forked-synapse/tests
Grant McLean 5c24d7b9eb
Check required power levels earlier in createRoom handler. (#15695)
* Check required power levels earlier in createRoom handler.

- If a server was configured to reject the creation of rooms with E2EE
  enabled (by specifying an unattainably high power level for
  "m.room.encryption" in default_power_level_content_override), the 403
  error was not being triggered until after the room was created and
  before the "m.room.power_levels" was sent.  This allowed a user to
  access the partially-configured room and complete the setup of E2EE
  and power levels manually.

- This change causes the power level overrides to be checked earlier and
  the request to be rejected before the user gains access to the room.

- A new `_validate_room_config` method is added to contain checks that
  should be run before a room is created.

- The new test case confirms that a user request is rejected by the new
  validation method.

Signed-off-by: Grant McLean <grant@catalyst.net.nz>

* Add a changelog file.

* Formatting fix for black.

* Remove unneeded line from test.

---------

Signed-off-by: Grant McLean <grant@catalyst.net.nz>
2023-06-07 16:21:25 +01:00
..
api N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
app Merge branch 'master' into develop 2023-05-26 17:16:15 +01:00
appservice Improve type hints for cached decorator. (#15658) 2023-05-24 12:59:31 +00:00
config Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388) 2023-06-01 08:52:51 -04:00
crypto Modify StoreKeyFetcher to read from server_keys_json. (#15417) 2023-04-20 12:30:32 -04:00
events Properly parse event_fields in filters (#15607) 2023-05-22 11:31:22 -04:00
federation Rename blacklist/whitelist internally. (#15620) 2023-05-19 12:25:25 +00:00
handlers N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
http Rename blacklist/whitelist internally. (#15620) 2023-05-19 12:25:25 +00:00
logging Trace functions which return Awaitable (#15650) 2023-06-06 17:39:22 -05:00
media Add stubs package for lxml. (#15697) 2023-05-31 17:06:57 +00:00
metrics Add missing type hints to tests. (#14687) 2022-12-28 08:29:35 -05:00
module_api N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
push Stabilize support for MSC3952: Intentional mentions. (#15520) 2023-06-06 09:11:07 +01:00
replication Merge branch 'master' into develop 2023-05-26 17:16:15 +01:00
rest Check required power levels earlier in createRoom handler. (#15695) 2023-06-07 16:21:25 +01:00
scripts Add more missing type hints to tests. (#15028) 2023-02-08 16:29:49 -05:00
server_notices Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
state Fix typechecks against twisted trunk (#13061) 2022-06-15 11:49:58 +01:00
storage N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
test_utils Log when events are (unexpectedly) filtered out of responses in tests (#14213) 2023-06-01 21:27:18 -05:00
types Use immutabledict instead of frozendict (#15113) 2023-03-22 17:15:34 +00:00
util Add type hints to test_descriptors. (#15659) 2023-05-24 14:18:52 +00:00
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
server.py Add stricter mypy options (#15694) 2023-05-31 07:18:29 -04:00
test_distributor.py Add missing type hints to tests. (#15027) 2023-02-08 19:52:37 +00:00
test_event_auth.py Add missing type hints to tests. (#15027) 2023-02-08 19:52:37 +00:00
test_federation.py Remove legacy code of single user device resync api (#15418) 2023-04-21 12:06:39 +01:00
test_mau.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_phone_home.py Add final type hint to tests.unittest. (#15072) 2023-02-14 14:03:35 -05:00
test_rust.py Add missing type hints to tests. (#15027) 2023-02-08 19:52:37 +00:00
test_server.py Add Synapse-Trace-Id to access-control-expose-headers header (#14974) 2023-03-20 11:14:05 -07:00
test_state.py Make the api.auth.Auth a Protocol 2023-05-30 09:43:06 -04:00
test_terms_auth.py Proper types for tests.test_terms_auth (#15007) 2023-02-07 12:03:39 +00:00
test_test_utils.py Add missing type hints to tests. (#15027) 2023-02-08 19:52:37 +00:00
test_types.py Add missing type hints to tests. (#15027) 2023-02-08 19:52:37 +00:00
test_visibility.py Refactor filter_events_for_server (#15240) 2023-03-10 15:31:25 +00:00
unittest.py Limit the size of the HomeServerConfig cache in trial test runs (#15646) 2023-05-22 13:25:39 +01:00
utils.py Modify StoreKeyFetcher to read from server_keys_json. (#15417) 2023-04-20 12:30:32 -04:00