dendrite/syncapi/routing/filter.go

// Copyright 2017 Jan Christian Grünhage
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package routing

import (
	"encoding/json"
	"io/ioutil"
	"net/http"

	"github.com/matrix-org/dendrite/clientapi/jsonerror"
	"github.com/matrix-org/dendrite/syncapi/storage"
	"github.com/matrix-org/dendrite/syncapi/sync"
	"github.com/matrix-org/dendrite/userapi/api"
	"github.com/matrix-org/gomatrixserverlib"
	"github.com/matrix-org/util"
	"github.com/tidwall/gjson"
)

// GetFilter implements GET /_matrix/client/r0/user/{userId}/filter/{filterId}
func GetFilter(
	req *http.Request, device *api.Device, syncDB storage.Database, userID string, filterID string,
) util.JSONResponse {
	if userID != device.UserID {
		return util.JSONResponse{
			Code: http.StatusForbidden,
			JSON: jsonerror.Forbidden("Cannot get filters for other users"),
		}
	}
	localpart, _, err := gomatrixserverlib.SplitID('@', userID)
	if err != nil {
		util.GetLogger(req.Context()).WithError(err).Error("gomatrixserverlib.SplitID failed")
		return jsonerror.InternalServerError()
	}

	filter, err := syncDB.GetFilter(req.Context(), localpart, filterID)
	if err != nil {
		//TODO better error handling. This error message is *probably* right,
		// but if there are obscure db errors, this will also be returned,
		// even though it is not correct.
		return util.JSONResponse{
			Code: http.StatusBadRequest,
			JSON: jsonerror.NotFound("No such filter"),
		}
	}

	return util.JSONResponse{
		Code: http.StatusOK,
		JSON: filter,
	}
}

type filterResponse struct {
	FilterID string `json:"filter_id"`
}

//PutFilter implements POST /_matrix/client/r0/user/{userId}/filter
func PutFilter(
	req *http.Request, device *api.Device, syncDB storage.Database, userID string,
) util.JSONResponse {
	if userID != device.UserID {
		return util.JSONResponse{
			Code: http.StatusForbidden,
			JSON: jsonerror.Forbidden("Cannot create filters for other users"),
		}
	}

	localpart, _, err := gomatrixserverlib.SplitID('@', userID)
	if err != nil {
		util.GetLogger(req.Context()).WithError(err).Error("gomatrixserverlib.SplitID failed")
		return jsonerror.InternalServerError()
	}

	var filter gomatrixserverlib.Filter

	defer req.Body.Close() // nolint:errcheck
	body, err := ioutil.ReadAll(req.Body)
	if err != nil {
		return util.JSONResponse{
			Code: http.StatusBadRequest,
			JSON: jsonerror.BadJSON("The request body could not be read. " + err.Error()),
		}
	}

	if err = json.Unmarshal(body, &filter); err != nil {
		return util.JSONResponse{
			Code: http.StatusBadRequest,
			JSON: jsonerror.BadJSON("The request body could not be decoded into valid JSON. " + err.Error()),
		}
	}
	// the filter `limit` is `int` which defaults to 0 if not set which is not what we want. We want to use the default
	// limit if it is unset, which is what this does.
	limitRes := gjson.GetBytes(body, "room.timeline.limit")
	if !limitRes.Exists() {
		util.GetLogger(req.Context()).Infof("missing timeline limit, using default")
		filter.Room.Timeline.Limit = sync.DefaultTimelineLimit
	}

	// Validate generates a user-friendly error
	if err = filter.Validate(); err != nil {
		return util.JSONResponse{
			Code: http.StatusBadRequest,
			JSON: jsonerror.BadJSON("Invalid filter: " + err.Error()),
		}
	}

	filterID, err := syncDB.PutFilter(req.Context(), localpart, &filter)
	if err != nil {
		util.GetLogger(req.Context()).WithError(err).Error("syncDB.PutFilter failed")
		return jsonerror.InternalServerError()
	}

	return util.JSONResponse{
		Code: http.StatusOK,
		JSON: filterResponse{FilterID: filterID},
	}
}
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`// Copyright 2017 Jan Christian Grünhage`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`package routing`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00
			`import (`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`"encoding/json"`
			`"io/ioutil"`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`"net/http"`

			`"github.com/matrix-org/dendrite/clientapi/jsonerror"`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`"github.com/matrix-org/dendrite/syncapi/storage"`
			`"github.com/matrix-org/dendrite/syncapi/sync"`
Make userapi responsible for checking access tokens (#1133) * Make userapi responsible for checking access tokens There's still plenty of dependencies on account/device DBs, but this is a start. This is a breaking change as it adds a required config value `listen.user_api`. * Cleanup * Review comments and test fix 2020-06-16 13:10:55 +00:00			`"github.com/matrix-org/dendrite/userapi/api"`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`"github.com/matrix-org/gomatrixserverlib"`
			`"github.com/matrix-org/util"`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`"github.com/tidwall/gjson"`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`)`

			`// GetFilter implements GET /_matrix/client/r0/user/{userId}/filter/{filterId}`
			`func GetFilter(`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`req http.Request, device api.Device, syncDB storage.Database, userID string, filterID string,`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`) util.JSONResponse {`
			`if userID != device.UserID {`
			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusForbidden,`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`JSON: jsonerror.Forbidden("Cannot get filters for other users"),`
			`}`
			`}`
			`localpart, _, err := gomatrixserverlib.SplitID('@', userID)`
			`if err != nil {`
Remove httputil.LogThenError so that the line numbers are reported properly - make error reporting slightly more useful (#879) 2020-03-02 16:20:44 +00:00			`util.GetLogger(req.Context()).WithError(err).Error("gomatrixserverlib.SplitID failed")`
			`return jsonerror.InternalServerError()`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`}`

Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`filter, err := syncDB.GetFilter(req.Context(), localpart, filterID)`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`if err != nil {`
			`//TODO better error handling. This error message is probably right,`
			`// but if there are obscure db errors, this will also be returned,`
			`// even though it is not correct.`
			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusBadRequest,`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`JSON: jsonerror.NotFound("No such filter"),`
			`}`
			`}`

			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusOK,`
Implement filter POSTing and GETting. (#296) * Implement filter POSTing and GETting. Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> * Add missing '}' typo introduced during merge * Still trying to fix that merge... * Fix linting 2017-10-10 13:28:49 +00:00			`JSON: filter,`
			`}`
			`}`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00
			`type filterResponse struct {`
			FilterID string `json:"filter_id"`
			`}`

			`//PutFilter implements POST /_matrix/client/r0/user/{userId}/filter`
			`func PutFilter(`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`req http.Request, device api.Device, syncDB storage.Database, userID string,`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`) util.JSONResponse {`
			`if userID != device.UserID {`
			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusForbidden,`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`JSON: jsonerror.Forbidden("Cannot create filters for other users"),`
			`}`
			`}`

			`localpart, _, err := gomatrixserverlib.SplitID('@', userID)`
			`if err != nil {`
Remove httputil.LogThenError so that the line numbers are reported properly - make error reporting slightly more useful (#879) 2020-03-02 16:20:44 +00:00			`util.GetLogger(req.Context()).WithError(err).Error("gomatrixserverlib.SplitID failed")`
			`return jsonerror.InternalServerError()`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`}`

Store & retrieve filters as structs rather than []byte (#436) Manipulate filters as gomatrix.Filter structures, instead of their []byte JSON representation. This lays ground work for using filters in dendrite for /sync requests. 2019-07-24 16:08:51 +00:00			`var filter gomatrixserverlib.Filter`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`defer req.Body.Close() // nolint:errcheck`
			`body, err := ioutil.ReadAll(req.Body)`
			`if err != nil {`
			`return util.JSONResponse{`
			`Code: http.StatusBadRequest,`
			`JSON: jsonerror.BadJSON("The request body could not be read. " + err.Error()),`
			`}`
			`}`

			`if err = json.Unmarshal(body, &filter); err != nil {`
			`return util.JSONResponse{`
			`Code: http.StatusBadRequest,`
			`JSON: jsonerror.BadJSON("The request body could not be decoded into valid JSON. " + err.Error()),`
			`}`
			`}`
			// the filter `limit` is `int` which defaults to 0 if not set which is not what we want. We want to use the default
			`// limit if it is unset, which is what this does.`
			`limitRes := gjson.GetBytes(body, "room.timeline.limit")`
			`if !limitRes.Exists() {`
			`util.GetLogger(req.Context()).Infof("missing timeline limit, using default")`
			`filter.Room.Timeline.Limit = sync.DefaultTimelineLimit`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`}`

Store & retrieve filters as structs rather than []byte (#436) Manipulate filters as gomatrix.Filter structures, instead of their []byte JSON representation. This lays ground work for using filters in dendrite for /sync requests. 2019-07-24 16:08:51 +00:00			`// Validate generates a user-friendly error`
			`if err = filter.Validate(); err != nil {`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusBadRequest,`
Store & retrieve filters as structs rather than []byte (#436) Manipulate filters as gomatrix.Filter structures, instead of their []byte JSON representation. This lays ground work for using filters in dendrite for /sync requests. 2019-07-24 16:08:51 +00:00			`JSON: jsonerror.BadJSON("Invalid filter: " + err.Error()),`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`}`
			`}`

Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`filterID, err := syncDB.PutFilter(req.Context(), localpart, &filter)`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`if err != nil {`
Implement /sync `limited` and read timeline limit from stored filters (#1168) * Move filter table to syncapi where it is used * Implement /sync `limited` and read timeline limit from stored filters We now fully handle `room.timeline.limit` filters (in-line + stored) and return the right value for `limited` syncs. * Update whitelist * Default to the default timeline limit if it's unset, also strip the extra event correctly * Update whitelist 2020-06-26 14:34:41 +00:00			`util.GetLogger(req.Context()).WithError(err).Error("syncDB.PutFilter failed")`
Remove httputil.LogThenError so that the line numbers are reported properly - make error reporting slightly more useful (#879) 2020-03-02 16:20:44 +00:00			`return jsonerror.InternalServerError()`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`}`

			`return util.JSONResponse{`
Use http.Status* and http.Method* where appropriate (#417) Signed-off-by: Scott Raine <me@nylar.io> 2018-03-13 15:55:45 +00:00			`Code: http.StatusOK,`
Merge readers/writers/routing packages (#295) The HTTP handlers in the components are split into reader and writer directories. This was a fairly arbitrary distinction, and turns out to not be so helpful. Most read APIs have a corresponding write API, and it is more natural for them to be in the same file rather than in different directories. 2017-10-11 17:16:53 +00:00			`JSON: filterResponse{FilterID: filterID},`
			`}`
			`}`