forked-synapse/tests/rest
Grant McLean 5c24d7b9eb
Check required power levels earlier in createRoom handler. (#15695)
* Check required power levels earlier in createRoom handler.

- If a server was configured to reject the creation of rooms with E2EE
  enabled (by specifying an unattainably high power level for
  "m.room.encryption" in default_power_level_content_override), the 403
  error was not being triggered until after the room was created and
  before the "m.room.power_levels" was sent.  This allowed a user to
  access the partially-configured room and complete the setup of E2EE
  and power levels manually.

- This change causes the power level overrides to be checked earlier and
  the request to be rejected before the user gains access to the room.

- A new `_validate_room_config` method is added to contain checks that
  should be run before a room is created.

- The new test case confirms that a user request is rejected by the new
  validation method.

Signed-off-by: Grant McLean <grant@catalyst.net.nz>

* Add a changelog file.

* Formatting fix for black.

* Remove unneeded line from test.

---------

Signed-off-by: Grant McLean <grant@catalyst.net.nz>
2023-06-07 16:21:25 +01:00
..
admin Tests for JWKS endpoint 2023-05-30 09:43:06 -04:00
client Check required power levels earlier in createRoom handler. (#15695) 2023-06-07 16:21:25 +01:00
key Stop using deprecated keyIds param on /key/v2/server (#14525) 2022-11-30 11:59:57 +00:00
media Add stubs package for lxml. (#15697) 2023-05-31 17:06:57 +00:00
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_health.py Use literals in place of HTTPStatus constants in tests (#13463) 2022-08-05 16:59:09 +02:00
test_well_known.py Refactor config to be an experimental feature 2023-05-30 09:43:06 -04:00