enforce auth for capabilities endpoint

2019-01-29 11:37:56 +00:00 · 2019-01-29 11:37:56 +00:00 · a124025dab
commit a124025dab
parent 327b992e17
2 changed files with 36 additions and 14 deletions
--- a/synapse/rest/client/v2_alpha/capabilities.py
+++ b/synapse/rest/client/v2_alpha/capabilities.py
@ -12,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+from twisted.internet import defer

 from synapse.http.servlet import RestServlet

@ -28,20 +29,26 @@ class CapabilitiesRestServlet(RestServlet):
        """
        super(CapabilitiesRestServlet, self).__init__()
        self.hs = hs
+        self.auth = hs.get_auth()

+    @defer.inlineCallbacks
    def on_GET(self, request):
-        return 200, {
-            "capabilities": {
-                "m.room_versions": {
-                    "default": "1",
-                    "available": {
-                        "1": "stable",
-                        "2": "stable",
-                        "state-v2-test": "unstable",
+
+        yield self.auth.get_user_by_req(request, allow_guest=True)
+        defer.returnValue(
+            (200, {
+                "capabilities": {
+                    "m.room_versions": {
+                        "default": "1",
+                        "available": {
+                            "1": "stable",
+                            "2": "stable",
+                            "state-v2-test": "unstable",
+                        }
                    }
                }
-            }
-        }
+            })
+        )


 def register_servlets(hs, http_server):
--- a/tests/rest/client/v2_alpha/test_capabilities.py
+++ b/tests/rest/client/v2_alpha/test_capabilities.py
@ -14,23 +14,38 @@
 # limitations under the License.

 from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS
-from synapse.rest.client.v2_alpha.capabilities import register_servlets
-
+from synapse.rest.client.v2_alpha import capabilities
+from synapse.rest.client.v1 import login, admin
 from tests import unittest


 class CapabilitiesTestCase(unittest.HomeserverTestCase):
-    servlets = [register_servlets]
+
+    servlets = [
+        admin.register_servlets,
+        capabilities.register_servlets,
+        login.register_servlets,
+    ]

    def make_homeserver(self, reactor, clock):
        self.url = b"/_matrix/client/r0/capabilities"
        hs = self.setup_test_homeserver()
        return hs

-    def test_get_room_version_capabilities(self):
+    def test_check_auth_required(self):
        request, channel = self.make_request("GET", self.url)
        self.render(request)
+
+        self.assertEqual(channel.code, 401)
+
+    def test_get_room_version_capabilities(self):
+        self.register_user("user", "pass")
+        access_token = self.login("user", "pass")
+
+        request, channel = self.make_request("GET", self.url, access_token=access_token)
+        self.render(request)
        capabilities = channel.json_body['capabilities']
+
        self.assertEqual(channel.code, 200)
        for room_version in capabilities['m.room_versions']['available'].keys():
            self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version)