mirror-matrix
/
conduit
mirror of https://gitlab.com/famedly/conduit.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

feat(admin-room): Delete `create-user` command message 

- Add the `event_id` of the user message to `AdminRoomEvent::ProcessMessage`
variant to work with it in `process_admin_message`
- Delete the user `create-user` command message if it's contain a plain password
because the admin room are unencrypted so the password
will be saved in the database if we didn't deleted it
- Create new function that delete the messages from admin room
called `delete_user_message`

Reported-by: Matthias Ahouansou <matthias@ahouansou.cz>
Helped-by: Matthias Ahouansou <matthias@ahouansou.cz>
Related-to: https://gitlab.com/famedly/conduit/-/issues/432
Signed-off-by: Awiteb <a@4rs.nl>
merge-requests/632/head
Awiteb 2 years ago
parent
53d3f9ae89
commit
8a307dabd2
No known key found for this signature in database
GPG Key ID: 3F6B55640AA6682F
2 changed files with 77 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 82
      src/service/admin/mod.rs
  2. 2
      src/service/rooms/timeline/mod.rs

82
src/service/admin/mod.rs
Unescape View File

@ -20,6 +20,7 @@ use ruma::{
message::RoomMessageEventContent,
name::RoomNameEventContent,
power_levels::RoomPowerLevelsEventContent,
redaction::RoomRedactionEventContent,
topic::RoomTopicEventContent,
},
TimelineEventType,
@ -182,7 +183,7 @@ enum AdminCommand {
#[derive(Debug)]
pub enum AdminRoomEvent {
ProcessMessage(String),
ProcessMessage(String, ruma::OwnedEventId),
SendMessage(RoomMessageEventContent),
}
@ -221,7 +222,7 @@ impl Service {
Some(event) = receiver.recv() => {
let message_content = match event {
AdminRoomEvent::SendMessage(content) => content,
AdminRoomEvent::ProcessMessage(room_message) => self.process_admin_message(room_message).await
AdminRoomEvent::ProcessMessage(room_message, event_id) => self.process_admin_message(room_message, &event_id).await
};
let mutex_state = Arc::clone(
@ -258,9 +259,12 @@ impl Service {
}
}
pub fn process_message(&self, room_message: String) {
pub fn process_message(&self, room_message: String, event_id: &EventId) {
self.sender
.send(AdminRoomEvent::ProcessMessage(room_message))
.send(AdminRoomEvent::ProcessMessage(
room_message,
event_id.into(),
))
.unwrap();
}
@ -270,8 +274,57 @@ impl Service {
.unwrap();
}
/// Delete user message in the conduit admin room.
pub async fn delete_user_message(
&self,
event_id: &EventId,
reason: Option<impl Into<String>>,
) -> Result<()> {
let conduit_user =
UserId::parse_with_server_name("conduit", services().globals.server_name())
.expect("@conduit:server_name is valid");
if let Some(room_id) = services().admin.get_admin_room()? {
let mutex_state = Arc::clone(
services()
.globals
.roomid_mutex_state
.write()
.await
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
services()
.rooms
.timeline
.build_and_append_pdu(
PduBuilder {
event_type: TimelineEventType::RoomRedaction,
content: to_raw_value(&RoomRedactionEventContent {
redacts: Some(event_id.into()),
reason: reason.map(Into::into),
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: None,
redacts: Some(event_id.into()),
},
&conduit_user,
&room_id,
&state_lock,
)
.await?;
}
Ok(())
}
// Parse and process a message from the admin room
async fn process_admin_message(&self, room_message: String) -> RoomMessageEventContent {
async fn process_admin_message(
&self,
room_message: String,
event_id: &EventId,
) -> RoomMessageEventContent {
let mut lines = room_message.lines().filter(|l| !l.trim().is_empty());
let command_line = lines.next().expect("each string has at least one line");
let body: Vec<_> = lines.collect();
@ -287,7 +340,10 @@ impl Service {
}
};
match self.process_admin_command(admin_command, body).await {
match self
.process_admin_command(admin_command, body, event_id)
.await
{
Ok(reply_message) => reply_message,
Err(error) => {
let markdown_message = format!(
@ -330,6 +386,7 @@ impl Service {
&self,
command: AdminCommand,
body: Vec<&str>,
event_id: &EventId,
) -> Result<RoomMessageEventContent> {
let reply_message_content = match command {
AdminCommand::RegisterAppservice => {
@ -591,6 +648,7 @@ impl Service {
}
}
AdminCommand::CreateUser { username, password } => {
let is_auto_generated_password = password.is_none();
let password =
password.unwrap_or_else(|| utils::random_string(AUTO_GEN_PASSWORD_LENGTH));
// Validate user id
@ -645,6 +703,18 @@ impl Service {
.expect("to json value always works"),
)?;
// We'll delete the user message because it's contain a plain password
// and the admin room are not encrypted
if !is_auto_generated_password {
services()
.admin
.delete_user_message(
event_id,
Some("Message contained a plaintext password"),
)
.await?;
}
// we dont add a device since we're not the user, just the creator
// Inhibit login does not work for guests

2
src/service/rooms/timeline/mod.rs
Unescape View File

@ -499,7 +499,7 @@ impl Service {
if let Some(admin_room) = services().admin.get_admin_room()? {
if to_conduit && !from_conduit && admin_room == pdu.room_id {
services().admin.process_message(body);
services().admin.process_message(body, &pdu.event_id);
}
}
}

Write Preview
Loading…
Cancel
Save