Consider joined guest users as joined users

Otherwise they're inconveniently allowed to write events to the room
but not to read them from the room.
This commit is contained in:
Daniel Wagner-Hall 2015-11-12 13:37:07 +00:00
parent 2fc81af06a
commit 50f1afbd5b

View file

@ -258,20 +258,29 @@ class MessageHandler(BaseHandler):
@defer.inlineCallbacks @defer.inlineCallbacks
def _check_in_room_or_world_readable(self, room_id, user_id, is_guest): def _check_in_room_or_world_readable(self, room_id, user_id, is_guest):
if is_guest: try:
visibility = yield self.state_handler.get_current_state( # check_user_was_in_room will return the most recent membership
room_id, EventTypes.RoomHistoryVisibility, "" # event for the user if:
) # * The user is a non-guest user, and was ever in the room
if visibility.content["history_visibility"] == "world_readable": # * The user is a guest user, and has joined the room
defer.returnValue((Membership.JOIN, None)) # else it will throw.
return
else:
raise AuthError(
403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
)
else:
member_event = yield self.auth.check_user_was_in_room(room_id, user_id) member_event = yield self.auth.check_user_was_in_room(room_id, user_id)
defer.returnValue((member_event.membership, member_event.event_id)) defer.returnValue((member_event.membership, member_event.event_id))
return
except AuthError:
if not is_guest:
raise
visibility = yield self.state_handler.get_current_state(
room_id, EventTypes.RoomHistoryVisibility, ""
)
if visibility.content["history_visibility"] == "world_readable":
defer.returnValue((Membership.JOIN, None))
return
else:
raise AuthError(
403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
)
@defer.inlineCallbacks @defer.inlineCallbacks
def get_state_events(self, user_id, room_id, is_guest=False): def get_state_events(self, user_id, room_id, is_guest=False):