Commit Graph

21 Commits

Author SHA1 Message Date
Shay
847e2393f3
Prepatory work for adding power level event to batched events () 2022-10-18 09:58:47 -07:00
reivilibre
c06b2b7142
Faster Remote Room Joins: tell remote homeservers that we are unable to authorise them if they query a room which has partial state on our server. () 2022-09-23 11:47:16 +01:00
Eric Eastwood
c807b814ae
Use dedicated get_local_users_in_room to find local users when calculating join_authorised_via_users_server of a /make_join request ()
Use dedicated `get_local_users_in_room` to find local users when calculating `join_authorised_via_users_server` ("the authorising user for joining a restricted room") of a `/make_join` request.

Found while working on https://github.com/matrix-org/synapse/pull/13575#discussion_r953023755 but it's not related.
2022-08-24 11:14:28 -05:00
Richard van der Hoff
8ecf6be1e1
Move some event auth checks out to a different method ()
* Add auth events to events used in tests

* Move some event auth checks out to a different method

Some of the event auth checks apply to an event's auth_events, rather than the
state at the event - which means they can play no part in state
resolution. Move them out to a separate method.

* Rename check_auth_rules_for_event

Now it only checks the state-dependent auth rules, it needs a better name.
2022-06-15 19:48:22 +01:00
Richard van der Hoff
c1b28b8842 Remove redundant room_version param from check_auth_rules_from_context
It's now implied by the room_version property on the event.
2022-06-12 23:13:10 +01:00
Richard van der Hoff
0d9d36b15c Remove room_version param from check_auth_rules_for_event
Instead, use the `room_version` property of the event we're checking.

The `room_version` was originally added as a parameter somewhere around ,
but really it's been redundant since  added a `room_version` field to `EventBase`.
2022-06-12 23:13:10 +01:00
Travis Ralston
942c30b16b
Add a new room version for MSC3787's knock+restricted join rule () 2022-05-17 10:41:39 +00:00
Richard van der Hoff
e24ff8ebe3
Remove HomeServer.get_datastore() ()
The presence of this method was confusing, and mostly present for backwards
compatibility. Let's get rid of it.

Part of 
2022-02-23 11:04:02 +00:00
Richard van der Hoff
a5d2ea3d08
Check *all* auth events for room id and rejection ()
This fixes a bug where we would accept an event whose `auth_events` include
rejected events, if the rejected event was shadowed by another `auth_event`
with same `(type, state_key)`.

The approach is to pass a list of auth events into
`check_auth_rules_for_event` instead of a dict, which of course means updating
the call sites.

This is an extension of .
2021-10-18 18:28:30 +01:00
Richard van der Hoff
428174f902
Split event_auth.check into two parts ()
Broadly, the existing `event_auth.check` function has two parts:
 * a validation section: checks that the event isn't too big, that it has the rught signatures, etc. 
   This bit is independent of the rest of the state in the room, and so need only be done once 
   for each event.
 * an auth section: ensures that the event is allowed, given the rest of the state in the room.
   This gets done multiple times, against various sets of room state, because it forms part of
   the state res algorithm.

Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 18:59:15 +01:00
Patrick Cloke
b3590614da
Require type hints in the handlers module. ()
Adds missing type hints to methods in the synapse.handlers
module and requires all methods to have type hints there.

This also removes the unused construct_auth_difference method
from the FederationHandler.
2021-09-20 08:56:23 -04:00
Patrick Cloke
2ae2a04616
Clarify error message when joining a restricted room. () 2021-08-11 14:31:39 -04:00
Patrick Cloke
0c246dd4a0
Support MSC3289: Room version 8 ()
This adds support for MSC3289: room version 8. This is room version 7 + MSC3083.
2021-08-09 10:46:39 +02:00
Patrick Cloke
228decfce1
Update the MSC3083 support to verify if joins are from an authorized server. () 2021-07-26 12:17:00 -04:00
Patrick Cloke
8d609435c0
Move methods involving event authentication to EventAuthHandler. ()
Instead of mixing them with user authentication methods.
2021-07-01 14:25:37 -04:00
Patrick Cloke
8c97d5863f
Update MSC3083 support per changes in the MSC. ()
Adds a "type" field and generalize "space" to "room_id".
2021-06-17 12:53:27 -04:00
Patrick Cloke
551d2c3f4b
Allow a user who could join a restricted room to see it in spaces summary. ()
This finishes up the experimental implementation of MSC3083 by showing
the restricted rooms in the spaces summary (from MSC2946).
2021-05-20 11:10:36 -04:00
Patrick Cloke
ac6bfcd52f
Refactor checking restricted join rules ()
To be more consistent with similar code. The check now automatically
raises an AuthError instead of passing back a boolean. It also absorbs
some shared logic between callers.
2021-05-18 12:17:04 -04:00
Patrick Cloke
d924827da1
Check for space membership during a remote join of a restricted room ()
When receiving a /send_join request for a room with join rules set to 'restricted',
check if the user is a member of the spaces defined in the 'allow' key of the join rules.

This only applies to an experimental room version, as defined in MSC3083.
2021-04-23 07:05:51 -04:00
Patrick Cloke
e8816c6ace Revert "Check for space membership during a remote join of a restricted room. ()"
This reverts commit cc51aaaa7a.

The PR was prematurely merged and not yet approved.
2021-04-14 12:33:37 -04:00
Patrick Cloke
cc51aaaa7a
Check for space membership during a remote join of a restricted room. ()
When receiving a /send_join request for a room with join rules set to 'restricted',
check if the user is a member of the spaces defined in the 'allow' key of the join
rules.
    
This only applies to an experimental room version, as defined in MSC3083.
2021-04-14 12:32:20 -04:00