test_federation_server.py 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164
  1. # Copyright 2018 New Vector Ltd
  2. # Copyright 2019 Matrix.org Federation C.I.C
  3. #
  4. # Licensed under the Apache License, Version 2.0 (the "License");
  5. # you may not use this file except in compliance with the License.
  6. # You may obtain a copy of the License at
  7. #
  8. # http://www.apache.org/licenses/LICENSE-2.0
  9. #
  10. # Unless required by applicable law or agreed to in writing, software
  11. # distributed under the License is distributed on an "AS IS" BASIS,
  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. # See the License for the specific language governing permissions and
  14. # limitations under the License.
  15. import logging
  16. from parameterized import parameterized
  17. from synapse.events import make_event_from_dict
  18. from synapse.federation.federation_server import server_matches_acl_event
  19. from synapse.rest import admin
  20. from synapse.rest.client.v1 import login, room
  21. from tests import unittest
  22. class FederationServerTests(unittest.FederatingHomeserverTestCase):
  23. servlets = [
  24. admin.register_servlets,
  25. room.register_servlets,
  26. login.register_servlets,
  27. ]
  28. @parameterized.expand([(b"",), (b"foo",), (b'{"limit": Infinity}',)])
  29. def test_bad_request(self, query_content):
  30. """
  31. Querying with bad data returns a reasonable error code.
  32. """
  33. u1 = self.register_user("u1", "pass")
  34. u1_token = self.login("u1", "pass")
  35. room_1 = self.helper.create_room_as(u1, tok=u1_token)
  36. self.inject_room_member(room_1, "@user:other.example.com", "join")
  37. "/get_missing_events/(?P<room_id>[^/]*)/?"
  38. channel = self.make_request(
  39. "POST",
  40. "/_matrix/federation/v1/get_missing_events/%s" % (room_1,),
  41. query_content,
  42. )
  43. self.assertEquals(400, channel.code, channel.result)
  44. self.assertEqual(channel.json_body["errcode"], "M_NOT_JSON")
  45. class ServerACLsTestCase(unittest.TestCase):
  46. def test_blacklisted_server(self):
  47. e = _create_acl_event({"allow": ["*"], "deny": ["evil.com"]})
  48. logging.info("ACL event: %s", e.content)
  49. self.assertFalse(server_matches_acl_event("evil.com", e))
  50. self.assertFalse(server_matches_acl_event("EVIL.COM", e))
  51. self.assertTrue(server_matches_acl_event("evil.com.au", e))
  52. self.assertTrue(server_matches_acl_event("honestly.not.evil.com", e))
  53. def test_block_ip_literals(self):
  54. e = _create_acl_event({"allow_ip_literals": False, "allow": ["*"]})
  55. logging.info("ACL event: %s", e.content)
  56. self.assertFalse(server_matches_acl_event("1.2.3.4", e))
  57. self.assertTrue(server_matches_acl_event("1a.2.3.4", e))
  58. self.assertFalse(server_matches_acl_event("[1:2::]", e))
  59. self.assertTrue(server_matches_acl_event("1:2:3:4", e))
  60. def test_wildcard_matching(self):
  61. e = _create_acl_event({"allow": ["good*.com"]})
  62. self.assertTrue(
  63. server_matches_acl_event("good.com", e),
  64. "* matches 0 characters",
  65. )
  66. self.assertTrue(
  67. server_matches_acl_event("GOOD.COM", e),
  68. "pattern is case-insensitive",
  69. )
  70. self.assertTrue(
  71. server_matches_acl_event("good.aa.com", e),
  72. "* matches several characters, including '.'",
  73. )
  74. self.assertFalse(
  75. server_matches_acl_event("ishgood.com", e),
  76. "pattern does not allow prefixes",
  77. )
  78. class StateQueryTests(unittest.FederatingHomeserverTestCase):
  79. servlets = [
  80. admin.register_servlets,
  81. room.register_servlets,
  82. login.register_servlets,
  83. ]
  84. def test_without_event_id(self):
  85. """
  86. Querying v1/state/<room_id> without an event ID will return the current
  87. known state.
  88. """
  89. u1 = self.register_user("u1", "pass")
  90. u1_token = self.login("u1", "pass")
  91. room_1 = self.helper.create_room_as(u1, tok=u1_token)
  92. self.inject_room_member(room_1, "@user:other.example.com", "join")
  93. channel = self.make_request(
  94. "GET", "/_matrix/federation/v1/state/%s" % (room_1,)
  95. )
  96. self.assertEquals(200, channel.code, channel.result)
  97. self.assertEqual(
  98. channel.json_body["room_version"],
  99. self.hs.config.default_room_version.identifier,
  100. )
  101. members = set(
  102. map(
  103. lambda x: x["state_key"],
  104. filter(
  105. lambda x: x["type"] == "m.room.member", channel.json_body["pdus"]
  106. ),
  107. )
  108. )
  109. self.assertEqual(members, {"@user:other.example.com", u1})
  110. self.assertEqual(len(channel.json_body["pdus"]), 6)
  111. def test_needs_to_be_in_room(self):
  112. """
  113. Querying v1/state/<room_id> requires the server
  114. be in the room to provide data.
  115. """
  116. u1 = self.register_user("u1", "pass")
  117. u1_token = self.login("u1", "pass")
  118. room_1 = self.helper.create_room_as(u1, tok=u1_token)
  119. channel = self.make_request(
  120. "GET", "/_matrix/federation/v1/state/%s" % (room_1,)
  121. )
  122. self.assertEquals(403, channel.code, channel.result)
  123. self.assertEqual(channel.json_body["errcode"], "M_FORBIDDEN")
  124. def _create_acl_event(content):
  125. return make_event_from_dict(
  126. {
  127. "room_id": "!a:b",
  128. "event_id": "$a:b",
  129. "type": "m.room.server_acls",
  130. "sender": "@a:b",
  131. "content": content,
  132. }
  133. )