| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552 |
- # Copyright 2016 OpenMarket Ltd
- # Copyright 2017 New Vector Ltd
- # Copyright 2019 Matrix.org Foundation C.I.C.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- import copy
- from unittest import mock
- from synapse.api.errors import SynapseError
- from tests import unittest
- # sample room_key data for use in the tests
- room_keys = {
- "rooms": {
- "!abc:matrix.org": {
- "sessions": {
- "c0ff33": {
- "first_message_index": 1,
- "forwarded_count": 1,
- "is_verified": False,
- "session_data": "SSBBTSBBIEZJU0gK",
- }
- }
- }
- }
- }
- class E2eRoomKeysHandlerTestCase(unittest.HomeserverTestCase):
- def make_homeserver(self, reactor, clock):
- return self.setup_test_homeserver(replication_layer=mock.Mock())
- def prepare(self, reactor, clock, hs):
- self.handler = hs.get_e2e_room_keys_handler()
- self.local_user = "@boris:" + hs.hostname
- def test_get_missing_current_version_info(self):
- """Check that we get a 404 if we ask for info about the current version
- if there is no version.
- """
- e = self.get_failure(
- self.handler.get_version_info(self.local_user), SynapseError
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_get_missing_version_info(self):
- """Check that we get a 404 if we ask for info about a specific version
- if it doesn't exist.
- """
- e = self.get_failure(
- self.handler.get_version_info(self.local_user, "bogus_version"),
- SynapseError,
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_create_version(self):
- """Check that we can create and then retrieve versions."""
- res = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(res, "1")
- # check we can retrieve it as the current version
- res = self.get_success(self.handler.get_version_info(self.local_user))
- version_etag = res["etag"]
- self.assertIsInstance(version_etag, str)
- del res["etag"]
- self.assertDictEqual(
- res,
- {
- "version": "1",
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- "count": 0,
- },
- )
- # check we can retrieve it as a specific version
- res = self.get_success(self.handler.get_version_info(self.local_user, "1"))
- self.assertEqual(res["etag"], version_etag)
- del res["etag"]
- self.assertDictEqual(
- res,
- {
- "version": "1",
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- "count": 0,
- },
- )
- # upload a new one...
- res = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "second_version_auth_data",
- },
- )
- )
- self.assertEqual(res, "2")
- # check we can retrieve it as the current version
- res = self.get_success(self.handler.get_version_info(self.local_user))
- del res["etag"]
- self.assertDictEqual(
- res,
- {
- "version": "2",
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "second_version_auth_data",
- "count": 0,
- },
- )
- def test_update_version(self):
- """Check that we can update versions."""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- res = self.get_success(
- self.handler.update_version(
- self.local_user,
- version,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- "version": version,
- },
- )
- )
- self.assertDictEqual(res, {})
- # check we can retrieve it as the current version
- res = self.get_success(self.handler.get_version_info(self.local_user))
- del res["etag"]
- self.assertDictEqual(
- res,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- "version": version,
- "count": 0,
- },
- )
- def test_update_missing_version(self):
- """Check that we get a 404 on updating nonexistent versions"""
- e = self.get_failure(
- self.handler.update_version(
- self.local_user,
- "1",
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- "version": "1",
- },
- ),
- SynapseError,
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_update_omitted_version(self):
- """Check that the update succeeds if the version is missing from the body"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- self.get_success(
- self.handler.update_version(
- self.local_user,
- version,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- },
- )
- )
- # check we can retrieve it as the current version
- res = self.get_success(self.handler.get_version_info(self.local_user))
- del res["etag"] # etag is opaque, so don't test its contents
- self.assertDictEqual(
- res,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- "version": version,
- "count": 0,
- },
- )
- def test_update_bad_version(self):
- """Check that we get a 400 if the version in the body doesn't match"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- e = self.get_failure(
- self.handler.update_version(
- self.local_user,
- version,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "revised_first_version_auth_data",
- "version": "incorrect",
- },
- ),
- SynapseError,
- )
- res = e.value.code
- self.assertEqual(res, 400)
- def test_delete_missing_version(self):
- """Check that we get a 404 on deleting nonexistent versions"""
- e = self.get_failure(
- self.handler.delete_version(self.local_user, "1"), SynapseError
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_delete_missing_current_version(self):
- """Check that we get a 404 on deleting nonexistent current version"""
- e = self.get_failure(self.handler.delete_version(self.local_user), SynapseError)
- res = e.value.code
- self.assertEqual(res, 404)
- def test_delete_version(self):
- """Check that we can create and then delete versions."""
- res = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(res, "1")
- # check we can delete it
- self.get_success(self.handler.delete_version(self.local_user, "1"))
- # check that it's gone
- e = self.get_failure(
- self.handler.get_version_info(self.local_user, "1"), SynapseError
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_get_missing_backup(self):
- """Check that we get a 404 on querying missing backup"""
- e = self.get_failure(
- self.handler.get_room_keys(self.local_user, "bogus_version"), SynapseError
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_get_missing_room_keys(self):
- """Check we get an empty response from an empty backup"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- res = self.get_success(self.handler.get_room_keys(self.local_user, version))
- self.assertDictEqual(res, {"rooms": {}})
- # TODO: test the locking semantics when uploading room_keys,
- # although this is probably best done in sytest
- def test_upload_room_keys_no_versions(self):
- """Check that we get a 404 on uploading keys when no versions are defined"""
- e = self.get_failure(
- self.handler.upload_room_keys(self.local_user, "no_version", room_keys),
- SynapseError,
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_upload_room_keys_bogus_version(self):
- """Check that we get a 404 on uploading keys when an nonexistent version
- is specified
- """
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- e = self.get_failure(
- self.handler.upload_room_keys(self.local_user, "bogus_version", room_keys),
- SynapseError,
- )
- res = e.value.code
- self.assertEqual(res, 404)
- def test_upload_room_keys_wrong_version(self):
- """Check that we get a 403 on uploading keys for an old version"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "second_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "2")
- e = self.get_failure(
- self.handler.upload_room_keys(self.local_user, "1", room_keys), SynapseError
- )
- res = e.value.code
- self.assertEqual(res, 403)
- def test_upload_room_keys_insert(self):
- """Check that we can insert and retrieve keys for a session"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, room_keys)
- )
- res = self.get_success(self.handler.get_room_keys(self.local_user, version))
- self.assertDictEqual(res, room_keys)
- # check getting room_keys for a given room
- res = self.get_success(
- self.handler.get_room_keys(
- self.local_user, version, room_id="!abc:matrix.org"
- )
- )
- self.assertDictEqual(res, room_keys)
- # check getting room_keys for a given session_id
- res = self.get_success(
- self.handler.get_room_keys(
- self.local_user, version, room_id="!abc:matrix.org", session_id="c0ff33"
- )
- )
- self.assertDictEqual(res, room_keys)
- def test_upload_room_keys_merge(self):
- """Check that we can upload a new room_key for an existing session and
- have it correctly merged"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, room_keys)
- )
- # get the etag to compare to future versions
- res = self.get_success(self.handler.get_version_info(self.local_user))
- backup_etag = res["etag"]
- self.assertEqual(res["count"], 1)
- new_room_keys = copy.deepcopy(room_keys)
- new_room_key = new_room_keys["rooms"]["!abc:matrix.org"]["sessions"]["c0ff33"]
- # test that increasing the message_index doesn't replace the existing session
- new_room_key["first_message_index"] = 2
- new_room_key["session_data"] = "new"
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, new_room_keys)
- )
- res = self.get_success(self.handler.get_room_keys(self.local_user, version))
- self.assertEqual(
- res["rooms"]["!abc:matrix.org"]["sessions"]["c0ff33"]["session_data"],
- "SSBBTSBBIEZJU0gK",
- )
- # the etag should be the same since the session did not change
- res = self.get_success(self.handler.get_version_info(self.local_user))
- self.assertEqual(res["etag"], backup_etag)
- # test that marking the session as verified however /does/ replace it
- new_room_key["is_verified"] = True
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, new_room_keys)
- )
- res = self.get_success(self.handler.get_room_keys(self.local_user, version))
- self.assertEqual(
- res["rooms"]["!abc:matrix.org"]["sessions"]["c0ff33"]["session_data"], "new"
- )
- # the etag should NOT be equal now, since the key changed
- res = self.get_success(self.handler.get_version_info(self.local_user))
- self.assertNotEqual(res["etag"], backup_etag)
- backup_etag = res["etag"]
- # test that a session with a higher forwarded_count doesn't replace one
- # with a lower forwarding count
- new_room_key["forwarded_count"] = 2
- new_room_key["session_data"] = "other"
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, new_room_keys)
- )
- res = self.get_success(self.handler.get_room_keys(self.local_user, version))
- self.assertEqual(
- res["rooms"]["!abc:matrix.org"]["sessions"]["c0ff33"]["session_data"], "new"
- )
- # the etag should be the same since the session did not change
- res = self.get_success(self.handler.get_version_info(self.local_user))
- self.assertEqual(res["etag"], backup_etag)
- # TODO: check edge cases as well as the common variations here
- def test_delete_room_keys(self):
- """Check that we can insert and delete keys for a session"""
- version = self.get_success(
- self.handler.create_version(
- self.local_user,
- {
- "algorithm": "m.megolm_backup.v1",
- "auth_data": "first_version_auth_data",
- },
- )
- )
- self.assertEqual(version, "1")
- # check for bulk-delete
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, room_keys)
- )
- self.get_success(self.handler.delete_room_keys(self.local_user, version))
- res = self.get_success(
- self.handler.get_room_keys(
- self.local_user, version, room_id="!abc:matrix.org", session_id="c0ff33"
- )
- )
- self.assertDictEqual(res, {"rooms": {}})
- # check for bulk-delete per room
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, room_keys)
- )
- self.get_success(
- self.handler.delete_room_keys(
- self.local_user, version, room_id="!abc:matrix.org"
- )
- )
- res = self.get_success(
- self.handler.get_room_keys(
- self.local_user, version, room_id="!abc:matrix.org", session_id="c0ff33"
- )
- )
- self.assertDictEqual(res, {"rooms": {}})
- # check for bulk-delete per session
- self.get_success(
- self.handler.upload_room_keys(self.local_user, version, room_keys)
- )
- self.get_success(
- self.handler.delete_room_keys(
- self.local_user, version, room_id="!abc:matrix.org", session_id="c0ff33"
- )
- )
- res = self.get_success(
- self.handler.get_room_keys(
- self.local_user, version, room_id="!abc:matrix.org", session_id="c0ff33"
- )
- )
- self.assertDictEqual(res, {"rooms": {}})
|
