Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Ensure a group ID is valid before trying to get rooms for it.
Browse files Browse the repository at this point in the history
  • Loading branch information
clokep committed Aug 19, 2020
1 parent c9c544c commit 3ab0f6e
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
1 change: 1 addition & 0 deletions changelog.d/8129.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Return a proper error code when the rooms of an invalid group are requested.
4 changes: 4 additions & 0 deletions synapse/rest/client/v2_alpha/groups.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

import logging

from synapse.api.errors import SynapseError
from synapse.http.servlet import RestServlet, parse_json_object_from_request
from synapse.types import GroupID

Expand Down Expand Up @@ -325,6 +326,9 @@ async def on_GET(self, request, group_id):
requester = await self.auth.get_user_by_req(request, allow_guest=True)
requester_user_id = requester.user.to_string()

if not GroupID.is_valid(group_id):
raise SynapseError(400, "%s was not legal group ID" % (group_id,))

result = await self.groups_handler.get_rooms_in_group(
group_id, requester_user_id
)
Expand Down

0 comments on commit 3ab0f6e

Please sign in to comment.