Check userID against AS namespace instead of localpart (#533)
parent
40b1dd6f12
commit
d2b349a75a
|
@ -335,9 +335,10 @@ func UsernameMatchesMultipleExclusiveNamespaces(
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
username string,
|
username string,
|
||||||
) bool {
|
) bool {
|
||||||
|
userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
|
||||||
|
|
||||||
// Check namespaces and see if more than one match
|
// Check namespaces and see if more than one match
|
||||||
matchCount := 0
|
matchCount := 0
|
||||||
userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
|
|
||||||
for _, appservice := range cfg.Derived.ApplicationServices {
|
for _, appservice := range cfg.Derived.ApplicationServices {
|
||||||
if appservice.IsInterestedInUserID(userID) {
|
if appservice.IsInterestedInUserID(userID) {
|
||||||
if matchCount++; matchCount > 1 {
|
if matchCount++; matchCount > 1 {
|
||||||
|
@ -348,6 +349,16 @@ func UsernameMatchesMultipleExclusiveNamespaces(
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// UsernameMatchesExclusiveNamespaces will check if a given username matches any
|
||||||
|
// application service's exclusive users namespace
|
||||||
|
func UsernameMatchesExclusiveNamespaces(
|
||||||
|
cfg *config.Dendrite,
|
||||||
|
username string,
|
||||||
|
) bool {
|
||||||
|
userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
|
||||||
|
return cfg.Derived.ExclusiveApplicationServicesUsernameRegexp.MatchString(userID)
|
||||||
|
}
|
||||||
|
|
||||||
// validateApplicationService checks if a provided application service token
|
// validateApplicationService checks if a provided application service token
|
||||||
// corresponds to one that is registered. If so, then it checks if the desired
|
// corresponds to one that is registered. If so, then it checks if the desired
|
||||||
// username is within that application service's namespace. As long as these
|
// username is within that application service's namespace. As long as these
|
||||||
|
@ -466,7 +477,7 @@ func Register(
|
||||||
// service namespace. Skip this check if no app services are registered.
|
// service namespace. Skip this check if no app services are registered.
|
||||||
if r.Auth.Type != "m.login.application_service" &&
|
if r.Auth.Type != "m.login.application_service" &&
|
||||||
len(cfg.Derived.ApplicationServices) != 0 &&
|
len(cfg.Derived.ApplicationServices) != 0 &&
|
||||||
cfg.Derived.ExclusiveApplicationServicesUsernameRegexp.MatchString(r.Username) {
|
UsernameMatchesExclusiveNamespaces(cfg, r.Username) {
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusBadRequest,
|
Code: http.StatusBadRequest,
|
||||||
JSON: jsonerror.ASExclusive("This username is reserved by an application service."),
|
JSON: jsonerror.ASExclusive("This username is reserved by an application service."),
|
||||||
|
|
Loading…
Reference in New Issue