Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-03 07:24:49 -04:00
Code Issues Projects Releases Packages Wiki Activity

Enforce MSC2209: auth rules for notifications in power level event (#7502)

Browse source 
In a new room version, the "notifications" key of power level events are
subject to restricted auth rules.
This commit is contained in:
Patrick Cloke 2020-05-14 12:38:17 -04:00 committed by GitHub
parent 5611644519
commit fef3ff5cc4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 65 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
synapse/event_auth.py
View file

@ -181,7 +181,7 @@ def check(
_can_send_event(event, auth_events)
if event.type == EventTypes.PowerLevels:
_check_power_levels(event, auth_events)
_check_power_levels(room_version_obj, event, auth_events)
if event.type == EventTypes.Redaction:
check_redaction(room_version_obj, event, auth_events)
@ -442,7 +442,7 @@ def check_redaction(room_version_obj: RoomVersion, event, auth_events):
raise AuthError(403, "You don't have permission to redact events")
def _check_power_levels(event, auth_events):
def _check_power_levels(room_version_obj, event, auth_events):
user_list = event.content.get("users", {})
# Validate users
for k, v in user_list.items():
@ -484,6 +484,14 @@ def _check_power_levels(event, auth_events):
for ev_id in set(list(old_list) + list(new_list)):
levels_to_check.append((ev_id, "events"))
# MSC2209 specifies these checks should also be done for the "notifications"
# key.
if room_version_obj.limit_notifications_power_levels:
old_list = current_state.content.get("notifications", {})
new_list = event.content.get("notifications", {})
for ev_id in set(list(old_list) + list(new_list)):
levels_to_check.append((ev_id, "notifications"))
old_state = current_state.content
new_state = event.content