aliases": ["test"]}},
|
||||
{
|
||||
@ -159,6 +276,32 @@ class PruneEventTestCase(unittest.TestCase):
|
||||
room_version=RoomVersions.V6,
|
||||
)
|
||||
|
||||
def test_redacts(self):
|
||||
"""Redaction events have no special behaviour until MSC2174/MSC2176."""
|
||||
|
||||
self.run_test(
|
||||
{"type": "m.room.redaction", "content": {"redacts": "$test2:domain"}},
|
||||
{
|
||||
"type": "m.room.redaction",
|
||||
"content": {},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
room_version=RoomVersions.V6,
|
||||
)
|
||||
|
||||
# After MSC2174, redaction events keep the redacts content key.
|
||||
self.run_test(
|
||||
{"type": "m.room.redaction", "content": {"redacts": "$test2:domain"}},
|
||||
{
|
||||
"type": "m.room.redaction",
|
||||
"content": {"redacts": "$test2:domain"},
|
||||
"signatures": {},
|
||||
"unsigned": {},
|
||||
},
|
||||
room_version=RoomVersions.MSC2176,
|
||||
)
|
||||
|
||||
|
||||
class SerializeEventTestCase(unittest.TestCase):
|
||||
def serialize(self, ev, fields):
|
||||
|
Loading…
Reference in New Issue
Block a user