Merge pull request #3397 from matrix-org/rav/adjust_auth_rules

Adjust event auth rules when there is no PL event
2024-10-01 08:25:44 -04:00 · 2018-06-14 16:09:13 +01:00 · 2018-06-14 16:09:13 +01:00 · 61ab08a197
commit 61ab08a197
parent aefcc0f5e5 1e77ac66e3
4 changed files with 232 additions and 46 deletions
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@ -655,7 +655,7 @@ class Auth(object):
            auth_events[(EventTypes.PowerLevels, "")] = power_level_event
        send_level = event_auth.get_send_level(
-            EventTypes.Aliases, "", auth_events
+            EventTypes.Aliases, "", power_level_event,
        )
        user_level = event_auth.get_user_power_level(user_id, auth_events)
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@ -34,9 +34,11 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
        event: the event being checked.
        auth_events (dict: event-key -> event): the existing room state.
    Raises:
        AuthError if the checks fail
    Returns:
-        True if the auth checks pass.
+         if the auth checks pass.
    """
    if do_size_check:
        _check_size_limits(event)
@ -71,7 +73,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
        # Oh, we don't know what the state of the room was, so we
        # are trusting that this is allowed (at least for now)
        logger.warn("Trusting event: %s", event.event_id)
-        return True
+        return
    if event.type == EventTypes.Create:
        room_id_domain = get_domain_from_id(event.room_id)
@ -81,7 +83,8 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
                "Creation event's room_id domain does not match sender's"
            )
        # FIXME
-        return True
+        logger.debug("Allowing! %s", event)
        return
    creation_event = auth_events.get((EventTypes.Create, ""), None)
@ -118,7 +121,8 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
                403,
                "Alias event's state_key does not match sender's domain"
            )
-        return True
+        logger.debug("Allowing! %s", event)
        return
    if logger.isEnabledFor(logging.DEBUG):
        logger.debug(
@ -127,14 +131,9 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
        )
    if event.type == EventTypes.Member:
-        allowed = _is_membership_change_allowed(
+        _is_membership_change_allowed(event, auth_events)
            event, auth_events
        )
        if allowed:
        logger.debug("Allowing! %s", event)
-        else:
+        return
            logger.debug("Denying! %s", event)
        return allowed
    _check_event_sender_in_room(event, auth_events)
@ -153,7 +152,8 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
                )
            )
        else:
-            return True
+            logger.debug("Allowing! %s", event)
            return
    _can_send_event(event, auth_events)
@ -200,7 +200,7 @@ def _is_membership_change_allowed(event, auth_events):
        create = auth_events.get(key)
        if create and event.prev_events[0][0] == create.event_id:
            if create.content["creator"] == event.state_key:
-                return True
+                return
    target_user_id = event.state_key
@ -265,13 +265,13 @@ def _is_membership_change_allowed(event, auth_events):
            raise AuthError(
                403, "%s is banned from the room" % (target_user_id,)
            )
-        return True
+        return
    if Membership.JOIN != membership:
        if (caller_invited
                and Membership.LEAVE == membership
                and target_user_id == event.user_id):
-            return True
+            return
        if not caller_in_room:  # caller isn't joined
            raise AuthError(
@ -334,8 +334,6 @@ def _is_membership_change_allowed(event, auth_events):
    else:
        raise AuthError(500, "Unknown membership %s" % membership)
    return True
 def _check_event_sender_in_room(event, auth_events):
    key = (EventTypes.Member, event.user_id, )
@ -355,35 +353,46 @@ def _check_joined_room(member, user_id, room_id):
        ))
-def get_send_level(etype, state_key, auth_events):
+def get_send_level(etype, state_key, power_levels_event):
-    key = (EventTypes.PowerLevels, "", )
+    """Get the power level required to send an event of a given type
-    send_level_event = auth_events.get(key)
+
-    send_level = None
+    The federation spec [1] refers to this as "Required Power Level".
-    if send_level_event:
+
-        send_level = send_level_event.content.get("events", {}).get(
+    https://matrix.org/docs/spec/server_server/unstable.html#definitions
-            etype
+
-        )
+    Args:
        etype (str): type of event
        state_key (str|None): state_key of state event, or None if it is not
            a state event.
        power_levels_event (synapse.events.EventBase|None): power levels event
            in force at this point in the room
    Returns:
        int: power level required to send this event.
    """
    if power_levels_event:
        power_levels_content = power_levels_event.content
    else:
        power_levels_content = {}
    # see if we have a custom level for this event type
    send_level = power_levels_content.get("events", {}).get(etype)
    # otherwise, fall back to the state_default/events_default.
    if send_level is None:
        if state_key is not None:
-                send_level = send_level_event.content.get(
+            send_level = power_levels_content.get("state_default", 50)
                    "state_default", 50
                )
        else:
-                send_level = send_level_event.content.get(
+            send_level = power_levels_content.get("events_default", 0)
                    "events_default", 0
                )
-    if send_level:
+    return int(send_level)
        send_level = int(send_level)
    else:
        send_level = 0
    return send_level
 def _can_send_event(event, auth_events):
    power_levels_event = _get_power_level_event(auth_events)
    send_level = get_send_level(
-        event.type, event.get("state_key", None), auth_events
+        event.type, event.get("state_key"), power_levels_event,
    )
    user_level = get_user_power_level(event.user_id, auth_events)
@ -524,13 +533,22 @@ def _check_power_levels(event, auth_events):
 def _get_power_level_event(auth_events):
-    key = (EventTypes.PowerLevels, "", )
+    return auth_events.get((EventTypes.PowerLevels, ""))
    return auth_events.get(key)
 def get_user_power_level(user_id, auth_events):
-    power_level_event = _get_power_level_event(auth_events)
+    """Get a user's power level
    Args:
        user_id (str): user's id to look up in power_levels
        auth_events (dict[(str, str), synapse.events.EventBase]):
            state in force at this point in the room (or rather, a subset of
            it including at least the create event and power levels event.
    Returns:
        int: the user's power level in this room.
    """
    power_level_event = _get_power_level_event(auth_events)
    if power_level_event:
        level = power_level_event.content.get("users", {}).get(user_id)
        if not level:
@ -541,6 +559,11 @@ def get_user_power_level(user_id, auth_events):
        else:
            return int(level)
    else:
        # if there is no power levels event, the creator gets 100 and everyone
        # else gets 0.
        # some things which call this don't pass the create event: hack around
        # that.
        key = (EventTypes.Create, "", )
        create_event = auth_events.get(key)
        if (create_event is not None and
--- a/tests/test_event_auth.py
+++ b/tests/test_event_auth.py
@ -0,0 +1,151 @@
 # -*- coding: utf-8 -*-
 # Copyright 2018 New Vector Ltd
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 from synapse import event_auth
 from synapse.api.errors import AuthError
 from synapse.events import FrozenEvent
 import unittest
 class EventAuthTestCase(unittest.TestCase):
    def test_random_users_cannot_send_state_before_first_pl(self):
        """
        Check that, before the first PL lands, the creator is the only user
        that can send a state event.
        """
        creator = "@creator:example.com"
        joiner = "@joiner:example.com"
        auth_events = {
            ("m.room.create", ""): _create_event(creator),
            ("m.room.member", creator): _join_event(creator),
            ("m.room.member", joiner): _join_event(joiner),
        }
        # creator should be able to send state
        event_auth.check(
            _random_state_event(creator), auth_events,
            do_sig_check=False,
        )
        # joiner should not be able to send state
        self.assertRaises(
            AuthError,
            event_auth.check,
            _random_state_event(joiner),
            auth_events,
            do_sig_check=False,
        ),
    def test_state_default_level(self):
        """
        Check that users above the state_default level can send state and
        those below cannot
        """
        creator = "@creator:example.com"
        pleb = "@joiner:example.com"
        king = "@joiner2:example.com"
        auth_events = {
            ("m.room.create", ""): _create_event(creator),
            ("m.room.member", creator): _join_event(creator),
            ("m.room.power_levels", ""): _power_levels_event(creator, {
                "state_default": "30",
                "users": {
                    pleb: "29",
                    king: "30",
                },
            }),
            ("m.room.member", pleb): _join_event(pleb),
            ("m.room.member", king): _join_event(king),
        }
        # pleb should not be able to send state
        self.assertRaises(
            AuthError,
            event_auth.check,
            _random_state_event(pleb),
            auth_events,
            do_sig_check=False,
        ),
        # king should be able to send state
        event_auth.check(
            _random_state_event(king), auth_events,
            do_sig_check=False,
        )
 # helpers for making events
 TEST_ROOM_ID = "!test:room"
 def _create_event(user_id):
    return FrozenEvent({
        "room_id": TEST_ROOM_ID,
        "event_id": _get_event_id(),
        "type": "m.room.create",
        "sender": user_id,
        "content": {
            "creator": user_id,
        },
    })
 def _join_event(user_id):
    return FrozenEvent({
        "room_id": TEST_ROOM_ID,
        "event_id": _get_event_id(),
        "type": "m.room.member",
        "sender": user_id,
        "state_key": user_id,
        "content": {
            "membership": "join",
        },
    })
 def _power_levels_event(sender, content):
    return FrozenEvent({
        "room_id": TEST_ROOM_ID,
        "event_id": _get_event_id(),
        "type": "m.room.power_levels",
        "sender": sender,
        "state_key": "",
        "content": content,
    })
 def _random_state_event(sender):
    return FrozenEvent({
        "room_id": TEST_ROOM_ID,
        "event_id": _get_event_id(),
        "type": "test.state",
        "sender": sender,
        "state_key": "",
        "content": {
            "membership": "join",
        },
    })
 event_count = 0
 def _get_event_id():
    global event_count
    c = event_count
    event_count += 1
    return "!%i:example.com" % (c, )
--- a/tests/test_state.py
+++ b/tests/test_state.py
@ -606,6 +606,14 @@ class StateTestCase(unittest.TestCase):
            }
        )
        power_levels = create_event(
            type=EventTypes.PowerLevels, state_key="",
            content={"users": {
                "@foo:bar": "100",
                "@user_id:example.com": "100",
            }}
        )
        creation = create_event(
            type=EventTypes.Create, state_key="",
            content={"creator": "@foo:bar"}
@ -613,12 +621,14 @@ class StateTestCase(unittest.TestCase):
        old_state_1 = [
            creation,
            power_levels,
            member_event,
            create_event(type="test1", state_key="1", depth=1),
        ]
        old_state_2 = [
            creation,
            power_levels,
            member_event,
            create_event(type="test1", state_key="1", depth=2),
        ]
@ -633,7 +643,7 @@ class StateTestCase(unittest.TestCase):
        )
        self.assertEqual(
-            old_state_2[2].event_id, context.current_state_ids[("test1", "1")]
+            old_state_2[3].event_id, context.current_state_ids[("test1", "1")]
        )
        # Reverse the depth to make sure we are actually using the depths
@ -641,12 +651,14 @@ class StateTestCase(unittest.TestCase):
        old_state_1 = [
            creation,
            power_levels,
            member_event,
            create_event(type="test1", state_key="1", depth=2),
        ]
        old_state_2 = [
            creation,
            power_levels,
            member_event,
            create_event(type="test1", state_key="1", depth=1),
        ]
@ -659,7 +671,7 @@ class StateTestCase(unittest.TestCase):
        )
        self.assertEqual(
-            old_state_1[2].event_id, context.current_state_ids[("test1", "1")]
+            old_state_1[3].event_id, context.current_state_ids[("test1", "1")]
        )
    def _get_context(self, event, prev_event_id_1, old_state_1, prev_event_id_2,