Richard van der Hoff
c2a83349f0
changelog: this is a security release
2018-08-02 15:35:42 +01:00
Richard van der Hoff
db1f33fb36
fix changelog typos
2018-08-02 15:33:53 +01:00
Richard van der Hoff
14a4e7d5a4
Prepare 0.33.1
2018-08-02 15:31:04 +01:00
Richard van der Hoff
50d9d97408
Merge pull request #3642 from matrix-org/rav/another_room_id_check
...
Check room visibility for /event/ requests
2018-08-02 15:21:59 +01:00
Richard van der Hoff
8cefc690c9
changelogs
2018-08-02 15:11:19 +01:00
Richard van der Hoff
0bf5ec0db7
Check room visibility for /event/ requests
...
Make sure that the user has permission to view the requeseted event for
/event/{eventId} and /room/{roomId}/event/{eventId} requests.
Also check that the event is in the given room for
/room/{roomId}/event/{eventId}, for sanity.
2018-08-02 15:03:27 +01:00
Richard van der Hoff
a937497cf5
Merge pull request #3641 from matrix-org/rav/room_id_check
...
Validation for events/rooms in fed requests
2018-08-02 14:22:05 +01:00
Richard van der Hoff
a013404292
changelog
2018-08-02 14:00:29 +01:00
Richard van der Hoff
14fa9d4d92
Avoid extra db lookups
...
Since we're about to look up the events themselves anyway, we can skip the
extra db queries here.
2018-08-02 13:55:51 +01:00
Richard van der Hoff
0a65450d04
Validation for events/rooms in fed requests
...
When we get a federation request which refers to an event id, make sure that
said event is in the room the caller claims it is in.
(patch supplied by @turt2live)
2018-08-02 13:48:40 +01:00
Richard van der Hoff
6284f579bf
Update r0.33.0 release notes
...
(mostly just clarifications)
2018-07-19 12:37:55 +01:00
Amber Brown
d69decd5c7
0.33.0 final changelog
2018-07-19 21:12:15 +10:00
Amber Brown
38f53399a2
0.33 final
2018-07-19 21:11:40 +10:00
Amber Brown
13d501c773
update changelogs
2018-07-19 21:11:24 +10:00
Amber Brown
ce0545eca1
Revert "0.33.0rc1 changelog"
...
This reverts commit 21d3b87943
.
2018-07-19 21:03:15 +10:00
Richard van der Hoff
2de3d994f3
Merge pull request #3561 from matrix-org/rav/disable_logcontext_warning
...
Disable logcontext warning
2018-07-19 11:05:57 +01:00
Richard van der Hoff
18a2b2c0b4
changelog
2018-07-19 10:54:39 +01:00
Richard van der Hoff
00bc979137
Disable logcontext warning
...
Temporary workaround to #3518 while we release 0.33.0.
2018-07-19 10:51:15 +01:00
Amber Brown
21d3b87943
0.33.0rc1 changelog
2018-07-18 12:53:32 +10:00
Amber Brown
5f3d02f6eb
bump to 0.33.0rc1
2018-07-18 12:52:56 +10:00
Richard van der Hoff
0aed3fc346
Merge pull request #3546 from matrix-org/rav/fix_erasure_over_federation
...
Fix visibility of events from erased users over federation
2018-07-17 15:16:45 +01:00
Richard van der Hoff
79eb339c66
add a comment
2018-07-17 14:53:34 +01:00
Richard van der Hoff
4a11df5b64
changelog
2018-07-17 14:24:29 +01:00
Richard van der Hoff
d897be6a98
Fix visibility of events from erased users over federation
2018-07-17 14:02:07 +01:00
Richard van der Hoff
9c04b4abf9
Merge pull request #3541 from matrix-org/rav/optimize_filter_events_for_server
...
Refactor and optimze filter_events_for_server
2018-07-17 14:01:39 +01:00
Richard van der Hoff
94440ae994
fix imports
2018-07-17 11:51:26 +01:00
Amber Brown
bc006b3c9d
Refactor REST API tests to use explicit reactors ( #3351 )
2018-07-17 20:43:18 +10:00
Erik Johnston
c7320a5564
Merge pull request #3544 from matrix-org/erikj/fixup_stream_cache
...
Fix perf regression in PR #3530
2018-07-17 11:16:59 +01:00
Richard van der Hoff
2172a3d8cb
add a comment
2018-07-17 11:13:57 +01:00
Erik Johnston
b2aa05a8d6
Use efficient .intersection
2018-07-17 11:07:04 +01:00
Erik Johnston
850238b4ef
Add unit test
2018-07-17 10:59:02 +01:00
Erik Johnston
9952d18e4d
Newsfile
2018-07-17 10:31:51 +01:00
Erik Johnston
547b1355d3
Fix perf regression in PR #3530
...
The get_entities_changed function was changed to return all changed
entities since the given stream position, rather than only those changed
from a given list of entities. This resulted in the function incorrectly
returning large numbers of entities that, for example, caused large
increases in database usage.
2018-07-17 10:27:51 +01:00
Amber Brown
3fe0938b76
Merge pull request #3530 from matrix-org/erikj/stream_cache
...
Don't return unknown entities in get_entities_changed
2018-07-17 13:44:46 +10:00
Amber Brown
fe10dd9fb2
Merge pull request #3540 from krombel/enforce_isort
...
check isort by travis
2018-07-17 13:41:59 +10:00
Krombel
9677b1d1c0
rename 'isort' to 'check_isort' as requested
2018-07-16 16:03:41 +02:00
Richard van der Hoff
2731bf7ac3
Changelog
2018-07-16 14:12:25 +01:00
Richard van der Hoff
09e29fb58b
Attempt to make _filter_events_for_server more efficient
2018-07-16 14:06:09 +01:00
Richard van der Hoff
15b13b537f
Add a test which profiles filter_events_for_server in a large room
2018-07-16 14:06:09 +01:00
Krombel
78a9ddcf9a
rerun isort with latest version
2018-07-16 14:23:25 +02:00
Richard van der Hoff
ea69d35651
Move filter_events_for_server out of FederationHandler
...
for easier unit testing.
2018-07-16 13:06:24 +01:00
Krombel
4a27000548
check isort by travis
2018-07-16 13:57:33 +02:00
Amber Brown
8a4f05fefb
Fix develop because I broke it :( ( #3535 )
2018-07-14 09:51:00 +10:00
Amber Brown
8532953c04
Merge pull request #3534 from krombel/use_parse_and_asserts_from_servlet
...
Use parse and asserts from http.servlet
2018-07-14 09:09:19 +10:00
Amber Brown
a2374b2c7f
fix sytests
2018-07-14 07:52:58 +10:00
Amber Brown
33b60c01b5
Make auth & transactions more testable ( #3499 )
2018-07-14 07:34:49 +10:00
Krombel
516f960ad8
add changelog
2018-07-13 22:19:19 +02:00
Krombel
3366b9c534
rename assert_params_in_request to assert_params_in_dict
...
the method "assert_params_in_request" does handle dicts and not
requests. A request body has to be parsed to json before this method
can be used
2018-07-13 21:53:01 +02:00
Krombel
32fd6910d0
Use parse_{int,str} and assert from http.servlet
...
parse_integer and parse_string can take a request and raise errors
in case we have wrong or missing params.
This PR tries to use them more to deduplicate some code and make it
better readable
2018-07-13 21:40:14 +02:00
Erik Johnston
bc832f822f
Fixup unit test
2018-07-13 17:03:04 +01:00