def prepare(self, reactor, clock, hs):
self.allowed_user_id = self.register_user("allowed", "pass")
self.allowed_access_token = self.login("allowed", "pass")
self.denied_user_id = self.register_user("denied", "pass")
self.denied_access_token = self.login("denied", "pass")
# This time we add custom room list publication rules
config = {}
config["alias_creation_rules"] = []
config["room_list_publication_rules"] = [
{
"user_id": "*",
"alias": "*",
"action": "deny"
},
{
"user_id": self.allowed_user_id,
"alias": "*",
"action": "allow"
},
]
rd_config = RoomDirectoryConfig()
rd_config.read_config(config)
self.hs.config.roomdirectory.is_publishing_room_allowed = (
rd_config.is_publishing_room_allowed)
return hs
def test_alias_creation_acl(self):
config = yaml.load("""
alias_creation_rules:
- user_id: "*bob*"
alias: "*"
action: "deny"
- user_id: "*"
alias: "#unofficial_*"
action: "allow"
- user_id: "@foo*:example.com"
alias: "*"
action: "allow"
- user_id: "@gah:example.com"
alias: "#goo:example.com"
action: "allow"
room_list_publication_rules: []
""")
rd_config = RoomDirectoryConfig()
rd_config.read_config(config)
self.assertFalse(
rd_config.is_alias_creation_allowed(
user_id="@bob:example.com",
room_id="!test",
alias="#test:example.com",
))
self.assertTrue(
rd_config.is_alias_creation_allowed(
user_id="@test:example.com",
room_id="!test",
alias="#unofficial_st:example.com",
))
self.assertTrue(
rd_config.is_alias_creation_allowed(
user_id="@foobar:example.com",
room_id="!test",
alias="#test:example.com",
))
self.assertTrue(
rd_config.is_alias_creation_allowed(
user_id="@gah:example.com",
room_id="!test",
alias="#goo:example.com",
))
self.assertFalse(
rd_config.is_alias_creation_allowed(
user_id="@test:example.com",
room_id="!test",
alias="#test:example.com",
))
def prepare(self, reactor, clock, hs):
# We cheekily override the config to add custom alias creation rules
config = {}
config["alias_creation_rules"] = [
{"user_id": "*", "alias": "#unofficial_*", "action": "allow"}
]
config["room_list_publication_rules"] = []
rd_config = RoomDirectoryConfig()
rd_config.read_config(config)
self.hs.config.is_alias_creation_allowed = rd_config.is_alias_creation_allowed
return hs
def prepare(self, hs, reactor, clock):
# We cheekily override the config to add custom alias creation rules
config = {}
config["alias_creation_rules"] = [
{
"user_id": "*",
"alias": "#unofficial_*",
"action": "allow",
}
]
rd_config = RoomDirectoryConfig()
rd_config.read_config(config)
self.hs.config.is_alias_creation_allowed = rd_config.is_alias_creation_allowed
return hs
def test_room_publish_acl(self):
config = yaml.safe_load("""
alias_creation_rules: []
room_list_publication_rules:
- user_id: "*bob*"
alias: "*"
action: "deny"
- user_id: "*"
alias: "#unofficial_*"
action: "allow"
- user_id: "@foo*:example.com"
alias: "*"
action: "allow"
- user_id: "@gah:example.com"
alias: "#goo:example.com"
action: "allow"
- room_id: "!test-deny"
action: "deny"
""")
rd_config = RoomDirectoryConfig()
rd_config.read_config(config)
self.assertFalse(
rd_config.is_publishing_room_allowed(
user_id="@bob:example.com",
room_id="!test",
aliases=["#test:example.com"],
))
self.assertTrue(
rd_config.is_publishing_room_allowed(
user_id="@test:example.com",
room_id="!test",
aliases=["#unofficial_st:example.com"],
))
self.assertTrue(
rd_config.is_publishing_room_allowed(user_id="@foobar:example.com",
room_id="!test",
aliases=[]))
self.assertTrue(
rd_config.is_publishing_room_allowed(
user_id="@gah:example.com",
room_id="!test",
aliases=["#goo:example.com"],
))
self.assertFalse(
rd_config.is_publishing_room_allowed(
user_id="@test:example.com",
room_id="!test",
aliases=["#test:example.com"],
))
self.assertTrue(
rd_config.is_publishing_room_allowed(user_id="@foobar:example.com",
room_id="!test-deny",
aliases=[]))
self.assertFalse(
rd_config.is_publishing_room_allowed(user_id="@gah:example.com",
room_id="!test-deny",
aliases=[]))
self.assertTrue(
rd_config.is_publishing_room_allowed(
user_id="@test:example.com",
room_id="!test",
aliases=["#unofficial_st:example.com", "#blah:example.com"],
))