enforce auth for capabilities endpoint

This commit is contained in:
Neil Johnson 2019-01-29 11:37:56 +00:00
parent 327b992e17
commit a124025dab
2 changed files with 36 additions and 14 deletions

View file

@ -12,6 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
from twisted.internet import defer
from synapse.http.servlet import RestServlet from synapse.http.servlet import RestServlet
@ -28,20 +29,26 @@ class CapabilitiesRestServlet(RestServlet):
""" """
super(CapabilitiesRestServlet, self).__init__() super(CapabilitiesRestServlet, self).__init__()
self.hs = hs self.hs = hs
self.auth = hs.get_auth()
@defer.inlineCallbacks
def on_GET(self, request): def on_GET(self, request):
return 200, {
"capabilities": { yield self.auth.get_user_by_req(request, allow_guest=True)
"m.room_versions": { defer.returnValue(
"default": "1", (200, {
"available": { "capabilities": {
"1": "stable", "m.room_versions": {
"2": "stable", "default": "1",
"state-v2-test": "unstable", "available": {
"1": "stable",
"2": "stable",
"state-v2-test": "unstable",
}
} }
} }
} })
} )
def register_servlets(hs, http_server): def register_servlets(hs, http_server):

View file

@ -14,23 +14,38 @@
# limitations under the License. # limitations under the License.
from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS
from synapse.rest.client.v2_alpha.capabilities import register_servlets from synapse.rest.client.v2_alpha import capabilities
from synapse.rest.client.v1 import login, admin
from tests import unittest from tests import unittest
class CapabilitiesTestCase(unittest.HomeserverTestCase): class CapabilitiesTestCase(unittest.HomeserverTestCase):
servlets = [register_servlets]
servlets = [
admin.register_servlets,
capabilities.register_servlets,
login.register_servlets,
]
def make_homeserver(self, reactor, clock): def make_homeserver(self, reactor, clock):
self.url = b"/_matrix/client/r0/capabilities" self.url = b"/_matrix/client/r0/capabilities"
hs = self.setup_test_homeserver() hs = self.setup_test_homeserver()
return hs return hs
def test_get_room_version_capabilities(self): def test_check_auth_required(self):
request, channel = self.make_request("GET", self.url) request, channel = self.make_request("GET", self.url)
self.render(request) self.render(request)
self.assertEqual(channel.code, 401)
def test_get_room_version_capabilities(self):
self.register_user("user", "pass")
access_token = self.login("user", "pass")
request, channel = self.make_request("GET", self.url, access_token=access_token)
self.render(request)
capabilities = channel.json_body['capabilities'] capabilities = channel.json_body['capabilities']
self.assertEqual(channel.code, 200) self.assertEqual(channel.code, 200)
for room_version in capabilities['m.room_versions']['available'].keys(): for room_version in capabilities['m.room_versions']['available'].keys():
self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version) self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version)