tileradotorg/synapse
1
0
Fork 0
forked from MirrorHub/synapse
Code Pull requests Activity

Test that we require validated email for email pushers (#9496)

Browse source
This commit is contained in:
Erik Johnston 2021-02-25 15:35:14 +00:00 committed by GitHub
parent 1e62d9ee8c
commit 2566dc57ce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 39 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog.d/9496.misc Normal file
View file

@ -0,0 +1 @@
Test that we require validated email for email pushers.

6
synapse/push/pusherpool.py
View file

@ -19,6 +19,7 @@ from typing import TYPE_CHECKING, Dict, Iterable, Optional
from prometheus_client import Gauge from prometheus_client import Gauge
from synapse.api.errors import Codes, SynapseError
from synapse.metrics.background_process_metrics import ( from synapse.metrics.background_process_metrics import (
run_as_background_process, run_as_background_process,
wrap_as_background_process, wrap_as_background_process,
@ -113,6 +114,11 @@ class PusherPool:
The newly created pusher. The newly created pusher.
""" """
if kind == "email":
email_owner = await self.store.get_user_id_by_threepid("email", pushkey)
if email_owner != user_id:
raise SynapseError(400, "Email not found", Codes.THREEPID_NOT_FOUND)
time_now_msec = self.clock.time_msec() time_now_msec = self.clock.time_msec()
# create the pusher setting last_stream_ordering to the current maximum # create the pusher setting last_stream_ordering to the current maximum

34
tests/push/test_email.py
View file

@ -21,6 +21,7 @@ import pkg_resources
from twisted.internet.defer import Deferred from twisted.internet.defer import Deferred
import synapse.rest.admin import synapse.rest.admin
from synapse.api.errors import Codes, SynapseError
from synapse.rest.client.v1 import login, room from synapse.rest.client.v1 import login, room
from tests.unittest import HomeserverTestCase from tests.unittest import HomeserverTestCase
@ -100,12 +101,19 @@ class EmailPusherTests(HomeserverTestCase):
user_tuple = self.get_success( user_tuple = self.get_success(
self.hs.get_datastore().get_user_by_access_token(self.access_token) self.hs.get_datastore().get_user_by_access_token(self.access_token)
) )
token_id = user_tuple.token_id self.token_id = user_tuple.token_id
# We need to add email to account before we can create a pusher.
self.get_success(
hs.get_datastore().user_add_threepid(
self.user_id, "email", "a@example.com", 0, 0
)
)
self.pusher = self.get_success( self.pusher = self.get_success(
self.hs.get_pusherpool().add_pusher( self.hs.get_pusherpool().add_pusher(
user_id=self.user_id, user_id=self.user_id,
access_token=token_id, access_token=self.token_id,
kind="email", kind="email",
app_id="m.email", app_id="m.email",
app_display_name="Email Notifications", app_display_name="Email Notifications",
@ -116,6 +124,28 @@ class EmailPusherTests(HomeserverTestCase):
) )
) )
def test_need_validated_email(self):
"""Test that we can only add an email pusher if the user has validated
their email.
"""
with self.assertRaises(SynapseError) as cm:
self.get_success_or_raise(
self.hs.get_pusherpool().add_pusher(
user_id=self.user_id,
access_token=self.token_id,
kind="email",
app_id="m.email",
app_display_name="Email Notifications",
device_display_name="b@example.com",
pushkey="b@example.com",
lang=None,
data={},
)
)
self.assertEqual(400, cm.exception.code)
self.assertEqual(Codes.THREEPID_NOT_FOUND, cm.exception.errcode)
def test_simple_sends_email(self): def test_simple_sends_email(self):
# Create a simple room with two users # Create a simple room with two users
room = self.helper.create_room_as(self.user_id, tok=self.access_token) room = self.helper.create_room_as(self.user_id, tok=self.access_token)