Update gomatrixserverlib and use AuthEventProvider (#35)

main
Kegsay 2017-03-10 17:54:17 +00:00 committed by GitHub
parent 8ccff1e40f
commit 414ea314a6
6 changed files with 125 additions and 50 deletions

View File

@ -151,7 +151,7 @@ func createRoom(req *http.Request, cfg config.ClientAPI, roomID string, producer
// TODO m.room.aliases
}
authEvents := authEventProvider{builtEventMap}
authEvents := gomatrixserverlib.NewAuthEvents(nil)
for i, e := range eventsToMake {
depth := i + 1 // depth starts at 1
@ -178,6 +178,7 @@ func createRoom(req *http.Request, cfg config.ClientAPI, roomID string, producer
// Add the event to the list of auth events
builtEventMap[common.StateKeyTuple{e.Type, e.StateKey}] = ev
builtEvents = append(builtEvents, ev)
authEvents.AddEvent(ev)
}
// send events to the room server
@ -280,27 +281,3 @@ func eventsToMessages(events []*gomatrixserverlib.Event, topic string) ([]*saram
}
return msgs, nil
}
type authEventProvider struct {
events map[common.StateKeyTuple]*gomatrixserverlib.Event
}
func (a *authEventProvider) Create() (ev *gomatrixserverlib.Event, err error) {
return a.events[common.StateKeyTuple{"m.room.create", ""}], nil
}
func (a *authEventProvider) JoinRules() (ev *gomatrixserverlib.Event, err error) {
return a.events[common.StateKeyTuple{"m.room.join_rules", ""}], nil
}
func (a *authEventProvider) PowerLevels() (ev *gomatrixserverlib.Event, err error) {
return a.events[common.StateKeyTuple{"m.room.power_levels", ""}], nil
}
func (a *authEventProvider) Member(stateKey string) (ev *gomatrixserverlib.Event, err error) {
return a.events[common.StateKeyTuple{"m.room.member", stateKey}], nil
}
func (a *authEventProvider) ThirdPartyInvite(stateKey string) (ev *gomatrixserverlib.Event, err error) {
return a.events[common.StateKeyTuple{"m.room.third_party_invite", stateKey}], nil
}

View File

@ -44,27 +44,27 @@ type authEvents struct {
events eventMap
}
// Create implements gomatrixserverlib.AuthEvents
// Create implements gomatrixserverlib.AuthEventProvider
func (ae *authEvents) Create() (*gomatrixserverlib.Event, error) {
return ae.lookupEventWithEmptyStateKey(types.MRoomCreateNID), nil
}
// PowerLevels implements gomatrixserverlib.AuthEvents
// PowerLevels implements gomatrixserverlib.AuthEventProvider
func (ae *authEvents) PowerLevels() (*gomatrixserverlib.Event, error) {
return ae.lookupEventWithEmptyStateKey(types.MRoomPowerLevelsNID), nil
}
// JoinRules implements gomatrixserverlib.AuthEvents
// JoinRules implements gomatrixserverlib.AuthEventProvider
func (ae *authEvents) JoinRules() (*gomatrixserverlib.Event, error) {
return ae.lookupEventWithEmptyStateKey(types.MRoomJoinRulesNID), nil
}
// Memmber implements gomatrixserverlib.AuthEvents
// Memmber implements gomatrixserverlib.AuthEventProvider
func (ae *authEvents) Member(stateKey string) (*gomatrixserverlib.Event, error) {
return ae.lookupEvent(types.MRoomMemberNID, stateKey), nil
}
// ThirdPartyInvite implements gomatrixserverlib.AuthEvents
// ThirdPartyInvite implements gomatrixserverlib.AuthEventProvider
func (ae *authEvents) ThirdPartyInvite(stateKey string) (*gomatrixserverlib.Event, error) {
return ae.lookupEvent(types.MRoomThirdPartyInviteNID, stateKey), nil
}

2
vendor/manifest vendored
View File

@ -92,7 +92,7 @@
{
"importpath": "github.com/matrix-org/gomatrixserverlib",
"repository": "https://github.com/matrix-org/gomatrixserverlib",
"revision": "4218890fdd60e73cc5539ec40b86fd51568f4a19",
"revision": "131b3e83fe053bc40f6909226b8c3c1d186799c1",
"branch": "master"
},
{

View File

@ -160,21 +160,76 @@ func thirdPartyInviteToken(thirdPartyInviteData rawJSON) (string, error) {
return thirdPartyInvite.Signed.Token, nil
}
// AuthEvents are the state events needed to authenticate an event.
type AuthEvents interface {
// Create returns the m.room.create event for the room.
// AuthEventProvider provides auth_events for the authentication checks.
type AuthEventProvider interface {
// Create returns the m.room.create event for the room or nil if there isn't a m.room.create event.
Create() (*Event, error)
// JoinRules returns the m.room.join_rules event for the room.
// JoinRules returns the m.room.join_rules event for the room or nil if there isn't a m.room.join_rules event.
JoinRules() (*Event, error)
// PowerLevels returns the m.room.power_levels event for the room.
// PowerLevels returns the m.room.power_levels event for the room or nil if there isn't a m.room.power_levels event.
PowerLevels() (*Event, error)
// Member returns the m.room.member event for the given user_id state_key.
// Member returns the m.room.member event for the given user_id state_key or nil if there isn't a m.room.member event.
Member(stateKey string) (*Event, error)
// ThirdPartyInvite returns the m.room.third_party_invite event for the
// given state_key
// given state_key or nil if there isn't a m.room.third_party_invite event
ThirdPartyInvite(stateKey string) (*Event, error)
}
type stateKeyTuple struct {
Type string
StateKey string
}
// AuthEvents is an implementation of AuthEventProvider backed by a map.
type AuthEvents struct {
events map[stateKeyTuple]*Event
}
// AddEvent adds an event to the provider. If an event already existed for the (type, state_key) then
// the event is replaced with the new event. Only returns an error if the event is not a state event.
func (a *AuthEvents) AddEvent(event *Event) error {
if event.StateKey() == nil {
return fmt.Errorf("AddEvent: event %s does not have a state key", event.Type())
}
a.events[stateKeyTuple{event.Type(), *event.StateKey()}] = event
return nil
}
// Create implements AuthEventProvider
func (a *AuthEvents) Create() (*Event, error) {
return a.events[stateKeyTuple{"m.room.create", ""}], nil
}
// JoinRules implements AuthEventProvider
func (a *AuthEvents) JoinRules() (*Event, error) {
return a.events[stateKeyTuple{"m.room.join_rules", ""}], nil
}
// PowerLevels implements AuthEventProvider
func (a *AuthEvents) PowerLevels() (*Event, error) {
return a.events[stateKeyTuple{"m.room.power_levels", ""}], nil
}
// Member implements AuthEventProvider
func (a *AuthEvents) Member(stateKey string) (*Event, error) {
return a.events[stateKeyTuple{"m.room.member", stateKey}], nil
}
// ThirdPartyInvite implements AuthEventProvider
func (a *AuthEvents) ThirdPartyInvite(stateKey string) (*Event, error) {
return a.events[stateKeyTuple{"m.room.third_party_invite", stateKey}], nil
}
// NewAuthEvents returns an AuthEventProvider backed by the given events. New events can be added by
// calling AddEvent().
func NewAuthEvents(events []*Event) AuthEvents {
a := AuthEvents{make(map[stateKeyTuple]*Event)}
for _, e := range events {
a.AddEvent(e)
}
return a
}
// A NotAllowed error is returned if an event does not pass the auth checks.
type NotAllowed struct {
Message string
@ -191,7 +246,7 @@ func errorf(message string, args ...interface{}) error {
// Allowed checks whether an event is allowed by the auth events.
// It returns a NotAllowed error if the event is not allowed.
// If there was an error loading the auth events then it returns that error.
func Allowed(event Event, authEvents AuthEvents) error {
func Allowed(event Event, authEvents AuthEventProvider) error {
switch event.Type() {
case "m.room.create":
return createEventAllowed(event)
@ -233,7 +288,7 @@ func createEventAllowed(event Event) error {
// memberEventAllowed checks whether the m.room.member event is allowed.
// Membership events have different authentication rules to ordinary events.
func memberEventAllowed(event Event, authEvents AuthEvents) error {
func memberEventAllowed(event Event, authEvents AuthEventProvider) error {
allower, err := newMembershipAllower(authEvents, event)
if err != nil {
return err
@ -243,7 +298,7 @@ func memberEventAllowed(event Event, authEvents AuthEvents) error {
// aliasEventAllowed checks whether the m.room.aliases event is allowed.
// Alias events have different authentication rules to ordinary events.
func aliasEventAllowed(event Event, authEvents AuthEvents) error {
func aliasEventAllowed(event Event, authEvents AuthEventProvider) error {
// The alias events have different auth rules to ordinary events.
// In particular we allow any server to send a m.room.aliases event without checking if the sender is in the room.
// This allows server admins to update the m.room.aliases event for their server when they change the aliases on their server.
@ -278,7 +333,7 @@ func aliasEventAllowed(event Event, authEvents AuthEvents) error {
// powerLevelsEventAllowed checks whether the m.room.power_levels event is allowed.
// It returns an error if the event is not allowed or if there was a problem
// loading the auth events needed.
func powerLevelsEventAllowed(event Event, authEvents AuthEvents) error {
func powerLevelsEventAllowed(event Event, authEvents AuthEventProvider) error {
allower, err := newEventAllower(authEvents, event.Sender())
if err != nil {
return err
@ -492,7 +547,7 @@ func checkUserLevels(senderLevel int64, senderID string, oldPowerLevels, newPowe
// redactEventAllowed checks whether the m.room.redaction event is allowed.
// It returns an error if the event is not allowed or if there was a problem
// loading the auth events needed.
func redactEventAllowed(event Event, authEvents AuthEvents) error {
func redactEventAllowed(event Event, authEvents AuthEventProvider) error {
allower, err := newEventAllower(authEvents, event.Sender())
if err != nil {
return err
@ -542,7 +597,7 @@ func redactEventAllowed(event Event, authEvents AuthEvents) error {
// checks for events.
// It returns an error if the event is not allowed or if there was a
// problem loading the auth events needed.
func defaultEventAllowed(event Event, authEvents AuthEvents) error {
func defaultEventAllowed(event Event, authEvents AuthEventProvider) error {
allower, err := newEventAllower(authEvents, event.Sender())
if err != nil {
return err
@ -564,7 +619,7 @@ type eventAllower struct {
// newEventAllower loads the information needed to authorise an event sent
// by a given user ID from the auth events.
func newEventAllower(authEvents AuthEvents, senderID string) (e eventAllower, err error) {
func newEventAllower(authEvents AuthEventProvider, senderID string) (e eventAllower, err error) {
if e.create, err = newCreateContentFromAuthEvents(authEvents); err != nil {
return
}
@ -646,7 +701,7 @@ type membershipAllower struct {
// newMembershipAllower loads the information needed to authenticate the m.room.member event
// from the auth events.
func newMembershipAllower(authEvents AuthEvents, event Event) (m membershipAllower, err error) {
func newMembershipAllower(authEvents AuthEventProvider, event Event) (m membershipAllower, err error) {
stateKey := event.StateKey()
if stateKey == nil {
err = errorf("m.room.member must be a state event")

View File

@ -844,3 +844,46 @@ func TestRedactAllowed(t *testing.T) {
}]
}`)
}
func TestAuthEvents(t *testing.T) {
power, err := NewEventFromTrustedJSON(rawJSON(`{
"type": "m.room.power_levels",
"state_key": "",
"sender": "@u1:a",
"room_id": "!r1:a",
"event_id": "$e5:a",
"content": {
"users": {
"@u1:a": 100
},
"redact": 100
}
}`), false)
if err != nil {
t.Fatalf("TestAuthEvents: failed to create power_levels event: %s", err)
}
a := NewAuthEvents([]*Event{&power})
var e *Event
if e, err = a.PowerLevels(); err != nil || e != &power {
t.Errorf("TestAuthEvents: failed to get same power_levels event")
}
create, err := NewEventFromTrustedJSON(rawJSON(`{
"type": "m.room.create",
"state_key": "",
"sender": "@u1:a",
"room_id": "!r1:a",
"event_id": "$e1:a",
"content": {
"creator": "@u1:a"
}
}`), false)
if err != nil {
t.Fatalf("TestAuthEvents: failed to create create event: %s", err)
}
if err = a.AddEvent(&create); err != nil {
t.Errorf("TestAuthEvents: Failed to AddEvent: %s", err)
}
if e, err = a.Create(); err != nil || e != &create {
t.Errorf("TestAuthEvents: failed to get same create event")
}
}

View File

@ -39,7 +39,7 @@ type createContent struct {
// newCreateContentFromAuthEvents loads the create event content from the create event in the
// auth events.
func newCreateContentFromAuthEvents(authEvents AuthEvents) (c createContent, err error) {
func newCreateContentFromAuthEvents(authEvents AuthEventProvider) (c createContent, err error) {
var createEvent *Event
if createEvent, err = authEvents.Create(); err != nil {
return
@ -113,7 +113,7 @@ type memberContent struct {
// newMemberContentFromAuthEvents loads the member content from the member event for the user ID in the auth events.
// Returns an error if there was an error loading the member event or parsing the event content.
func newMemberContentFromAuthEvents(authEvents AuthEvents, userID string) (c memberContent, err error) {
func newMemberContentFromAuthEvents(authEvents AuthEventProvider, userID string) (c memberContent, err error) {
var memberEvent *Event
if memberEvent, err = authEvents.Member(userID); err != nil {
return
@ -146,7 +146,7 @@ type joinRuleContent struct {
// newJoinRuleContentFromAuthEvents loads the join rule content from the join rules event in the auth event.
// Returns an error if there was an error loading the join rule event or parsing the content.
func newJoinRuleContentFromAuthEvents(authEvents AuthEvents) (c joinRuleContent, err error) {
func newJoinRuleContentFromAuthEvents(authEvents AuthEventProvider) (c joinRuleContent, err error) {
var joinRulesEvent *Event
if joinRulesEvent, err = authEvents.JoinRules(); err != nil {
return
@ -210,7 +210,7 @@ func (c *powerLevelContent) eventLevel(eventType string, isState bool) int64 {
// newPowerLevelContentFromAuthEvents loads the power level content from the
// power level event in the auth events or returns the default values if there
// is no power level event.
func newPowerLevelContentFromAuthEvents(authEvents AuthEvents, creatorUserID string) (c powerLevelContent, err error) {
func newPowerLevelContentFromAuthEvents(authEvents AuthEventProvider, creatorUserID string) (c powerLevelContent, err error) {
powerLevelsEvent, err := authEvents.PowerLevels()
if err != nil {
return