Commit Graph

11258 Commits

Author SHA1 Message Date
Richard van der Hoff
50d9d97408
Merge pull request #3642 from matrix-org/rav/another_room_id_check
Check room visibility for /event/ requests
2018-08-02 15:21:59 +01:00
Richard van der Hoff
8cefc690c9 changelogs 2018-08-02 15:11:19 +01:00
Richard van der Hoff
0bf5ec0db7 Check room visibility for /event/ requests
Make sure that the user has permission to view the requeseted event for
/event/{eventId} and /room/{roomId}/event/{eventId} requests.

Also check that the event is in the given room for
/room/{roomId}/event/{eventId}, for sanity.
2018-08-02 15:03:27 +01:00
Richard van der Hoff
a937497cf5
Merge pull request #3641 from matrix-org/rav/room_id_check
Validation for events/rooms in fed requests
2018-08-02 14:22:05 +01:00
Richard van der Hoff
a013404292 changelog 2018-08-02 14:00:29 +01:00
Richard van der Hoff
14fa9d4d92 Avoid extra db lookups
Since we're about to look up the events themselves anyway, we can skip the
extra db queries here.
2018-08-02 13:55:51 +01:00
Richard van der Hoff
0a65450d04 Validation for events/rooms in fed requests
When we get a federation request which refers to an event id, make sure that
said event is in the room the caller claims it is in.

(patch supplied by @turt2live)
2018-08-02 13:48:40 +01:00
Richard van der Hoff
6284f579bf Update r0.33.0 release notes
(mostly just clarifications)
2018-07-19 12:37:55 +01:00
Amber Brown
d69decd5c7 0.33.0 final changelog 2018-07-19 21:12:15 +10:00
Amber Brown
38f53399a2 0.33 final 2018-07-19 21:11:40 +10:00
Amber Brown
13d501c773 update changelogs 2018-07-19 21:11:24 +10:00
Amber Brown
ce0545eca1 Revert "0.33.0rc1 changelog"
This reverts commit 21d3b87943.
2018-07-19 21:03:15 +10:00
Richard van der Hoff
2de3d994f3
Merge pull request #3561 from matrix-org/rav/disable_logcontext_warning
Disable logcontext warning
2018-07-19 11:05:57 +01:00
Richard van der Hoff
18a2b2c0b4 changelog 2018-07-19 10:54:39 +01:00
Richard van der Hoff
00bc979137 Disable logcontext warning
Temporary workaround to #3518 while we release 0.33.0.
2018-07-19 10:51:15 +01:00
Amber Brown
21d3b87943 0.33.0rc1 changelog 2018-07-18 12:53:32 +10:00
Amber Brown
5f3d02f6eb bump to 0.33.0rc1 2018-07-18 12:52:56 +10:00
Richard van der Hoff
0aed3fc346
Merge pull request #3546 from matrix-org/rav/fix_erasure_over_federation
Fix visibility of events from erased users over federation
2018-07-17 15:16:45 +01:00
Richard van der Hoff
79eb339c66 add a comment 2018-07-17 14:53:34 +01:00
Richard van der Hoff
4a11df5b64 changelog 2018-07-17 14:24:29 +01:00
Richard van der Hoff
d897be6a98 Fix visibility of events from erased users over federation 2018-07-17 14:02:07 +01:00
Richard van der Hoff
9c04b4abf9
Merge pull request #3541 from matrix-org/rav/optimize_filter_events_for_server
Refactor and optimze filter_events_for_server
2018-07-17 14:01:39 +01:00
Richard van der Hoff
94440ae994 fix imports 2018-07-17 11:51:26 +01:00
Amber Brown
bc006b3c9d
Refactor REST API tests to use explicit reactors (#3351) 2018-07-17 20:43:18 +10:00
Erik Johnston
c7320a5564
Merge pull request #3544 from matrix-org/erikj/fixup_stream_cache
Fix perf regression in PR #3530
2018-07-17 11:16:59 +01:00
Richard van der Hoff
2172a3d8cb add a comment 2018-07-17 11:13:57 +01:00
Erik Johnston
b2aa05a8d6 Use efficient .intersection 2018-07-17 11:07:04 +01:00
Erik Johnston
850238b4ef Add unit test 2018-07-17 10:59:02 +01:00
Erik Johnston
9952d18e4d Newsfile 2018-07-17 10:31:51 +01:00
Erik Johnston
547b1355d3 Fix perf regression in PR #3530
The get_entities_changed function was changed to return all changed
entities since the given stream position, rather than only those changed
from a given list of entities. This resulted in the function incorrectly
returning large numbers of entities that, for example, caused large
increases in database usage.
2018-07-17 10:27:51 +01:00
Amber Brown
3fe0938b76
Merge pull request #3530 from matrix-org/erikj/stream_cache
Don't return unknown entities in get_entities_changed
2018-07-17 13:44:46 +10:00
Amber Brown
fe10dd9fb2
Merge pull request #3540 from krombel/enforce_isort
check isort by travis
2018-07-17 13:41:59 +10:00
Krombel
9677b1d1c0 rename 'isort' to 'check_isort' as requested 2018-07-16 16:03:41 +02:00
Richard van der Hoff
2731bf7ac3 Changelog 2018-07-16 14:12:25 +01:00
Richard van der Hoff
09e29fb58b Attempt to make _filter_events_for_server more efficient 2018-07-16 14:06:09 +01:00
Richard van der Hoff
15b13b537f Add a test which profiles filter_events_for_server in a large room 2018-07-16 14:06:09 +01:00
Krombel
78a9ddcf9a rerun isort with latest version 2018-07-16 14:23:25 +02:00
Richard van der Hoff
ea69d35651 Move filter_events_for_server out of FederationHandler
for easier unit testing.
2018-07-16 13:06:24 +01:00
Krombel
4a27000548 check isort by travis 2018-07-16 13:57:33 +02:00
Amber Brown
8a4f05fefb
Fix develop because I broke it :( (#3535) 2018-07-14 09:51:00 +10:00
Amber Brown
8532953c04
Merge pull request #3534 from krombel/use_parse_and_asserts_from_servlet
Use parse and asserts from http.servlet
2018-07-14 09:09:19 +10:00
Amber Brown
a2374b2c7f
fix sytests 2018-07-14 07:52:58 +10:00
Amber Brown
33b60c01b5
Make auth & transactions more testable (#3499) 2018-07-14 07:34:49 +10:00
Krombel
516f960ad8 add changelog 2018-07-13 22:19:19 +02:00
Krombel
3366b9c534 rename assert_params_in_request to assert_params_in_dict
the method "assert_params_in_request" does handle dicts and not
requests. A request body has to be parsed to json before this method
can be used
2018-07-13 21:53:01 +02:00
Krombel
32fd6910d0 Use parse_{int,str} and assert from http.servlet
parse_integer and parse_string can take a request and raise errors
in case we have wrong or missing params.
This PR tries to use them more to deduplicate some code and make it
better readable
2018-07-13 21:40:14 +02:00
Erik Johnston
bc832f822f Fixup unit test 2018-07-13 17:03:04 +01:00
Richard van der Hoff
2aba1f549c
Merge pull request #3533 from matrix-org/rav/fix_federation_ratelimite_queue
Make FederationRateLimiter queue requests properly
2018-07-13 16:59:18 +01:00
Richard van der Hoff
08546be40f better changelog 2018-07-13 16:47:13 +01:00
Richard van der Hoff
b03a0e14db changelog 2018-07-13 16:28:28 +01:00