Add domain validation when creating room with list of invitees (#6121)
This commit is contained in:
werner291
Richard van der Hoff
parent
9a84d74417
commit
b5b03b7079
|
|
@ -0,0 +1 @@
|
||||||
|
Added domain validation when including a list of invitees upon room creation.
|
||||||
|
|
@ -28,6 +28,7 @@ from twisted.internet import defer
|
||||||
from synapse.api.constants import EventTypes, JoinRules, RoomCreationPreset
|
from synapse.api.constants import EventTypes, JoinRules, RoomCreationPreset
|
||||||
from synapse.api.errors import AuthError, Codes, NotFoundError, StoreError, SynapseError
|
from synapse.api.errors import AuthError, Codes, NotFoundError, StoreError, SynapseError
|
||||||
from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
|
from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
|
||||||
|
from synapse.http.endpoint import parse_and_validate_server_name
|
||||||
from synapse.storage.state import StateFilter
|
from synapse.storage.state import StateFilter
|
||||||
from synapse.types import RoomAlias, RoomID, RoomStreamToken, StreamToken, UserID
|
from synapse.types import RoomAlias, RoomID, RoomStreamToken, StreamToken, UserID
|
||||||
from synapse.util import stringutils
|
from synapse.util import stringutils
|
||||||
|
|
@ -554,7 +555,8 @@ class RoomCreationHandler(BaseHandler):
|
||||||
invite_list = config.get("invite", [])
|
invite_list = config.get("invite", [])
|
||||||
for i in invite_list:
|
for i in invite_list:
|
||||||
try:
|
try:
|
||||||
UserID.from_string(i)
|
uid = UserID.from_string(i)
|
||||||
|
parse_and_validate_server_name(uid.domain)
|
||||||
except Exception:
|
except Exception:
|
||||||
raise SynapseError(400, "Invalid user_id: %s" % (i,))
|
raise SynapseError(400, "Invalid user_id: %s" % (i,))
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -484,6 +484,15 @@ class RoomsCreateTestCase(RoomBase):
|
||||||
self.render(request)
|
self.render(request)
|
||||||
self.assertEquals(400, channel.code)
|
self.assertEquals(400, channel.code)
|
||||||
|
|
||||||
|
def test_post_room_invitees_invalid_mxid(self):
|
||||||
|
# POST with invalid invitee, see https://github.com/matrix-org/synapse/issues/4088
|
||||||
|
# Note the trailing space in the MXID here!
|
||||||
|
request, channel = self.make_request(
|
||||||
|
"POST", "/createRoom", b'{"invite":["@alice:example.com "]}'
|
||||||
|
)
|
||||||
|
self.render(request)
|
||||||
|
self.assertEquals(400, channel.code)
|
||||||
|
|
||||||
|
|
||||||
class RoomTopicTestCase(RoomBase):
|
class RoomTopicTestCase(RoomBase):
|
||||||
""" Tests /rooms/$room_id/topic REST events. """
|
""" Tests /rooms/$room_id/topic REST events. """
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue