2017-08-04 17:32:10 +02:00
|
|
|
// Copyright 2017 Vector Creations Ltd
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2017-10-11 19:16:53 +02:00
|
|
|
package routing
|
2017-08-04 17:32:10 +02:00
|
|
|
|
|
|
|
import (
|
2017-09-13 14:37:50 +02:00
|
|
|
"context"
|
2017-09-11 20:18:19 +02:00
|
|
|
"errors"
|
2017-08-04 17:32:10 +02:00
|
|
|
"net/http"
|
2018-08-06 15:09:25 +02:00
|
|
|
"time"
|
2017-08-04 17:32:10 +02:00
|
|
|
|
2018-08-20 11:45:17 +02:00
|
|
|
appserviceAPI "github.com/matrix-org/dendrite/appservice/api"
|
2017-08-04 17:32:10 +02:00
|
|
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
|
|
|
"github.com/matrix-org/dendrite/clientapi/auth/storage/accounts"
|
|
|
|
"github.com/matrix-org/dendrite/clientapi/httputil"
|
|
|
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
|
|
|
"github.com/matrix-org/dendrite/clientapi/producers"
|
2017-09-01 11:13:10 +02:00
|
|
|
"github.com/matrix-org/dendrite/clientapi/threepid"
|
2017-08-22 12:12:51 +02:00
|
|
|
"github.com/matrix-org/dendrite/common"
|
2017-08-04 17:32:10 +02:00
|
|
|
"github.com/matrix-org/dendrite/common/config"
|
2018-08-20 11:45:17 +02:00
|
|
|
roomserverAPI "github.com/matrix-org/dendrite/roomserver/api"
|
2017-08-04 17:32:10 +02:00
|
|
|
"github.com/matrix-org/gomatrixserverlib"
|
|
|
|
|
|
|
|
"github.com/matrix-org/util"
|
|
|
|
)
|
|
|
|
|
2017-09-11 20:18:19 +02:00
|
|
|
var errMissingUserID = errors.New("'user_id' must be supplied")
|
|
|
|
|
2017-08-04 17:32:10 +02:00
|
|
|
// SendMembership implements PUT /rooms/{roomID}/(join|kick|ban|unban|leave|invite)
|
|
|
|
// by building a m.room.member event then sending it to the room server
|
|
|
|
func SendMembership(
|
|
|
|
req *http.Request, accountDB *accounts.Database, device *authtypes.Device,
|
|
|
|
roomID string, membership string, cfg config.Dendrite,
|
2018-08-20 11:45:17 +02:00
|
|
|
queryAPI roomserverAPI.RoomserverQueryAPI, asAPI appserviceAPI.AppServiceQueryAPI,
|
|
|
|
producer *producers.RoomserverProducer,
|
2017-08-04 17:32:10 +02:00
|
|
|
) util.JSONResponse {
|
2017-09-01 11:13:10 +02:00
|
|
|
var body threepid.MembershipRequest
|
2017-08-29 16:17:26 +02:00
|
|
|
if reqErr := httputil.UnmarshalJSONRequest(req, &body); reqErr != nil {
|
|
|
|
return *reqErr
|
|
|
|
}
|
|
|
|
|
2018-08-22 14:40:25 +02:00
|
|
|
evTime, err := httputil.ParseTSParam(req)
|
|
|
|
if err != nil {
|
|
|
|
return util.JSONResponse{
|
|
|
|
Code: http.StatusBadRequest,
|
|
|
|
JSON: jsonerror.InvalidArgumentValue(err.Error()),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-07-12 15:29:30 +02:00
|
|
|
inviteStored, jsonErrResp := checkAndProcessThreepid(
|
|
|
|
req, device, &body, cfg, queryAPI, accountDB, producer,
|
2018-08-06 15:09:25 +02:00
|
|
|
membership, roomID, evTime,
|
2017-09-11 20:18:19 +02:00
|
|
|
)
|
2019-07-12 15:29:30 +02:00
|
|
|
if jsonErrResp != nil {
|
|
|
|
return *jsonErrResp
|
2017-08-29 16:17:26 +02:00
|
|
|
}
|
|
|
|
|
2017-09-11 20:18:19 +02:00
|
|
|
// If an invite has been stored on an identity server, it means that a
|
|
|
|
// m.room.third_party_invite event has been emitted and that we shouldn't
|
|
|
|
// emit a m.room.member one.
|
|
|
|
if inviteStored {
|
|
|
|
return util.JSONResponse{
|
2018-03-13 16:55:45 +01:00
|
|
|
Code: http.StatusOK,
|
2017-09-11 20:18:19 +02:00
|
|
|
JSON: struct{}{},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
event, err := buildMembershipEvent(
|
2018-08-20 11:45:17 +02:00
|
|
|
req.Context(), body, accountDB, device, membership, roomID, cfg, evTime, queryAPI, asAPI,
|
2017-09-11 20:18:19 +02:00
|
|
|
)
|
|
|
|
if err == errMissingUserID {
|
|
|
|
return util.JSONResponse{
|
2018-03-13 16:55:45 +01:00
|
|
|
Code: http.StatusBadRequest,
|
2017-09-11 20:18:19 +02:00
|
|
|
JSON: jsonerror.BadJSON(err.Error()),
|
|
|
|
}
|
2017-10-25 15:44:33 +02:00
|
|
|
} else if err == common.ErrRoomNoExists {
|
2017-09-11 20:18:19 +02:00
|
|
|
return util.JSONResponse{
|
2018-03-13 16:55:45 +01:00
|
|
|
Code: http.StatusNotFound,
|
2017-09-11 20:18:19 +02:00
|
|
|
JSON: jsonerror.NotFound(err.Error()),
|
|
|
|
}
|
|
|
|
} else if err != nil {
|
|
|
|
return httputil.LogThenError(req, err)
|
|
|
|
}
|
|
|
|
|
2018-05-26 13:03:35 +02:00
|
|
|
if _, err := producer.SendEvents(
|
2017-12-04 19:07:52 +01:00
|
|
|
req.Context(), []gomatrixserverlib.Event{*event}, cfg.Matrix.ServerName, nil,
|
2017-09-13 14:37:50 +02:00
|
|
|
); err != nil {
|
2017-09-11 20:18:19 +02:00
|
|
|
return httputil.LogThenError(req, err)
|
|
|
|
}
|
|
|
|
|
2019-07-12 15:29:30 +02:00
|
|
|
var returnData interface{} = struct{}{}
|
|
|
|
|
|
|
|
// The join membership requires the room id to be sent in the response
|
|
|
|
if membership == "join" {
|
|
|
|
returnData = struct {
|
|
|
|
RoomID string `json:"room_id"`
|
|
|
|
}{roomID}
|
|
|
|
}
|
|
|
|
|
2017-09-11 20:18:19 +02:00
|
|
|
return util.JSONResponse{
|
2018-03-13 16:55:45 +01:00
|
|
|
Code: http.StatusOK,
|
2019-07-12 15:29:30 +02:00
|
|
|
JSON: returnData,
|
2017-09-11 20:18:19 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func buildMembershipEvent(
|
2018-08-06 15:09:25 +02:00
|
|
|
ctx context.Context,
|
2017-09-11 20:18:19 +02:00
|
|
|
body threepid.MembershipRequest, accountDB *accounts.Database,
|
2018-08-20 11:45:17 +02:00
|
|
|
device *authtypes.Device,
|
|
|
|
membership, roomID string,
|
|
|
|
cfg config.Dendrite, evTime time.Time,
|
|
|
|
queryAPI roomserverAPI.RoomserverQueryAPI, asAPI appserviceAPI.AppServiceQueryAPI,
|
2017-09-11 20:18:19 +02:00
|
|
|
) (*gomatrixserverlib.Event, error) {
|
|
|
|
stateKey, reason, err := getMembershipStateKey(body, device, membership)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2017-08-04 17:32:10 +02:00
|
|
|
}
|
|
|
|
|
2018-08-20 11:45:17 +02:00
|
|
|
profile, err := loadProfile(ctx, stateKey, cfg, accountDB, asAPI)
|
2017-08-04 17:32:10 +02:00
|
|
|
if err != nil {
|
2017-09-11 20:18:19 +02:00
|
|
|
return nil, err
|
2017-08-04 17:32:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
builder := gomatrixserverlib.EventBuilder{
|
|
|
|
Sender: device.UserID,
|
|
|
|
RoomID: roomID,
|
|
|
|
Type: "m.room.member",
|
|
|
|
StateKey: &stateKey,
|
|
|
|
}
|
|
|
|
|
|
|
|
// "unban" or "kick" isn't a valid membership value, change it to "leave"
|
|
|
|
if membership == "unban" || membership == "kick" {
|
|
|
|
membership = "leave"
|
|
|
|
}
|
|
|
|
|
2017-08-22 12:12:51 +02:00
|
|
|
content := common.MemberContent{
|
2017-08-04 17:32:10 +02:00
|
|
|
Membership: membership,
|
|
|
|
DisplayName: profile.DisplayName,
|
|
|
|
AvatarURL: profile.AvatarURL,
|
|
|
|
Reason: reason,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err = builder.SetContent(content); err != nil {
|
2017-09-11 20:18:19 +02:00
|
|
|
return nil, err
|
2017-08-04 17:32:10 +02:00
|
|
|
}
|
|
|
|
|
2018-08-06 15:09:25 +02:00
|
|
|
return common.BuildEvent(ctx, &builder, cfg, evTime, queryAPI, nil)
|
2017-08-04 17:32:10 +02:00
|
|
|
}
|
|
|
|
|
2017-08-29 16:17:26 +02:00
|
|
|
// loadProfile lookups the profile of a given user from the database and returns
|
|
|
|
// it if the user is local to this server, or returns an empty profile if not.
|
|
|
|
// Returns an error if the retrieval failed or if the first parameter isn't a
|
|
|
|
// valid Matrix ID.
|
2017-09-18 15:15:27 +02:00
|
|
|
func loadProfile(
|
2018-08-20 11:45:17 +02:00
|
|
|
ctx context.Context,
|
|
|
|
userID string,
|
|
|
|
cfg config.Dendrite,
|
|
|
|
accountDB *accounts.Database,
|
|
|
|
asAPI appserviceAPI.AppServiceQueryAPI,
|
2017-09-18 15:15:27 +02:00
|
|
|
) (*authtypes.Profile, error) {
|
2018-08-20 11:45:17 +02:00
|
|
|
_, serverName, err := gomatrixserverlib.SplitID('@', userID)
|
2017-08-29 16:17:26 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
var profile *authtypes.Profile
|
|
|
|
if serverName == cfg.Matrix.ServerName {
|
2019-07-12 17:43:01 +02:00
|
|
|
profile, err = appserviceAPI.RetrieveUserProfile(ctx, userID, asAPI, accountDB)
|
2017-08-29 16:17:26 +02:00
|
|
|
} else {
|
|
|
|
profile = &authtypes.Profile{}
|
|
|
|
}
|
|
|
|
|
|
|
|
return profile, err
|
|
|
|
}
|
|
|
|
|
2017-08-04 17:32:10 +02:00
|
|
|
// getMembershipStateKey extracts the target user ID of a membership change.
|
|
|
|
// For "join" and "leave" this will be the ID of the user making the change.
|
|
|
|
// For "ban", "unban", "kick" and "invite" the target user ID will be in the JSON request body.
|
|
|
|
// In the latter case, if there was an issue retrieving the user ID from the request body,
|
|
|
|
// returns a JSONResponse with a corresponding error code and message.
|
|
|
|
func getMembershipStateKey(
|
2017-09-01 11:13:10 +02:00
|
|
|
body threepid.MembershipRequest, device *authtypes.Device, membership string,
|
2017-09-11 20:18:19 +02:00
|
|
|
) (stateKey string, reason string, err error) {
|
2017-08-04 17:32:10 +02:00
|
|
|
if membership == "ban" || membership == "unban" || membership == "kick" || membership == "invite" {
|
|
|
|
// If we're in this case, the state key is contained in the request body,
|
|
|
|
// possibly along with a reason (for "kick" and "ban") so we need to parse
|
|
|
|
// it
|
2017-08-29 16:17:26 +02:00
|
|
|
if body.UserID == "" {
|
2017-09-11 20:18:19 +02:00
|
|
|
err = errMissingUserID
|
2017-08-04 17:32:10 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-08-29 16:17:26 +02:00
|
|
|
stateKey = body.UserID
|
|
|
|
reason = body.Reason
|
2017-08-04 17:32:10 +02:00
|
|
|
} else {
|
|
|
|
stateKey = device.UserID
|
|
|
|
}
|
|
|
|
|
|
|
|
return
|
|
|
|
}
|
2019-07-12 15:29:30 +02:00
|
|
|
|
|
|
|
func checkAndProcessThreepid(
|
|
|
|
req *http.Request,
|
|
|
|
device *authtypes.Device,
|
|
|
|
body *threepid.MembershipRequest,
|
|
|
|
cfg config.Dendrite,
|
|
|
|
queryAPI roomserverAPI.RoomserverQueryAPI,
|
|
|
|
accountDB *accounts.Database,
|
|
|
|
producer *producers.RoomserverProducer,
|
|
|
|
membership, roomID string,
|
|
|
|
evTime time.Time,
|
|
|
|
) (inviteStored bool, errRes *util.JSONResponse) {
|
|
|
|
|
|
|
|
inviteStored, err := threepid.CheckAndProcessInvite(
|
|
|
|
req.Context(), device, body, cfg, queryAPI, accountDB, producer,
|
|
|
|
membership, roomID, evTime,
|
|
|
|
)
|
|
|
|
if err == threepid.ErrMissingParameter {
|
|
|
|
return inviteStored, &util.JSONResponse{
|
|
|
|
Code: http.StatusBadRequest,
|
|
|
|
JSON: jsonerror.BadJSON(err.Error()),
|
|
|
|
}
|
|
|
|
} else if err == threepid.ErrNotTrusted {
|
|
|
|
return inviteStored, &util.JSONResponse{
|
|
|
|
Code: http.StatusBadRequest,
|
|
|
|
JSON: jsonerror.NotTrusted(body.IDServer),
|
|
|
|
}
|
|
|
|
} else if err == common.ErrRoomNoExists {
|
|
|
|
return inviteStored, &util.JSONResponse{
|
|
|
|
Code: http.StatusNotFound,
|
|
|
|
JSON: jsonerror.NotFound(err.Error()),
|
|
|
|
}
|
|
|
|
} else if err != nil {
|
|
|
|
er := httputil.LogThenError(req, err)
|
|
|
|
return inviteStored, &er
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|