mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2025-04-23 19:29:09 -04:00
Revert "Allow room moderators to view redacted event content"
This reverts commit 2dc2979af597e9a8c8c97d895ef75ff748d77359. The feature was merged to upstream, and merging upstream will be cleaner without this commit here.
This commit is contained in:
Tulir Asokan
parent
ff7bece06f
commit
90c00fb04b
@ -79,8 +79,6 @@ class Codes:
|
||||
UNABLE_AUTHORISE_JOIN = "M_UNABLE_TO_AUTHORISE_JOIN"
|
||||
UNABLE_TO_GRANT_JOIN = "M_UNABLE_TO_GRANT_JOIN"
|
||||
|
||||
UNREDACTED_CONTENT_DELETED = "FI.MAU.MSC2815_UNREDACTED_CONTENT_DELETED"
|
||||
|
||||
|
||||
class CodeMessageException(RuntimeError):
|
||||
"""An exception with integer code and message string attributes.
|
||||
@ -485,22 +483,6 @@ class RequestSendFailed(RuntimeError):
|
||||
self.can_retry = can_retry
|
||||
|
||||
|
||||
class UnredactedContentDeleted(SynapseError):
|
||||
def __init__(self, content_keep_ms: Optional[int] = None):
|
||||
super().__init__(
|
||||
404,
|
||||
"The content for that event has already been erased from the database",
|
||||
errcode=Codes.UNREDACTED_CONTENT_DELETED,
|
||||
)
|
||||
self.content_keep_ms = content_keep_ms
|
||||
|
||||
def error_dict(self) -> "JsonDict":
|
||||
extra = {}
|
||||
if self.content_keep_ms is not None:
|
||||
extra = {"fi.mau.msc2815.content_keep_ms": self.content_keep_ms}
|
||||
return cs_error(self.msg, self.errcode, **extra)
|
||||
|
||||
|
||||
def cs_error(msg: str, code: str = Codes.UNKNOWN, **kwargs: Any) -> "JsonDict":
|
||||
"""Utility method for constructing an error response for client-server
|
||||
interactions.
|
||||
|
||||
@ -21,7 +21,6 @@ from synapse.api.errors import AuthError, SynapseError
|
||||
from synapse.events import EventBase
|
||||
from synapse.events.utils import SerializeEventConfig
|
||||
from synapse.handlers.presence import format_user_presence_state
|
||||
from synapse.storage.databases.main.events_worker import EventRedactBehaviour
|
||||
from synapse.streams.config import PaginationConfig
|
||||
from synapse.types import JsonDict, UserID
|
||||
from synapse.visibility import filter_events_for_client
|
||||
@ -140,11 +139,7 @@ class EventHandler:
|
||||
self.storage = hs.get_storage()
|
||||
|
||||
async def get_event(
|
||||
self,
|
||||
user: UserID,
|
||||
room_id: Optional[str],
|
||||
event_id: str,
|
||||
show_redacted: bool = False,
|
||||
self, user: UserID, room_id: Optional[str], event_id: str
|
||||
) -> Optional[EventBase]:
|
||||
"""Retrieve a single specified event.
|
||||
|
||||
@ -153,7 +148,6 @@ class EventHandler:
|
||||
room_id: The expected room id. We'll return None if the
|
||||
event's room does not match.
|
||||
event_id: The event ID to obtain.
|
||||
show_redacted: Should the full content of redacted events be returned?
|
||||
Returns:
|
||||
An event, or None if there is no event matching this ID.
|
||||
Raises:
|
||||
@ -161,12 +155,7 @@ class EventHandler:
|
||||
AuthError if the user does not have the rights to inspect this
|
||||
event.
|
||||
"""
|
||||
redact_behaviour = (
|
||||
EventRedactBehaviour.AS_IS if show_redacted else EventRedactBehaviour.REDACT
|
||||
)
|
||||
event = await self.store.get_event(
|
||||
event_id, check_room_id=room_id, redact_behaviour=redact_behaviour
|
||||
)
|
||||
event = await self.store.get_event(event_id, check_room_id=room_id)
|
||||
|
||||
if not event:
|
||||
return None
|
||||
|
||||
@ -21,7 +21,6 @@ from urllib import parse as urlparse
|
||||
|
||||
from twisted.web.server import Request
|
||||
|
||||
from synapse import event_auth
|
||||
from synapse.api.constants import EventTypes, Membership
|
||||
from synapse.api.errors import (
|
||||
AuthError,
|
||||
@ -30,7 +29,6 @@ from synapse.api.errors import (
|
||||
MissingClientTokenError,
|
||||
ShadowBanError,
|
||||
SynapseError,
|
||||
UnredactedContentDeleted,
|
||||
)
|
||||
from synapse.api.filtering import Filter
|
||||
from synapse.events.utils import format_event_for_client_v2
|
||||
@ -649,54 +647,18 @@ class RoomEventServlet(RestServlet):
|
||||
super().__init__()
|
||||
self.clock = hs.get_clock()
|
||||
self._store = hs.get_datastores().main
|
||||
self._state = hs.get_state_handler()
|
||||
self.event_handler = hs.get_event_handler()
|
||||
self._event_serializer = hs.get_event_client_serializer()
|
||||
self._relations_handler = hs.get_relations_handler()
|
||||
self.auth = hs.get_auth()
|
||||
self.content_keep_ms = hs.config.server.redaction_retention_period
|
||||
|
||||
async def on_GET(
|
||||
self, request: SynapseRequest, room_id: str, event_id: str
|
||||
) -> Tuple[int, JsonDict]:
|
||||
requester = await self.auth.get_user_by_req(request, allow_guest=True)
|
||||
|
||||
include_unredacted_content = (
|
||||
parse_string(
|
||||
request,
|
||||
"fi.mau.msc2815.include_unredacted_content",
|
||||
allowed_values=("true", "false"),
|
||||
)
|
||||
== "true"
|
||||
)
|
||||
if include_unredacted_content and not await self.auth.is_server_admin(
|
||||
requester.user
|
||||
):
|
||||
power_level_event = await self._state.get_current_state(
|
||||
room_id, EventTypes.PowerLevels, ""
|
||||
)
|
||||
|
||||
auth_events = {}
|
||||
if power_level_event:
|
||||
auth_events[(EventTypes.PowerLevels, "")] = power_level_event
|
||||
|
||||
redact_level = event_auth.get_named_level(auth_events, "redact", 50)
|
||||
user_level = event_auth.get_user_power_level(
|
||||
requester.user.to_string(), auth_events
|
||||
)
|
||||
if user_level < redact_level:
|
||||
raise SynapseError(
|
||||
403,
|
||||
"You don't have permission to view redacted events in this room.",
|
||||
errcode=Codes.FORBIDDEN,
|
||||
)
|
||||
|
||||
try:
|
||||
event = await self.event_handler.get_event(
|
||||
requester.user,
|
||||
room_id,
|
||||
event_id,
|
||||
show_redacted=include_unredacted_content,
|
||||
requester.user, room_id, event_id
|
||||
)
|
||||
except AuthError:
|
||||
# This endpoint is supposed to return a 404 when the requester does
|
||||
@ -705,11 +667,6 @@ class RoomEventServlet(RestServlet):
|
||||
raise SynapseError(404, "Event not found.", errcode=Codes.NOT_FOUND)
|
||||
|
||||
if event:
|
||||
if include_unredacted_content and await self._store.have_censored_event(
|
||||
event_id
|
||||
):
|
||||
raise UnredactedContentDeleted(self.content_keep_ms)
|
||||
|
||||
# Ensure there are bundled aggregations available.
|
||||
aggregations = await self._relations_handler.get_bundled_aggregations(
|
||||
[event], requester.user.to_string()
|
||||
|
||||
@ -303,15 +303,6 @@ class EventsWorkerStore(SQLBaseStore):
|
||||
desc="get_received_ts",
|
||||
)
|
||||
|
||||
async def have_censored_event(self, event_id: str) -> Optional[bool]:
|
||||
return await self.db_pool.simple_select_one_onecol(
|
||||
table="redactions",
|
||||
keyvalues={"redacts": event_id},
|
||||
retcol="have_censored",
|
||||
desc="get_have_censored",
|
||||
allow_none=True,
|
||||
)
|
||||
|
||||
# Inform mypy that if allow_none is False (the default) then get_event
|
||||
# always returns an EventBase.
|
||||
@overload
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user