-
Notifications
You must be signed in to change notification settings - Fork 375
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix up auth rules #1591
Fix up auth rules #1591
Conversation
RST expects sub lists to be indented by three or more spaces. By doing so we can then rely on `#.` for automatic numbering.
They are still missing third party invites.
Fixes #1305 |
This is being handled in matrix-org#1591
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry to pick holes in the formatting, but consistency is important imho.
specification/server_server_api.rst
Outdated
|
||
a. If ``membership`` is ``join``: | ||
a. If ``membership`` is ``join``: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
erm; the extra indentation means that this is rendered as a <blockquote>
. I don't really think we should be hacking around the shitness of the matrix.org CSS with this sort of thing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh poo. Its not about getting round matrix.org CSS but actually getting them to be semantically sub lists (mainly so the auto numbering works). Turns out that I only needed one extra space.
specification/server_server_api.rst
Outdated
previous events - *i.e.* it is the first event in the room. | ||
1. If type is ``m.room.create``: | ||
|
||
a. Reject if it has any previous events |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
full-stop
specification/server_server_api.rst
Outdated
a. Reject if it has any previous events | ||
b. Reject if the domain of the ``room_id`` does not match the domain of the | ||
``sender``. | ||
c. Reject if ``content.room_version`` key is an unrecognized version |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
full-stop
specification/server_server_api.rst
Outdated
previous events - *i.e.* it is the first event in the room. | ||
1. If type is ``m.room.create``: | ||
|
||
a. Reject if it has any previous events |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
all the existing rules were written as: "if <foo>, reject|allow." It would be really nice to be consistent.
specification/server_server_api.rst
Outdated
a. Reject if it has any previous events | ||
b. Reject if the domain of the ``room_id`` does not match the domain of the | ||
``sender``. | ||
c. Reject if ``content.room_version`` key is an unrecognized version |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
recognised
specification/server_server_api.rst
Outdated
c. Reject if ``content.room_version`` key is an unrecognized version | ||
d. Otherwise, allow. | ||
|
||
#. Reject if event does not have a ``m.room.create`` in its ``auth_events`` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
full-stop
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[etc]
specification/server_server_api.rst
Outdated
1. If type is ``m.room.create``: | ||
|
||
a. Reject if it has any previous events | ||
b. Reject if the domain of the ``room_id`` does not match the domain of the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
isn't an m.room.create
supposed to have a creator
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh yes, annoyingly synapse will only explode when checking the first join.
Formatting and consistency is important, and hopefully that is now better :) Sorry about messing up the indent, silly RST :/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm otherwise
specification/server_server_api.rst
Outdated
a. Reject if event has no ``state_key`` | ||
b. Allow if and only if sender's domain matches ``state_key`` | ||
a. If event has no ``state_key``, reject | ||
b. If sender's domain doesn't matches ``state_key``, reject. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doesn't match
specification/server_server_api.rst
Outdated
a. If it has any previous events, reject. | ||
b. If the domain of the ``room_id`` does not match the domain of the | ||
``sender``, reject. | ||
c. If ``content.room_version`` key is an unrecognised version, reject. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If content.room_version
is present and is not a recognised version, reject.
specification/server_server_api.rst
Outdated
|
||
#. If type is ``m.room.aliases``: | ||
|
||
a. Reject if event has no ``state_key`` | ||
b. Allow if and only if sender's domain matches ``state_key`` | ||
a. If event has no ``state_key``, reject |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
full stop.
Thank you for your patience |
Since matrix-org/matrix-spec#1544 is fixed, we can use a modern hugo.
Note that the first commit is a bunch of re-indentation.
This is still missing the third party invite stuff, but I'll add that separately.