mirror of
https://mau.dev/maunium/synapse.git
synced 2024-09-29 20:55:39 +00:00
5c24d7b9eb
* Check required power levels earlier in createRoom handler. - If a server was configured to reject the creation of rooms with E2EE enabled (by specifying an unattainably high power level for "m.room.encryption" in default_power_level_content_override), the 403 error was not being triggered until after the room was created and before the "m.room.power_levels" was sent. This allowed a user to access the partially-configured room and complete the setup of E2EE and power levels manually. - This change causes the power level overrides to be checked earlier and the request to be rejected before the user gains access to the room. - A new `_validate_room_config` method is added to contain checks that should be run before a room is created. - The new test case confirms that a user request is rejected by the new validation method. Signed-off-by: Grant McLean <grant@catalyst.net.nz> * Add a changelog file. * Formatting fix for black. * Remove unneeded line from test. --------- Signed-off-by: Grant McLean <grant@catalyst.net.nz> |
||
---|---|---|
.. | ||
ui_auth | ||
__init__.py | ||
account_data.py | ||
account_validity.py | ||
account.py | ||
admin.py | ||
appservice.py | ||
auth.py | ||
cas.py | ||
deactivate_account.py | ||
device.py | ||
devicemessage.py | ||
directory.py | ||
e2e_keys.py | ||
e2e_room_keys.py | ||
event_auth.py | ||
events.py | ||
federation_event.py | ||
federation.py | ||
identity.py | ||
initial_sync.py | ||
jwt.py | ||
message.py | ||
oidc.py | ||
pagination.py | ||
password_policy.py | ||
presence.py | ||
profile.py | ||
push_rules.py | ||
read_marker.py | ||
receipts.py | ||
register.py | ||
relations.py | ||
room_batch.py | ||
room_list.py | ||
room_member_worker.py | ||
room_member.py | ||
room_summary.py | ||
room.py | ||
saml.py | ||
search.py | ||
send_email.py | ||
set_password.py | ||
sso.py | ||
state_deltas.py | ||
stats.py | ||
sync.py | ||
typing.py | ||
user_directory.py |