Merge SenderID & Per Room User Key work (#3109)

2025-07-30 21:12:45 +00:00 · 2023-06-14 14:23:46 +00:00 · 2023-06-14 14:23:46 +00:00 · e4665979bf
commit e4665979bf
parent 7a2e325d10
75 changed files with 801 additions and 379 deletions
--- a/clientapi/routing/directory.go
+++ b/clientapi/routing/directory.go
@ -233,11 +233,18 @@ func RemoveLocalAlias(
 		}
 	}

-	deviceSenderID, err := rsAPI.QuerySenderIDForUser(req.Context(), roomIDRes.RoomID, *userID)
+	validRoomID, err := spec.NewRoomID(roomIDRes.RoomID)
 	if err != nil {
 		return util.JSONResponse{
-			Code: http.StatusInternalServerError,
-			JSON: spec.InternalServerError{Err: "Could not find SenderID for this device"},
+			Code: http.StatusNotFound,
+			JSON: spec.NotFound("The alias does not exist."),
+		}
+	}
+	deviceSenderID, err := rsAPI.QuerySenderIDForUser(req.Context(), *validRoomID, *userID)
+	if err != nil {
+		return util.JSONResponse{
+			Code: http.StatusNotFound,
+			JSON: spec.NotFound("The alias does not exist."),
 		}
 	}

@ -321,7 +328,15 @@ func SetVisibility(
 			JSON: spec.BadJSON("userID for this device is invalid"),
 		}
 	}
-	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), roomID, *deviceUserID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		util.GetLogger(req.Context()).WithError(err).Error("roomID is invalid")
+		return util.JSONResponse{
+			Code: http.StatusBadRequest,
+			JSON: spec.BadJSON("RoomID is invalid"),
+		}
+	}
+	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), *validRoomID, *deviceUserID)
 	if err != nil {
 		return util.JSONResponse{
 			Code: http.StatusBadRequest,
--- a/clientapi/routing/membership.go
+++ b/clientapi/routing/membership.go
@ -64,7 +64,14 @@ func SendBan(
 			JSON: spec.Forbidden("You don't have permission to ban this user, bad userID"),
 		}
 	}
-	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), roomID, *deviceUserID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return util.JSONResponse{
+			Code: http.StatusBadRequest,
+			JSON: spec.BadJSON("RoomID is invalid"),
+		}
+	}
+	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), *validRoomID, *deviceUserID)
 	if err != nil {
 		return util.JSONResponse{
 			Code: http.StatusForbidden,
@ -155,7 +162,14 @@ func SendKick(
 			JSON: spec.Forbidden("You don't have permission to kick this user, bad userID"),
 		}
 	}
-	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), roomID, *deviceUserID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return util.JSONResponse{
+			Code: http.StatusBadRequest,
+			JSON: spec.BadJSON("RoomID is invalid"),
+		}
+	}
+	senderID, err := rsAPI.QuerySenderIDForUser(req.Context(), *validRoomID, *deviceUserID)
 	if err != nil {
 		return util.JSONResponse{
 			Code: http.StatusForbidden,
@ -428,7 +442,11 @@ func buildMembershipEvent(
 	if err != nil {
 		return nil, err
 	}
-	senderID, err := rsAPI.QuerySenderIDForUser(ctx, roomID, *userID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return nil, err
+	}
+	senderID, err := rsAPI.QuerySenderIDForUser(ctx, *validRoomID, *userID)
 	if err != nil {
 		return nil, err
 	}
@ -437,7 +455,7 @@ func buildMembershipEvent(
 	if err != nil {
 		return nil, err
 	}
-	targetSenderID, err := rsAPI.QuerySenderIDForUser(ctx, roomID, *targetID)
+	targetSenderID, err := rsAPI.QuerySenderIDForUser(ctx, *validRoomID, *targetID)
 	if err != nil {
 		return nil, err
 	}
--- a/clientapi/routing/profile.go
+++ b/clientapi/routing/profile.go
@ -368,7 +368,11 @@ func buildMembershipEvents(
 		return nil, err
 	}
 	for _, roomID := range roomIDs {
-		senderID, err := rsAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
+		validRoomID, err := spec.NewRoomID(roomID)
+		if err != nil {
+			return nil, err
+		}
+		senderID, err := rsAPI.QuerySenderIDForUser(ctx, *validRoomID, *fullUserID)
 		if err != nil {
 			return nil, err
 		}
--- a/clientapi/routing/redaction.go
+++ b/clientapi/routing/redaction.go
@ -54,7 +54,14 @@ func SendRedaction(
 			JSON: spec.Forbidden("userID doesn't have power level to redact"),
 		}
 	}
-	senderID, queryErr := rsAPI.QuerySenderIDForUser(req.Context(), roomID, *deviceUserID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return util.JSONResponse{
+			Code: http.StatusBadRequest,
+			JSON: spec.BadJSON("RoomID is invalid"),
+		}
+	}
+	senderID, queryErr := rsAPI.QuerySenderIDForUser(req.Context(), *validRoomID, *deviceUserID)
 	if queryErr != nil {
 		return util.JSONResponse{
 			Code: http.StatusForbidden,
@ -103,8 +110,8 @@ func SendRedaction(
 				JSON: spec.Forbidden("You don't have permission to redact this event, no power_levels event in this room."),
 			}
 		}
-		pl, err := plEvent.PowerLevels()
-		if err != nil {
+		pl, plErr := plEvent.PowerLevels()
+		if plErr != nil {
 			return util.JSONResponse{
 				Code: 403,
 				JSON: spec.Forbidden(
@ -134,7 +141,7 @@ func SendRedaction(
 		Type:     spec.MRoomRedaction,
 		Redacts:  eventID,
 	}
-	err := proto.SetContent(r)
+	err = proto.SetContent(r)
 	if err != nil {
 		util.GetLogger(req.Context()).WithError(err).Error("proto.SetContent failed")
 		return util.JSONResponse{
--- a/clientapi/routing/sendevent.go
+++ b/clientapi/routing/sendevent.go
@ -273,7 +273,14 @@ func generateSendEvent(
 			JSON: spec.BadJSON("Bad userID"),
 		}
 	}
-	senderID, err := rsAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return nil, &util.JSONResponse{
+			Code: http.StatusBadRequest,
+			JSON: spec.BadJSON("RoomID is invalid"),
+		}
+	}
+	senderID, err := rsAPI.QuerySenderIDForUser(ctx, *validRoomID, *fullUserID)
 	if err != nil {
 		return nil, &util.JSONResponse{
 			Code: http.StatusNotFound,
@ -344,8 +351,8 @@ func generateSendEvent(
 		stateEvents[i] = queryRes.StateEvents[i].PDU
 	}
 	provider := gomatrixserverlib.NewAuthEvents(gomatrixserverlib.ToPDUs(stateEvents))
-	if err = gomatrixserverlib.Allowed(e.PDU, &provider, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
-		return rsAPI.QueryUserIDForSender(ctx, roomID, senderID)
+	if err = gomatrixserverlib.Allowed(e.PDU, &provider, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
+		return rsAPI.QueryUserIDForSender(ctx, *validRoomID, senderID)
 	}); err != nil {
 		return nil, &util.JSONResponse{
 			Code: http.StatusForbidden,
--- a/clientapi/routing/state.go
+++ b/clientapi/routing/state.go
@ -150,7 +150,7 @@ func OnIncomingStateRequest(ctx context.Context, device *userapi.Device, rsAPI a
 		for _, ev := range stateRes.StateEvents {
 			stateEvents = append(
 				stateEvents,
-				synctypes.ToClientEventDefault(func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
+				synctypes.ToClientEventDefault(func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
 					return rsAPI.QueryUserIDForSender(ctx, roomID, senderID)
 				}, ev),
 			)
@ -173,14 +173,19 @@ func OnIncomingStateRequest(ctx context.Context, device *userapi.Device, rsAPI a
 		}
 		for _, ev := range stateAfterRes.StateEvents {
 			sender := spec.UserID{}
-			userID, err := rsAPI.QueryUserIDForSender(ctx, ev.RoomID(), ev.SenderID())
+			evRoomID, err := spec.NewRoomID(ev.RoomID())
+			if err != nil {
+				util.GetLogger(ctx).WithError(err).Error("Event roomID is invalid")
+				continue
+			}
+			userID, err := rsAPI.QueryUserIDForSender(ctx, *evRoomID, ev.SenderID())
 			if err == nil && userID != nil {
 				sender = *userID
 			}

 			sk := ev.StateKey()
 			if sk != nil && *sk != "" {
-				skUserID, err := rsAPI.QueryUserIDForSender(ctx, ev.RoomID(), spec.SenderID(*ev.StateKey()))
+				skUserID, err := rsAPI.QueryUserIDForSender(ctx, *evRoomID, spec.SenderID(*ev.StateKey()))
 				if err == nil && skUserID != nil {
 					skString := skUserID.String()
 					sk = &skString
@ -367,7 +372,7 @@ func OnIncomingStateTypeRequest(
 	}

 	stateEvent := stateEventInStateResp{
-		ClientEvent: synctypes.ToClientEventDefault(func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
+		ClientEvent: synctypes.ToClientEventDefault(func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
 			return rsAPI.QueryUserIDForSender(ctx, roomID, senderID)
 		}, event),
 	}
--- a/clientapi/threepid/invites.go
+++ b/clientapi/threepid/invites.go
@ -359,7 +359,11 @@ func emit3PIDInviteEvent(
 	if err != nil {
 		return err
 	}
-	sender, err := rsAPI.QuerySenderIDForUser(ctx, roomID, *userID)
+	validRoomID, err := spec.NewRoomID(roomID)
+	if err != nil {
+		return err
+	}
+	sender, err := rsAPI.QuerySenderIDForUser(ctx, *validRoomID, *userID)
 	if err != nil {
 		return err
 	}