mirror of
https://github.com/matrix-org/dendrite
synced 2024-11-03 14:39:00 +01:00
5eed31fea3
Needs https://github.com/matrix-org/sytest/pull/1315, as otherwise the membership events aren't persisted yet when hitting `/state` after kicking guest users. Makes the following tests pass: ``` Guest users denied access over federation if guest access prohibited Guest users are kicked from guest_access rooms on revocation of guest_access Guest users are kicked from guest_access rooms on revocation of guest_access over federation ``` Todo (in a follow up PR): - Restrict access to CS API Endpoints as per https://spec.matrix.org/v1.4/client-server-api/#client-behaviour-14 Co-authored-by: kegsay <kegan@matrix.org>
158 lines
4.4 KiB
Go
158 lines
4.4 KiB
Go
package routing
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"net/http"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/matrix-org/gomatrixserverlib"
|
|
|
|
"github.com/matrix-org/dendrite/appservice"
|
|
"github.com/matrix-org/dendrite/keyserver"
|
|
"github.com/matrix-org/dendrite/roomserver"
|
|
"github.com/matrix-org/dendrite/test"
|
|
"github.com/matrix-org/dendrite/test/testrig"
|
|
"github.com/matrix-org/dendrite/userapi"
|
|
uapi "github.com/matrix-org/dendrite/userapi/api"
|
|
)
|
|
|
|
func TestJoinRoomByIDOrAlias(t *testing.T) {
|
|
alice := test.NewUser(t)
|
|
bob := test.NewUser(t)
|
|
charlie := test.NewUser(t, test.WithAccountType(uapi.AccountTypeGuest))
|
|
|
|
ctx := context.Background()
|
|
test.WithAllDatabases(t, func(t *testing.T, dbType test.DBType) {
|
|
base, baseClose := testrig.CreateBaseDendrite(t, dbType)
|
|
defer baseClose()
|
|
|
|
rsAPI := roomserver.NewInternalAPI(base)
|
|
keyAPI := keyserver.NewInternalAPI(base, &base.Cfg.KeyServer, nil, rsAPI)
|
|
userAPI := userapi.NewInternalAPI(base, &base.Cfg.UserAPI, nil, keyAPI, rsAPI, nil)
|
|
asAPI := appservice.NewInternalAPI(base, userAPI, rsAPI)
|
|
rsAPI.SetFederationAPI(nil, nil) // creates the rs.Inputer etc
|
|
|
|
// Create the users in the userapi
|
|
for _, u := range []*test.User{alice, bob, charlie} {
|
|
localpart, serverName, _ := gomatrixserverlib.SplitID('@', u.ID)
|
|
userRes := &uapi.PerformAccountCreationResponse{}
|
|
if err := userAPI.PerformAccountCreation(ctx, &uapi.PerformAccountCreationRequest{
|
|
AccountType: u.AccountType,
|
|
Localpart: localpart,
|
|
ServerName: serverName,
|
|
Password: "someRandomPassword",
|
|
}, userRes); err != nil {
|
|
t.Errorf("failed to create account: %s", err)
|
|
}
|
|
|
|
}
|
|
|
|
aliceDev := &uapi.Device{UserID: alice.ID}
|
|
bobDev := &uapi.Device{UserID: bob.ID}
|
|
charlieDev := &uapi.Device{UserID: charlie.ID, AccountType: uapi.AccountTypeGuest}
|
|
|
|
// create a room with disabled guest access and invite Bob
|
|
resp := createRoom(ctx, createRoomRequest{
|
|
Name: "testing",
|
|
IsDirect: true,
|
|
Topic: "testing",
|
|
Visibility: "public",
|
|
Preset: presetPublicChat,
|
|
RoomAliasName: "alias",
|
|
Invite: []string{bob.ID},
|
|
GuestCanJoin: false,
|
|
}, aliceDev, &base.Cfg.ClientAPI, userAPI, rsAPI, asAPI, time.Now())
|
|
crResp, ok := resp.JSON.(createRoomResponse)
|
|
if !ok {
|
|
t.Fatalf("response is not a createRoomResponse: %+v", resp)
|
|
}
|
|
|
|
// create a room with guest access enabled and invite Charlie
|
|
resp = createRoom(ctx, createRoomRequest{
|
|
Name: "testing",
|
|
IsDirect: true,
|
|
Topic: "testing",
|
|
Visibility: "public",
|
|
Preset: presetPublicChat,
|
|
Invite: []string{charlie.ID},
|
|
GuestCanJoin: true,
|
|
}, aliceDev, &base.Cfg.ClientAPI, userAPI, rsAPI, asAPI, time.Now())
|
|
crRespWithGuestAccess, ok := resp.JSON.(createRoomResponse)
|
|
if !ok {
|
|
t.Fatalf("response is not a createRoomResponse: %+v", resp)
|
|
}
|
|
|
|
// Dummy request
|
|
body := &bytes.Buffer{}
|
|
req, err := http.NewRequest(http.MethodPost, "/?server_name=test", body)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
testCases := []struct {
|
|
name string
|
|
device *uapi.Device
|
|
roomID string
|
|
wantHTTP200 bool
|
|
}{
|
|
{
|
|
name: "User can join successfully by alias",
|
|
device: bobDev,
|
|
roomID: crResp.RoomAlias,
|
|
wantHTTP200: true,
|
|
},
|
|
{
|
|
name: "User can join successfully by roomID",
|
|
device: bobDev,
|
|
roomID: crResp.RoomID,
|
|
wantHTTP200: true,
|
|
},
|
|
{
|
|
name: "join is forbidden if user is guest",
|
|
device: charlieDev,
|
|
roomID: crResp.RoomID,
|
|
},
|
|
{
|
|
name: "room does not exist",
|
|
device: aliceDev,
|
|
roomID: "!doesnotexist:test",
|
|
},
|
|
{
|
|
name: "user from different server",
|
|
device: &uapi.Device{UserID: "@wrong:server"},
|
|
roomID: crResp.RoomAlias,
|
|
},
|
|
{
|
|
name: "user doesn't exist locally",
|
|
device: &uapi.Device{UserID: "@doesnotexist:test"},
|
|
roomID: crResp.RoomAlias,
|
|
},
|
|
{
|
|
name: "invalid room ID",
|
|
device: aliceDev,
|
|
roomID: "invalidRoomID",
|
|
},
|
|
{
|
|
name: "roomAlias does not exist",
|
|
device: aliceDev,
|
|
roomID: "#doesnotexist:test",
|
|
},
|
|
{
|
|
name: "room with guest_access event",
|
|
device: charlieDev,
|
|
roomID: crRespWithGuestAccess.RoomID,
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
joinResp := JoinRoomByIDOrAlias(req, tc.device, rsAPI, userAPI, tc.roomID)
|
|
if tc.wantHTTP200 && !joinResp.Is2xx() {
|
|
t.Fatalf("expected join room to succeed, but didn't: %+v", joinResp)
|
|
}
|
|
})
|
|
}
|
|
})
|
|
}
|