chris/ruwuma
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

More warnings

Browse Source
This commit is contained in:
Timo Kösters 2021-04-13 11:35:10 +02:00 committed by Devin Ragotzy
parent e8ebe07609
commit 2ef7730ebb
1 changed files with 52 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
src/event_auth.rs
View File

@ -1,5 +1,6 @@
use std::{convert::TryFrom, sync::Arc}; use std::{convert::TryFrom, sync::Arc};
use log::warn;
use maplit::btreeset; use maplit::btreeset;
use ruma::{ use ruma::{
events::{ events::{
@ -87,7 +88,11 @@ pub fn auth_check<E: Event>(
auth_events: &StateMap<Arc<E>>, auth_events: &StateMap<Arc<E>>,
current_third_party_invite: Option<Arc<E>>, current_third_party_invite: Option<Arc<E>>,
) -> Result<bool> { ) -> Result<bool> {
log::info!("auth_check beginning for {}", incoming_event.kind()); log::info!(
"auth_check beginning for {} ({})",
incoming_event.event_id(),
incoming_event.kind()
);
// [synapse] check that all the events are in the same room as `incoming_event` // [synapse] check that all the events are in the same room as `incoming_event`
@ -390,59 +395,93 @@ pub fn valid_membership_change<E: Event>(
Ok(if target_membership == MembershipState::Join { Ok(if target_membership == MembershipState::Join {
if user_sender != &target_user_id { if user_sender != &target_user_id {
warn!("Can't make other user join");
false false
} else if let MembershipState::Ban = current_membership { } else if let MembershipState::Ban = current_membership {
warn!("Banned user can't join");
false false
} else { } else {
join_rules == JoinRule::Invite let allow = join_rules == JoinRule::Invite
&& (current_membership == MembershipState::Join && (current_membership == MembershipState::Join
|| current_membership == MembershipState::Invite) || current_membership == MembershipState::Invite)
|| join_rules == JoinRule::Public || join_rules == JoinRule::Public;
if !allow {
warn!("Can't join if join rules is not public and user is not invited/joined")
}
allow
} }
} else if target_membership == MembershipState::Invite { } else if target_membership == MembershipState::Invite {
// If content has third_party_invite key // If content has third_party_invite key
if let Some(Ok(tp_id)) = third_party_invite { if let Some(Ok(tp_id)) = third_party_invite {
if current_membership == MembershipState::Ban { if current_membership == MembershipState::Ban {
warn!("Can't invite banned user");
false false
} else { } else {
verify_third_party_invite( let allow = verify_third_party_invite(
Some(state_key), Some(state_key),
user_sender, user_sender,
&tp_id, &tp_id,
current_third_party_invite, current_third_party_invite,
) );
if !allow {
warn!("Third party invite invalid");
}
allow
} }
} else if sender_membership != MembershipState::Join } else if sender_membership != MembershipState::Join
|| current_membership == MembershipState::Join || current_membership == MembershipState::Join
|| current_membership == MembershipState::Ban || current_membership == MembershipState::Ban
{ {
warn!(
"Can't invite user if sender not joined or the user is currently joined or banned"
);
false false
} else { } else {
sender_power let allow = sender_power
.filter(|&p| p >= &power_levels.invite) .filter(|&p| p >= &power_levels.invite)
.is_some() .is_some();
if !allow {
warn!("User does not have enough power to invite");
}
allow
} }
} else if target_membership == MembershipState::Leave { } else if target_membership == MembershipState::Leave {
if user_sender == &target_user_id { if user_sender == &target_user_id {
current_membership == MembershipState::Join let allow = current_membership == MembershipState::Join
|| current_membership == MembershipState::Invite || current_membership == MembershipState::Invite;
if !allow {
warn!("Can't leave if not invited or joined");
}
allow
} else if sender_membership != MembershipState::Join } else if sender_membership != MembershipState::Join
|| current_membership == MembershipState::Ban || current_membership == MembershipState::Ban
&& sender_power.filter(|&p| p < &power_levels.ban).is_some() && sender_power.filter(|&p| p < &power_levels.ban).is_some()
{ {
warn!("Can't kick if sender not joined or user is already banned");
false false
} else { } else {
sender_power.filter(|&p| p >= &power_levels.kick).is_some() let allow = sender_power.filter(|&p| p >= &power_levels.kick).is_some()
&& target_power < sender_power && target_power < sender_power;
if !allow {
warn!("User does not have enough power to kick");
}
allow
} }
} else if target_membership == MembershipState::Ban { } else if target_membership == MembershipState::Ban {
if sender_membership != MembershipState::Join { if sender_membership != MembershipState::Join {
warn!("Can't ban user if sender is not joined");
false false
} else { } else {
sender_power.filter(|&p| p >= &power_levels.ban).is_some() let allow = sender_power.filter(|&p| p >= &power_levels.ban).is_some()
&& target_power < sender_power && target_power < sender_power;
if !allow {
warn!("User does not have enough power to ban");
}
allow
} }
} else { } else {
warn!("Unknown membership transition");
false false
}) })
} }