0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-16 08:23:54 +01:00
synapse/tests/rest/client/v1/test_events.py
Brendan Abolivier a4c3a361b7
Add rate-limiting on registration (#4735)
* Rate-limiting for registration

* Add unit test for registration rate limiting

* Add config parameters for rate limiting on auth endpoints

* Doc

* Fix doc of rate limiting function

Co-Authored-By: babolivier <contact@brendanabolivier.com>

* Incorporate review

* Fix config parsing

* Fix linting errors

* Set default config for auth rate limiting

* Fix tests

* Add changelog

* Advance reactor instead of mocked clock

* Move parameters to registration specific config and give them more sensible default values

* Remove unused config options

* Don't mock the rate limiter un MAU tests

* Rename _register_with_store into register_with_store

* Make CI happy

* Remove unused import

* Update sample config

* Fix ratelimiting test for py2

* Add non-guest test
2019-03-05 14:25:33 +00:00

135 lines
4.6 KiB
Python

# -*- coding: utf-8 -*-
# Copyright 2014-2016 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
""" Tests REST events for /events paths."""
from mock import Mock, NonCallableMock
from synapse.rest.client.v1 import admin, events, login, room
from tests import unittest
class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):
""" Tests event streaming (GET /events). """
servlets = [
events.register_servlets,
room.register_servlets,
admin.register_servlets,
login.register_servlets,
]
def make_homeserver(self, reactor, clock):
config = self.default_config()
config.enable_registration_captcha = False
config.enable_registration = True
config.auto_join_rooms = []
hs = self.setup_test_homeserver(
config=config, ratelimiter=NonCallableMock(spec_set=["can_do_action"])
)
self.ratelimiter = hs.get_ratelimiter()
self.ratelimiter.can_do_action.return_value = (True, 0)
hs.get_handlers().federation_handler = Mock()
return hs
def prepare(self, hs, reactor, clock):
# register an account
self.user_id = self.register_user("sid1", "pass")
self.token = self.login(self.user_id, "pass")
# register a 2nd account
self.other_user = self.register_user("other2", "pass")
self.other_token = self.login(self.other_user, "pass")
def test_stream_basic_permissions(self):
# invalid token, expect 401
# note: this is in violation of the original v1 spec, which expected
# 403. However, since the v1 spec no longer exists and the v1
# implementation is now part of the r0 implementation, the newer
# behaviour is used instead to be consistent with the r0 spec.
# see issue #2602
request, channel = self.make_request(
"GET", "/events?access_token=%s" % ("invalid" + self.token,)
)
self.render(request)
self.assertEquals(channel.code, 401, msg=channel.result)
# valid token, expect content
request, channel = self.make_request(
"GET", "/events?access_token=%s&timeout=0" % (self.token,)
)
self.render(request)
self.assertEquals(channel.code, 200, msg=channel.result)
self.assertTrue("chunk" in channel.json_body)
self.assertTrue("start" in channel.json_body)
self.assertTrue("end" in channel.json_body)
def test_stream_room_permissions(self):
room_id = self.helper.create_room_as(self.other_user, tok=self.other_token)
self.helper.send(room_id, tok=self.other_token)
# invited to room (expect no content for room)
self.helper.invite(
room_id, src=self.other_user, targ=self.user_id, tok=self.other_token
)
# valid token, expect content
request, channel = self.make_request(
"GET", "/events?access_token=%s&timeout=0" % (self.token,)
)
self.render(request)
self.assertEquals(channel.code, 200, msg=channel.result)
# We may get a presence event for ourselves down
self.assertEquals(
0,
len(
[
c
for c in channel.json_body["chunk"]
if not (
c.get("type") == "m.presence"
and c["content"].get("user_id") == self.user_id
)
]
),
)
# joined room (expect all content for room)
self.helper.join(room=room_id, user=self.user_id, tok=self.token)
# left to room (expect no content for room)
def TODO_test_stream_items(self):
# new user, no content
# join room, expect 1 item (join)
# send message, expect 2 items (join,send)
# set topic, expect 3 items (join,send,topic)
# someone else join room, expect 4 (join,send,topic,join)
# someone else send message, expect 5 (join,send.topic,join,send)
# someone else set topic, expect 6 (join,send,topic,join,send,topic)
pass