forked from MirrorHub/synapse
Ensure a group ID is valid before trying to get rooms for it. (#8129)
This commit is contained in:
parent
76c43f086a
commit
731dfff347
2 changed files with 5 additions and 0 deletions
1
changelog.d/8129.bugfix
Normal file
1
changelog.d/8129.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Return a proper error code when the rooms of an invalid group are requested.
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
import logging
|
||||
|
||||
from synapse.api.errors import SynapseError
|
||||
from synapse.http.servlet import RestServlet, parse_json_object_from_request
|
||||
from synapse.types import GroupID
|
||||
|
||||
|
@ -325,6 +326,9 @@ class GroupRoomServlet(RestServlet):
|
|||
requester = await self.auth.get_user_by_req(request, allow_guest=True)
|
||||
requester_user_id = requester.user.to_string()
|
||||
|
||||
if not GroupID.is_valid(group_id):
|
||||
raise SynapseError(400, "%s was not legal group ID" % (group_id,))
|
||||
|
||||
result = await self.groups_handler.get_rooms_in_group(
|
||||
group_id, requester_user_id
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue