mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-15 17:51:10 +00:00
Return 404 or member list when getting joined_members after leaving (#13374)
Signed-off-by: Andrew Doh <andrewddo@gmail.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Andrew Morgan <andrewm@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
This commit is contained in:
parent
503a95804e
commit
78a3111c41
3 changed files with 20 additions and 2 deletions
1
changelog.d/13374.bugfix
Normal file
1
changelog.d/13374.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug introduced in Synapse 0.24.0 that would respond with the wrong error status code to `/joined_members` requests when the requester is not a current member of the room. Contributed by @andrewdoh.
|
|
@ -324,8 +324,10 @@ class MessageHandler:
|
|||
room_id, user_id, allow_departed_users=True
|
||||
)
|
||||
if membership != Membership.JOIN:
|
||||
raise NotImplementedError(
|
||||
"Getting joined members after leaving is not implemented"
|
||||
raise SynapseError(
|
||||
code=403,
|
||||
errcode=Codes.FORBIDDEN,
|
||||
msg="Getting joined members while not being a current member of the room is forbidden.",
|
||||
)
|
||||
|
||||
users_with_profile = await self.store.get_users_in_room_with_profiles(room_id)
|
||||
|
|
|
@ -1772,6 +1772,21 @@ class RoomTestCase(unittest.HomeserverTestCase):
|
|||
tok=admin_user_tok,
|
||||
)
|
||||
|
||||
def test_get_joined_members_after_leave_room(self) -> None:
|
||||
"""Test that requesting room members after leaving the room raises a 403 error."""
|
||||
|
||||
# create the room
|
||||
user = self.register_user("foo", "pass")
|
||||
user_tok = self.login("foo", "pass")
|
||||
room_id = self.helper.create_room_as(user, tok=user_tok)
|
||||
self.helper.leave(room_id, user, tok=user_tok)
|
||||
|
||||
# delete the rooms and get joined roomed membership
|
||||
url = f"/_matrix/client/r0/rooms/{room_id}/joined_members"
|
||||
channel = self.make_request("GET", url.encode("ascii"), access_token=user_tok)
|
||||
self.assertEqual(HTTPStatus.FORBIDDEN, channel.code, msg=channel.json_body)
|
||||
self.assertEqual(Codes.FORBIDDEN, channel.json_body["errcode"])
|
||||
|
||||
|
||||
class JoinAliasRoomTestCase(unittest.HomeserverTestCase):
|
||||
|
||||
|
|
Loading…
Reference in a new issue