From 173b1e8d3e800c0029725bcda321a240b5352f7d Mon Sep 17 00:00:00 2001 From: kegsay Date: Thu, 6 Jan 2022 17:13:34 +0000 Subject: [PATCH] Fix #2084 - incorrect /event_auth response (#2085) * Fix #2084 * Return early * Linting --- federationapi/routing/eventauth.go | 38 ++++++++++++++++++++++++++---- roomserver/api/query.go | 4 ++++ roomserver/internal/query/query.go | 15 ++++++++++++ 3 files changed, 52 insertions(+), 5 deletions(-) diff --git a/federationapi/routing/eventauth.go b/federationapi/routing/eventauth.go index 34eaad1c..d92b66f4 100644 --- a/federationapi/routing/eventauth.go +++ b/federationapi/routing/eventauth.go @@ -16,6 +16,7 @@ import ( "context" "net/http" + "github.com/matrix-org/dendrite/clientapi/jsonerror" "github.com/matrix-org/dendrite/roomserver/api" "github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/util" @@ -29,15 +30,42 @@ func GetEventAuth( roomID string, eventID string, ) util.JSONResponse { - // TODO: Optimisation: we shouldn't be querying all the room state - // that is in state.StateEvents - we just ignore it. - state, err := getState(ctx, request, rsAPI, roomID, eventID) + event, resErr := fetchEvent(ctx, rsAPI, eventID) + if resErr != nil { + return *resErr + } + + if event.RoomID() != roomID { + return util.JSONResponse{Code: http.StatusNotFound, JSON: jsonerror.NotFound("event does not belong to this room")} + } + resErr = allowedToSeeEvent(ctx, request.Origin(), rsAPI, eventID) + if resErr != nil { + return *resErr + } + + var response api.QueryStateAndAuthChainResponse + err := rsAPI.QueryStateAndAuthChain( + ctx, + &api.QueryStateAndAuthChainRequest{ + RoomID: roomID, + PrevEventIDs: []string{eventID}, + AuthEventIDs: event.AuthEventIDs(), + OnlyFetchAuthChain: true, + }, + &response, + ) if err != nil { - return *err + return util.ErrorResponse(err) + } + + if !response.RoomExists { + return util.JSONResponse{Code: http.StatusNotFound, JSON: nil} } return util.JSONResponse{ Code: http.StatusOK, - JSON: gomatrixserverlib.RespEventAuth{AuthEvents: state.AuthEvents}, + JSON: gomatrixserverlib.RespEventAuth{ + AuthEvents: gomatrixserverlib.UnwrapEventHeaders(response.AuthChainEvents), + }, } } diff --git a/roomserver/api/query.go b/roomserver/api/query.go index 599156bb..28321715 100644 --- a/roomserver/api/query.go +++ b/roomserver/api/query.go @@ -226,6 +226,10 @@ type QueryStateAndAuthChainRequest struct { PrevEventIDs []string `json:"prev_event_ids"` // The list of auth events for the event. Used to calculate the auth chain AuthEventIDs []string `json:"auth_event_ids"` + // If true, the auth chain events for the auth event IDs given will be fetched only. Prev event IDs are ignored. + // If false, state and auth chain events for the prev event IDs and entire current state will be included. + // TODO: not a great API shape. It serves 2 main uses: false=>response for send_join, true=>response for /event_auth + OnlyFetchAuthChain bool `json:"only_fetch_auth_chain"` // Should state resolution be ran on the result events? // TODO: check call sites and remove if we always want to do state res ResolveState bool `json:"resolve_state"` diff --git a/roomserver/internal/query/query.go b/roomserver/internal/query/query.go index b80f08ab..28b140c7 100644 --- a/roomserver/internal/query/query.go +++ b/roomserver/internal/query/query.go @@ -457,6 +457,21 @@ func (r *Queryer) QueryStateAndAuthChain( response.RoomExists = true response.RoomVersion = info.RoomVersion + // handle this entirely separately to the other case so we don't have to pull out + // the entire current state of the room + // TODO: this probably means it should be a different query operation... + if request.OnlyFetchAuthChain { + var authEvents []*gomatrixserverlib.Event + authEvents, err = GetAuthChain(ctx, r.DB.EventsFromIDs, request.AuthEventIDs) + if err != nil { + return err + } + for _, event := range authEvents { + response.AuthChainEvents = append(response.AuthChainEvents, event.Headered(info.RoomVersion)) + } + return nil + } + var stateEvents []*gomatrixserverlib.Event stateEvents, err = r.loadStateAtEventIDs(ctx, *info, request.PrevEventIDs) if err != nil {