Allow 3rd party rules check_event_allowed callback to function for room version "12" creation events#19768
Conversation
anoadragon453
left a comment
There was a problem hiding this comment.
Some minor changes below.
Thanks for taking on fixing this!
| # The room_id should only be None for creation events using msc4291 | ||
| # rooms(version "12" and newer) | ||
| if not ( | ||
| builder.room_version.msc4291_room_ids_as_hashes | ||
| and builder.type == EventTypes.Create | ||
| ): | ||
| assert builder.room_id is not None |
There was a problem hiding this comment.
I don't think this if statement and assertion needs to live inside the try / except.
There was a problem hiding this comment.
This assertion existed before, I was just trying to keep it and make it work. I do not mind losing it as long as mypy does not complain 😅 . Do you think the check should be kept but changed into a SynapseError instead so it can be reported back that the third party module might have made a naughty move?
There was a problem hiding this comment.
Looking at the validate_builder() above, it actually does check inside that a room_id should not be missing on a non-creation event. 'm totally fine losing this. The lower ones below are for mypy more than anything else.
However, the below exception being raised is not caught. Checking the code paths that the parent function(create_new_client_event) calls, I see no places that catch a raw Exception(or any kind of exception at all, so it must propagate up to the rest response exception catchers).
How about adjusting this while we are here? Creating the Builder looks to just create a class, which shouldn't raise. The validate_builder() can raise directly a SynapseError. Perhaps that should just be allowed to percolate up, or at least update the e.msg as is done here(it wraps the message which on its own does not say it is from a third party module)? Otherwise we lose the associated error codes and everything 500's.
Unrelated thing discovered during this investigation
It actually appears that in `handlers.federation.on_make_knock_request()` it calls this `create_new_client_event()` which runs the third party `check_event_allowed()` prior to this rebuild process. It then calls the third party handler again. Perhaps instead of running the check twice it should just catch the `Exception`?| # Creation events using msc4291 rooms will not have a room_id, and will | ||
| # also not have prev_events nor prev_state_events. |
There was a problem hiding this comment.
There was a problem hiding this comment.
I can split the comment apart if that helps? original_event.room_version.msc4242_state_dags is checked a little further down in the next block. I think I was trying to cover 3 statements with one comment
There was a problem hiding this comment.
I let this marinate for a while, and I think I don't follow which check you mean. I clarified the comment anyway and condensed it with the below, it was a little wordy
| if original_event.room_version.msc4242_state_dags: | ||
| if ( | ||
| original_event.room_version.msc4242_state_dags | ||
| and builder.room_id is not None |
There was a problem hiding this comment.
Seems to make more sense to swap out the builder.room_id check for builder.type == EventTypes.Create here. As only a create event won't have prev_state_events in a MSC4242-enabled room.
There was a problem hiding this comment.
I can add that, if you like. But mypy is requiring the builder.room_id to not be optionally a string here.
synapse/handlers/message.py:2438: error: Argument 1 to "get_state_dag_extremities" of "EventFederationWorkerStore" has incompatible type "str | None"; expected "str" [arg-type]
There was a problem hiding this comment.
er, well, I can add that builder.type != EventTypes.Create instead, as the inverse would make rather a mess 😅
| "config": {}, | ||
| } | ||
| }, | ||
| "default_room_version": "12", |
There was a problem hiding this comment.
reminder: this needs to be removed before merging
The change to room version "12" removes that a room ID is included in the room creation event, and is instead generated based on the event hash of said event. This seems to break the
check_event_allowed()callback for this room version specifically for creation events due to anassertin the function that expects a room ID to be present.Specifically ignore that assertion for creation events on rooms that support MSC4291(Room ID's as hashes) to fix this. This also needs to be checked for the correct assumptions about MSC4242 taken in it's second half(that creation events do not contain
prev_state_eventsin the same way that they do not includeprev_events)Note this contains a commit that should be reverted before merging, that overrides the test so room version "12" is used
💡 This is the command line to run the specific test:
poetry run trial tests.rest.client.test_third_party_rules.ThirdPartyRulesTestCase.test_legacy_check_event_allowedFailure looked like this before:
(There is another error in this TestCase when using room version "12", but it is unrelated to this and will be handled separately when fixing the tests themselves)
Pull Request Checklist
EventStoretoEventWorkerStore.".code blocks.