Don't filter out events when we're checking the visibility of state

2020-03-11 15:21:25 +00:00 · 2020-03-11 15:21:25 +00:00 · 936686ed2d
parent 74050d0c1c
commit 936686ed2d
3 changed files with 50 additions and 9 deletions
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@ -160,7 +160,7 @@ class MessageHandler(object):
                raise NotFoundError("Can't find event for token %s" % (at_token,))

            visible_events = yield filter_events_for_client(
-                self.storage, user_id, last_events, apply_retention_policies=False
+                self.storage, user_id, last_events, filter_send_to_client=False
            )

            event = last_events[0]
--- a/synapse/res/templates/saml_error.html
+++ b/synapse/res/templates/saml_error.html
@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>SSO error</title>
+</head>
+<body>
+    <p>Oops! Something went wrong during authentication<span id="errormsg"></span>.</p>
+    <p>
+        If you're seeing this page after clicking a link sent to you via email, make
+        sure you only click the confirmation link once, and that you open the
+        validation link in the same client you're logging in from.
+    </p>
+    <p>
+        Try logging in again from your Matrix client and if the problem persists
+        please contact the server's administrator.
+    </p>
+
+    <script type="text/javascript">
+        // Error handling to support Auth0 errors that we might get through a GET request
+        // to the validation endpoint. If an error is provided, it's either going to be
+        // located in the query string or in a query string-like URI fragment.
+        // We try to locate the error from any of these two locations, but if we can't
+        // we just don't print anything specific.
+        let searchStr = "";
+        if (window.location.search) {
+            // For some reason window.location.searchParams isn't always defined when
+            // window.location.search is, so we can't just use it right away.
+            searchStr = window.location.search;
+        } else if (window.location.hash) {
+            //
+            searchStr = window.location.hash.replace("#", "?");
+        }
+
+        let errorDesc = new URLSearchParams(searchStr).get("error_description")
+
+        if (errorDesc) {
+            document.getElementById("errormsg").innerHTML = ` ("${errorDesc}")`;
+        }
+    </script>
+</body>
+</html>
--- a/synapse/visibility.py
+++ b/synapse/visibility.py
@ -49,7 +49,7 @@ def filter_events_for_client(
    events,
    is_peeking=False,
    always_include_ids=frozenset(),
-    apply_retention_policies=True,
+    filter_send_to_client=True,
 ):
    """
    Check which events a user is allowed to see. If the user can see the event but its
@ -65,10 +65,9 @@ def filter_events_for_client(
            events
        always_include_ids (set(event_id)): set of event ids to specifically
            include (unless sender is ignored)
-        apply_retention_policies (bool): Whether to filter out events that's older than
-            allowed by the room's retention policy. Useful when this function is called
-            to e.g. check whether a user should be allowed to see the state at a given
-            event rather than to know if it should send an event to a user's client(s).
+        filter_send_to_client (bool): Whether we're checking an event that's going to be
+            sent to a client. This might not always be the case since this function can
+            also be called to check whether a user can see the state at a given point.

    Returns:
        Deferred[list[synapse.events.EventBase]]
@ -96,7 +95,7 @@ def filter_events_for_client(

    erased_senders = yield storage.main.are_users_erased((e.sender for e in events))

-    if apply_retention_policies:
+    if not filter_send_to_client:
        room_ids = {e.room_id for e in events}
        retention_policies = {}

@ -119,7 +118,7 @@ def filter_events_for_client(

               the original event if they can see it as normal.
        """
-        if event.type == "org.matrix.dummy_event":
+        if event.type == "org.matrix.dummy_event" and filter_send_to_client:
            return None

        if not event.is_state() and event.sender in ignore_list:
@ -134,7 +133,7 @@ def filter_events_for_client(

        # Don't try to apply the room's retention policy if the event is a state event, as
        # MSC1763 states that retention is only considered for non-state events.
-        if apply_retention_policies and not event.is_state():
+        if filter_send_to_client and not event.is_state():
            retention_policy = retention_policies[event.room_id]
            max_lifetime = retention_policy.get("max_lifetime")