gitlord
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Code Issues 0 Releases 671 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20519 Commits
842 Branches
288 MiB
 
 
 
 
 
 
Tree: b121a3ad2b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b121a3ad2b'
${ noResults }
synapse/tests/federation/test_federation_server.py

276 lines
9.7 KiB
Raw Blame History 

  1. # Copyright 2018 New Vector Ltd

  2. # Copyright 2019 Matrix.org Federation C.I.C

  3. #

  4. # Licensed under the Apache License, Version 2.0 (the "License");

  5. # you may not use this file except in compliance with the License.

  6. # You may obtain a copy of the License at

  7. #

  8. #     http://www.apache.org/licenses/LICENSE-2.0

  9. #

  10. # Unless required by applicable law or agreed to in writing, software

  11. # distributed under the License is distributed on an "AS IS" BASIS,

  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. # See the License for the specific language governing permissions and

  14. # limitations under the License.

  15. import logging

  16. 

  17. from parameterized import parameterized

  18. 

  19. from twisted.test.proto_helpers import MemoryReactor

  20. 

  21. from synapse.api.room_versions import KNOWN_ROOM_VERSIONS

  22. from synapse.config.server import DEFAULT_ROOM_VERSION

  23. from synapse.crypto.event_signing import add_hashes_and_signatures

  24. from synapse.events import make_event_from_dict

  25. from synapse.federation.federation_server import server_matches_acl_event

  26. from synapse.rest import admin

  27. from synapse.rest.client import login, room

  28. from synapse.server import HomeServer

  29. from synapse.types import JsonDict

  30. from synapse.util import Clock

  31. 

  32. from tests import unittest

  33. from tests.unittest import override_config

  34. 

  35. 

  36. class FederationServerTests(unittest.FederatingHomeserverTestCase):

  37. 

  38.     servlets = [

  39.         admin.register_servlets,

  40.         room.register_servlets,

  41.         login.register_servlets,

  42.     ]

  43. 

  44.     @parameterized.expand([(b"",), (b"foo",), (b'{"limit": Infinity}',)])

  45.     def test_bad_request(self, query_content):

  46.         """

  47.         Querying with bad data returns a reasonable error code.

  48.         """

  49.         u1 = self.register_user("u1", "pass")

  50.         u1_token = self.login("u1", "pass")

  51. 

  52.         room_1 = self.helper.create_room_as(u1, tok=u1_token)

  53.         self.inject_room_member(room_1, "@user:other.example.com", "join")

  54. 

  55.         "/get_missing_events/(?P<room_id>[^/]*)/?"

  56. 

  57.         channel = self.make_request(

  58.             "POST",

  59.             "/_matrix/federation/v1/get_missing_events/%s" % (room_1,),

  60.             query_content,

  61.         )

  62.         self.assertEqual(400, channel.code, channel.result)

  63.         self.assertEqual(channel.json_body["errcode"], "M_NOT_JSON")

  64. 

  65. 

  66. class ServerACLsTestCase(unittest.TestCase):

  67.     def test_blacklisted_server(self):

  68.         e = _create_acl_event({"allow": ["*"], "deny": ["evil.com"]})

  69.         logging.info("ACL event: %s", e.content)

  70. 

  71.         self.assertFalse(server_matches_acl_event("evil.com", e))

  72.         self.assertFalse(server_matches_acl_event("EVIL.COM", e))

  73. 

  74.         self.assertTrue(server_matches_acl_event("evil.com.au", e))

  75.         self.assertTrue(server_matches_acl_event("honestly.not.evil.com", e))

  76. 

  77.     def test_block_ip_literals(self):

  78.         e = _create_acl_event({"allow_ip_literals": False, "allow": ["*"]})

  79.         logging.info("ACL event: %s", e.content)

  80. 

  81.         self.assertFalse(server_matches_acl_event("1.2.3.4", e))

  82.         self.assertTrue(server_matches_acl_event("1a.2.3.4", e))

  83.         self.assertFalse(server_matches_acl_event("[1:2::]", e))

  84.         self.assertTrue(server_matches_acl_event("1:2:3:4", e))

  85. 

  86.     def test_wildcard_matching(self):

  87.         e = _create_acl_event({"allow": ["good*.com"]})

  88.         self.assertTrue(

  89.             server_matches_acl_event("good.com", e),

  90.             "* matches 0 characters",

  91.         )

  92.         self.assertTrue(

  93.             server_matches_acl_event("GOOD.COM", e),

  94.             "pattern is case-insensitive",

  95.         )

  96.         self.assertTrue(

  97.             server_matches_acl_event("good.aa.com", e),

  98.             "* matches several characters, including '.'",

  99.         )

  100.         self.assertFalse(

  101.             server_matches_acl_event("ishgood.com", e),

  102.             "pattern does not allow prefixes",

  103.         )

  104. 

  105. 

  106. class StateQueryTests(unittest.FederatingHomeserverTestCase):

  107.     servlets = [

  108.         admin.register_servlets,

  109.         room.register_servlets,

  110.         login.register_servlets,

  111.     ]

  112. 

  113.     def test_needs_to_be_in_room(self):

  114.         """/v1/state/<room_id> requires the server to be in the room"""

  115.         u1 = self.register_user("u1", "pass")

  116.         u1_token = self.login("u1", "pass")

  117. 

  118.         room_1 = self.helper.create_room_as(u1, tok=u1_token)

  119. 

  120.         channel = self.make_signed_federation_request(

  121.             "GET", "/_matrix/federation/v1/state/%s?event_id=xyz" % (room_1,)

  122.         )

  123.         self.assertEqual(403, channel.code, channel.result)

  124.         self.assertEqual(channel.json_body["errcode"], "M_FORBIDDEN")

  125. 

  126. 

  127. class SendJoinFederationTests(unittest.FederatingHomeserverTestCase):

  128.     servlets = [

  129.         admin.register_servlets,

  130.         room.register_servlets,

  131.         login.register_servlets,

  132.     ]

  133. 

  134.     def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer):

  135.         super().prepare(reactor, clock, hs)

  136. 

  137.         # create the room

  138.         creator_user_id = self.register_user("kermit", "test")

  139.         tok = self.login("kermit", "test")

  140.         self._room_id = self.helper.create_room_as(

  141.             room_creator=creator_user_id, tok=tok

  142.         )

  143. 

  144.         # a second member on the orgin HS

  145.         second_member_user_id = self.register_user("fozzie", "bear")

  146.         tok2 = self.login("fozzie", "bear")

  147.         self.helper.join(self._room_id, second_member_user_id, tok=tok2)

  148. 

  149.     def _make_join(self, user_id) -> JsonDict:

  150.         channel = self.make_signed_federation_request(

  151.             "GET",

  152.             f"/_matrix/federation/v1/make_join/{self._room_id}/{user_id}"

  153.             f"?ver={DEFAULT_ROOM_VERSION}",

  154.         )

  155.         self.assertEqual(channel.code, 200, channel.json_body)

  156.         return channel.json_body

  157. 

  158.     def test_send_join(self):

  159.         """happy-path test of send_join"""

  160.         joining_user = "@misspiggy:" + self.OTHER_SERVER_NAME

  161.         join_result = self._make_join(joining_user)

  162. 

  163.         join_event_dict = join_result["event"]

  164.         add_hashes_and_signatures(

  165.             KNOWN_ROOM_VERSIONS[DEFAULT_ROOM_VERSION],

  166.             join_event_dict,

  167.             signature_name=self.OTHER_SERVER_NAME,

  168.             signing_key=self.OTHER_SERVER_SIGNATURE_KEY,

  169.         )

  170.         channel = self.make_signed_federation_request(

  171.             "PUT",

  172.             f"/_matrix/federation/v2/send_join/{self._room_id}/x",

  173.             content=join_event_dict,

  174.         )

  175.         self.assertEqual(channel.code, 200, channel.json_body)

  176. 

  177.         # we should get complete room state back

  178.         returned_state = [

  179.             (ev["type"], ev["state_key"]) for ev in channel.json_body["state"]

  180.         ]

  181.         self.assertCountEqual(

  182.             returned_state,

  183.             [

  184.                 ("m.room.create", ""),

  185.                 ("m.room.power_levels", ""),

  186.                 ("m.room.join_rules", ""),

  187.                 ("m.room.history_visibility", ""),

  188.                 ("m.room.member", "@kermit:test"),

  189.                 ("m.room.member", "@fozzie:test"),

  190.                 # nb: *not* the joining user

  191.             ],

  192.         )

  193. 

  194.         # also check the auth chain

  195.         returned_auth_chain_events = [

  196.             (ev["type"], ev["state_key"]) for ev in channel.json_body["auth_chain"]

  197.         ]

  198.         self.assertCountEqual(

  199.             returned_auth_chain_events,

  200.             [

  201.                 ("m.room.create", ""),

  202.                 ("m.room.member", "@kermit:test"),

  203.                 ("m.room.power_levels", ""),

  204.                 ("m.room.join_rules", ""),

  205.             ],

  206.         )

  207. 

  208.         # the room should show that the new user is a member

  209.         r = self.get_success(

  210.             self.hs.get_state_handler().get_current_state(self._room_id)

  211.         )

  212.         self.assertEqual(r[("m.room.member", joining_user)].membership, "join")

  213. 

  214.     @override_config({"experimental_features": {"msc3706_enabled": True}})

  215.     def test_send_join_partial_state(self):

  216.         """When MSC3706 support is enabled, /send_join should return partial state"""

  217.         joining_user = "@misspiggy:" + self.OTHER_SERVER_NAME

  218.         join_result = self._make_join(joining_user)

  219. 

  220.         join_event_dict = join_result["event"]

  221.         add_hashes_and_signatures(

  222.             KNOWN_ROOM_VERSIONS[DEFAULT_ROOM_VERSION],

  223.             join_event_dict,

  224.             signature_name=self.OTHER_SERVER_NAME,

  225.             signing_key=self.OTHER_SERVER_SIGNATURE_KEY,

  226.         )

  227.         channel = self.make_signed_federation_request(

  228.             "PUT",

  229.             f"/_matrix/federation/v2/send_join/{self._room_id}/x?org.matrix.msc3706.partial_state=true",

  230.             content=join_event_dict,

  231.         )

  232.         self.assertEqual(channel.code, 200, channel.json_body)

  233. 

  234.         # expect a reduced room state

  235.         returned_state = [

  236.             (ev["type"], ev["state_key"]) for ev in channel.json_body["state"]

  237.         ]

  238.         self.assertCountEqual(

  239.             returned_state,

  240.             [

  241.                 ("m.room.create", ""),

  242.                 ("m.room.power_levels", ""),

  243.                 ("m.room.join_rules", ""),

  244.                 ("m.room.history_visibility", ""),

  245.             ],

  246.         )

  247. 

  248.         # the auth chain should not include anything already in "state"

  249.         returned_auth_chain_events = [

  250.             (ev["type"], ev["state_key"]) for ev in channel.json_body["auth_chain"]

  251.         ]

  252.         self.assertCountEqual(

  253.             returned_auth_chain_events,

  254.             [

  255.                 ("m.room.member", "@kermit:test"),

  256.             ],

  257.         )

  258. 

  259.         # the room should show that the new user is a member

  260.         r = self.get_success(

  261.             self.hs.get_state_handler().get_current_state(self._room_id)

  262.         )

  263.         self.assertEqual(r[("m.room.member", joining_user)].membership, "join")

  264. 

  265. 

  266. def _create_acl_event(content):

  267.     return make_event_from_dict(

  268.         {

  269.             "room_id": "!a:b",

  270.             "event_id": "$a:b",

  271.             "type": "m.room.server_acls",

  272.             "sender": "@a:b",

  273.             "content": content,

  274.         }

  275.     )