Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix hierarchy returning 403 when room is accessible through federation #17194

Merged
merged 10 commits into from
Aug 28, 2024
1 change: 1 addition & 0 deletions changelog.d/17194.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix hierarchy returning 403 when room is accessible through federation. Contributed by Krishan (@kfiven).
25 changes: 23 additions & 2 deletions synapse/handlers/room_summary.py
Original file line number Diff line number Diff line change
Expand Up @@ -183,15 +183,36 @@ async def _get_room_hierarchy(
) -> JsonDict:
"""See docstring for SpaceSummaryHandler.get_room_hierarchy."""

# First of all, check that the room is accessible.
if not await self._is_local_room_accessible(requested_room_id, requester):
# If the room is available locally, quickly check that the user can access it.
local_room = await self._store.is_host_joined(
requested_room_id, self._server_name
)
if local_room and not await self._is_local_room_accessible(
requested_room_id, requester
):
raise UnstableSpecAuthError(
403,
"User %s not in room %s, and room previews are disabled"
% (requester, requested_room_id),
errcode=Codes.NOT_JOINED,
)

if not local_room:
room_hierarchy = await self._summarize_remote_room_hierarchy(
_RoomQueueEntry(requested_room_id, ()),
False,
)
root_room_entry = room_hierarchy[0]
if not root_room_entry or not await self._is_remote_room_accessible(
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
requester, requested_room_id, root_room_entry.room
):
raise UnstableSpecAuthError(
403,
"User %s not in room %s, and room previews are disabled"
% (requester, requested_room_id),
errcode=Codes.NOT_JOINED,
)
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved

# If this is continuing a previous session, pull the persisted data.
if from_token:
try:
Expand Down
48 changes: 48 additions & 0 deletions tests/handlers/test_room_summary.py
Original file line number Diff line number Diff line change
Expand Up @@ -757,6 +757,54 @@ async def summarize_remote_room_hierarchy(
)
self._assert_hierarchy(result, expected)

def test_fed_root(self) -> None:
"""
Test if requested room is available over federation.
"""
fed_hostname = self.hs.hostname + "2"
fed_space = "#fed_space:" + fed_hostname
fed_subroom = "#fed_sub_room:" + fed_hostname

requested_room_entry = _RoomEntry(
fed_space,
{
"room_id": fed_space,
"world_readable": True,
"room_type": RoomTypes.SPACE,
},
[
{
"type": EventTypes.SpaceChild,
"room_id": fed_space,
"state_key": fed_subroom,
"content": {"via": [fed_hostname]},
}
],
)
child_room = {
"room_id": fed_subroom,
"world_readable": True,
}

async def summarize_remote_room_hierarchy(
_self: Any, room: Any, suggested_only: bool
) -> Tuple[Optional[_RoomEntry], Dict[str, JsonDict], Set[str]]:
return requested_room_entry, {fed_subroom: child_room}, set()

expected = [
(fed_space, [fed_subroom]),
(fed_subroom, ()),
]

with mock.patch(
"synapse.handlers.room_summary.RoomSummaryHandler._summarize_remote_room_hierarchy",
new=summarize_remote_room_hierarchy,
):
result = self.get_success(
self.handler.get_room_hierarchy(create_requester(self.user), fed_space)
)
self._assert_hierarchy(result, expected)

def test_fed_filtering(self) -> None:
"""
Rooms returned over federation should be properly filtered to only include
Expand Down
Loading