-
-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Poll model - validate end events #3072
Poll model - validate end events #3072
Conversation
Any chance the base of this could be changed for easier review? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this seems to be mixing in a bunch of changes to threads - is that deliberate?
@richvdh @SimonBrandner This is ready for another look! |
src/models/poll.ts
Outdated
const endEventSender = endEvent.getSender(); | ||
return !!endEventSender && roomCurrentState.maySendRedactionForEvent(this.rootEvent, endEventSender); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this doesn't seem to be quite the same thing as the comment above. It's possible that endEventSender
is the same as the sender of the root event, and yet they lack permission to redact that create event (for example, because sending m.room.redaction
events has been disabled).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good catch, have added a sender === creator
check here
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm otherwise
src/models/poll.ts
Outdated
return !!endEventSender && roomCurrentState.maySendRedactionForEvent(this.rootEvent, endEventSender); | ||
return ( | ||
!!endEventSender && | ||
(endEventSender === this.matrixClient.getSafeUserId() || |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is checking if the sender of the end event is the current user? Don't we want to check if it was the sender of the rootEvent
?
(endEventSender === this.matrixClient.getSafeUserId() || | |
(endEventSender === this.rootEvent.getSender() || |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤦♀️ fixed and improved the tests to catch this. Thanks!
* Element-R: implement encryption of outgoing events ([\matrix-org#3122](matrix-org#3122)). * Poll model - page /relations results ([\matrix-org#3073](matrix-org#3073)). Contributed by @kerryarchibald. * Poll model - validate end events ([\matrix-org#3072](matrix-org#3072)). Contributed by @kerryarchibald. * Handle optional last_known_event_id property in m.predecessor ([\matrix-org#3119](matrix-org#3119)). Contributed by @andybalaam. * Add support for stable identifier for fixed MAC in SAS verification ([\matrix-org#3101](matrix-org#3101)). * Provide eventId as well as roomId from Room.findPredecessor ([\matrix-org#3095](matrix-org#3095)). Contributed by @andybalaam. * MSC3946 Dynamic room predecessors ([\matrix-org#3042](matrix-org#3042)). Contributed by @andybalaam. * Poll model ([\matrix-org#3036](matrix-org#3036)). Contributed by @kerryarchibald. * Remove video tracks on video mute without renegotiating ([\matrix-org#3091](matrix-org#3091)). * Introduces a backwards-compatible API change. `MegolmEncrypter#prepareToEncrypt`'s return type has changed from `void` to `() => void`. ([\matrix-org#3035](matrix-org#3035)). Contributed by @clarkf. * Stop the ICE disconnected timer on call terminate ([\matrix-org#3147](matrix-org#3147)). * Clear notifications when we can infer read status from receipts ([\matrix-org#3139](matrix-org#3139)). Fixes element-hq/element-web#23991. * Messages sent out of order after one message fails ([\matrix-org#3131](matrix-org#3131)). Fixes element-hq/element-web#22885 and element-hq/element-web#18942. Contributed by @justjanne. * Element-R: fix a bug which prevented encryption working after a reload ([\matrix-org#3126](matrix-org#3126)). * Element-R: Fix invite processing ([\matrix-org#3121](matrix-org#3121)). * Don't throw with no `opponentDeviceInfo` ([\matrix-org#3107](matrix-org#3107)). * Remove flaky megolm test ([\matrix-org#3098](matrix-org#3098)). Contributed by @clarkf. * Fix "verifyLinks" functionality of getRoomUpgradeHistory ([\matrix-org#3089](matrix-org#3089)). Contributed by @andybalaam.
Includes #3036Checklist
Here's what your changelog entry will look like:
✨ Features