This repository was archived by the owner on Apr 26, 2024. It is now read-only.
Handle malformed values of notification.room in power level events#14942
Merged
DMRobertson merged 7 commits intodevelopfrom Jan 30, 2023
Merged
Handle malformed values of notification.room in power level events#14942DMRobertson merged 7 commits intodevelopfrom
notification.room in power level events#14942DMRobertson merged 7 commits intodevelopfrom
Conversation
cf27d7b to
d6569dc
Compare
added 4 commits
January 30, 2023 18:53
The previous test only checked that Synapse didn't raise an exception, but didn't check that we had correctly interpreted the value of the dodgy power level. It also conflated two things: bad room notification levels, and bad user levels. There _is_ logic for converting the latter to integers, but we should test it separately.
f3cea29 to
ca73e0c
Compare
ca73e0c to
698c288
Compare
clokep
reviewed
Jan 30, 2023
| @@ -0,0 +1 @@ | |||
| Fix a bug introduced in Synapse 1.68.0 where we were unable to service remote joins in rooms with `@room` notification levels set to `null` in their (malformed) power levels. | |||
Member
Contributor
Author
There was a problem hiding this comment.
That was my thinking when I came to write the changelog.
Member
There was a problem hiding this comment.
👍 Makes sense, just making sure I didn't miss something!
Member
There was a problem hiding this comment.
I'm purposefully leaving this unresolved so that we can find it in the future if we need to. 😄
clokep
reviewed
Jan 30, 2023
clokep
reviewed
Jan 30, 2023
clokep
reviewed
Jan 30, 2023
clokep
approved these changes
Jan 30, 2023
clokep
approved these changes
Jan 30, 2023
Contributor
Author
|
(last commit is me running |
Fizzadar
added a commit
to beeper/synapse-legacy-fork
that referenced
this pull request
Feb 20, 2023
Synapse 1.77.0 (2023-02-14) =========================== No significant changes since 1.77.0rc2. Synapse 1.77.0rc2 (2023-02-10) ============================== Bugfixes -------- - Fix bug where retried replication requests would return a failure. Introduced in v1.76.0. ([\matrix-org#15024](matrix-org#15024)) Internal Changes ---------------- - Prepare for future database schema changes. ([\matrix-org#15036](matrix-org#15036)) Synapse 1.77.0rc1 (2023-02-07) ============================== Features -------- - Experimental support for [MSC3952](matrix-org/matrix-spec-proposals#3952): intentional mentions. ([\matrix-org#14823](matrix-org#14823), [\matrix-org#14943](matrix-org#14943), [\matrix-org#14957](matrix-org#14957), [\matrix-org#14958](matrix-org#14958)) - Experimental support to suppress notifications from message edits ([MSC3958](matrix-org/matrix-spec-proposals#3958)). ([\matrix-org#14960](matrix-org#14960), [\matrix-org#15016](matrix-org#15016)) - Add profile information, devices and connections to the command line [user data export tool](https://matrix-org.github.io/synapse/v1.77/usage/administration/admin_faq.html#how-can-i-export-user-data). ([\matrix-org#14894](matrix-org#14894)) - Improve performance when joining or sending an event in large rooms. ([\matrix-org#14962](matrix-org#14962)) - Improve performance of joining and leaving large rooms with many local users. ([\matrix-org#14971](matrix-org#14971)) Bugfixes -------- - Fix a bug introduced in Synapse 1.53.0 where `next_batch` tokens from `/sync` could not be used with the `/relations` endpoint. ([\matrix-org#14866](matrix-org#14866)) - Fix a bug introduced in Synapse 1.35.0 where the module API's `send_local_online_presence_to` would fail to send presence updates over federation. ([\matrix-org#14880](matrix-org#14880)) - Fix a bug introduced in Synapse 1.70.0 where the background updates to add non-thread unique indexes on receipts could fail when upgrading from 1.67.0 or earlier. ([\matrix-org#14915](matrix-org#14915)) - Fix a regression introduced in Synapse 1.69.0 which can result in database corruption when database migrations are interrupted on sqlite. ([\matrix-org#14926](matrix-org#14926)) - Fix a bug introduced in Synapse 1.68.0 where we were unable to service remote joins in rooms with `@room` notification levels set to `null` in their (malformed) power levels. ([\matrix-org#14942](matrix-org#14942)) - Fix a bug introduced in Synapse 1.64.0 where boolean power levels were erroneously permitted in [v10 rooms](https://spec.matrix.org/v1.5/rooms/v10/). ([\matrix-org#14944](matrix-org#14944)) - Fix a long-standing bug where sending messages on servers with presence enabled would spam "Re-starting finished log context" log lines. ([\matrix-org#14947](matrix-org#14947)) - Fix a bug introduced in Synapse 1.68.0 where logging from the Rust module was not properly logged. ([\matrix-org#14976](matrix-org#14976)) - Fix various long-standing bugs in Synapse's config, event and request handling where booleans were unintentionally accepted where an integer was expected. ([\matrix-org#14945](matrix-org#14945)) Internal Changes ---------------- - Add missing type hints. ([\matrix-org#14879](matrix-org#14879), [\matrix-org#14886](matrix-org#14886), [\matrix-org#14887](matrix-org#14887), [\matrix-org#14904](matrix-org#14904), [\matrix-org#14927](matrix-org#14927), [\matrix-org#14956](matrix-org#14956), [\matrix-org#14983](matrix-org#14983), [\matrix-org#14984](matrix-org#14984), [\matrix-org#14985](matrix-org#14985), [\matrix-org#14987](matrix-org#14987), [\matrix-org#14988](matrix-org#14988), [\matrix-org#14990](matrix-org#14990), [\matrix-org#14991](matrix-org#14991), [\matrix-org#14992](matrix-org#14992), [\matrix-org#15007](matrix-org#15007)) - Use `StrCollection` to avoid potential bugs with `Collection[str]`. ([\matrix-org#14922](matrix-org#14922)) - Allow running the complement tests suites with the asyncio reactor enabled. ([\matrix-org#14858](matrix-org#14858)) - Improve performance of `/sync` in a few situations. ([\matrix-org#14908](matrix-org#14908), [\matrix-org#14970](matrix-org#14970)) - Document how to handle Dependabot pull requests. ([\matrix-org#14916](matrix-org#14916)) - Fix typo in release script. ([\matrix-org#14920](matrix-org#14920)) - Update build system requirements to allow building with poetry-core 1.5.0. ([\matrix-org#14949](matrix-org#14949), [\matrix-org#15019](matrix-org#15019)) - Add an [lnav](https://lnav.org) config file for Synapse logs to `/contrib/lnav`. ([\matrix-org#14953](matrix-org#14953)) - Faster joins: Refactor internal handling of servers in room to never store an empty list. ([\matrix-org#14954](matrix-org#14954)) - Faster joins: tag `v2/send_join/` requests to indicate if they served a partial join response. ([\matrix-org#14950](matrix-org#14950)) - Allow running `cargo` without the `extension-module` option. ([\matrix-org#14965](matrix-org#14965)) - Preparatory work for adding a denormalised event stream ordering column in the future. Contributed by Nick @ Beeper (@Fizzadar). ([\matrix-org#14979](matrix-org#14979), [9cd7610](matrix-org@9cd7610), [f10caa7](matrix-org@f10caa7); see [\matrix-org#15014](matrix-org#15014)) - Add tests for `_flatten_dict`. ([\matrix-org#14981](matrix-org#14981), [\matrix-org#15002](matrix-org#15002)) <details><summary>Dependabot updates</summary> - Bump dtolnay/rust-toolchain from e645b0cf01249a964ec099494d38d2da0f0b349f to 9cd00a88a73addc8617065438eff914dd08d0955. ([\matrix-org#14968](matrix-org#14968)) - Bump docker/build-push-action from 3 to 4. ([\matrix-org#14952](matrix-org#14952)) - Bump ijson from 3.1.4 to 3.2.0.post0. ([\matrix-org#14935](matrix-org#14935)) - Bump types-pyyaml from 6.0.12.2 to 6.0.12.3. ([\matrix-org#14936](matrix-org#14936)) - Bump types-jsonschema from 4.17.0.2 to 4.17.0.3. ([\matrix-org#14937](matrix-org#14937)) - Bump types-pillow from 9.4.0.3 to 9.4.0.5. ([\matrix-org#14938](matrix-org#14938)) - Bump hiredis from 2.0.0 to 2.1.1. ([\matrix-org#14939](matrix-org#14939)) - Bump hiredis from 2.1.1 to 2.2.1. ([\matrix-org#14993](matrix-org#14993)) - Bump types-setuptools from 65.6.0.3 to 67.1.0.0. ([\matrix-org#14994](matrix-org#14994)) - Bump prometheus-client from 0.15.0 to 0.16.0. ([\matrix-org#14995](matrix-org#14995)) - Bump anyhow from 1.0.68 to 1.0.69. ([\matrix-org#14996](matrix-org#14996)) - Bump serde_json from 1.0.91 to 1.0.92. ([\matrix-org#14997](matrix-org#14997)) - Bump isort from 5.11.4 to 5.11.5. ([\matrix-org#14998](matrix-org#14998)) - Bump phonenumbers from 8.13.4 to 8.13.5. ([\matrix-org#14999](matrix-org#14999)) </details> # -----BEGIN PGP SIGNATURE----- # # iHUEABYKAB0WIQSTI7xPaHQ1yo0PA8uSL1esuTqr+QUCY+ubcgAKCRCSL1esuTqr # +foKAP9K8HQeGlOns6GRRiyY1EPILRvptAXeMit2eQ19J+ROKAD+JZM5WqlpWAdW # ikmC4GV8hps01IAWFwKtK3+pLqg79gc= # =yBT7 # -----END PGP SIGNATURE----- # gpg: Signature made Tue Feb 14 14:32:18 2023 GMT # gpg: using EDDSA key 9323BC4F687435CA8D0F03CB922F57ACB93AABF9 # gpg: Can't check signature: No public key # Conflicts: # docker/Dockerfile # poetry.lock # rust/src/push/base_rules.rs # rust/src/push/evaluator.rs # rust/src/push/mod.rs # synapse/config/experimental.py # synapse/event_auth.py # synapse/handlers/message.py # synapse/handlers/pagination.py # synapse/push/bulk_push_rule_evaluator.py # synapse/rest/admin/rooms.py # synapse/storage/databases/main/devices.py # synapse/storage/databases/main/roommember.py # tests/push/test_push_rule_evaluator.py
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Mar 1, 2023
Synapse 1.77.0 (2023-02-14) =========================== No significant changes since 1.77.0rc2. Synapse 1.77.0rc2 (2023-02-10) ============================== Bugfixes -------- - Fix bug where retried replication requests would return a failure. Introduced in v1.76.0. ([\#15024](matrix-org/synapse#15024)) Internal Changes ---------------- - Prepare for future database schema changes. ([\#15036](matrix-org/synapse#15036)) Synapse 1.77.0rc1 (2023-02-07) ============================== Features -------- - Experimental support for [MSC3952](matrix-org/matrix-spec-proposals#3952): intentional mentions. ([\#14823](matrix-org/synapse#14823), [\#14943](matrix-org/synapse#14943), [\#14957](matrix-org/synapse#14957), [\#14958](matrix-org/synapse#14958)) - Experimental support to suppress notifications from message edits ([MSC3958](matrix-org/matrix-spec-proposals#3958)). ([\#14960](matrix-org/synapse#14960), [\#15016](matrix-org/synapse#15016)) - Add profile information, devices and connections to the command line [user data export tool](https://matrix-org.github.io/synapse/v1.77/usage/administration/admin_faq.html#how-can-i-export-user-data). ([\#14894](matrix-org/synapse#14894)) - Improve performance when joining or sending an event in large rooms. ([\#14962](matrix-org/synapse#14962)) - Improve performance of joining and leaving large rooms with many local users. ([\#14971](matrix-org/synapse#14971)) Bugfixes -------- - Fix a bug introduced in Synapse 1.53.0 where `next_batch` tokens from `/sync` could not be used with the `/relations` endpoint. ([\#14866](matrix-org/synapse#14866)) - Fix a bug introduced in Synapse 1.35.0 where the module API's `send_local_online_presence_to` would fail to send presence updates over federation. ([\#14880](matrix-org/synapse#14880)) - Fix a bug introduced in Synapse 1.70.0 where the background updates to add non-thread unique indexes on receipts could fail when upgrading from 1.67.0 or earlier. ([\#14915](matrix-org/synapse#14915)) - Fix a regression introduced in Synapse 1.69.0 which can result in database corruption when database migrations are interrupted on sqlite. ([\#14926](matrix-org/synapse#14926)) - Fix a bug introduced in Synapse 1.68.0 where we were unable to service remote joins in rooms with `@room` notification levels set to `null` in their (malformed) power levels. ([\#14942](matrix-org/synapse#14942)) - Fix a bug introduced in Synapse 1.64.0 where boolean power levels were erroneously permitted in [v10 rooms](https://spec.matrix.org/v1.5/rooms/v10/). ([\#14944](matrix-org/synapse#14944)) - Fix a long-standing bug where sending messages on servers with presence enabled would spam "Re-starting finished log context" log lines. ([\#14947](matrix-org/synapse#14947)) - Fix a bug introduced in Synapse 1.68.0 where logging from the Rust module was not properly logged. ([\#14976](matrix-org/synapse#14976)) - Fix various long-standing bugs in Synapse's config, event and request handling where booleans were unintentionally accepted where an integer was expected. ([\#14945](matrix-org/synapse#14945)) Internal Changes ---------------- - Add missing type hints. ([\#14879](matrix-org/synapse#14879), [\#14886](matrix-org/synapse#14886), [\#14887](matrix-org/synapse#14887), [\#14904](matrix-org/synapse#14904), [\#14927](matrix-org/synapse#14927), [\#14956](matrix-org/synapse#14956), [\#14983](matrix-org/synapse#14983), [\#14984](matrix-org/synapse#14984), [\#14985](matrix-org/synapse#14985), [\#14987](matrix-org/synapse#14987), [\#14988](matrix-org/synapse#14988), [\#14990](matrix-org/synapse#14990), [\#14991](matrix-org/synapse#14991), [\#14992](matrix-org/synapse#14992), [\#15007](matrix-org/synapse#15007)) - Use `StrCollection` to avoid potential bugs with `Collection[str]`. ([\#14922](matrix-org/synapse#14922)) - Allow running the complement tests suites with the asyncio reactor enabled. ([\#14858](matrix-org/synapse#14858)) - Improve performance of `/sync` in a few situations. ([\#14908](matrix-org/synapse#14908), [\#14970](matrix-org/synapse#14970)) - Document how to handle Dependabot pull requests. ([\#14916](matrix-org/synapse#14916)) - Fix typo in release script. ([\#14920](matrix-org/synapse#14920)) - Update build system requirements to allow building with poetry-core 1.5.0. ([\#14949](matrix-org/synapse#14949), [\#15019](matrix-org/synapse#15019)) - Add an [lnav](https://lnav.org) config file for Synapse logs to `/contrib/lnav`. ([\#14953](matrix-org/synapse#14953)) - Faster joins: Refactor internal handling of servers in room to never store an empty list. ([\#14954](matrix-org/synapse#14954)) - Faster joins: tag `v2/send_join/` requests to indicate if they served a partial join response. ([\#14950](matrix-org/synapse#14950)) - Allow running `cargo` without the `extension-module` option. ([\#14965](matrix-org/synapse#14965)) - Preparatory work for adding a denormalised event stream ordering column in the future. Contributed by Nick @ Beeper (@Fizzadar). ([\#14979](matrix-org/synapse#14979), [9cd7610](matrix-org/synapse@9cd7610), [f10caa7](matrix-org/synapse@f10caa7); see [\#15014](matrix-org/synapse#15014)) - Add tests for `_flatten_dict`. ([\#14981](matrix-org/synapse#14981), [\#15002](matrix-org/synapse#15002)) <details><summary>Locked dependency updates</summary> - Bump dtolnay/rust-toolchain from e645b0cf01249a964ec099494d38d2da0f0b349f to 9cd00a88a73addc8617065438eff914dd08d0955. ([\#14968](matrix-org/synapse#14968)) - Bump docker/build-push-action from 3 to 4. ([\#14952](matrix-org/synapse#14952)) - Bump ijson from 3.1.4 to 3.2.0.post0. ([\#14935](matrix-org/synapse#14935)) - Bump types-pyyaml from 6.0.12.2 to 6.0.12.3. ([\#14936](matrix-org/synapse#14936)) - Bump types-jsonschema from 4.17.0.2 to 4.17.0.3. ([\#14937](matrix-org/synapse#14937)) - Bump types-pillow from 9.4.0.3 to 9.4.0.5. ([\#14938](matrix-org/synapse#14938)) - Bump hiredis from 2.0.0 to 2.1.1. ([\#14939](matrix-org/synapse#14939)) - Bump hiredis from 2.1.1 to 2.2.1. ([\#14993](matrix-org/synapse#14993)) - Bump types-setuptools from 65.6.0.3 to 67.1.0.0. ([\#14994](matrix-org/synapse#14994)) - Bump prometheus-client from 0.15.0 to 0.16.0. ([\#14995](matrix-org/synapse#14995)) - Bump anyhow from 1.0.68 to 1.0.69. ([\#14996](matrix-org/synapse#14996)) - Bump serde_json from 1.0.91 to 1.0.92. ([\#14997](matrix-org/synapse#14997)) - Bump isort from 5.11.4 to 5.11.5. ([\#14998](matrix-org/synapse#14998)) - Bump phonenumbers from 8.13.4 to 8.13.5. ([\#14999](matrix-org/synapse#14999)) </details>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Commitwise-reviewable.
Should fix #14933. The problem is that a pre-v10 room has
{"notifications": {"room": null}}in its power levels event content. Thenullbecomes aNoneinside the Python interpreter. Then the logic which tries to handle stringy power levels falls over when computingint(None).I have implemented this assuming that the spec considers
{"notifications": {"room": null}}to be acceptable and equivalent to{"notifications": {}}. I don't know if this is actually true; the OpenAPI definition is https://github.com/matrix-org/matrix-spec/blob/5f2fac89afdd02830099b5010e46724d905057d5/data/event-schemas/schema/m.room.power_levels.yaml#L88-L97. (roomis not marked asrequired, but nor is it marked asnullable.)But being pragmatic for a moment: we have this event in our DB for some reason, and we may as well try to unbreak the room for new joiners.