Allow admins to create aliases when they are not in the room (#7191)

This commit is contained in:
Patrick Cloke 2020-04-01 08:27:05 -04:00 committed by GitHub
parent 250f87d0de
commit 468dcc767b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 68 additions and 1 deletions

1
changelog.d/7191.feature Normal file
View file

@ -0,0 +1 @@
Admin users are no longer required to be in a room to create an alias for it.

View file

@ -127,7 +127,11 @@ class DirectoryHandler(BaseHandler):
errcode=Codes.EXCLUSIVE, errcode=Codes.EXCLUSIVE,
) )
else: else:
if self.require_membership and check_membership: # Server admins are not subject to the same constraints as normal
# users when creating an alias (e.g. being in the room).
is_admin = yield self.auth.is_server_admin(requester.user)
if (self.require_membership and check_membership) and not is_admin:
rooms_for_user = yield self.store.get_rooms_for_user(user_id) rooms_for_user = yield self.store.get_rooms_for_user(user_id)
if room_id not in rooms_for_user: if room_id not in rooms_for_user:
raise AuthError( raise AuthError(

View file

@ -102,6 +102,68 @@ class DirectoryTestCase(unittest.HomeserverTestCase):
self.assertEquals({"room_id": "!8765asdf:test", "servers": ["test"]}, response) self.assertEquals({"room_id": "!8765asdf:test", "servers": ["test"]}, response)
class TestCreateAlias(unittest.HomeserverTestCase):
servlets = [
synapse.rest.admin.register_servlets,
login.register_servlets,
room.register_servlets,
directory.register_servlets,
]
def prepare(self, reactor, clock, hs):
self.handler = hs.get_handlers().directory_handler
# Create user
self.admin_user = self.register_user("admin", "pass", admin=True)
self.admin_user_tok = self.login("admin", "pass")
# Create a test room
self.room_id = self.helper.create_room_as(
self.admin_user, tok=self.admin_user_tok
)
self.test_alias = "#test:test"
self.room_alias = RoomAlias.from_string(self.test_alias)
# Create a test user.
self.test_user = self.register_user("user", "pass", admin=False)
self.test_user_tok = self.login("user", "pass")
self.helper.join(room=self.room_id, user=self.test_user, tok=self.test_user_tok)
def test_create_alias_joined_room(self):
"""A user can create an alias for a room they're in."""
self.get_success(
self.handler.create_association(
create_requester(self.test_user), self.room_alias, self.room_id,
)
)
def test_create_alias_other_room(self):
"""A user cannot create an alias for a room they're NOT in."""
other_room_id = self.helper.create_room_as(
self.admin_user, tok=self.admin_user_tok
)
self.get_failure(
self.handler.create_association(
create_requester(self.test_user), self.room_alias, other_room_id,
),
synapse.api.errors.SynapseError,
)
def test_create_alias_admin(self):
"""An admin can create an alias for a room they're NOT in."""
other_room_id = self.helper.create_room_as(
self.test_user, tok=self.test_user_tok
)
self.get_success(
self.handler.create_association(
create_requester(self.admin_user), self.room_alias, other_room_id,
)
)
class TestDeleteAlias(unittest.HomeserverTestCase): class TestDeleteAlias(unittest.HomeserverTestCase):
servlets = [ servlets = [
synapse.rest.admin.register_servlets, synapse.rest.admin.register_servlets,