Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-09-29 20:55:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
d84e66144d
forked-synapse/synapse/handlers
History
Grant McLean 5c24d7b9eb
Check required power levels earlier in createRoom handler. (#15695) 
* Check required power levels earlier in createRoom handler.

- If a server was configured to reject the creation of rooms with E2EE
  enabled (by specifying an unattainably high power level for
  "m.room.encryption" in default_power_level_content_override), the 403
  error was not being triggered until after the room was created and
  before the "m.room.power_levels" was sent.  This allowed a user to
  access the partially-configured room and complete the setup of E2EE
  and power levels manually.

- This change causes the power level overrides to be checked earlier and
  the request to be rejected before the user gains access to the room.

- A new `_validate_room_config` method is added to contain checks that
  should be run before a room is created.

- The new test case confirms that a user request is rejected by the new
  validation method.

Signed-off-by: Grant McLean <grant@catalyst.net.nz>

* Add a changelog file.

* Formatting fix for black.

* Remove unneeded line from test.

---------

Signed-off-by: Grant McLean <grant@catalyst.net.nz>
2023-06-07 16:21:25 +01:00
..
ui_auth
__init__.py
account_data.py
account_validity.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
account.py
admin.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
appservice.py Add support for claiming multiple OTKs at once. (#15468) 2023-04-27 12:57:46 -04:00
auth.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
cas.py
deactivate_account.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
device.py Check appservices for devices during a /user/devices query. (#15539) 2023-05-05 15:18:47 -04:00
devicemessage.py Remove legacy code of single user device resync api (#15418) 2023-04-21 12:06:39 +01:00
directory.py Move ThirdPartyEventRules into module_api/callbacks (#15535) 2023-05-04 14:18:22 +00:00
e2e_keys.py Add requesting user id parameter to key claim methods in TransportLayerClient (#15663) 2023-05-24 13:23:26 -07:00
e2e_room_keys.py
event_auth.py Factor out an is_mine_server_name method (#15542) 2023-05-05 15:06:22 +01:00
events.py
federation_event.py Process previously failed backfill events in the background (#15585) 2023-05-24 23:22:24 -05:00
federation.py Some house keeping on maybe_backfill() functions (#15709) 2023-06-05 23:38:52 -05:00
identity.py Rename blacklist/whitelist internally. (#15620) 2023-05-19 12:25:25 +00:00
initial_sync.py
jwt.py Consolidate logic to check for deactivated users. (#15634) 2023-05-23 10:35:43 -04:00
message.py Move ThirdPartyEventRules into module_api/callbacks (#15535) 2023-05-04 14:18:22 +00:00
oidc.py Add stricter mypy options (#15694) 2023-05-31 07:18:29 -04:00
pagination.py Add stricter mypy options (#15694) 2023-05-31 07:18:29 -04:00
password_policy.py
presence.py Remove some unused server_name fields (#15723) 2023-06-06 12:32:29 +01:00
profile.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
push_rules.py Error if attempting to set m.push_rules account data, per MSC4010. (#15555) 2023-05-09 10:34:10 -04:00
read_marker.py Remove some unused server_name fields (#15723) 2023-06-06 12:32:29 +01:00
receipts.py
register.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
relations.py Add a catch-all * to the supported relation types when redacting (#15705) 2023-06-02 13:13:50 +00:00
room_batch.py
room_list.py
room_member_worker.py Add config option to forget rooms automatically when users leave them (#15224) 2023-05-03 12:27:33 +01:00
room_member.py Move ThirdPartyEventRules into module_api/callbacks (#15535) 2023-05-04 14:18:22 +00:00
room_summary.py
room.py Check required power levels earlier in createRoom handler. (#15695) 2023-06-07 16:21:25 +01:00
saml.py
search.py
send_email.py
set_password.py
sso.py Rename blacklist/whitelist internally. (#15620) 2023-05-19 12:25:25 +00:00
state_deltas.py
stats.py Remove some unused server_name fields (#15723) 2023-06-06 12:32:29 +01:00
sync.py Error if attempting to set m.push_rules account data, per MSC4010. (#15555) 2023-05-09 10:34:10 -04:00
typing.py Factor out an is_mine_server_name method (#15542) 2023-05-05 15:06:22 +01:00
user_directory.py