-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Support MSC3667 in a new room version #11885
Changes from all commits
0f6ab42
0e55160
f1d5890
f5e2cde
72b19cb
99ef23d
cf72994
3f310c9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Support [MSC3667](https://github.com/matrix-org/matrix-doc/pull/3667) in a new room version. |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -143,6 +143,22 @@ def check_auth_rules_for_event( | |
Raises: | ||
AuthError if the checks fail | ||
""" | ||
# Before we get too far into event auth, validate that the event is even | ||
# valid enough to be used | ||
if event.type == EventTypes.PowerLevels: | ||
# If applicable, validate that the known power levels are integers | ||
if room_version_obj.msc3667_int_only_power_levels: | ||
for k, v in event.content.items(): | ||
if k in ["events", "notifications", "users"]: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I am somewhat tempted to just recursively check that all values are either dicts or ints? That way we don't need to remember to update this set for new fields. That would break experimental non-int fields, so maybe we could only do that on the redacted form of the power level? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm a little bit worried that'd treat |
||
if type(v) is not dict: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. One usually does |
||
raise AuthError(403, "Not a valid object: %s" % (k,)) | ||
for v2 in v.values(): | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this check won't work because of how the auth rules are written: we have to check the keys explicitly. |
||
if type(v2) is not int: | ||
raise AuthError(403, "Not a valid power level: %s" % (v2,)) | ||
else: | ||
if type(v) is not int: | ||
raise AuthError(403, "Not a valid power level: %s" % (v,)) | ||
|
||
# We need to ensure that the auth events are actually for the same room, to | ||
# stop people from using powers they've been granted in other rooms for | ||
# example. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this might be in the wrong place, but it's highly convenient to put it here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like for similar code we usually do it in
EventValidator.validate_new
+event_from_pdu_json
, but I'm unsure if that makes sense or not. (I was looking at where we callvalidate_canonicaljson
)There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should really add a function to the
Validator
for inbound federation events, I guess