oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-08-01 17:38:36 +00:00
Code Wiki Activity

Merge branch 'membership-refactor' into 'next'

Browse source 
feat: leaving over federation & knocking

Closes #54, #56, and #431

See merge request famedly/conduit!728
This commit is contained in:
Matthias Ahouansou 2025-03-03 19:16:05 +00:00
commit 42d8e88c74
24 changed files with 1681 additions and 1186 deletions
Download patch file Download diff file Expand all files Collapse all files

90
src/api/client_server/alias.rs
View file

@ -1,15 +1,7 @@
use crate::{services, Error, Result, Ruma};
use rand::seq::SliceRandom;
use ruma::{
api::{
appservice,
client::{
alias::{create_alias, delete_alias, get_alias},
error::ErrorKind,
},
federation,
},
OwnedRoomAliasId,
use ruma::api::client::{
alias::{create_alias, delete_alias, get_alias},
error::ErrorKind,
};
/// # `PUT /_matrix/client/r0/directory/room/{roomAlias}`
@ -115,75 +107,9 @@ pub async fn delete_alias_route(
pub async fn get_alias_route(
body: Ruma<get_alias::v3::Request>,
) -> Result<get_alias::v3::Response> {
get_alias_helper(body.body.room_alias).await
}
pub(crate) async fn get_alias_helper(
room_alias: OwnedRoomAliasId,
) -> Result<get_alias::v3::Response> {
if room_alias.server_name() != services().globals.server_name() {
let response = services()
.sending
.send_federation_request(
room_alias.server_name(),
federation::query::get_room_information::v1::Request {
room_alias: room_alias.to_owned(),
},
)
.await?;
let mut servers = response.servers;
servers.shuffle(&mut rand::thread_rng());
return Ok(get_alias::v3::Response::new(response.room_id, servers));
}
let mut room_id = None;
match services().rooms.alias.resolve_local_alias(&room_alias)? {
Some(r) => room_id = Some(r),
None => {
for appservice in services().appservice.read().await.values() {
if appservice.aliases.is_match(room_alias.as_str())
&& matches!(
services()
.sending
.send_appservice_request(
appservice.registration.clone(),
appservice::query::query_room_alias::v1::Request {
room_alias: room_alias.clone(),
},
)
.await,
Ok(Some(_opt_result))
)
{
room_id = Some(
services()
.rooms
.alias
.resolve_local_alias(&room_alias)?
.ok_or_else(|| {
Error::bad_config("Appservice lied to us. Room does not exist.")
})?,
);
break;
}
}
}
};
let room_id = match room_id {
Some(room_id) => room_id,
None => {
return Err(Error::BadRequest(
ErrorKind::NotFound,
"Room with alias not found.",
))
}
};
Ok(get_alias::v3::Response::new(
room_id,
vec![services().globals.server_name().to_owned()],
))
services()
.rooms
.alias
.get_alias_helper(body.body.room_alias)
.await
}

1002
src/api/client_server/membership.rs
View file

File diff suppressed because it is too large Load diff

49
src/api/client_server/sync.rs
View file

@ -10,7 +10,8 @@ use ruma::{
self,
v3::{
Ephemeral, Filter, GlobalAccountData, InviteState, InvitedRoom, JoinedRoom,
LeftRoom, Presence, RoomAccountData, RoomSummary, Rooms, State, Timeline, ToDevice,
KnockState, KnockedRoom, LeftRoom, Presence, RoomAccountData, RoomSummary, Rooms,
State, Timeline, ToDevice,
},
v4::{SlidingOp, SlidingSyncRoomHero},
DeviceLists, UnreadNotificationsCount,
@ -503,6 +504,50 @@ async fn sync_helper(
);
}
let mut knocked_rooms = BTreeMap::new();
let all_knocked_rooms: Vec<_> = services()
.rooms
.state_cache
.rooms_knocked(&sender_user)
.collect();
for result in all_knocked_rooms {
let (room_id, knock_state_events) = result?;
{
// Get and drop the lock to wait for remaining operations to finish
let mutex_insert = Arc::clone(
services()
.globals
.roomid_mutex_insert
.write()
.await
.entry(room_id.clone())
.or_default(),
);
let insert_lock = mutex_insert.lock().await;
drop(insert_lock);
}
let knock_count = services()
.rooms
.state_cache
.get_knock_count(&room_id, &sender_user)?;
// knock before last sync
if Some(since) >= knock_count {
continue;
}
knocked_rooms.insert(
room_id.clone(),
KnockedRoom {
knock_state: KnockState {
events: knock_state_events,
},
},
);
}
for user_id in left_encrypted_users {
let dont_share_encrypted_room = services()
.rooms
@ -538,7 +583,7 @@ async fn sync_helper(
leave: left_rooms,
join: joined_rooms,
invite: invited_rooms,
knock: BTreeMap::new(), // TODO
knock: knocked_rooms,
},
presence: Presence {
events: presence_updates

396
src/api/server_server.rs
View file

@ -31,7 +31,11 @@ use ruma::{
},
event::{get_event, get_missing_events, get_room_state, get_room_state_ids},
keys::{claim_keys, get_keys},
membership::{create_invite, create_join_event, prepare_join_event},
knock::{create_knock_event_template, send_knock},
membership::{
create_invite, create_join_event, create_leave_event, prepare_join_event,
prepare_leave_event,
},
openid::get_openid_userinfo,
query::{get_profile_information, get_room_information},
space::get_hierarchy,
@ -67,7 +71,7 @@ use std::{
sync::Arc,
time::{Duration, Instant, SystemTime},
};
use tokio::sync::RwLock;
use tokio::sync::{Mutex, RwLock};
use tracing::{debug, error, warn};
@ -637,7 +641,7 @@ async fn request_well_known(destination: &str) -> Option<(String, Instant)> {
let response = services()
.globals
.default_client()
.get(&format!("https://{destination}/.well-known/matrix/server"))
.get(format!("https://{destination}/.well-known/matrix/server"))
.send()
.await;
debug!("Got well known response");
@ -1494,42 +1498,60 @@ pub async fn get_room_state_ids_route(
})
}
/// # `GET /_matrix/federation/v1/make_knock/{roomId}/{userId}`
///
/// Creates a knock template.
pub async fn create_knock_event_template_route(
body: Ruma<create_knock_event_template::v1::Request>,
) -> Result<create_knock_event_template::v1::Response> {
let (mutex_state, room_version_id) =
member_shake_preamble(&body.sender_servername, &body.room_id).await?;
let state_lock = mutex_state.lock().await;
Ok(create_knock_event_template::v1::Response {
room_version: room_version_id,
event: create_membership_template(
&body.user_id,
&body.room_id,
None,
MembershipState::Knock,
state_lock,
)?,
})
}
/// # `GET /_matrix/federation/v1/make_leave/{roomId}/{userId}`
///
/// Creates a leave template.
pub async fn create_leave_event_template_route(
body: Ruma<prepare_leave_event::v1::Request>,
) -> Result<prepare_leave_event::v1::Response> {
let (mutex_state, room_version_id) =
member_shake_preamble(&body.sender_servername, &body.room_id).await?;
let state_lock = mutex_state.lock().await;
Ok(prepare_leave_event::v1::Response {
room_version: Some(room_version_id),
event: create_membership_template(
&body.user_id,
&body.room_id,
None,
MembershipState::Leave,
state_lock,
)?,
})
}
/// # `GET /_matrix/federation/v1/make_join/{roomId}/{userId}`
///
/// Creates a join template.
pub async fn create_join_event_template_route(
body: Ruma<prepare_join_event::v1::Request>,
) -> Result<prepare_join_event::v1::Response> {
if !services().rooms.metadata.exists(&body.room_id)? {
return Err(Error::BadRequest(
ErrorKind::NotFound,
"Room is unknown to this server.",
));
}
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
services()
.rooms
.event_handler
.acl_check(sender_servername, &body.room_id)?;
let mutex_state = Arc::clone(
services()
.globals
.roomid_mutex_state
.write()
.await
.entry(body.room_id.to_owned())
.or_default(),
);
let (mutex_state, room_version_id) =
member_shake_preamble(&body.sender_servername, &body.room_id).await?;
let state_lock = mutex_state.lock().await;
let room_version_id = services().rooms.state.get_room_version(&body.room_id)?;
let join_authorized_via_users_server = if
// The following two functions check whether the user can "join" without performing a restricted join
!services()
@ -1580,12 +1602,32 @@ pub async fn create_join_event_template_route(
));
}
Ok(prepare_join_event::v1::Response {
room_version: Some(room_version_id),
event: create_membership_template(
&body.user_id,
&body.room_id,
join_authorized_via_users_server,
MembershipState::Join,
state_lock,
)?,
})
}
/// Creates a template for the given membership state, to return on the `/make_<membership>` endpoints
fn create_membership_template(
user_id: &UserId,
room_id: &RoomId,
join_authorized_via_users_server: Option<OwnedUserId>,
membership: MembershipState,
state_lock: tokio::sync::MutexGuard<'_, ()>,
) -> Result<Box<RawJsonValue>, Error> {
let content = to_raw_value(&RoomMemberEventContent {
avatar_url: None,
blurhash: None,
displayname: None,
is_direct: None,
membership: MembershipState::Join,
membership,
third_party_invite: None,
reason: None,
join_authorized_via_users_server,
@ -1597,12 +1639,12 @@ pub async fn create_join_event_template_route(
event_type: TimelineEventType::RoomMember,
content,
unsigned: None,
state_key: Some(body.user_id.to_string()),
state_key: Some(user_id.to_string()),
redacts: None,
timestamp: None,
},
&body.user_id,
&body.room_id,
user_id,
room_id,
&state_lock,
)?;
@ -1610,17 +1652,13 @@ pub async fn create_join_event_template_route(
pdu_json.remove("event_id");
Ok(prepare_join_event::v1::Response {
room_version: Some(room_version_id),
event: to_raw_value(&pdu_json).expect("CanonicalJson can be serialized to JSON"),
})
let raw_event = to_raw_value(&pdu_json).expect("CanonicalJson can be serialized to JSON");
Ok(raw_event)
}
async fn create_join_event(
sender_servername: &ServerName,
room_id: &RoomId,
pdu: &RawJsonValue,
) -> Result<create_join_event::v1::RoomState> {
/// checks whether the given room exists, and checks whether the specified server is allowed to send events according to the ACL
fn room_and_acl_check(room_id: &RoomId, sender_servername: &OwnedServerName) -> Result<(), Error> {
if !services().rooms.metadata.exists(room_id)? {
return Err(Error::BadRequest(
ErrorKind::NotFound,
@ -1632,6 +1670,40 @@ async fn create_join_event(
.rooms
.event_handler
.acl_check(sender_servername, room_id)?;
Ok(())
}
/// Takes care of common boilerpalte for room membership handshake endpoints.
/// The returned mutex must be locked by the caller.
async fn member_shake_preamble(
sender_servername: &Option<OwnedServerName>,
room_id: &RoomId,
) -> Result<(Arc<Mutex<()>>, RoomVersionId), Error> {
let sender_servername = sender_servername.as_ref().expect("server is authenticated");
room_and_acl_check(room_id, sender_servername)?;
let mutex_state = Arc::clone(
services()
.globals
.roomid_mutex_state
.write()
.await
.entry(room_id.to_owned())
.or_default(),
);
let room_version_id = services().rooms.state.get_room_version(room_id)?;
Ok((mutex_state, room_version_id))
}
async fn create_join_event(
sender_servername: &Option<OwnedServerName>,
room_id: &RoomId,
pdu: &RawJsonValue,
) -> Result<create_join_event::v1::RoomState> {
let sender_servername = sender_servername.as_ref().expect("server is authenticated");
room_and_acl_check(room_id, sender_servername)?;
// We need to return the state prior to joining, let's keep a reference to that here
let shortstatehash = services()
@ -1643,8 +1715,44 @@ async fn create_join_event(
"Pdu state not found.",
))?;
let pdu = append_member_pdu(MembershipState::Join, sender_servername, room_id, pdu).await?;
let state_ids = services()
.rooms
.state_accessor
.state_full_ids(shortstatehash)
.await?;
let auth_chain_ids = services()
.rooms
.auth_chain
.get_auth_chain(room_id, state_ids.values().cloned().collect())
.await?;
Ok(create_join_event::v1::RoomState {
auth_chain: auth_chain_ids
.filter_map(|id| services().rooms.timeline.get_pdu_json(&id).ok().flatten())
.map(PduEvent::convert_to_outgoing_federation_event)
.collect(),
state: state_ids
.iter()
.filter_map(|(_, id)| services().rooms.timeline.get_pdu_json(id).ok().flatten())
.map(PduEvent::convert_to_outgoing_federation_event)
.collect(),
event: pdu.map(|pdu| {
to_raw_value(&CanonicalJsonValue::Object(pdu))
.expect("To raw json should not fail since only change was adding signature")
}),
})
}
/// Takes the given membership PDU and attempts to append it to the timeline
async fn append_member_pdu(
membership: MembershipState,
sender_servername: &OwnedServerName,
room_id: &RoomId,
pdu: &RawJsonValue,
) -> Result<Option<BTreeMap<String, CanonicalJsonValue>>, Error> {
let pub_key_map = RwLock::new(BTreeMap::new());
// let mut auth_cache = EventMap::new();
// We do not add the event_id field to the pdu here because of signature and hashes checks
let room_version_id = services().rooms.state.get_room_version(room_id)?;
@ -1719,17 +1827,18 @@ async fn create_join_event(
)
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid event content"))?;
if event_content.membership != MembershipState::Join {
if event_content.membership != membership {
return Err(Error::BadRequest(
ErrorKind::BadJson,
"Membership of sent event does not match that of the endpoint",
));
}
let sign_join_event = event_content
.join_authorized_via_users_server
.map(|user| user.server_name() == services().globals.server_name())
.unwrap_or_default()
let sign_join_event = membership == MembershipState::Join
&& event_content
.join_authorized_via_users_server
.map(|user| user.server_name() == services().globals.server_name())
.unwrap_or_default()
&& user_can_perform_restricted_join(&sender, room_id, &room_version_id).unwrap_or_default();
if sign_join_event {
@ -1779,17 +1888,6 @@ async fn create_join_event(
))?;
drop(mutex_lock);
let state_ids = services()
.rooms
.state_accessor
.state_full_ids(shortstatehash)
.await?;
let auth_chain_ids = services()
.rooms
.auth_chain
.get_auth_chain(room_id, state_ids.values().cloned().collect())
.await?;
let servers = services()
.rooms
.state_cache
@ -1799,26 +1897,7 @@ async fn create_join_event(
services().sending.send_pdu(servers, &pdu_id)?;
Ok(create_join_event::v1::RoomState {
auth_chain: auth_chain_ids
.filter_map(|id| services().rooms.timeline.get_pdu_json(&id).ok().flatten())
.map(PduEvent::convert_to_outgoing_federation_event)
.collect(),
state: state_ids
.iter()
.filter_map(|(_, id)| services().rooms.timeline.get_pdu_json(id).ok().flatten())
.map(PduEvent::convert_to_outgoing_federation_event)
.collect(),
// Event field is required if we sign the join event.
event: if sign_join_event {
Some(
to_raw_value(&CanonicalJsonValue::Object(value))
.expect("To raw json should not fail since only change was adding signature"),
)
} else {
None
},
})
Ok(if sign_join_event { Some(value) } else { None })
}
/// # `PUT /_matrix/federation/v1/send_join/{roomId}/{eventId}`
@ -1827,12 +1906,7 @@ async fn create_join_event(
pub async fn create_join_event_v1_route(
body: Ruma<create_join_event::v1::Request>,
) -> Result<create_join_event::v1::Response> {
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
let room_state = create_join_event(sender_servername, &body.room_id, &body.pdu).await?;
let room_state = create_join_event(&body.sender_servername, &body.room_id, &body.pdu).await?;
Ok(create_join_event::v1::Response { room_state })
}
@ -1843,16 +1917,11 @@ pub async fn create_join_event_v1_route(
pub async fn create_join_event_v2_route(
body: Ruma<create_join_event::v2::Request>,
) -> Result<create_join_event::v2::Response> {
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
let create_join_event::v1::RoomState {
auth_chain,
state,
event,
} = create_join_event(sender_servername, &body.room_id, &body.pdu).await?;
} = create_join_event(&body.sender_servername, &body.room_id, &body.pdu).await?;
let room_state = create_join_event::v2::RoomState {
members_omitted: false,
auth_chain,
@ -1864,6 +1933,54 @@ pub async fn create_join_event_v2_route(
Ok(create_join_event::v2::Response { room_state })
}
/// # `PUT /_matrix/federation/v2/send_leave/{roomId}/{eventId}`
///
/// Submits a signed leave event.
pub async fn create_leave_event_route(
body: Ruma<create_leave_event::v2::Request>,
) -> Result<create_leave_event::v2::Response> {
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
room_and_acl_check(&body.room_id, sender_servername)?;
append_member_pdu(
MembershipState::Leave,
sender_servername,
&body.room_id,
&body.pdu,
)
.await?;
Ok(create_leave_event::v2::Response {})
}
/// # `PUT /_matrix/federation/v1/send_knock/{roomId}/{eventId}`
///
/// Submits a signed knock event.
pub async fn create_knock_event_route(
body: Ruma<send_knock::v1::Request>,
) -> Result<send_knock::v1::Response> {
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
room_and_acl_check(&body.room_id, sender_servername)?;
append_member_pdu(
MembershipState::Knock,
sender_servername,
&body.room_id,
&body.pdu,
)
.await?;
Ok(send_knock::v1::Response {
knock_room_state: services().rooms.state.stripped_state(&body.room_id)?,
})
}
/// Checks whether the given user can join the given room via a restricted join.
/// This doesn't check the current user's membership. This should be done externally,
/// either by using the state cache or attempting to authorize the event.
@ -1943,44 +2060,54 @@ fn user_can_perform_restricted_join(
pub async fn create_invite_route(
body: Ruma<create_invite::v2::Request>,
) -> Result<create_invite::v2::Response> {
let sender_servername = body
.sender_servername
.as_ref()
.expect("server is authenticated");
let Ruma::<create_invite::v2::Request> {
body,
sender_servername,
..
} = body;
let create_invite::v2::Request {
room_id,
room_version,
event,
invite_room_state,
..
} = body;
let sender_servername = sender_servername.expect("server is authenticated");
services()
.rooms
.event_handler
.acl_check(sender_servername, &body.room_id)?;
.acl_check(&sender_servername, &room_id)?;
if !services()
.globals
.supported_room_versions()
.contains(&body.room_version)
.contains(&room_version)
{
return Err(Error::BadRequest(
ErrorKind::IncompatibleRoomVersion {
room_version: body.room_version.clone(),
room_version: room_version.clone(),
},
"Server does not support this room version.",
));
}
let mut signed_event = utils::to_canonical_object(&body.event)
let mut signed_event = utils::to_canonical_object(&event)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invite event is invalid."))?;
ruma::signatures::hash_and_sign_event(
services().globals.server_name().as_str(),
services().globals.keypair(),
&mut signed_event,
&body.room_version,
&room_version,
)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Failed to sign event."))?;
// Generate event id
let event_id = EventId::parse(format!(
"${}",
ruma::signatures::reference_hash(&signed_event, &body.room_version)
ruma::signatures::reference_hash(&signed_event, &room_version)
.expect("Event format validated when event was hashed")
))
.expect("ruma's reference hashes are valid event ids");
@ -2015,9 +2142,9 @@ pub async fn create_invite_route(
)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "state_key is not a user id."))?;
let mut invite_state = body.invite_room_state.clone();
let mut invite_state = invite_room_state.clone();
let mut event: JsonObject = serde_json::from_str(body.event.get())
let mut event: JsonObject = serde_json::from_str(event.get())
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid invite event bytes."))?;
event.insert("event_id".to_owned(), "$dummy".into());
@ -2033,16 +2160,55 @@ pub async fn create_invite_route(
if !services()
.rooms
.state_cache
.server_in_room(services().globals.server_name(), &body.room_id)?
.server_in_room(services().globals.server_name(), &room_id)?
{
services().rooms.state_cache.update_membership(
&body.room_id,
&invited_user,
MembershipState::Invite,
&sender,
Some(invite_state),
true,
)?;
// If the user has already knocked on the room, we take that as the user wanting to join
// the room as soon as their knock is accepted, as recommended by the spec.
//
// https://spec.matrix.org/v1.13/client-server-api/#knocking-on-rooms
if services()
.rooms
.state_cache
.is_knocked(&invited_user, &room_id)
.unwrap_or_default()
{
// We want to try join automatically first, before notifying clients that they were invited.
// We also shouldn't block giving the calling server the response on attempting to join the
// room, since it's not relevant for the caller.
tokio::spawn(async move {
if services().rooms.helpers.join_room_by_id(&invited_user, &room_id, None, &invite_state.iter() .filter_map(|event| event.deserialize().ok())
.map(|event| event.sender().server_name().to_owned())
.collect::<Vec<_>>()
, None)
.await
.is_err() &&
// Checking whether the state has changed since we started this join handshake
services()
.rooms
.state_cache
.is_knocked(&invited_user, &room_id)
.unwrap_or_default()
{
let _ = services().rooms.state_cache.update_membership(
&room_id,
&invited_user,
MembershipState::Invite,
&sender,
Some(invite_state),
true,
);
}
});
} else {
services().rooms.state_cache.update_membership(
&room_id,
&invited_user,
MembershipState::Invite,
&sender,
Some(invite_state),
true,
)?;
}
}
Ok(create_invite::v2::Response {