Commit Graph

113 Commits

Author SHA1 Message Date
Erik Johnston
016c089f13 Merge branch 'develop' of github.com:matrix-org/synapse into erikj/power_level_sanity 2015-07-13 13:48:13 +01:00
Erik Johnston
a5ea22d468 Sanitize power level checks 2015-07-10 14:05:38 +01:00
Erik Johnston
7e3b14fe78 You shouldn't be able to ban/kick users with higher power levels 2015-07-10 14:05:38 +01:00
Erik Johnston
1a3255b507 Add m.room.history_visibility to newly created rooms' m.room.power_levels 2015-07-06 13:25:35 +01:00
Erik Johnston
00ab882ed6 Add m.room.history_visibility to list of auth events 2015-07-03 10:31:24 +01:00
Erik Johnston
cee69441d3 Log more when we have processed the request 2015-06-15 17:11:44 +01:00
Erik Johnston
22c7c5eb8f Typo 2015-05-01 14:41:25 +01:00
Erik Johnston
42c12c04f6 Remove some run_on_reactors 2015-05-01 14:41:25 +01:00
Erik Johnston
adb5b76ff5 Don't log all auth events every time we call auth.check 2015-05-01 14:41:25 +01:00
Erik Johnston
80b4119279 Don't wait for storage of access_token 2015-05-01 13:14:05 +01:00
Mark Haines
9182f87664 Merge pull request #126 from matrix-org/csauth
Client / Server Auth Refactor
2015-04-28 11:00:27 +01:00
Paul "LeoNerd" Evans
38432d8c25 Merge branch 'develop' into invite_power_level 2015-04-27 17:09:25 +01:00
David Baker
6532b6e607 Merge branch 'develop' into csauth
Conflicts:
	synapse/http/server.py
2015-04-24 09:37:54 +01:00
David Baker
a2c10d37d7 Add an error code to 'missing token' response. 2015-04-23 13:23:44 +01:00
Paul "LeoNerd" Evans
a16eaa0c33 Neater fetching of user's auth level in a room - squash to int() at access time (SYN-353) 2015-04-22 14:20:04 +01:00
Paul "LeoNerd" Evans
f43063158a Appease pep8 2015-04-22 13:12:11 +01:00
Paul "LeoNerd" Evans
2808c040ef Also remember to check 'invite' level for changes 2015-04-21 21:13:14 +01:00
Paul "LeoNerd" Evans
bc41f0398f Initial implementation of an 'invite' power_level 2015-04-21 20:56:08 +01:00
Paul "LeoNerd" Evans
d3309933f5 Much neater fetching of defined powerlevels from m.room.power_levels state event 2015-04-21 20:53:23 +01:00
Paul "LeoNerd" Evans
b568c0231c Remove debugging print statement accidentally committed 2015-04-21 20:21:14 +01:00
Paul "LeoNerd" Evans
3a7d7a3f22 Sanitise a user's powerlevel to an int() before numerical comparison, because otherwise Python is "helpful" with it (SYN-351) 2015-04-21 20:18:29 +01:00
David Baker
cb03fafdf1 Merge branch 'develop' into csauth 2015-04-17 13:51:10 +01:00
Paul "LeoNerd" Evans
399b5add58 Neater implementation of membership change auth checks, ensuring we can't forget to check if the calling user is a member of the room 2015-04-15 18:40:23 +01:00
Paul "LeoNerd" Evans
e6e130b9ba Ensure that non-room-members cannot ban others, even if they do have enough powerlevel (SYN-343) 2015-04-15 18:07:33 +01:00
Kegan Dougal
ae8ff92e05 Fix a bug which causes a send event level of 0 to not be honoured.
Caused by a bad if check, which incorrectly executes for both 0 and None,
when None was the original intent.
2015-04-07 15:48:20 +01:00
David Baker
9aa0224cdf unused import 2015-03-24 17:25:59 +00:00
David Baker
c7023f2155 1) Pushers are now associated with an access token
2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it.
2015-03-24 17:24:15 +00:00
Paul "LeoNerd" Evans
93978c5e2b @cached() annotate get_user_by_token() - achieves a minor DB performance improvement 2015-03-17 17:24:51 +00:00
Erik Johnston
b2e6ee5b43 Remove concept of context.auth_events, instead use context.current_state 2015-03-16 13:06:23 +00:00
Erik Johnston
ea8590cf66 Make context.auth_events grap auth events from current state. Otherwise auth is wrong. 2015-03-16 00:18:08 +00:00
Erik Johnston
ab8229479b Respect ban membership 2015-03-16 00:17:25 +00:00
Kegan Dougal
9978c5c103 Merge branch 'develop' into application-services 2015-02-11 10:03:24 +00:00
Erik Johnston
d94f682a4c During room intial sync, only calculate current state once. 2015-02-09 17:41:29 +00:00
Kegan Dougal
5a7dd05818 Modify auth.get_user_by_req for authing appservices directly.
Add logic to map the appservice token to the autogenned appservice user ID.
Add unit tests for all forms of get_user_by_req (user/appservice,
valid/bad/missing tokens)
2015-02-09 14:14:15 +00:00
Kegan Dougal
e426df8e10 Grant ASes the ability to create alias in their own namespace.
Add a new errcode type M_EXCLUSIVE when users try to create aliases inside
AS namespaces, and when ASes try to create aliases outside their own
namespace.
2015-02-06 10:57:14 +00:00
Kegan Dougal
5b99b471b2 Fix unit tests. 2015-02-05 15:12:36 +00:00
Kegan Dougal
c163357f38 Add CS extension for masquerading as users within the namespaces specified by the AS. 2015-02-05 15:00:33 +00:00
Erik Johnston
650e32d455 Change context.auth_events to what the auth_events would be bases on context.current_state, rather than based on the auth_events from the event. 2015-02-04 14:06:46 +00:00
Erik Johnston
0dd3aea319 Keep around the old (buggy) version of the prune_event function so that we can use it to check signatures for events on old servers 2015-02-03 14:58:30 +00:00
Erik Johnston
a70a801184 Fix bug where we superfluously asked for current state. Change API of /query_auth/ so that we don't duplicate events in the response. 2015-01-30 13:34:01 +00:00
Erik Johnston
2ebf795c0a Merge branch 'develop' of github.com:matrix-org/synapse into rejections
Conflicts:
	synapse/storage/__init__.py
	synapse/storage/schema/delta/v12.sql
2015-01-30 11:10:37 +00:00
Mark Haines
3cca61e006 Rename ClientID to ClientInfo since it is a pair of IDs rather than a single identifier 2015-01-28 17:16:12 +00:00
Mark Haines
c18e551640 Add a : to the doc string after the type of the return value 2015-01-28 17:08:53 +00:00
Mark Haines
388581e087 Extract the id token of the token when authing users, include the token and device_id in the internal meta data for the event along with the transaction id when sending events 2015-01-28 16:58:23 +00:00
Erik Johnston
0ef5bfd6a9 Start implementing auth conflict res 2015-01-28 16:16:53 +00:00
Mark Haines
c59bcabf0b Return the device_id from get_auth_by_req 2015-01-28 15:43:41 +00:00
Mark Haines
5759bec43c Replace hs.parse_userid with UserID.from_string 2015-01-23 11:47:15 +00:00
Kegan Dougal
4c68460392 SYN-154: Tweak how the m.room.create check is done.
Don't perform the check in auth.is_host_in_room but instead do it in _do_join
and also assert that there are no m.room.members in the room before doing so.
2015-01-07 16:09:00 +00:00
Kegan Dougal
9cb4f75d53 SYN-154: Better error messages when joining an unknown room by ID.
The simple fix doesn't work here because room creation also involves
unknown room IDs. The check relies on the presence of m.room.create for
rooms being created, whereas bogus room IDs have no state events at all.
2015-01-07 15:21:48 +00:00
Mark Haines
adb04b1e57 Update copyright notices 2015-01-06 13:21:39 +00:00