Skip to content

Commit

Permalink
Merge pull request #8 from tchapgouv/allow-encrypted-public-to-private
Browse files Browse the repository at this point in the history 
Allow switching an encrypted room from public to non public
  • Loading branch information
@odelcroi
odelcroi authored Nov 26, 2024
2 parents 3ade4c6 + 6a89541 commit caa6b0c
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 4 deletions.
13 changes: 9 additions & 4 deletions room_access_rules/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -881,8 +881,9 @@ def _on_join_rule_change(
) -> bool:
"""Check whether a join rule change is allowed.
A join rule change is always allowed unless the new join rule is "public" and
the current access rule is "direct".
A join rule change is always allowed unless:
- the new join rule is "public" and the current access rule is "direct"
- the existing join rule is "public" and the room is not encrypted
Args:
event: The event to check.
Expand All @@ -894,8 +895,12 @@ def _on_join_rule_change(
if event.content.get("join_rule") == JoinRules.PUBLIC:
return rule != AccessRules.DIRECT

if self._get_join_rule_from_state(state_events) == JoinRules.PUBLIC:
return False
if (
self._get_join_rule_from_state(state_events) == JoinRules.PUBLIC
and event.content.get("join_rule") != JoinRules.PUBLIC
):
if not state_events.get((EventTypes.RoomEncryption, "")):
return False

return True

Expand Down
54 changes: 54 additions & 0 deletions tests/test_event_allowed.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,13 @@ def setUp(self) -> None:
content=self.module._get_default_power_levels(self.room_creator),
room_id=self.direct_room,
),
(EventTypes.JoinRules, ""): MockEvent(
sender=self.room_creator,
type=EventTypes.JoinRules,
state_key="",
content={"join_rule": JoinRules.PRIVATE},
room_id=self.direct_room,
),
(ACCESS_RULES_TYPE, ""): MockEvent(
sender=self.room_creator,
type=ACCESS_RULES_TYPE,
Expand Down Expand Up @@ -80,6 +87,13 @@ def setUp(self) -> None:
content=self.module._get_default_power_levels(self.room_creator),
room_id=self.unrestricted_room,
),
(EventTypes.JoinRules, ""): MockEvent(
sender=self.room_creator,
type=EventTypes.JoinRules,
state_key="",
content={"join_rule": JoinRules.PUBLIC},
room_id=self.unrestricted_room,
),
(ACCESS_RULES_TYPE, ""): MockEvent(
sender=self.room_creator,
type=ACCESS_RULES_TYPE,
Expand All @@ -105,6 +119,13 @@ def setUp(self) -> None:
content=self.module._get_default_power_levels(self.room_creator),
room_id=self.restricted_room,
),
(EventTypes.JoinRules, ""): MockEvent(
sender=self.room_creator,
type=EventTypes.JoinRules,
state_key="",
content={"join_rule": JoinRules.PRIVATE},
room_id=self.restricted_room,
),
(ACCESS_RULES_TYPE, ""): MockEvent(
sender=self.room_creator,
type=ACCESS_RULES_TYPE,
Expand Down Expand Up @@ -729,6 +750,39 @@ async def test_join_rules(self):
)
)

# the existing join rule is "public" and the room is not encrypted
allowed, _ = await self.module.check_event_allowed(
event=MockEvent(
sender=self.room_creator,
type=EventTypes.JoinRules,
content={"join_rule": JoinRules.PRIVATE},
state_key="",
),
state_events=self.unrestricted_room_state,
)
self.assertFalse(allowed)

# the existing join rule is "public" and the room is encrypted
allowed, _ = await self.module.check_event_allowed(
event=MockEvent(
sender=self.room_creator,
type=EventTypes.JoinRules,
content={"join_rule": JoinRules.PRIVATE},
state_key="",
),
state_events=self.unrestricted_room_state
| {
(EventTypes.RoomEncryption, ""): MockEvent(
sender=self.room_creator,
type=EventTypes.RoomEncryption,
state_key="",
content={"algorithm": "m.megolm.v1.aes-sha2"},
room_id=self.unrestricted_room,
)
},
)
self.assertTrue(allowed)

def _new_membership_event(
self,
src: str,
Expand Down

0 comments on commit caa6b0c

Please sign in to comment.