2018-06-14 14:28:36 +03:00
|
|
|
# Copyright 2018 New Vector Ltd
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
2018-07-09 09:09:20 +03:00
|
|
|
import unittest
|
2021-07-14 16:13:40 +03:00
|
|
|
from typing import Optional
|
2018-07-09 09:09:20 +03:00
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
from parameterized import parameterized
|
|
|
|
|
2018-06-14 14:28:36 +03:00
|
|
|
from synapse import event_auth
|
2021-09-30 18:13:59 +03:00
|
|
|
from synapse.api.constants import EventContentFields
|
2018-06-14 14:28:36 +03:00
|
|
|
from synapse.api.errors import AuthError
|
2022-06-10 12:44:19 +03:00
|
|
|
from synapse.api.room_versions import EventFormatVersions, RoomVersion, RoomVersions
|
2021-07-14 16:13:40 +03:00
|
|
|
from synapse.events import EventBase, make_event_from_dict
|
|
|
|
from synapse.types import JsonDict, get_domain_from_id
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
|
|
|
|
class EventAuthTestCase(unittest.TestCase):
|
2021-10-18 20:28:30 +03:00
|
|
|
def test_rejected_auth_events(self):
|
|
|
|
"""
|
|
|
|
Events that refer to rejected events in their auth events are rejected
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(RoomVersions.V9, creator),
|
|
|
|
_join_event(RoomVersions.V9, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
|
|
|
|
|
|
|
# creator should be able to send state
|
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V9, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# ... but a rejected join_rules event should cause it to be rejected
|
2022-06-10 12:44:19 +03:00
|
|
|
rejected_join_rules = _join_rules_event(
|
|
|
|
RoomVersions.V9,
|
|
|
|
creator,
|
|
|
|
"public",
|
|
|
|
)
|
2021-10-18 20:28:30 +03:00
|
|
|
rejected_join_rules.rejected_reason = "stinky"
|
|
|
|
auth_events.append(rejected_join_rules)
|
|
|
|
|
|
|
|
self.assertRaises(
|
|
|
|
AuthError,
|
|
|
|
event_auth.check_auth_rules_for_event,
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V9, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# ... even if there is *also* a good join rules
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events.append(_join_rules_event(RoomVersions.V9, creator, "public"))
|
2021-10-18 20:28:30 +03:00
|
|
|
|
|
|
|
self.assertRaises(
|
|
|
|
AuthError,
|
|
|
|
event_auth.check_auth_rules_for_event,
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V9, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
2018-06-14 14:28:36 +03:00
|
|
|
def test_random_users_cannot_send_state_before_first_pl(self):
|
|
|
|
"""
|
|
|
|
Check that, before the first PL lands, the creator is the only user
|
|
|
|
that can send a state event.
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
joiner = "@joiner:example.com"
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(RoomVersions.V1, creator),
|
|
|
|
_join_event(RoomVersions.V1, creator),
|
|
|
|
_join_event(RoomVersions.V1, joiner),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
# creator should be able to send state
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V1, creator),
|
2019-05-10 08:12:11 +03:00
|
|
|
auth_events,
|
2019-01-25 21:31:41 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
# joiner should not be able to send state
|
|
|
|
self.assertRaises(
|
|
|
|
AuthError,
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event,
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V1, joiner),
|
2018-06-14 14:28:36 +03:00
|
|
|
auth_events,
|
2020-03-09 15:58:25 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
def test_state_default_level(self):
|
|
|
|
"""
|
|
|
|
Check that users above the state_default level can send state and
|
|
|
|
those below cannot
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
king = "@joiner2:example.com"
|
|
|
|
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(RoomVersions.V1, creator),
|
|
|
|
_join_event(RoomVersions.V1, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
_power_levels_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V1,
|
|
|
|
creator,
|
|
|
|
{"state_default": "30", "users": {pleb: "29", king: "30"}},
|
2018-08-10 16:54:09 +03:00
|
|
|
),
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V1, pleb),
|
|
|
|
_join_event(RoomVersions.V1, king),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
# pleb should not be able to send state
|
|
|
|
self.assertRaises(
|
|
|
|
AuthError,
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event,
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V1, pleb),
|
2018-06-14 14:28:36 +03:00
|
|
|
auth_events,
|
|
|
|
),
|
|
|
|
|
|
|
|
# king should be able to send state
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_random_state_event(RoomVersions.V1, king),
|
2020-01-28 17:18:29 +03:00
|
|
|
auth_events,
|
2019-01-25 21:31:41 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
2020-03-09 15:58:25 +03:00
|
|
|
def test_alias_event(self):
|
|
|
|
"""Alias events have special behavior up through room version 6."""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
other = "@other:example.com"
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(RoomVersions.V1, creator),
|
|
|
|
_join_event(RoomVersions.V1, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
2020-03-09 15:58:25 +03:00
|
|
|
|
|
|
|
# creator should be able to send aliases
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V1, creator),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# Reject an event with no state key.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V1, creator, state_key=""),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# If the domain of the sender does not match the state key, reject.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V1, creator, state_key="test.com"),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# Note that the member does *not* need to be in the room.
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V1, other),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
def test_msc2432_alias_event(self):
|
|
|
|
"""After MSC2432, alias events have no special behavior."""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
other = "@other:example.com"
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(RoomVersions.V6, creator),
|
|
|
|
_join_event(RoomVersions.V6, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
2020-03-09 15:58:25 +03:00
|
|
|
|
|
|
|
# creator should be able to send aliases
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V6, creator),
|
2020-05-15 16:30:10 +03:00
|
|
|
auth_events,
|
2020-03-09 15:58:25 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# No particular checks are done on the state key.
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V6, creator, state_key=""),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V6, creator, state_key="test.com"),
|
2020-03-09 15:58:25 +03:00
|
|
|
auth_events,
|
|
|
|
)
|
|
|
|
|
|
|
|
# Per standard auth rules, the member must be in the room.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_alias_event(RoomVersions.V6, other),
|
2020-05-15 16:30:10 +03:00
|
|
|
auth_events,
|
2020-03-09 15:58:25 +03:00
|
|
|
)
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
@parameterized.expand([(RoomVersions.V1, True), (RoomVersions.V6, False)])
|
|
|
|
def test_notifications(self, room_version: RoomVersion, allow_modification: bool):
|
2020-05-14 19:38:17 +03:00
|
|
|
"""
|
|
|
|
Notifications power levels get checked due to MSC2209.
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events = [
|
2022-06-10 12:44:19 +03:00
|
|
|
_create_event(room_version, creator),
|
|
|
|
_join_event(room_version, creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
_power_levels_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
room_version, creator, {"state_default": "30", "users": {pleb: "30"}}
|
2020-05-14 19:38:17 +03:00
|
|
|
),
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(room_version, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
]
|
2020-05-14 19:38:17 +03:00
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
pl_event = _power_levels_event(
|
|
|
|
room_version, pleb, {"notifications": {"room": 100}}
|
2020-05-14 19:38:17 +03:00
|
|
|
)
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
# on room V1, pleb should be able to modify the notifications power level.
|
|
|
|
if allow_modification:
|
2022-06-10 12:48:25 +03:00
|
|
|
event_auth.check_auth_rules_for_event(pl_event, auth_events)
|
2022-06-10 12:44:19 +03:00
|
|
|
|
|
|
|
else:
|
|
|
|
# But an MSC2209 room rejects this change.
|
|
|
|
with self.assertRaises(AuthError):
|
2022-06-10 12:48:25 +03:00
|
|
|
event_auth.check_auth_rules_for_event(pl_event, auth_events)
|
2020-05-14 19:38:17 +03:00
|
|
|
|
2021-03-31 23:39:08 +03:00
|
|
|
def test_join_rules_public(self):
|
|
|
|
"""
|
|
|
|
Test joining a public room.
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
|
|
|
|
auth_events = {
|
2022-06-10 12:44:19 +03:00
|
|
|
("m.room.create", ""): _create_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.member", creator): _join_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.join_rules", ""): _join_rules_event(
|
|
|
|
RoomVersions.V6, creator, "public"
|
|
|
|
),
|
2021-03-31 23:39:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
# Check join.
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user cannot be force-joined to a room.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_member_event(RoomVersions.V6, pleb, "join", sender=creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# Banned should be rejected.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "ban"
|
|
|
|
)
|
2021-03-31 23:39:08 +03:00
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user who left can re-join.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "leave"
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user can send a join if they're in the room.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "join"
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user can accept an invite.
|
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V6, pleb, "invite", sender=creator
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
def test_join_rules_invite(self):
|
|
|
|
"""
|
|
|
|
Test joining an invite only room.
|
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
|
|
|
|
auth_events = {
|
2022-06-10 12:44:19 +03:00
|
|
|
("m.room.create", ""): _create_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.member", creator): _join_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.join_rules", ""): _join_rules_event(
|
|
|
|
RoomVersions.V6, creator, "invite"
|
|
|
|
),
|
2021-03-31 23:39:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
# A join without an invite is rejected.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user cannot be force-joined to a room.
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_member_event(RoomVersions.V6, pleb, "join", sender=creator),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# Banned should be rejected.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "ban"
|
|
|
|
)
|
2021-03-31 23:39:08 +03:00
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user who left cannot re-join.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "leave"
|
|
|
|
)
|
2021-03-31 23:39:08 +03:00
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user can send a join if they're in the room.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V6, pleb, "join"
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user can accept an invite.
|
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V6, pleb, "invite", sender=creator
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V6, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def test_join_rules_restricted_old_room(self) -> None:
|
|
|
|
"""Old room versions should reject joins to restricted rooms"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
|
|
|
|
auth_events = {
|
|
|
|
("m.room.create", ""): _create_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.member", creator): _join_event(RoomVersions.V6, creator),
|
|
|
|
("m.room.power_levels", ""): _power_levels_event(
|
|
|
|
RoomVersions.V6, creator, {"invite": 0}
|
|
|
|
),
|
|
|
|
("m.room.join_rules", ""): _join_rules_event(
|
|
|
|
RoomVersions.V6, creator, "restricted"
|
|
|
|
),
|
|
|
|
}
|
|
|
|
|
|
|
|
with self.assertRaises(AuthError):
|
|
|
|
event_auth.check_auth_rules_for_event(
|
|
|
|
_join_event(RoomVersions.V6, pleb),
|
|
|
|
auth_events.values(),
|
|
|
|
)
|
|
|
|
|
|
|
|
def test_join_rules_msc3083_restricted(self) -> None:
|
2021-03-31 23:39:08 +03:00
|
|
|
"""
|
|
|
|
Test joining a restricted room from MSC3083.
|
|
|
|
|
2021-07-26 19:17:00 +03:00
|
|
|
This is similar to the public test, but has some additional checks on
|
|
|
|
signatures.
|
|
|
|
|
|
|
|
The checks which care about signatures fake them by simply adding an
|
|
|
|
object of the proper form, not generating valid signatures.
|
2021-03-31 23:39:08 +03:00
|
|
|
"""
|
|
|
|
creator = "@creator:example.com"
|
|
|
|
pleb = "@joiner:example.com"
|
|
|
|
|
|
|
|
auth_events = {
|
2022-06-10 12:44:19 +03:00
|
|
|
("m.room.create", ""): _create_event(RoomVersions.V8, creator),
|
|
|
|
("m.room.member", creator): _join_event(RoomVersions.V8, creator),
|
|
|
|
("m.room.power_levels", ""): _power_levels_event(
|
|
|
|
RoomVersions.V8, creator, {"invite": 0}
|
|
|
|
),
|
|
|
|
("m.room.join_rules", ""): _join_rules_event(
|
|
|
|
RoomVersions.V8, creator, "restricted"
|
|
|
|
),
|
2021-03-31 23:39:08 +03:00
|
|
|
}
|
|
|
|
|
2021-07-26 19:17:00 +03:00
|
|
|
# A properly formatted join event should work.
|
|
|
|
authorised_join_event = _join_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
2021-07-26 19:17:00 +03:00
|
|
|
pleb,
|
|
|
|
additional_content={
|
2021-09-30 18:13:59 +03:00
|
|
|
EventContentFields.AUTHORISING_USER: "@creator:example.com"
|
2021-07-26 19:17:00 +03:00
|
|
|
},
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
authorised_join_event,
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
2021-07-26 19:17:00 +03:00
|
|
|
# A join issued by a specific user works (i.e. the power level checks
|
|
|
|
# are done properly).
|
|
|
|
pl_auth_events = auth_events.copy()
|
|
|
|
pl_auth_events[("m.room.power_levels", "")] = _power_levels_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
|
|
|
creator,
|
|
|
|
{"invite": 100, "users": {"@inviter:foo.test": 150}},
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
|
|
|
pl_auth_events[("m.room.member", "@inviter:foo.test")] = _join_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8, "@inviter:foo.test"
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
_join_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
2021-07-26 19:17:00 +03:00
|
|
|
pleb,
|
|
|
|
additional_content={
|
2021-09-30 18:13:59 +03:00
|
|
|
EventContentFields.AUTHORISING_USER: "@inviter:foo.test"
|
2021-07-26 19:17:00 +03:00
|
|
|
},
|
|
|
|
),
|
2021-10-18 20:28:30 +03:00
|
|
|
pl_auth_events.values(),
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A join which is missing an authorised server is rejected.
|
2021-03-31 23:39:08 +03:00
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V8, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# An join authorised by a user who is not in the room is rejected.
|
|
|
|
pl_auth_events = auth_events.copy()
|
|
|
|
pl_auth_events[("m.room.power_levels", "")] = _power_levels_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
|
|
|
creator,
|
|
|
|
{"invite": 100, "users": {"@other:example.com": 150}},
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
_join_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
2021-07-26 19:17:00 +03:00
|
|
|
pleb,
|
|
|
|
additional_content={
|
2021-09-30 18:13:59 +03:00
|
|
|
EventContentFields.AUTHORISING_USER: "@other:example.com"
|
2021-07-26 19:17:00 +03:00
|
|
|
},
|
|
|
|
),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-07-26 19:17:00 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user cannot be force-joined to a room. (This uses an event which
|
|
|
|
# *would* be valid, but is sent be a different user.)
|
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
_member_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8,
|
2021-07-26 19:17:00 +03:00
|
|
|
pleb,
|
|
|
|
"join",
|
|
|
|
sender=creator,
|
|
|
|
additional_content={
|
2021-09-30 18:13:59 +03:00
|
|
|
EventContentFields.AUTHORISING_USER: "@inviter:foo.test"
|
2021-07-26 19:17:00 +03:00
|
|
|
},
|
|
|
|
),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# Banned should be rejected.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V8, pleb, "ban"
|
|
|
|
)
|
2021-03-31 23:39:08 +03:00
|
|
|
with self.assertRaises(AuthError):
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
authorised_join_event,
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# A user who left can re-join.
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V8, pleb, "leave"
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2021-07-26 19:17:00 +03:00
|
|
|
authorised_join_event,
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
2021-07-26 19:17:00 +03:00
|
|
|
# A user can send a join if they're in the room. (This doesn't need to
|
|
|
|
# be authorised since the user is already joined.)
|
2022-06-10 12:44:19 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
|
|
|
RoomVersions.V8, pleb, "join"
|
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V8, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
2021-07-26 19:17:00 +03:00
|
|
|
# A user can accept an invite. (This doesn't need to be authorised since
|
|
|
|
# the user was invited.)
|
2021-03-31 23:39:08 +03:00
|
|
|
auth_events[("m.room.member", pleb)] = _member_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
RoomVersions.V8, pleb, "invite", sender=creator
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
Split `event_auth.check` into two parts (#10940)
Broadly, the existing `event_auth.check` function has two parts:
* a validation section: checks that the event isn't too big, that it has the rught signatures, etc.
This bit is independent of the rest of the state in the room, and so need only be done once
for each event.
* an auth section: ensures that the event is allowed, given the rest of the state in the room.
This gets done multiple times, against various sets of room state, because it forms part of
the state res algorithm.
Currently, this is implemented with `do_sig_check` and `do_size_check` parameters, but I think
that makes everything hard to follow. Instead, we split the function in two and call each part
separately where it is needed.
2021-09-29 20:59:15 +03:00
|
|
|
event_auth.check_auth_rules_for_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
_join_event(RoomVersions.V8, pleb),
|
2021-10-18 20:28:30 +03:00
|
|
|
auth_events.values(),
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
# helpers for making events
|
|
|
|
|
|
|
|
TEST_ROOM_ID = "!test:room"
|
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _create_event(
|
|
|
|
room_version: RoomVersion,
|
|
|
|
user_id: str,
|
|
|
|
) -> EventBase:
|
2020-02-07 18:30:04 +03:00
|
|
|
return make_event_from_dict(
|
2018-08-10 16:54:09 +03:00
|
|
|
{
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2018-08-10 16:54:09 +03:00
|
|
|
"type": "m.room.create",
|
2021-10-18 20:28:30 +03:00
|
|
|
"state_key": "",
|
2018-08-10 16:54:09 +03:00
|
|
|
"sender": user_id,
|
|
|
|
"content": {"creator": user_id},
|
2022-06-10 12:44:19 +03:00
|
|
|
},
|
|
|
|
room_version=room_version,
|
2018-08-10 16:54:09 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
|
2021-07-14 16:13:40 +03:00
|
|
|
def _member_event(
|
2022-06-10 12:44:19 +03:00
|
|
|
room_version: RoomVersion,
|
2021-07-26 19:17:00 +03:00
|
|
|
user_id: str,
|
|
|
|
membership: str,
|
|
|
|
sender: Optional[str] = None,
|
|
|
|
additional_content: Optional[dict] = None,
|
2021-07-14 16:13:40 +03:00
|
|
|
) -> EventBase:
|
2020-02-07 18:30:04 +03:00
|
|
|
return make_event_from_dict(
|
2018-08-10 16:54:09 +03:00
|
|
|
{
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2018-08-10 16:54:09 +03:00
|
|
|
"type": "m.room.member",
|
2021-03-31 23:39:08 +03:00
|
|
|
"sender": sender or user_id,
|
2018-08-10 16:54:09 +03:00
|
|
|
"state_key": user_id,
|
2021-07-26 19:17:00 +03:00
|
|
|
"content": {"membership": membership, **(additional_content or {})},
|
2021-03-31 23:39:08 +03:00
|
|
|
"prev_events": [],
|
2022-06-10 12:44:19 +03:00
|
|
|
},
|
|
|
|
room_version=room_version,
|
2018-08-10 16:54:09 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _join_event(
|
|
|
|
room_version: RoomVersion,
|
|
|
|
user_id: str,
|
|
|
|
additional_content: Optional[dict] = None,
|
|
|
|
) -> EventBase:
|
|
|
|
return _member_event(
|
|
|
|
room_version,
|
|
|
|
user_id,
|
|
|
|
"join",
|
|
|
|
additional_content=additional_content,
|
|
|
|
)
|
2021-03-31 23:39:08 +03:00
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _power_levels_event(
|
|
|
|
room_version: RoomVersion,
|
|
|
|
sender: str,
|
|
|
|
content: JsonDict,
|
|
|
|
) -> EventBase:
|
2020-02-07 18:30:04 +03:00
|
|
|
return make_event_from_dict(
|
2018-08-10 16:54:09 +03:00
|
|
|
{
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2018-08-10 16:54:09 +03:00
|
|
|
"type": "m.room.power_levels",
|
|
|
|
"sender": sender,
|
|
|
|
"state_key": "",
|
|
|
|
"content": content,
|
2022-06-10 12:44:19 +03:00
|
|
|
},
|
|
|
|
room_version=room_version,
|
2018-08-10 16:54:09 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _alias_event(room_version: RoomVersion, sender: str, **kwargs) -> EventBase:
|
2020-03-09 15:58:25 +03:00
|
|
|
data = {
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2020-03-09 15:58:25 +03:00
|
|
|
"type": "m.room.aliases",
|
|
|
|
"sender": sender,
|
|
|
|
"state_key": get_domain_from_id(sender),
|
|
|
|
"content": {"aliases": []},
|
|
|
|
}
|
|
|
|
data.update(**kwargs)
|
2022-06-10 12:44:19 +03:00
|
|
|
return make_event_from_dict(data, room_version=room_version)
|
2020-03-09 15:58:25 +03:00
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _random_state_event(room_version: RoomVersion, sender: str) -> EventBase:
|
2020-02-07 18:30:04 +03:00
|
|
|
return make_event_from_dict(
|
2018-08-10 16:54:09 +03:00
|
|
|
{
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2018-08-10 16:54:09 +03:00
|
|
|
"type": "test.state",
|
|
|
|
"sender": sender,
|
|
|
|
"state_key": "",
|
|
|
|
"content": {"membership": "join"},
|
2022-06-10 12:44:19 +03:00
|
|
|
},
|
|
|
|
room_version=room_version,
|
2018-08-10 16:54:09 +03:00
|
|
|
)
|
2018-06-14 14:28:36 +03:00
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _join_rules_event(
|
|
|
|
room_version: RoomVersion, sender: str, join_rule: str
|
|
|
|
) -> EventBase:
|
2021-03-31 23:39:08 +03:00
|
|
|
return make_event_from_dict(
|
|
|
|
{
|
|
|
|
"room_id": TEST_ROOM_ID,
|
2022-06-10 12:44:19 +03:00
|
|
|
**_maybe_get_event_id_dict_for_room_version(room_version),
|
2021-03-31 23:39:08 +03:00
|
|
|
"type": "m.room.join_rules",
|
|
|
|
"sender": sender,
|
|
|
|
"state_key": "",
|
|
|
|
"content": {
|
|
|
|
"join_rule": join_rule,
|
|
|
|
},
|
2022-06-10 12:44:19 +03:00
|
|
|
},
|
|
|
|
room_version=room_version,
|
2021-03-31 23:39:08 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
|
2018-06-14 14:28:36 +03:00
|
|
|
event_count = 0
|
|
|
|
|
|
|
|
|
2022-06-10 12:44:19 +03:00
|
|
|
def _maybe_get_event_id_dict_for_room_version(room_version: RoomVersion) -> dict:
|
|
|
|
"""If this room version needs it, generate an event id"""
|
|
|
|
if room_version.event_format != EventFormatVersions.V1:
|
|
|
|
return {}
|
|
|
|
|
2018-06-14 14:28:36 +03:00
|
|
|
global event_count
|
|
|
|
c = event_count
|
|
|
|
event_count += 1
|
2022-06-10 12:44:19 +03:00
|
|
|
return {"event_id": "!%i:example.com" % (c,)}
|