mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-14 13:03:50 +01:00
Add domain validation when creating room with list of invitees (#6121)
This commit is contained in:
parent
9a84d74417
commit
b5b03b7079
3 changed files with 13 additions and 1 deletions
1
changelog.d/4088.bugfix
Normal file
1
changelog.d/4088.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Added domain validation when including a list of invitees upon room creation.
|
|
@ -28,6 +28,7 @@ from twisted.internet import defer
|
|||
from synapse.api.constants import EventTypes, JoinRules, RoomCreationPreset
|
||||
from synapse.api.errors import AuthError, Codes, NotFoundError, StoreError, SynapseError
|
||||
from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
|
||||
from synapse.http.endpoint import parse_and_validate_server_name
|
||||
from synapse.storage.state import StateFilter
|
||||
from synapse.types import RoomAlias, RoomID, RoomStreamToken, StreamToken, UserID
|
||||
from synapse.util import stringutils
|
||||
|
@ -554,7 +555,8 @@ class RoomCreationHandler(BaseHandler):
|
|||
invite_list = config.get("invite", [])
|
||||
for i in invite_list:
|
||||
try:
|
||||
UserID.from_string(i)
|
||||
uid = UserID.from_string(i)
|
||||
parse_and_validate_server_name(uid.domain)
|
||||
except Exception:
|
||||
raise SynapseError(400, "Invalid user_id: %s" % (i,))
|
||||
|
||||
|
|
|
@ -484,6 +484,15 @@ class RoomsCreateTestCase(RoomBase):
|
|||
self.render(request)
|
||||
self.assertEquals(400, channel.code)
|
||||
|
||||
def test_post_room_invitees_invalid_mxid(self):
|
||||
# POST with invalid invitee, see https://github.com/matrix-org/synapse/issues/4088
|
||||
# Note the trailing space in the MXID here!
|
||||
request, channel = self.make_request(
|
||||
"POST", "/createRoom", b'{"invite":["@alice:example.com "]}'
|
||||
)
|
||||
self.render(request)
|
||||
self.assertEquals(400, channel.code)
|
||||
|
||||
|
||||
class RoomTopicTestCase(RoomBase):
|
||||
""" Tests /rooms/$room_id/topic REST events. """
|
||||
|
|
Loading…
Reference in a new issue