From 69e857853fe91d22fa792c9e26edd87840526c22 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 3 Oct 2018 11:57:30 +0100
Subject: [PATCH 1/3] Fix handling of rejected threepid invites

---
 synapse/event_auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index 02fa46ef7..c6c011b6b 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -157,7 +157,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
             raise AuthError(
                 403, (
                     "You cannot issue a third party invite for %s." %
-                    (event.content.display_name,)
+                    (event.content.get("display_name", "<Unknown>"),)
                 )
             )
         else:

From 93a86039040665ec6fbe7bf0c6d7c5024fa95dd5 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 3 Oct 2018 11:59:05 +0100
Subject: [PATCH 2/3] Newsfile

---
 changelog.d/3999.bugfix | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/3999.bugfix

diff --git a/changelog.d/3999.bugfix b/changelog.d/3999.bugfix
new file mode 100644
index 000000000..dc3b2caff
--- /dev/null
+++ b/changelog.d/3999.bugfix
@@ -0,0 +1 @@
+Fix handling of rejected threepid invites

From 52e6e815bef4379773fde257c85c4fc4d11cd181 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 3 Oct 2018 14:13:07 +0100
Subject: [PATCH 3/3] Sanitise error messages when user doesn't have permission
 to invite

---
 synapse/event_auth.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index c6c011b6b..af3eee95b 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -155,10 +155,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True):
 
         if user_level < invite_level:
             raise AuthError(
-                403, (
-                    "You cannot issue a third party invite for %s." %
-                    (event.content.get("display_name", "<Unknown>"),)
-                )
+                403, "You don't have permission to invite users",
             )
         else:
             logger.debug("Allowing! %s", event)
@@ -305,7 +302,7 @@ def _is_membership_change_allowed(event, auth_events):
 
             if user_level < invite_level:
                 raise AuthError(
-                    403, "You cannot invite user %s." % target_user_id
+                    403, "You don't have permission to invite users",
                 )
     elif Membership.JOIN == membership:
         # Joins are valid iff caller == target and they were: