Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3266: Room summary API #3266

Open
wants to merge 32 commits into
base: old_master
Choose a base branch
from
Open

MSC3266: Room summary API #3266

Changes from 29 commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
642f4e1
Room summary proposal
deepbluev7 Jul 4, 2021
188b6e5
Remove alias resolution step from the federation API
deepbluev7 Jul 5, 2021
dc5b372
Reference #688 in the alternatives section
deepbluev7 Jul 12, 2021
975ece5
Remove `is_direct` from response
deepbluev7 Jul 14, 2021
d148acf
Fix unstable prefixes for implementations which keep the prefix and r…
deepbluev7 Jul 14, 2021
6776863
Add allowed_room_ids field
deepbluev7 Jul 14, 2021
df376a3
Extend rationale for additional fields to reference MSC2946
deepbluev7 Jul 14, 2021
43eecf0
Add bulk API as an alternative
deepbluev7 Jul 14, 2021
66fee23
Remove federation API and address feedback
deepbluev7 Oct 6, 2021
469b77b
fix prefixes again
deepbluev7 Oct 20, 2021
04f807b
Remove extensions to federation API since that MSC is amended now
deepbluev7 Oct 20, 2021
f1233c4
Fix minor inaccuracy about the spaces sumary api
deepbluev7 Dec 3, 2021
5fc2f5b
Add encryption field back
deepbluev7 May 2, 2022
9e41b45
Add room version field
deepbluev7 May 2, 2022
cab37e5
Apply suggestions from code review
deepbluev7 May 2, 2022
a93190f
Add a bit more reasoning
deepbluev7 May 2, 2022
8186b72
version -> room_version
deepbluev7 May 4, 2022
1a8ecff
Apply suggestions from code review
deepbluev7 Jul 19, 2022
82d8f3b
Try to address review comments
deepbluev7 Jul 19, 2022
208a58c
Fix incorrect statement about encryption being a bool
deepbluev7 Jul 24, 2022
33f3733
Apply suggestions from code review
deepbluev7 Jul 26, 2022
a5bc9ef
Split up the big alternatives section
deepbluev7 Jul 26, 2022
ac3d5da
Collapse the same descriptions for publicRooms and hierarchy into one
deepbluev7 Jul 26, 2022
dba6705
Shorten the 'accessible' section again
deepbluev7 Jul 26, 2022
9719119
Update proposals/3266-room-summary.md
deepbluev7 Aug 1, 2022
2ad832c
Update proposals/3266-room-summary.md
deepbluev7 Dec 14, 2022
81fd904
Update proposals/3266-room-summary.md
deepbluev7 Dec 31, 2022
57213f0
Support knock_restricted rooms and rename to room_summary
deepbluev7 Jan 7, 2025
ed79007
Be more explicit about authentication
deepbluev7 Jan 7, 2025
284c181
Apply suggestions from code review
deepbluev7 Jan 10, 2025
e0d3a8b
Fix error codes and missing "Optional"
deepbluev7 Jan 10, 2025
938cbc0
Also add allowed_room_ids to hierarchy API
deepbluev7 Jan 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
277 changes: 277 additions & 0 deletions proposals/3266-room-summary.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,277 @@
# MSC3266: Room Summary API
KitsuneRal marked this conversation as resolved.
Show resolved Hide resolved

deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
Quite a few clients and tools have a need preview a room:
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

- A client may want to show the room in the roomlist, when showing a space.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why can't this be done today using the /hierarchy endpoint?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is explained in the paragraph after this list. Some of these things can be achieved using the /hierarchy API. But this specific case for example works well if you want to show the whole space. It doesn't work if you want to show a single room in a space. The hierarchy API requires you to load possibly the whole hierarchy to show a specific room in the space. This falls under "heavier than necessary".

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But if you're showing the space don't you already have the info to show the room in the room list? I just be misunderstanding something.

- matrix.to may want to show avatar and name of a room.
- Nextcloud may want to list the names and avatars of your `/joined_rooms` when
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
asking where to share the media.
- A client may want to preview a room, when hovering a room alias, id or after
clicking on it.
- A client may want to preview a room, when the user is trying to knock on it or
to show pending knocks.
- A traveller bot may use that to show a room summary on demand without actually
keeping the whole room state around and having to subscribe to /sync (or
using the appservice API).
- A client can use this to knock on a room instead of joining it when the user
tries to join my room alias or link.
- External services can use this API to preview rooms like shields.io.

There are a few ways to request a room summary, but they only support some of
the use cases. The [spaces hierarchy API](https://spec.matrix.org/v1.3/client-server-api/#get_matrixclientv1roomsroomidhierarchy) only provides
limited control over what rooms to summarize and returns a lot more data than
necessary. `{roomid}/initialSync` and `{roomid}/state/{event_type}` don't work
over federation and are much heavier than necessary or need a lot of http calls
for each room.

## Proposal
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

A new client-server API, which allows you to fetch a summary of a room by id or
alias, and a corresponding server-server API to fetch a summary over federation.

### Client-Server API

The API returns a summary of the given room, provided the user is either already
a member, or has the necessary permissions to join. (For example, the user may
be a member of a room mentioned in an `allow` condition in the join rules of a
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
restricted room.) For unauthenticated requests a response should only be
returned if the room is publicly accessible.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What exactly does publicly accessible mean here? join_rule: public, presumably?

(obligatory mention of matrix-org/matrix-spec#633)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It means if the content can be accessed by anyone. This can be either join_rule of public, history visibility of world_readable and also rooms you can knock on: matrix-org/matrix-spec#1184

This might change in the future, but as you can currently preview such rooms via the /hierarchy API, this MSC doesn't change it. Whatever the conclusion ends up being for the hierarchy API long term should also apply to this MSC.

An argument could be made, that world_readable should be required for unauthenticated users, but that doesn't match what is currently implemented. Another alternative could be to have a separate setting for if the room info is publicly readable instead of only having a toggle for messages and the room info. But in general this room info is already readable without joining the room, so it isn't clear why authentication would be required.

The wording of this MSC was changed multiple times already during the discussion on the issue I linked and in the end I reverted it to "publicly accessible" as I really don't want to split the discussion. I would prefer it someone wrote an MSC to clarify matrix-org/matrix-spec#1184, matrix-org/matrix-spec#633, etc, instead of me having to do that on the side on this MSC. I was also told to have the MSC match the current implementation and not do additional changes to it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be explicit, I am concerned about this sentence:

For unauthenticated requests a response should only be returned if the room is publicly accessible.

I'm not sure it's true that this wording has changed multiple times, and I don't see anywhere it has been discussed. But anyway, it seems like you have a clear idea of what is meant; I'm just asking that we make it explicit.

Suggested change
returned if the room is publicly accessible.
returned if the room is publicly accessible; specifically, that means either:
* the room has `join_rule: public` or `join_rule: knock`, or
* the room has `history_visibility: world_readable`.

It probably also needs more paragraph breaks, for the bullet list to make sense.

Invites and rooms the user has knocked at might return outdated or partial
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
information depending on if the homeserver can request the current state of the
room or not.

A request could look like this:

```
GET /_matrix/client/v1/room_summary/{roomIdOrAlias}?
via=matrix.org&
via=neko.dev
```

(This is not under `/rooms`, because it can be used with an alias.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

- `roomIdOrAlias` can be the roomid or an alias to a room.
- `via` are servers that should be tried to request a summary from, if it can't
be generated locally. These can be from a matrix URI, matrix.to link or a
`m.space.child` event for example.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

A response includes the stripped state in the following format:

```json5
{
room_id: "!ol19s:bleecker.street",
avatar_url: "mxc://bleecker.street/CHEDDARandBRIE",
guest_can_join: false,
name: "CHEESE",
num_joined_members: 37,
topic: "Tasty tasty cheese",
world_readable: true,
join_rule: "public",
room_type: "m.space",
membership: "invite",
encryption: "m.megolm.v100",
room_version: "9001",
}
```

These are the same fields as those returned by `/publicRooms` or
[`/hierarchy`](https://spec.matrix.org/v1.3/client-server-api/#get_matrixclientv1roomsroomidhierarchy)
, with a few additions: `room_type`, `membership`, `room_version`,
`encryption` and `allowed_room_ids`.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

`room_type`, `room_version` and `encryption` are already accessible as part of
the stripped state according to
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
https://spec.matrix.org/v1.3/client-server-api/#stripped-state . The
`membership` is not, but a client could access that in various different ways
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
already. This API just makes this more convenient.
`allowed_room_ids` is already part of the federation `hierarchy` API and
necessary for distinguishing possible join modes for `knock_restricted` rooms.


#### Rationale and description of response fields

| fieldname | description | rationale |
| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| room_id | Required. Id of the room | Useful when the API is called with an alias. |
| avatar_url | Optional. Avatar of the room | Copied from `publicRooms`. |
| guest_can_join | Required. If guests can join the room. | Copied from `publicRooms`. |
| name | Optional. Name of the room | Copied from `publicRooms`. |
| num_joined_members | Required. Member count of the room | Copied from `publicRooms`. |
| topic | Optional. Topic of the room | Copied from `publicRooms`. |
| world_readable | Required. If the room history can be read without joining. | Copied from `publicRooms`. |
| join_rule | Optional. Join rules of the room | Copied from `publicRooms`. |
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
| allowed_room_ids | Room ids allows in restricted joins. | Copied from `hierarchy`. Necessary to distinguish if a room can be joined or only knocked at. |
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I spent a while looking for this in C-S /hierarchy:

Suggested change
| allowed_room_ids | Room ids allows in restricted joins. | Copied from `hierarchy`. Necessary to distinguish if a room can be joined or only knocked at. |
| allowed_room_ids | Room ids allows in restricted joins. | Copied from [`GET /_matrix/federation/v1/hierarchy/{roomId}`](https://spec.matrix.org/v1.13/server-server-api/#get_matrixfederationv1hierarchyroomid). Necessary to distinguish if the room can be joined or only knocked at. |

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does synapse actually implement this for im.nheko.summary right now? The PR linked in the MSC description (matrix-org/synapse#10394) doesn't include it. If it does, could you link to the implementation?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in the PR description, this is currently not implemented in Synapse. For summaries fetched over federation this can be implemented by removing this line of code: https://github.com/matrix-org/synapse/pull/11507/files#diff-e459d7f3392554e6e1672632312969188d31a405fd3bb4ad141307618af3cabdR847

For summarizing locally this should be possible as well, but you need to change the plumbing that is currently responsible for the "for_federation" boolean flag.

So in general the change to implement that extra field is trivial, but currently not implemented.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So in general the change to implement that extra field is trivial, but currently not implemented.

Hrm. I have to say, the whole "this is certain to be trivial to implement" argument makes me nervous. We've all been bitten by things which we think are going to be trivial but then turn out not to be.

I'd feel much more comfortable about this if either, we removed this from the MSC, or we made the implementation match the MSC. If it's really trivial, the latter shouldn't be a blocker?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here is an implementation for the missing parts:

diff --git a/synapse/handlers/room_summary.py b/synapse/handlers/room_summary.py
index 720459f1e7..5bec1235e6 100644
--- a/synapse/handlers/room_summary.py
+++ b/synapse/handlers/room_summary.py
@@ -308,7 +308,7 @@ class RoomSummaryHandler:
             # inaccessible to the requesting user.
             if room_entry:
                 # Add the room (including the stripped m.space.child events).
-                rooms_result.append(room_entry.as_json(for_client=True))
+                rooms_result.append(room_entry.as_json())

                 # If this room is not at the max-depth, check if there are any
                 # children to process.
@@ -445,7 +445,7 @@ class RoomSummaryHandler:
         if not await self._is_local_room_accessible(room_id, requester, origin):
             return None

-        room_entry = await self._build_room_entry(room_id, for_federation=bool(origin))
+        room_entry = await self._build_room_entry(room_id)

         # If the room is not a space return just the room information.
         if room_entry.get("room_type") != RoomTypes.SPACE or not include_children:
@@ -701,14 +701,12 @@ class RoomSummaryHandler:
         # pending invite, etc.
         return await self._is_local_room_accessible(room_id, requester)

-    async def _build_room_entry(self, room_id: str, for_federation: bool) -> JsonDict:
+    async def _build_room_entry(self, room_id: str) -> JsonDict:
         """
         Generate en entry summarising a single room.

         Args:
             room_id: The room ID to summarize.
-            for_federation: True if this is a summary requested over federation
-                (which includes additional fields).

         Returns:
             The JSON dictionary for the room.
@@ -739,9 +737,6 @@ class RoomSummaryHandler:
             entry["im.nheko.summary.version"] = stats.version
             entry["im.nheko.summary.encryption"] = stats.encryption

-        # Federation requests need to provide additional information so the
-        # requested server is able to filter the response appropriately.
-        if for_federation:
             current_state_ids = (
                 await self._storage_controllers.state.get_current_state_ids(room_id)
             )
@@ -866,7 +861,6 @@ class RoomSummaryHandler:
                 raise NotFoundError("Room not found or is not accessible")

             room = dict(room_entry.room)
-            room.pop("allowed_room_ids", None)

             # If there was a requester, add their membership.
             # We keep the membership in the local membership table unless the
@@ -909,25 +903,16 @@ class _RoomEntry:
     # This may not include all children.
     children_state_events: Sequence[JsonDict] = ()

-    def as_json(self, for_client: bool = False) -> JsonDict:
+    def as_json(self) -> JsonDict:
         """
         Returns a JSON dictionary suitable for the room hierarchy endpoint.

         It returns the room summary including the stripped m.space.child events
         as a sub-key.

-        Args:
-            for_client: If true, any server-server only fields are stripped from
-                the result.
-
         """
         result = dict(self.room)

-        # Before returning to the client, remove the allowed_room_ids key, if it
-        # exists.
-        if for_client:
-            result.pop("allowed_room_ids", False)
-
         result["children_state"] = self.children_state_events
         return result

You can also find it here: deepbluev7/synapse@37f4253

The feature flags aren't quite correct, but I would say that doesn't matter, as it does the right thing when enabled :)

| room_type | Optional. Type of the room, if any, i.e. `m.space` | Used to distinguish rooms from spaces. |
| room_version | Optional (for historical reasons (2)). Version of the room. | Can be used by clients to show incompatibilities with a room early. |
| membership | Optional (1). The current membership of this user in the room. Usually `leave` if the room is fetched over federation. | Useful to distinguish invites and knocks from joined rooms. |
| encryption | Optional. If the room is encrypted this specified the algorithm used for this room. This is already accessible as stripped state. | Some users may only want to join encrypted rooms or clients may want to filter out encrypted rooms, if they don't support encryption or not this algorithm. |

It should be possible to call this API without authentication, but servers may
rate limit how often they fetch information over federation more heavily, if the
user is unauthenticated. Being able to call this API unauthenticated is
beneficial to avoid third parties registering guest users for one-shot API
calls. Restricting this API to guests only would provide no security benefit.

This API should be accessible to guest users (as it is already accessible
without authentication).

If the room is not allowed to be previewed, 403/`M_FORBIDDEN` should be
returned. If the room can't be found, `M_NOT_FOUND` should be returned. A
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
server might return additional error codes based on if a room was blocked, the
`roomIdOrAlias` is malformed or other implementation specific error cases. The
server should NOT return `M_UNAUTHORIZED` or otherwise divulge existance of a
room, that requires authentication to preview, if the request is
unauthenticated or authenticated by a user without access to the room.

(1) The field `membership` will not be present when called unauthenticated, but
is required when called authenticated. It should be `leave` if the server
doesn't know about the room, since for all other membership states the server
would know about the room already.

(2) Prior to this MSC, `/_matrix/federation/v1/hierarchy/{roomId}` doesn't
return the room version, so `room_version` may be unavailable for remote
rooms.

#### Modifications to `/_matrix/client/v1/rooms/{roomId}/hierarchy`
clokep marked this conversation as resolved.
Show resolved Hide resolved

For symmetry the `room_version` and `encryption` fields are also added to the
`/hierarchy` API.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

### Server-Server API

For the server side the federation API of the
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved
[`/hierarchy`](https://spec.matrix.org/v1.3/server-server-api/#get_matrixfederationv1hierarchyroomid)
endpoint is reused. This provides (with a few changes) all the information
needed in this MSC, but it also provides a few additional fields and one level
of children of this room.

Additionally the `encryption` and `room_version` fields are added to the
responses for each room.

In theory one could also add the `max_depth` parameter with allowed values of 0
and 1, so that child rooms are excluded, but this performance optimization does
not seem necessary at this time and could be added at any later point while
degrading gracefully.
richvdh marked this conversation as resolved.
Show resolved Hide resolved

(Originally there was a separate federation API for this, but it was decided by
the author that lowering the duplication on the federation side is the way to
go.)

## Potential issues

### Performance

Clients may start calling this API very often instead of using the
[`/hierarchy`](https://spec.matrix.org/v1.3/client-server-api/#get_matrixclientv1roomsroomidhierarchy)
for spaces or caching the state received via `/sync`.
Looking up all the state events required for this API may cause performance
issues in that case.

To mitigate that, servers are recommended to cache the response for this API and
apply rate limiting if necessary.
clokep marked this conversation as resolved.
Show resolved Hide resolved

## Alternatives

### The Space Summary / `/hierarchy` API

The
[`/hierarchy`](https://spec.matrix.org/v1.3/client-server-api/#get_matrixclientv1roomsroomidhierarchy)
API could be used, but it returns more data than necessary by default (but it
can be limited to just 1 room) such as all the `m.space.child` events in a
space, but also is missing the room version, membership and the encryption
field.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

Additionally the `/hierarchy` API doesn't work using aliases. This currently
doesn't allow users to preview rooms not known to the local server over
federation. While the user can resolve the alias and then call the `/hierarchy`
API using the resolved roomid, a roomid is not a routable entity, so the server
never receives the information which servers to ask about the requested rooms.
This MSC resolves that by providing a way to pass server names to ask for the
room as well as the alias directly.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

For server to server communication the efficiency is not as important, which is
why we use the same API as the `/hierarchy` API to fetch the data over
federation.

### The `sync` API

For joined rooms, the `/sync` API can be used to get a summary for all joined
rooms. Apart from not working for unjoined rooms, like knocks, invites and space
children, `/sync` is very heavy for the server and the client needs to cobble
together information from the `state`, `timeline` and
[`summary`](https://github.com/matrix-org/matrix-doc/issues/688) sections to
calculate the room name, topic and other fields provided in this MSC.

Furthermore, the membership counts in the summary field are only included, if
the client is using lazy loading. This MSC provides similar information as
calling `/sync`, but it uses the stripped state, which is needed to allow this
to work for unjoined rooms and it excludes `m.heroes` as well as membership
Comment on lines +203 to +205
Copy link
Member

@clokep clokep Jan 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This MSC doesn't use stripped state -- it uses a bunch of information derived from the room state.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That sounds like a technicality to me? This MSC uses information, that is available event for rooms where only the events in the stripped state you linked to is available. Yes, this information is also available in the room state. But the stripped state of a room is also derived from the room state. The big difference between normal room state and the stripped state is:

  • only the sender, type, state_key and content properties of an event
  • it isn't verified via the normal event signatures
  • it usually only includes a few specific events: create, name, avatar, topic, join_rules, canonical_alias and encryption

This MSC specifically derives from this sentence of the spec:

Stripped state typically appears in invites, knocks, and in other places where a user could join the room under the conditions available (such as a restricted room).

The sentence you commented on points out that relationship: These previews also work for unjoined rooms, where the full room state might be unavailable.

So could you clarify what your comment is supposed to mean? Am I supposed to change something in the text? Is it a question? Or is it just about the technicality, that this MSC doesn't directly return stripped state events, even though it uses the definition of stripped state events to define what information is available and what rooms should be previewable, without anything for me to act on? I'm a bit at a loss here, how I am supposed to resolve or reply to comments like these.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found this sentence to imply that the stripped state was returned, which it is not. (Maybe it is a technicality, but this is a technical document -- details are important.) perhaps saying the information is derived from the stripped state would be enough. (I'm not even really sure the stripped aspect of it is needed here?)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
the client is using lazy loading. This MSC provides similar information as
calling `/sync`, but it uses the stripped state, which is needed to allow this
to work for unjoined rooms and it excludes `m.heroes` as well as membership
the client is using lazy loading. This MSC provides similar information as
calling `/sync`, but to allow it to work for unjoined rooms it only uses information
from the stripped state. Additionally, it excludes `m.heroes` as well as membership

Maybe that's clearer?

events, since those are not included in the stripped state of a room. (A client
can call `/joined_members` to receive those if needed. It may still make sense
to include heroes so that clients could construct a human-friendly room display
name in case both the name and the canonical alias are absent; but solving the
security implications with that may better be left to a separate MSC.)

### The `/state` API

The `/state` API could be used, but the response is much bigger than needed,
can't be cached as easily and may need more requests. This also doesn't work
over federation (yet). The variant of this API, which returns the full state of
a room, also does not return stripped events, which prevents it from being used
by non-members. The event for specific events DOES return stripped events, but
could not provide a member count for a room.

### Proper peeking

Peeking could solve this too, but with additional overhead and
[MSC2753](https://github.com/matrix-org/matrix-doc/pull/2753) is much more
complex. You need to add a peek and remember to remove it. For many usecases you
just want to do one request to get info about a room, no history and no updates.
This MSC solves that by reusing the existing hierarchy APIs, returns a
lightweight response and provides a convenient API instead.

### A more batched API

This API could take a list of rooms with included `via`s for each room instead
of a single room (as a POST request). This may have performance benefits for the
federation API and a client could then easily request a summary of all joined
rooms. It could still request the summary of a single room by just including
only a single room in the POST or a convenience GET could be provided by the
server (that looks like this proposal).

### MSC3429: Individual room preview API (closed)

[MSC3429](https://github.com/matrix-org/matrix-doc/pull/3429) is an alternative
implementation, but it chooses a different layout. While this layout might make
sense in the future, it is inconsistent with the APIs already in use, harder to
use for clients (iterate array over directly including the interesting fields)
and can't reuse the federation API. In my opinion an MSC in the future, that
bases all summary APIs on a list of stripped events seems like the more
reasonable approach to me and would make the APIs more extensible.

## Security considerations

This API may leak data, if implemented incorrectly or malicious servers could
return wrong results for a summary.
deepbluev7 marked this conversation as resolved.
Show resolved Hide resolved

Those are the same concerns as on [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946)
or [MSC3173](https://github.com/matrix-org/matrix-doc/pull/3173).

This API could also be used for denial of service type attacks. Appropriate
ratelimiting and caching should be able to mitigate that.

## Unstable prefix
turt2live marked this conversation as resolved.
Show resolved Hide resolved

This uses the `im.nheko.summary` unstable prefix. As such the paths are prefixed
with `unstable/im.nheko.summary`.

- the client API will be
`/_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}`.

Some implementations still use
`/_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summary`,
but this was a mistake in this MSC. Endpoints using aliases shouldn't be under /rooms.

Additionally the fields `encryption` and `room_version` in the summaries are
prefixed with `im.nheko.summary` as well since it is new. The latter might still
be called `im.nheko.summary.version` in some implementations.