mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-26 19:47:05 +03:00
Prevent user IDs in AS namespaces being created/deleted by humans.
This commit is contained in:
parent
e9484d6a95
commit
cab4c73088
1 changed files with 16 additions and 0 deletions
|
@ -65,6 +65,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
user = UserID(localpart, self.hs.hostname)
|
user = UserID(localpart, self.hs.hostname)
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
|
|
||||||
|
yield self.check_user_id_is_valid(user_id)
|
||||||
|
|
||||||
token = self._generate_token(user_id)
|
token = self._generate_token(user_id)
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
|
@ -83,6 +85,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
localpart = self._generate_user_id()
|
localpart = self._generate_user_id()
|
||||||
user = UserID(localpart, self.hs.hostname)
|
user = UserID(localpart, self.hs.hostname)
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
|
yield self.check_user_id_is_valid(user_id)
|
||||||
|
|
||||||
token = self._generate_token(user_id)
|
token = self._generate_token(user_id)
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
|
@ -148,6 +151,19 @@ class RegistrationHandler(BaseHandler):
|
||||||
# XXX: This should be a deferred list, shouldn't it?
|
# XXX: This should be a deferred list, shouldn't it?
|
||||||
yield self._bind_threepid(c, user_id)
|
yield self._bind_threepid(c, user_id)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def check_user_id_is_valid(self, user_id):
|
||||||
|
# valid user IDs must not clash with any user ID namespaces claimed by
|
||||||
|
# application services.
|
||||||
|
services = yield self.store.get_app_services()
|
||||||
|
interested_services = [
|
||||||
|
s for s in services if s.is_interested_in_user(user_id)
|
||||||
|
]
|
||||||
|
if len(interested_services) > 0:
|
||||||
|
raise SynapseError(
|
||||||
|
400, "This user ID is reserved by an application service."
|
||||||
|
)
|
||||||
|
|
||||||
def _generate_token(self, user_id):
|
def _generate_token(self, user_id):
|
||||||
# urlsafe variant uses _ and - so use . as the separator and replace
|
# urlsafe variant uses _ and - so use . as the separator and replace
|
||||||
# all =s with .s so http clients don't quote =s when it is used as
|
# all =s with .s so http clients don't quote =s when it is used as
|
||||||
|
|
Loading…
Reference in a new issue