test_federation_server.py 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. # -*- coding: utf-8 -*-
  2. # Copyright 2018 New Vector Ltd
  3. # Copyright 2019 Matrix.org Federation C.I.C
  4. #
  5. # Licensed under the Apache License, Version 2.0 (the "License");
  6. # you may not use this file except in compliance with the License.
  7. # You may obtain a copy of the License at
  8. #
  9. # http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16. import logging
  17. from synapse.events import make_event_from_dict
  18. from synapse.federation.federation_server import server_matches_acl_event
  19. from synapse.rest import admin
  20. from synapse.rest.client.v1 import login, room
  21. from tests import unittest
  22. class ServerACLsTestCase(unittest.TestCase):
  23. def test_blacklisted_server(self):
  24. e = _create_acl_event({"allow": ["*"], "deny": ["evil.com"]})
  25. logging.info("ACL event: %s", e.content)
  26. self.assertFalse(server_matches_acl_event("evil.com", e))
  27. self.assertFalse(server_matches_acl_event("EVIL.COM", e))
  28. self.assertTrue(server_matches_acl_event("evil.com.au", e))
  29. self.assertTrue(server_matches_acl_event("honestly.not.evil.com", e))
  30. def test_block_ip_literals(self):
  31. e = _create_acl_event({"allow_ip_literals": False, "allow": ["*"]})
  32. logging.info("ACL event: %s", e.content)
  33. self.assertFalse(server_matches_acl_event("1.2.3.4", e))
  34. self.assertTrue(server_matches_acl_event("1a.2.3.4", e))
  35. self.assertFalse(server_matches_acl_event("[1:2::]", e))
  36. self.assertTrue(server_matches_acl_event("1:2:3:4", e))
  37. class StateQueryTests(unittest.FederatingHomeserverTestCase):
  38. servlets = [
  39. admin.register_servlets,
  40. room.register_servlets,
  41. login.register_servlets,
  42. ]
  43. def test_without_event_id(self):
  44. """
  45. Querying v1/state/<room_id> without an event ID will return the current
  46. known state.
  47. """
  48. u1 = self.register_user("u1", "pass")
  49. u1_token = self.login("u1", "pass")
  50. room_1 = self.helper.create_room_as(u1, tok=u1_token)
  51. self.inject_room_member(room_1, "@user:other.example.com", "join")
  52. request, channel = self.make_request(
  53. "GET", "/_matrix/federation/v1/state/%s" % (room_1,)
  54. )
  55. self.render(request)
  56. self.assertEquals(200, channel.code, channel.result)
  57. self.assertEqual(
  58. channel.json_body["room_version"],
  59. self.hs.config.default_room_version.identifier,
  60. )
  61. members = set(
  62. map(
  63. lambda x: x["state_key"],
  64. filter(
  65. lambda x: x["type"] == "m.room.member", channel.json_body["pdus"]
  66. ),
  67. )
  68. )
  69. self.assertEqual(members, {"@user:other.example.com", u1})
  70. self.assertEqual(len(channel.json_body["pdus"]), 6)
  71. def test_needs_to_be_in_room(self):
  72. """
  73. Querying v1/state/<room_id> requires the server
  74. be in the room to provide data.
  75. """
  76. u1 = self.register_user("u1", "pass")
  77. u1_token = self.login("u1", "pass")
  78. room_1 = self.helper.create_room_as(u1, tok=u1_token)
  79. request, channel = self.make_request(
  80. "GET", "/_matrix/federation/v1/state/%s" % (room_1,)
  81. )
  82. self.render(request)
  83. self.assertEquals(403, channel.code, channel.result)
  84. self.assertEqual(channel.json_body["errcode"], "M_FORBIDDEN")
  85. def _create_acl_event(content):
  86. return make_event_from_dict(
  87. {
  88. "room_id": "!a:b",
  89. "event_id": "$a:b",
  90. "type": "m.room.server_acls",
  91. "sender": "@a:b",
  92. "content": content,
  93. }
  94. )