Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-07-03 01:41:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement MSC3989 to redact the origin field. (#15393)

Browse Source 
This will be done in a future room version, for now an unstable
room version is added which redacts the origin field.
This commit is contained in:
Patrick Cloke 2023-04-05 14:42:46 -04:00 committed by GitHub
parent 6b23d74ad1
commit 83649b891d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changelog.d/15393.misc Normal file
View File

@ -0,0 +1 @@
Implement [MSC3989](https://github.com/matrix-org/matrix-spec-proposals/pull/3989) redaction algorithm.

37
synapse/api/room_versions.py
View File

@ -104,6 +104,8 @@ class RoomVersion:
# support the flag. Unknown flags are ignored by the evaluator, making conditions # support the flag. Unknown flags are ignored by the evaluator, making conditions
# fail if used. # fail if used.
msc3931_push_features: Tuple[str, ...] # values from PushRuleRoomFlag msc3931_push_features: Tuple[str, ...] # values from PushRuleRoomFlag
# MSC3989: Redact the origin field.
msc3989_redaction_rules: bool
class RoomVersions: class RoomVersions:
@ -125,6 +127,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V2 = RoomVersion( V2 = RoomVersion(
"2", "2",
@ -144,6 +147,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V3 = RoomVersion( V3 = RoomVersion(
"3", "3",
@ -163,6 +167,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V4 = RoomVersion( V4 = RoomVersion(
"4", "4",
@ -182,6 +187,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V5 = RoomVersion( V5 = RoomVersion(
"5", "5",
@ -201,6 +207,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V6 = RoomVersion( V6 = RoomVersion(
"6", "6",
@ -220,6 +227,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
MSC2176 = RoomVersion( MSC2176 = RoomVersion(
"org.matrix.msc2176", "org.matrix.msc2176",
@ -239,6 +247,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V7 = RoomVersion( V7 = RoomVersion(
"7", "7",
@ -258,6 +267,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V8 = RoomVersion( V8 = RoomVersion(
"8", "8",
@ -277,6 +287,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V9 = RoomVersion( V9 = RoomVersion(
"9", "9",
@ -296,6 +307,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
MSC3787 = RoomVersion( MSC3787 = RoomVersion(
"org.matrix.msc3787", "org.matrix.msc3787",
@ -315,6 +327,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=True, msc3787_knock_restricted_join_rule=True,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
V10 = RoomVersion( V10 = RoomVersion(
"10", "10",
@ -334,6 +347,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=True, msc3787_knock_restricted_join_rule=True,
msc3667_int_only_power_levels=True, msc3667_int_only_power_levels=True,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
MSC2716v4 = RoomVersion( MSC2716v4 = RoomVersion(
"org.matrix.msc2716v4", "org.matrix.msc2716v4",
@ -353,6 +367,7 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=False, msc3787_knock_restricted_join_rule=False,
msc3667_int_only_power_levels=False, msc3667_int_only_power_levels=False,
msc3931_push_features=(), msc3931_push_features=(),
msc3989_redaction_rules=False,
) )
MSC1767v10 = RoomVersion( MSC1767v10 = RoomVersion(
# MSC1767 (Extensible Events) based on room version "10" # MSC1767 (Extensible Events) based on room version "10"
@ -373,6 +388,27 @@ class RoomVersions:
msc3787_knock_restricted_join_rule=True, msc3787_knock_restricted_join_rule=True,
msc3667_int_only_power_levels=True, msc3667_int_only_power_levels=True,
msc3931_push_features=(PushRuleRoomFlag.EXTENSIBLE_EVENTS,), msc3931_push_features=(PushRuleRoomFlag.EXTENSIBLE_EVENTS,),
msc3989_redaction_rules=False,
)
MSC3989 = RoomVersion(
"org.matrix.msc3989",
RoomDisposition.UNSTABLE,
EventFormatVersions.ROOM_V4_PLUS,
StateResolutionVersions.V2,
enforce_key_validity=True,
special_case_aliases_auth=False,
strict_canonicaljson=True,
limit_notifications_power_levels=True,
msc2176_redaction_rules=False,
msc3083_join_rules=True,
msc3375_redaction_rules=True,
msc2403_knocking=True,
msc2716_historical=False,
msc2716_redactions=False,
msc3787_knock_restricted_join_rule=True,
msc3667_int_only_power_levels=True,
msc3931_push_features=(),
msc3989_redaction_rules=True,
) )
@ -392,6 +428,7 @@ KNOWN_ROOM_VERSIONS: Dict[str, RoomVersion] = {
RoomVersions.MSC3787, RoomVersions.MSC3787,
RoomVersions.V10, RoomVersions.V10,
RoomVersions.MSC2716v4, RoomVersions.MSC2716v4,
RoomVersions.MSC3989,
) )
} }

5
synapse/events/utils.py
View File

@ -106,7 +106,6 @@ def prune_event_dict(room_version: RoomVersion, event_dict: JsonDict) -> JsonDic
"depth", "depth",
"prev_events", "prev_events",
"auth_events", "auth_events",
"origin",
"origin_server_ts", "origin_server_ts",
] ]
@ -114,6 +113,10 @@ def prune_event_dict(room_version: RoomVersion, event_dict: JsonDict) -> JsonDic
if not room_version.msc2176_redaction_rules: if not room_version.msc2176_redaction_rules:
allowed_keys.extend(["prev_state", "membership"]) allowed_keys.extend(["prev_state", "membership"])
# Room versions before MSC3989 kept the origin field.
if not room_version.msc3989_redaction_rules:
allowed_keys.append("origin")
event_type = event_dict["type"] event_type = event_dict["type"]
new_content = {} new_content = {}

7
tests/events/test_utils.py
View File

@ -143,6 +143,13 @@ class PruneEventTestCase(stdlib_unittest.TestCase):
room_version=RoomVersions.MSC2176, room_version=RoomVersions.MSC2176,
) )
# As of MSC3989 we now redact the origin key.
self.run_test(
{"type": "A", "origin": "example.com"},
{"type": "A", "content": {}, "signatures": {}, "unsigned": {}},
room_version=RoomVersions.MSC3989,
)
def test_unsigned(self) -> None: def test_unsigned(self) -> None:
"""Ensure that unsigned properties get stripped (except age_ts and replaces_state).""" """Ensure that unsigned properties get stripped (except age_ts and replaces_state)."""
self.run_test( self.run_test(