Skip to content

Fix some event auth issues#430

Merged
S7evinK merged 8 commits intomainfrom
s7evink/event-auth-fix
Jan 15, 2024
Merged

Fix some event auth issues#430
S7evinK merged 8 commits intomainfrom
s7evink/event-auth-fix

Conversation

@S7evinK
Copy link
Collaborator

@S7evinK S7evinK commented Jan 15, 2024

No description provided.

@codecov
Copy link

codecov bot commented Jan 15, 2024
edited
Loading

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (3495e57) 59.23% compared to head (281118d) 59.80%.

Files Patch % Lines
eventauth.go 92.30% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #430      +/-   ##
==========================================
+ Coverage   59.23%   59.80%   +0.56%     
==========================================
  Files          51       51              
  Lines        7129     7137       +8     
==========================================
+ Hits         4223     4268      +45     
+ Misses       2519     2477      -42     
- Partials      387      392       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

devonh
devonh reviewed Jan 15, 2024
View reviewed changes
eventauth.go
Comment on lines +1193 to +1195
if m.oldMember.Membership == spec.Leave && m.joinRule.JoinRule == spec.Public {
return nil
}
Copy link
Contributor

@devonh devonh Jan 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need the m.oldMember.Membership == spec.Leave portion of the check?
I think it would be more accurate just to check if the room is public. The only case to reject the join for a public room would be if the user was banned, and that is already handled before this switch block.

Copy link
Collaborator Author

@S7evinK S7evinK Jan 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather be explicit here, as not to open up for potential bugs.

eventauth_test.go
"not_allowed": "Sender not invited or joined"
}
}]
}`, RoomVersionV1)
Copy link
Contributor

@devonh devonh Jan 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Room version 10 I presume?

Copy link
Collaborator Author

@S7evinK S7evinK Jan 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't matter for join_rule set to invite, there were no changes to this, if I saw that correctly.

@S7evinK S7evinK merged commit 19c0a71 into main Jan 15, 2024
@S7evinK S7evinK deleted the s7evink/event-auth-fix branch January 15, 2024 19:21
@S7evinK S7evinK mentioned this pull request Jan 15, 2024
Merged
devonh pushed a commit to matrix-org/dendrite that referenced this pull request Jan 15, 2024
@S7evinK
Update GMSL (#3303)
dae1ef2 
If I didn't miss anything, this should add fixes from:
matrix-org/gomatrixserverlib#424
matrix-org/gomatrixserverlib#426
matrix-org/gomatrixserverlib#427
matrix-org/gomatrixserverlib#428
matrix-org/gomatrixserverlib#429
matrix-org/gomatrixserverlib#430
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@devonh devonh devonh left review comments

Assignees

No one assigned

Labels

T-Defect

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@S7evinK @devonh