synapse/tests/rest/client
Grant McLean 5c24d7b9eb
Check required power levels earlier in createRoom handler. (#15695)
* Check required power levels earlier in createRoom handler.

- If a server was configured to reject the creation of rooms with E2EE
  enabled (by specifying an unattainably high power level for
  "m.room.encryption" in default_power_level_content_override), the 403
  error was not being triggered until after the room was created and
  before the "m.room.power_levels" was sent.  This allowed a user to
  access the partially-configured room and complete the setup of E2EE
  and power levels manually.

- This change causes the power level overrides to be checked earlier and
  the request to be rejected before the user gains access to the room.

- A new `_validate_room_config` method is added to contain checks that
  should be run before a room is created.

- The new test case confirms that a user request is rejected by the new
  validation method.

Signed-off-by: Grant McLean <grant@catalyst.net.nz>

* Add a changelog file.

* Formatting fix for black.

* Remove unneeded line from test.

---------

Signed-off-by: Grant McLean <grant@catalyst.net.nz>
2023-06-07 16:21:25 +01:00
..
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_account.py Delete server-side backup keys when deactivating an account. (#15181) 2023-04-04 20:16:08 +00:00
test_account_data.py Add a module callback to react to account data changes (#12327) 2022-04-01 11:22:48 +02:00
test_auth.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_capabilities.py Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388) 2023-06-01 08:52:51 -04:00
test_consent.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_devices.py Fix dehydrated device REST checks (#14336) 2022-10-31 20:31:43 +00:00
test_directory.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_ephemeral_message.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_events.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_filter.py N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
test_identity.py Drop support for calling /_matrix/client/v3/rooms/{roomId}/invite without an id_access_token (#13241) 2022-08-31 12:10:25 +00:00
test_keys.py Implementation of MSC3967: Don't require UIA for initial upload of cross signing keys (#15077) 2023-03-02 10:34:59 +00:00
test_login.py Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388) 2023-06-01 08:52:51 -04:00
test_login_token_request.py Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388) 2023-06-01 08:52:51 -04:00
test_models.py A third batch of Pydantic validation for rest/client/account.py (#13736) 2022-09-15 18:36:02 +01:00
test_mutual_rooms.py Update Mutual Rooms (MSC2666) implementation (#15621) 2023-05-18 12:49:12 -04:00
test_notifications.py Fix invite notifications for users without pushers (#12840) 2022-05-30 13:14:43 +02:00
test_password_policy.py Remove unnecessary json.dumps from tests (#13303) 2022-07-17 22:28:45 +01:00
test_power_levels.py Add type hints to tests/rest/client (#12072) 2022-02-24 13:56:38 -05:00
test_presence.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_profile.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_push_rule_attrs.py Add type hints to tests/rest/client (#12084) 2022-02-28 17:47:37 +00:00
test_read_marker.py Handle missing previous read marker event. (#15464) 2023-05-18 14:37:31 -04:00
test_receipts.py Reject receipt requests with invalid room or event IDs. (#14632) 2022-12-07 17:35:41 +00:00
test_redactions.py Add a catch-all * to the supported relation types when redacting (#15705) 2023-06-02 13:13:50 +00:00
test_register.py Revert pruning of old devices (#15360) 2023-03-31 13:51:51 +01:00
test_relations.py Initial implementation of MSC3981: recursive relations API (#15315) 2023-05-02 07:59:55 -04:00
test_rendezvous.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_report_event.py Make POST /_matrix/client/v3/rooms/{roomId}/report/{eventId} endpoint return 404 if event exists, but the user lacks access (#15300) 2023-03-21 13:24:03 +00:00
test_retention.py Add final type hint to tests.unittest. (#15072) 2023-02-14 14:03:35 -05:00
test_room_batch.py Remove remaining bits of groups code. (#12936) 2022-06-01 09:41:25 -04:00
test_rooms.py Check required power levels earlier in createRoom handler. (#15695) 2023-06-07 16:21:25 +01:00
test_sendtodevice.py Additional constants for EDU types. (#12884) 2022-05-27 07:14:36 -04:00
test_shadow_banned.py Add final type hint to tests.unittest. (#15072) 2023-02-14 14:03:35 -05:00
test_sync.py Bump black from 22.12.0 to 23.1.0 (#15103) 2023-02-22 15:29:09 -05:00
test_third_party_rules.py Move ThirdPartyEventRules into module_api/callbacks (#15535) 2023-05-04 14:18:22 +00:00
test_transactions.py Pass the Requester down to the HttpTransactionCache. (#15200) 2023-03-07 16:05:22 +00:00
test_typing.py Do not allow a None-limit on PaginationConfig. (#14146) 2022-10-14 12:30:05 +00:00
test_upgrade_room.py Add final type hint to tests.unittest. (#15072) 2023-02-14 14:03:35 -05:00
utils.py Fix-up type hints in tests/server.py. (#15084) 2023-02-17 18:19:38 +00:00