mirror of
https://mau.dev/maunium/synapse.git
synced 2024-11-14 22:11:47 +01:00
Allow guest users access to messages in rooms they have joined
There should be no difference between guest users and non-guest users in terms of access to messages. Define the semantics of the is_peeking argument to filter_events_for_clients (slightly) better; interpret it appropriately, and set it correctly from /sync.
This commit is contained in:
parent
200de16440
commit
b71ca2b014
3 changed files with 42 additions and 14 deletions
|
@ -53,9 +53,15 @@ class BaseHandler(object):
|
|||
self.event_builder_factory = hs.get_event_builder_factory()
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def _filter_events_for_clients(self, user_tuples, events, event_id_to_state):
|
||||
def filter_events_for_clients(self, user_tuples, events, event_id_to_state):
|
||||
""" Returns dict of user_id -> list of events that user is allowed to
|
||||
see.
|
||||
|
||||
:param (str, bool) user_tuples: (user id, is_peeking) for each
|
||||
user to be checked. is_peeking should be true if:
|
||||
* the user is not currently a member of the room, and:
|
||||
* the user has not been a member of the room since the given
|
||||
events
|
||||
"""
|
||||
forgotten = yield defer.gatherResults([
|
||||
self.store.who_forgot_in_room(
|
||||
|
@ -72,18 +78,20 @@ class BaseHandler(object):
|
|||
def allowed(event, user_id, is_peeking):
|
||||
state = event_id_to_state[event.event_id]
|
||||
|
||||
# get the room_visibility at the time of the event.
|
||||
visibility_event = state.get((EventTypes.RoomHistoryVisibility, ""), None)
|
||||
if visibility_event:
|
||||
visibility = visibility_event.content.get("history_visibility", "shared")
|
||||
else:
|
||||
visibility = "shared"
|
||||
|
||||
# if it was world_readable, it's easy: everyone can read it
|
||||
if visibility == "world_readable":
|
||||
return True
|
||||
|
||||
if is_peeking:
|
||||
return False
|
||||
|
||||
# get the user's membership at the time of the event. (or rather,
|
||||
# just *after* the event. Which means that people can see their
|
||||
# own join events, but not (currently) their own leave events.)
|
||||
membership_event = state.get((EventTypes.Member, user_id), None)
|
||||
if membership_event:
|
||||
if membership_event.event_id in event_id_forgotten:
|
||||
|
@ -93,20 +101,32 @@ class BaseHandler(object):
|
|||
else:
|
||||
membership = None
|
||||
|
||||
# if the user was a member of the room at the time of the event,
|
||||
# they can see it.
|
||||
if membership == Membership.JOIN:
|
||||
return True
|
||||
|
||||
if event.type == EventTypes.RoomHistoryVisibility:
|
||||
return not is_peeking
|
||||
# XXX why are m.room.history_visibility events special?
|
||||
# return True
|
||||
pass
|
||||
|
||||
if visibility == "shared":
|
||||
return True
|
||||
elif visibility == "joined":
|
||||
return membership == Membership.JOIN
|
||||
# user can also see the event if he has become a member since
|
||||
# the event
|
||||
#
|
||||
# XXX: if the user has subsequently joined and then left again,
|
||||
# ideally we would share history up to the point they left. But
|
||||
# we don't know when they left.
|
||||
return not is_peeking
|
||||
elif visibility == "invited":
|
||||
# user can also see the event if he was *invited* at the time
|
||||
# of the event.
|
||||
return membership == Membership.INVITE
|
||||
|
||||
return True
|
||||
# presumably visibility is "joined"; we weren't a member at the
|
||||
# time of the event, so we're done.
|
||||
return False
|
||||
|
||||
defer.returnValue({
|
||||
user_id: [
|
||||
|
@ -119,7 +139,17 @@ class BaseHandler(object):
|
|||
|
||||
@defer.inlineCallbacks
|
||||
def _filter_events_for_client(self, user_id, events, is_peeking=False):
|
||||
# Assumes that user has at some point joined the room if not is_guest.
|
||||
"""
|
||||
Check which events a user is allowed to see
|
||||
|
||||
:param str user_id: user id to be checked
|
||||
:param [synapse.events.EventBase] events: list of events to be checked
|
||||
:param bool is_peeking should be True if:
|
||||
* the user is not currently a member of the room, and:
|
||||
* the user has not been a member of the room since the given
|
||||
events
|
||||
:rtype [synapse.events.EventBase]
|
||||
"""
|
||||
types = (
|
||||
(EventTypes.RoomHistoryVisibility, ""),
|
||||
(EventTypes.Member, user_id),
|
||||
|
@ -128,7 +158,7 @@ class BaseHandler(object):
|
|||
frozenset(e.event_id for e in events),
|
||||
types=types
|
||||
)
|
||||
res = yield self._filter_events_for_clients(
|
||||
res = yield self.filter_events_for_clients(
|
||||
[(user_id, is_peeking)], events, event_id_to_state
|
||||
)
|
||||
defer.returnValue(res.get(user_id, []))
|
||||
|
|
|
@ -623,7 +623,6 @@ class SyncHandler(BaseHandler):
|
|||
recents = yield self._filter_events_for_client(
|
||||
sync_config.user.to_string(),
|
||||
recents,
|
||||
is_peeking=sync_config.is_guest,
|
||||
)
|
||||
else:
|
||||
recents = []
|
||||
|
@ -645,7 +644,6 @@ class SyncHandler(BaseHandler):
|
|||
loaded_recents = yield self._filter_events_for_client(
|
||||
sync_config.user.to_string(),
|
||||
loaded_recents,
|
||||
is_peeking=sync_config.is_guest,
|
||||
)
|
||||
loaded_recents.extend(recents)
|
||||
recents = loaded_recents
|
||||
|
|
|
@ -103,7 +103,7 @@ class BulkPushRuleEvaluator:
|
|||
|
||||
users_dict = yield self.store.are_guests(self.rules_by_user.keys())
|
||||
|
||||
filtered_by_user = yield handler._filter_events_for_clients(
|
||||
filtered_by_user = yield handler.filter_events_for_clients(
|
||||
users_dict.items(), [event], {event.event_id: current_state}
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in a new issue