Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-03-13 06:54:10 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

for room versions 6 and 7, clarify that events with rejected auth events must be rejected

Browse source 
Other room versions were updated in #1137, but not these ones.

Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
This commit is contained in:
Kévin Commaille 2025-01-25 12:19:41 +01:00
parent 9e0f2aad94
commit 98c0279818
No known key found for this signature in database
GPG key ID: 0C971D9DBC9D678D
2 changed files with 32 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
content/rooms/v6.md
View file

@ -88,15 +88,18 @@ The rules are as follows:
version, reject. version, reject.
4. If `content` has no `creator` property, reject. 4. If `content` has no `creator` property, reject.
5. Otherwise, allow. 5. Otherwise, allow.
2. Reject if event has `auth_events` that: 2. Considering the event's `auth_events`:
1. have duplicate entries for a given `type` and `state_key` pair 1. If there are duplicate entries for a given `type` and `state_key` pair,
2. have entries whose `type` and `state_key` don't match those reject.
2. If there are entries whose `type` and `state_key` don't match those
specified by the [auth events specified by the [auth events
selection](/server-server-api#auth-events-selection) selection](/server-server-api#auth-events-selection)
algorithm described in the server specification. algorithm described in the server specification, reject.
3. If event does not have a `m.room.create` in its `auth_events`, 3. If there are entries which were themselves rejected under the [checks
reject. performed on receipt of a
4. If type is `m.room.member`: PDU](/server-server-api/#checks-performed-on-receipt-of-a-pdu), reject.
4. If there is no `m.room.create` event among the entries, reject.
3. If type is `m.room.member`:
1. If there is no `state_key` property, or no `membership` property in 1. If there is no `state_key` property, or no `membership` property in
`content`, reject. `content`, reject.
2. If `membership` is `join`: 2. If `membership` is `join`:
@ -154,15 +157,15 @@ The rules are as follows:
than the `sender`'s power level, allow. than the `sender`'s power level, allow.
3. Otherwise, reject. 3. Otherwise, reject.
6. Otherwise, the membership is unknown. Reject. 6. Otherwise, the membership is unknown. Reject.
5. If the `sender`'s current membership state is not `join`, reject. 4. If the `sender`'s current membership state is not `join`, reject.
6. If type is `m.room.third_party_invite`: 5. If type is `m.room.third_party_invite`:
1. Allow if and only if `sender`'s current power level is greater 1. Allow if and only if `sender`'s current power level is greater
than or equal to the *invite level*. than or equal to the *invite level*.
7. If the event type's *required power level* is greater than the 6. If the event type's *required power level* is greater than the
`sender`'s power level, reject. `sender`'s power level, reject.
8. If the event has a `state_key` that starts with an `@` and does not 7. If the event has a `state_key` that starts with an `@` and does not
match the `sender`, reject. match the `sender`, reject.
9. If type is `m.room.power_levels`: 8. If type is `m.room.power_levels`:
1. If the `users` property in `content` is not an object with keys that 1. If the `users` property in `content` is not an object with keys that
are valid user IDs with values that are integers (or a string are valid user IDs with values that are integers (or a string
that is an integer), reject. that is an integer), reject.
@ -193,7 +196,7 @@ The rules are as follows:
1. If the new value is greater than the `sender`'s current power 1. If the new value is greater than the `sender`'s current power
level, reject. level, reject.
8. Otherwise, allow. 8. Otherwise, allow.
10. Otherwise, allow. 9. Otherwise, allow.
{{% boxes/note %}} {{% boxes/note %}}
Some consequences of these rules: Some consequences of these rules:

29
content/rooms/v7.md
View file

@ -74,15 +74,18 @@ The rules are as follows:
version, reject. version, reject.
4. If `content` has no `creator` property, reject. 4. If `content` has no `creator` property, reject.
5. Otherwise, allow. 5. Otherwise, allow.
2. Reject if event has `auth_events` that: 2. Considering the event's `auth_events`:
1. have duplicate entries for a given `type` and `state_key` pair 1. If there are duplicate entries for a given `type` and `state_key` pair,
2. have entries whose `type` and `state_key` don't match those reject.
2. If there are entries whose `type` and `state_key` don't match those
specified by the [auth events specified by the [auth events
selection](/server-server-api#auth-events-selection) selection](/server-server-api#auth-events-selection)
algorithm described in the server specification. algorithm described in the server specification, reject.
3. If event does not have a `m.room.create` in its `auth_events`, 3. If there are entries which were themselves rejected under the [checks
reject. performed on receipt of a
4. If type is `m.room.member`: PDU](/server-server-api/#checks-performed-on-receipt-of-a-pdu), reject.
4. If there is no `m.room.create` event among the entries, reject.
3. If type is `m.room.member`:
1. If there is no `state_key` property, or no `membership` property in 1. If there is no `state_key` property, or no `membership` property in
`content`, reject. `content`, reject.
2. If `membership` is `join`: 2. If `membership` is `join`:
@ -150,15 +153,15 @@ The rules are as follows:
or `join`, allow. or `join`, allow.
4. Otherwise, reject. 4. Otherwise, reject.
7. Otherwise, the membership is unknown. Reject. 7. Otherwise, the membership is unknown. Reject.
5. If the `sender`'s current membership state is not `join`, reject. 4. If the `sender`'s current membership state is not `join`, reject.
6. If type is `m.room.third_party_invite`: 5. If type is `m.room.third_party_invite`:
1. Allow if and only if `sender`'s current power level is greater 1. Allow if and only if `sender`'s current power level is greater
than or equal to the *invite level*. than or equal to the *invite level*.
7. If the event type's *required power level* is greater than the 6. If the event type's *required power level* is greater than the
`sender`'s power level, reject. `sender`'s power level, reject.
8. If the event has a `state_key` that starts with an `@` and does not 7. If the event has a `state_key` that starts with an `@` and does not
match the `sender`, reject. match the `sender`, reject.
9. If type is `m.room.power_levels`: 8. If type is `m.room.power_levels`:
1. If the `users` property in `content` is not an object with keys that 1. If the `users` property in `content` is not an object with keys that
are valid user IDs with values that are integers (or a string are valid user IDs with values that are integers (or a string
that is an integer), reject. that is an integer), reject.
@ -187,7 +190,7 @@ The rules are as follows:
1. If the new value is greater than the `sender`'s current power 1. If the new value is greater than the `sender`'s current power
level, reject. level, reject.
8. Otherwise, allow.. 8. Otherwise, allow..
10. Otherwise, allow. 9. Otherwise, allow.
{{% boxes/note %}} {{% boxes/note %}}
Some consequences of these rules: Some consequences of these rules: