Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Federation: /rooms/.../members fails for the invites received from a federated server #4985

Open
giomfo opened this issue Apr 1, 2019 · 5 comments
Open

Federation: /rooms/.../members fails for the invites received from a federated server #4985

giomfo opened this issue Apr 1, 2019 · 5 comments
Labels
A-Federation A-Invite Inviting users to rooms and accepting invites A-Spec-Compliance places where synapse does not conform to the spec good first issue Good for newcomers O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Tolerable Minor significance, cosmetic issues, low or no impact to users. T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues.

Comments

@giomfo
Copy link
Member

giomfo commented Apr 1, 2019
edited by MadLittleMods

Description
get /_matrix/client/r0/rooms/{roomId}/members on an invite received from another federated server fails with the following error:

errcode = "M_NOT_FOUND";
error = "Can't find event for token Token(room_key=u'xxx', presence_key=u'xxx', typing_key=u'x', receipt_key=u'xxx', account_data_key=u'xxx', push_rules_key=u'xx', to_device_key=u'xxx', device_list_key=u'xxx', groups_key=u'xx')";

Steps to reproduce
Consider 2 users userA and userB, created on 2 different Homeservers.
userA creates a room and invites userB
When userB requests for the members of this room, he gets an error
@giomfo giomfo added z-bug (Deprecated Label) A-Federation labels Apr 1, 2019
@neilisfragile neilisfragile added the z-p2 (Deprecated Label) label Apr 3, 2019
@MadLittleMods MadLittleMods added A-Invite Inviting users to rooms and accepting invites T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues. labels May 16, 2022
@DMRobertson
Copy link
Contributor

Given that we're not yet joined to the room, we don't have any sense of its current state and hence have no idea who's in the room.

The invite event may include stripped state events in its unsigned.invite_room_state, but this doesn't include membership events.

@DMRobertson
Copy link
Contributor

The spec is not explicit but my reading of https://spec.matrix.org/v1.5/client-server-api/#get_matrixclientv3roomsroomidmembers is that we should return HTTP 403 in this situation.

The error comes from

synapse/synapse/handlers/message.py

Lines 205 to 206 in 86c5a71

if not last_event_id:
raise NotFoundError("Can't find event for token %s" % (at_token,))
which is called

synapse/synapse/rest/client/room.py

Lines 590 to 595 in 86c5a71

events = await handler.get_state_events(
room_id=room_id,
requester=requester,
at_token=at_token,
state_filter=StateFilter.from_types([(EventTypes.Member, None)]),
)

So this is another example of NotFoundError bubbling up to the rest layer and deciding what the status code is.

@DMRobertson DMRobertson added A-Spec-Compliance places where synapse does not conform to the spec S-Tolerable Minor significance, cosmetic issues, low or no impact to users. O-Uncommon Most users are unlikely to come across this or unexpected workflow and removed z-bug (Deprecated Label) z-p2 (Deprecated Label) labels Nov 23, 2022
@DMRobertson
Copy link
Contributor

If anyone wants to take this on, I suggest:

  • wrap the call to get_state_events in a try/except block catching NotFoundError
  • catch NotFoundError and raise a SynapseError with
    • code 403
    • an appropriate user-facing error message
    • an appropriate matrix errcode (probably M_FORBIDDEN)
  • for bonus points, write a complement test which creates this scenario and and checks that the status code is 403.

@DMRobertson DMRobertson added the good first issue Good for newcomers label Nov 23, 2022
@vemmos
Copy link

vemmos commented Mar 26, 2023

Hello there! Is this still up?I would like to contribute :)

@squahtx
Copy link
Contributor

squahtx commented Mar 28, 2023

Hello there! Is this still up?I would like to contribute :)

The issue has not been fixed yet. Feel free to PR a fix.

@matrixbot matrixbot mentioned this issue Dec 21, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
A-Federation A-Invite Inviting users to rooms and accepting invites A-Spec-Compliance places where synapse does not conform to the spec good first issue Good for newcomers O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Tolerable Minor significance, cosmetic issues, low or no impact to users. T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@neilisfragile @MadLittleMods @squahtx @DMRobertson @giomfo @vemmos