crappyrules
/
conduit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: crappyrules:next
Branches Tags
crappyrules:169-database-size-seems-very-large
crappyrules:DevinR528/conduit-sendtxn
crappyrules:add-vscode-extension-suggestions
crappyrules:admin-command-for-cache-memory-usage
crappyrules:caches
crappyrules:ci-use-sccache
crappyrules:correct-sendtxn
crappyrules:destination-cache
crappyrules:docs-overhaul
crappyrules:docs-the-second
crappyrules:lesscache
crappyrules:locks
crappyrules:master
crappyrules:measure-cache-memory-usage
crappyrules:member-reason
crappyrules:multiarch-docker-support
crappyrules:next
crappyrules:nyaaori/older-room-versions
crappyrules:perf
crappyrules:pushers-rebased
crappyrules:rocksdb
crappyrules:ruma
crappyrules:ruma-client
crappyrules:serve-element-web
crappyrules:serve-well-known
crappyrules:stablecrosssigning
crappyrules:state-res-closure-rebased
crappyrules:state-res-perf
crappyrules:timo
crappyrules:unbeatable-101-next-patch-64009
crappyrules:up-ruma
..
compare: crappyrules:pushers-rebased
Branches Tags
crappyrules:169-database-size-seems-very-large
crappyrules:DevinR528/conduit-sendtxn
crappyrules:add-vscode-extension-suggestions
crappyrules:admin-command-for-cache-memory-usage
crappyrules:caches
crappyrules:ci-use-sccache
crappyrules:correct-sendtxn
crappyrules:destination-cache
crappyrules:docs-overhaul
crappyrules:docs-the-second
crappyrules:lesscache
crappyrules:locks
crappyrules:master
crappyrules:measure-cache-memory-usage
crappyrules:member-reason
crappyrules:multiarch-docker-support
crappyrules:next
crappyrules:nyaaori/older-room-versions
crappyrules:perf
crappyrules:pushers-rebased
crappyrules:rocksdb
crappyrules:ruma
crappyrules:ruma-client
crappyrules:serve-element-web
crappyrules:serve-well-known
crappyrules:stablecrosssigning
crappyrules:state-res-closure-rebased
crappyrules:state-res-perf
crappyrules:timo
crappyrules:unbeatable-101-next-patch-64009
crappyrules:up-ruma

No commits in common. 'next' and 'pushers-rebased' have entirely different histories.
next ... pushers-re

94 changed files with 7392 additions and 16498 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats
  1. 2
      .dockerignore
  2. 11
      .github/ISSUE_TEMPLATE/Issue.md
  3. 64
      .gitignore
  4. 309
      .gitlab-ci.yml
  5. 19
      .gitlab/issue_templates/Bug Report.md
  6. 17
      .gitlab/issue_templates/Feature Request.md
  7. 15
      .gitlab/issue_templates/Issue Template.md
  8. 8
      .gitlab/merge_request_templates/MR.md
  9. 3
      .vscode/settings.json
  10. 86
      APPSERVICES.md
  11. 10
      CROSS_COMPILE.md
  12. 1631
      Cargo.lock
  13. 103
      Cargo.toml
  14. 141
      DEPLOY.md
  15. 137
      Dockerfile
  16. 73
      README.md
  17. 20
      conduit-example.toml
  18. 20
      debian/README.Debian
  19. 33
      debian/env.local
  20. 5
      debian/matrix-conduit.service
  21. 90
      debian/postinst
  22. 5
      debian/postrm
  23. 2
      debian/templates
  24. 43
      docker-compose.yml
  25. 113
      docker/README.md
  26. 78
      docker/ci-binaries-packaging.Dockerfile
  27. 23
      docker/docker-compose.override.traefik.yml
  28. 48
      docker/docker-compose.traefik.yml
  29. 13
      docker/healthcheck.sh
  30. 2
      rust-toolchain
  31. 1
      rustfmt.toml
  32. 108
      src/appservice_server.rs
  33. 346
      src/client_server/account.rs
  34. 65
      src/client_server/alias.rs
  35. 191
      src/client_server/backup.rs
  36. 21
      src/client_server/capabilities.rs
  37. 126
      src/client_server/config.rs
  38. 48
      src/client_server/context.rs
  39. 96
      src/client_server/device.rs
  40. 296
      src/client_server/directory.rs
  41. 6
      src/client_server/filter.rs
  42. 386
      src/client_server/keys.rs
  43. 122
      src/client_server/media.rs
  44. 951
      src/client_server/membership.rs
  45. 100
      src/client_server/message.rs
  46. 17
      src/client_server/mod.rs
  47. 77
      src/client_server/presence.rs
  48. 321
      src/client_server/profile.rs
  49. 476
      src/client_server/push.rs
  50. 94
      src/client_server/read_marker.rs
  51. 38
      src/client_server/redact.rs
  52. 84
      src/client_server/report.rs
  53. 582
      src/client_server/room.rs
  54. 67
      src/client_server/search.rs
  55. 76
      src/client_server/session.rs
  56. 198
      src/client_server/state.rs
  57. 896
      src/client_server/sync.rs
  58. 59
      src/client_server/tag.rs
  59. 6
      src/client_server/thirdparty.rs
  60. 80
      src/client_server/to_device.rs
  61. 14
      src/client_server/typing.rs
  62. 2
      src/client_server/unversioned.rs
  63. 36
      src/client_server/user_directory.rs
  64. 58
      src/client_server/voip.rs
  65. 897
      src/database.rs
  66. 54
      src/database/abstraction.rs
  67. 240
      src/database/abstraction/heed.rs
  68. 128
      src/database/abstraction/sled.rs
  69. 392
      src/database/abstraction/sqlite.rs
  70. 114
      src/database/account_data.rs
  71. 111
      src/database/admin.rs
  72. 54
      src/database/appservice.rs
  73. 303
      src/database/globals.rs
  74. 224
      src/database/key_backups.rs
  75. 156
      src/database/media.rs
  76. 146
      src/database/proxy.rs
  77. 622
      src/database/pusher.rs
  78. 3363
      src/database/rooms.rs
  79. 310
      src/database/rooms/edus.rs
  80. 977
      src/database/sending.rs
  81. 14
      src/database/transaction_ids.rs
  82. 285
      src/database/uiaa.rs
  83. 549
      src/database/users.rs
  84. 131
      src/error.rs
  85. 14
      src/lib.rs
  86. 203
      src/main.rs
  87. 208
      src/pdu.rs
  88. 256
      src/push_rules.rs
  89. 493
      src/ruma_wrapper.rs
  90. 3968
      src/server_server.rs
  91. 85
      src/utils.rs
  92. 25
      tests/Complement.Dockerfile
  93. 385
      tests/sytest/sytest-whitelist
  94. 15
      tests/test-config.toml

2
.dockerignore
Unescape View File

@ -14,8 +14,6 @@ docker-compose* @@ -14,8 +14,6 @@ docker-compose*
# Git folder
.git
.gitea
.gitlab
.github
# Dot files
.env

11
.github/ISSUE_TEMPLATE/Issue.md
Unescape View File

@ -1,11 +0,0 @@ @@ -1,11 +0,0 @@
---
name: "Issue with / Feature Request for Conduit"
about: "Please file issues on GitLab: https://gitlab.com/famedly/conduit/-/issues/new"
title: "CLOSE ME"
---
**⚠ Conduit development does not happen on GitHub. Issues opened here will not be addressed**
Please open issues on GitLab: https://gitlab.com/famedly/conduit/-/issues/new

64
.gitignore vendored
Unescape View File

@ -1,65 +1,5 @@ @@ -1,65 +1,5 @@
# CMake
cmake-build-*/
# IntelliJ
.idea/
out/
*.iml
modules.xml
*.ipr
# mpeltonen/sbt-idea plugin
.idea_modules/
# Linux backup files
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
# Rust
/target/
### vscode ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
*.code-workspace
### Windows ###
# Windows thumbnail cache files
Thumbs.db
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows shortcuts
*.lnk
/target
**/*.rs.bk
# Conduit
Rocket.toml
conduit.toml
conduit.db
# Etc.
**/*.rs.bk

309
.gitlab-ci.yml
Unescape View File

@ -1,309 +0,0 @@ @@ -1,309 +0,0 @@
stages:
- build
- build docker image
- test
- upload artifacts
variables:
GIT_SUBMODULE_STRATEGY: recursive
FF_USE_FASTZIP: 1
CACHE_COMPRESSION_LEVEL: fastest
# --------------------------------------------------------------------- #
# Cargo: Compiling for different architectures #
# --------------------------------------------------------------------- #
.build-cargo-shared-settings:
stage: "build"
needs: []
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
- if: '$CI_COMMIT_BRANCH == "next"'
- if: "$CI_COMMIT_TAG"
interruptible: true
image: "rust:latest"
tags: ["docker"]
cache:
paths:
- cargohome
- target/
key: "build_cache--$TARGET--$CI_COMMIT_BRANCH--release"
variables:
CARGO_PROFILE_RELEASE_LTO: "true"
CARGO_PROFILE_RELEASE_CODEGEN_UNITS: "1"
before_script:
- 'echo "Building for target $TARGET"'
- 'mkdir -p cargohome && CARGOHOME="cargohome"'
- "rustc --version && cargo --version && rustup show" # Print version info for debugging
- "rustup target add $TARGET"
script:
- time cargo build --target $TARGET --release
- 'cp "target/$TARGET/release/conduit" "conduit-$TARGET"'
artifacts:
expire_in: never
build:release:cargo:x86_64-unknown-linux-musl-with-debug:
extends: .build-cargo-shared-settings
image: messense/rust-musl-cross:x86_64-musl
variables:
CARGO_PROFILE_RELEASE_DEBUG: 2 # Enable debug info for flamegraph profiling
TARGET: "x86_64-unknown-linux-musl"
after_script:
- "mv ./conduit-x86_64-unknown-linux-musl ./conduit-x86_64-unknown-linux-musl-with-debug"
artifacts:
name: "conduit-x86_64-unknown-linux-musl-with-debug"
paths:
- "conduit-x86_64-unknown-linux-musl-with-debug"
expose_as: "Conduit for x86_64-unknown-linux-musl-with-debug"
build:release:cargo:x86_64-unknown-linux-musl:
extends: .build-cargo-shared-settings
image: messense/rust-musl-cross:x86_64-musl
variables:
TARGET: "x86_64-unknown-linux-musl"
artifacts:
name: "conduit-x86_64-unknown-linux-musl"
paths:
- "conduit-x86_64-unknown-linux-musl"
expose_as: "Conduit for x86_64-unknown-linux-musl"
build:release:cargo:arm-unknown-linux-musleabihf:
extends: .build-cargo-shared-settings
image: messense/rust-musl-cross:arm-musleabihf
variables:
TARGET: "arm-unknown-linux-musleabihf"
artifacts:
name: "conduit-arm-unknown-linux-musleabihf"
paths:
- "conduit-arm-unknown-linux-musleabihf"
expose_as: "Conduit for arm-unknown-linux-musleabihf"
build:release:cargo:armv7-unknown-linux-musleabihf:
extends: .build-cargo-shared-settings
image: messense/rust-musl-cross:armv7-musleabihf
variables:
TARGET: "armv7-unknown-linux-musleabihf"
artifacts:
name: "conduit-armv7-unknown-linux-musleabihf"
paths:
- "conduit-armv7-unknown-linux-musleabihf"
expose_as: "Conduit for armv7-unknown-linux-musleabihf"
build:release:cargo:aarch64-unknown-linux-musl:
extends: .build-cargo-shared-settings
image: messense/rust-musl-cross:aarch64-musl
variables:
TARGET: "aarch64-unknown-linux-musl"
artifacts:
name: "conduit-aarch64-unknown-linux-musl"
paths:
- "conduit-aarch64-unknown-linux-musl"
expose_as: "Conduit for aarch64-unknown-linux-musl"
.cargo-debug-shared-settings:
extends: ".build-cargo-shared-settings"
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
cache:
key: "build_cache--$TARGET--$CI_COMMIT_BRANCH--debug"
script:
- "time cargo build --target $TARGET"
- 'mv "target/$TARGET/debug/conduit" "conduit-debug-$TARGET"'
artifacts:
expire_in: 4 weeks
build:debug:cargo:x86_64-unknown-linux-musl:
extends: ".cargo-debug-shared-settings"
image: messense/rust-musl-cross:x86_64-musl
variables:
TARGET: "x86_64-unknown-linux-musl"
artifacts:
name: "conduit-debug-x86_64-unknown-linux-musl"
paths:
- "conduit-debug-x86_64-unknown-linux-musl"
expose_as: "Conduit DEBUG for x86_64-unknown-linux-musl"
# --------------------------------------------------------------------- #
# Create and publish docker image #
# --------------------------------------------------------------------- #
.docker-shared-settings:
stage: "build docker image"
image: jdrouet/docker-with-buildx:stable
tags: ["docker"]
services:
- docker:dind
needs:
- "build:release:cargo:x86_64-unknown-linux-musl"
- "build:release:cargo:arm-unknown-linux-musleabihf"
- "build:release:cargo:armv7-unknown-linux-musleabihf"
- "build:release:cargo:aarch64-unknown-linux-musl"
variables:
DOCKER_HOST: tcp://docker:2375/
DOCKER_TLS_CERTDIR: ""
DOCKER_DRIVER: overlay2
PLATFORMS: "linux/arm/v6,linux/arm/v7,linux/arm64,linux/amd64"
DOCKER_FILE: "docker/ci-binaries-packaging.Dockerfile"
cache:
paths:
- docker_cache
key: "$CI_JOB_NAME"
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
# Only log in to Dockerhub if the credentials are given:
- if [ -n "${DOCKER_HUB}" ]; then docker login -u "$DOCKER_HUB_USER" -p "$DOCKER_HUB_PASSWORD" "$DOCKER_HUB"; fi
script:
# Prepare buildx to build multiarch stuff:
- docker context create 'ci-context'
- docker buildx create --name 'multiarch-builder' --use 'ci-context'
# Copy binaries to their docker arch path
- mkdir -p linux/ && mv ./conduit-x86_64-unknown-linux-musl linux/amd64
- mkdir -p linux/arm/ && mv ./conduit-arm-unknown-linux-musleabihf linux/arm/v6
- mkdir -p linux/arm/ && mv ./conduit-armv7-unknown-linux-musleabihf linux/arm/v7
- mv ./conduit-aarch64-unknown-linux-musl linux/arm64
- 'export CREATED=$(date -u +''%Y-%m-%dT%H:%M:%SZ'') && echo "Docker image creation date: $CREATED"'
# Build and push image:
- >
docker buildx build
--pull
--push
--cache-from=type=local,src=$CI_PROJECT_DIR/docker_cache
--cache-to=type=local,dest=$CI_PROJECT_DIR/docker_cache
--build-arg CREATED=$CREATED
--build-arg VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml)
--build-arg "GIT_REF=$CI_COMMIT_SHORT_SHA"
--platform "$PLATFORMS"
--tag "$TAG"
--tag "$TAG-alpine"
--tag "$TAG-commit-$CI_COMMIT_SHORT_SHA"
--file "$DOCKER_FILE" .
docker:next:gitlab:
extends: .docker-shared-settings
rules:
- if: '$CI_COMMIT_BRANCH == "next"'
variables:
TAG: "$CI_REGISTRY_IMAGE/matrix-conduit:next"
docker:next:dockerhub:
extends: .docker-shared-settings
rules:
- if: '$CI_COMMIT_BRANCH == "next" && $DOCKER_HUB'
variables:
TAG: "$DOCKER_HUB_IMAGE/matrixconduit/matrix-conduit:next"
docker:master:gitlab:
extends: .docker-shared-settings
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
variables:
TAG: "$CI_REGISTRY_IMAGE/matrix-conduit:latest"
docker:master:dockerhub:
extends: .docker-shared-settings
rules:
- if: '$CI_COMMIT_BRANCH == "master" && $DOCKER_HUB'
variables:
TAG: "$DOCKER_HUB_IMAGE/matrixconduit/matrix-conduit:latest"
# --------------------------------------------------------------------- #
# Run tests #
# --------------------------------------------------------------------- #
test:cargo:
stage: "test"
needs: []
image: "rust:latest"
tags: ["docker"]
variables:
CARGO_HOME: "cargohome"
cache:
paths:
- target
- cargohome
key: test_cache
interruptible: true
before_script:
- mkdir -p $CARGO_HOME && echo "using $CARGO_HOME to cache cargo deps"
- apt-get update -yqq
- apt-get install -yqq --no-install-recommends build-essential libssl-dev pkg-config wget
- rustup component add clippy rustfmt
- wget "https://faulty-storage.de/gitlab-report"
- chmod +x ./gitlab-report
script:
- rustc --version && cargo --version # Print version info for debugging
- cargo fmt --all -- --check
- "cargo test --color always --workspace --verbose --locked --no-fail-fast -- -Z unstable-options --format json | ./gitlab-report -p test > $CI_PROJECT_DIR/report.xml"
- "cargo clippy --color always --verbose --message-format=json | ./gitlab-report -p clippy > $CI_PROJECT_DIR/gl-code-quality-report.json"
artifacts:
when: always
reports:
junit: report.xml
codequality: gl-code-quality-report.json
test:sytest:
stage: "test"
allow_failure: true
needs:
- "build:debug:cargo:x86_64-unknown-linux-musl"
image:
name: "valkum/sytest-conduit:latest"
entrypoint: [""]
tags: ["docker"]
variables:
PLUGINS: "https://github.com/valkum/sytest_conduit/archive/master.tar.gz"
before_script:
- "mkdir -p /app"
- "cp ./conduit-debug-x86_64-unknown-linux-musl /app/conduit"
- "chmod +x /app/conduit"
- "rm -rf /src && ln -s $CI_PROJECT_DIR/ /src"
- "mkdir -p /work/server-0/database/ && mkdir -p /work/server-1/database/ && mkdir -p /work/server-2/database/"
- "cd /"
script:
- "SYTEST_EXIT_CODE=0"
- "/bootstrap.sh conduit || SYTEST_EXIT_CODE=1"
- 'perl /sytest/tap-to-junit-xml.pl --puretap --input /logs/results.tap --output $CI_PROJECT_DIR/sytest.xml "Sytest" && cp /logs/results.tap $CI_PROJECT_DIR/results.tap'
- "exit $SYTEST_EXIT_CODE"
artifacts:
when: always
paths:
- "$CI_PROJECT_DIR/sytest.xml"
- "$CI_PROJECT_DIR/results.tap"
reports:
junit: "$CI_PROJECT_DIR/sytest.xml"
# --------------------------------------------------------------------- #
# Store binaries as package so they have download urls #
# --------------------------------------------------------------------- #
publish:package:
stage: "upload artifacts"
needs:
- "build:release:cargo:x86_64-unknown-linux-musl"
- "build:release:cargo:arm-unknown-linux-musleabihf"
- "build:release:cargo:armv7-unknown-linux-musleabihf"
- "build:release:cargo:aarch64-unknown-linux-musl"
# - "build:cargo-deb:x86_64-unknown-linux-gnu"
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
- if: '$CI_COMMIT_BRANCH == "next"'
- if: "$CI_COMMIT_TAG"
image: curlimages/curl:latest
tags: ["docker"]
variables:
GIT_STRATEGY: "none" # Don't need a clean copy of the code, we just operate on artifacts
script:
- 'BASE_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/conduit-${CI_COMMIT_REF_SLUG}/build-${CI_PIPELINE_ID}"'
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file conduit-x86_64-unknown-linux-musl "${BASE_URL}/conduit-x86_64-unknown-linux-musl"'
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file conduit-arm-unknown-linux-musleabihf "${BASE_URL}/conduit-arm-unknown-linux-musleabihf"'
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file conduit-armv7-unknown-linux-musleabihf "${BASE_URL}/conduit-armv7-unknown-linux-musleabihf"'
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file conduit-aarch64-unknown-linux-musl "${BASE_URL}/conduit-aarch64-unknown-linux-musl"'
# Avoid duplicate pipelines
# See: https://docs.gitlab.com/ee/ci/yaml/workflow.html#switch-between-branch-pipelines-and-merge-request-pipelines
workflow:
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
- if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS"
when: never
- if: "$CI_COMMIT_BRANCH"

19
.gitlab/issue_templates/Bug Report.md
Unescape View File

@ -1,19 +0,0 @@ @@ -1,19 +0,0 @@
<!--
If you're requesting a new feature, that isn't part of this project yet,
then please consider filling out a "Feature Request" instead!
If you need a hand setting up your conduit server, feel free to ask for help in the
Conduit Matrix Chat: https://matrix.to/#/#conduit:fachschaften.org.
-->
### Description
<!-- What did you do and what happened? Why is that bad? -->
### System Configuration
<!-- Other data that might help us debug this issue, like os, conduit version, database backend -->
Conduit Version:
Database backend (default is sqlite): sqlite
/label ~conduit

17
.gitlab/issue_templates/Feature Request.md
Unescape View File

@ -1,17 +0,0 @@ @@ -1,17 +0,0 @@
<!--
If you want to report a bug or an error,
then please consider filling out a "Bug Report" instead!
-->
### Is your feature request related to a problem? Please describe.
<!-- Eg. I'm always frustrated when [...] -->
### Describe the solution you'd like
/label ~conduit

15
.gitlab/issue_templates/Issue Template.md
Unescape View File

@ -0,0 +1,15 @@ @@ -0,0 +1,15 @@
# Headline
### Description
/label ~conduit

8
.gitlab/merge_request_templates/MR.md
Unescape View File

@ -1,8 +0,0 @@ @@ -1,8 +0,0 @@
<!-- Please describe your changes here -->
-----------------------------------------------------------------------------
- [ ] I ran `cargo fmt` and `cargo test`
- [ ] I agree to release my code and all other changes of this MR under the Apache-2.0 license

3
.vscode/settings.json vendored
Unescape View File

@ -1,3 +0,0 @@ @@ -1,3 +0,0 @@
{
"rust-analyzer.procMacro.enable": true
}

86
APPSERVICES.md
Unescape View File

@ -1,86 +0,0 @@ @@ -1,86 +0,0 @@
# Setting up Appservices
## Getting help
If you run into any problems while setting up an Appservice, write an email to `timo@koesters.xyz`, ask us in `#conduit:matrix.org` or [open an issue on GitLab](https://gitlab.com/famedly/conduit/-/issues/new).
## Set up the appservice - general instructions
Follow whatever instructions are given by the appservice. This usually includes
downloading, changing its config (setting domain, homeserver url, port etc.)
and later starting it.
At some point the appservice guide should ask you to add a registration yaml
file to the homeserver. In Synapse you would do this by adding the path to the
homeserver.yaml, but in Conduit you can do this from within Matrix:
First, go into the #admins room of your homeserver. The first person that
registered on the homeserver automatically joins it. Then send a message into
the room like this:
@conduit:your.server.name: register_appservice
```
paste
the
contents
of
the
yaml
registration
here
```
You can confirm it worked by sending a message like this:
`@conduit:your.server.name: list_appservices`
The @conduit bot should answer with `Appservices (1): your-bridge`
Then you are done. Conduit will send messages to the appservices and the
appservice can send requests to the homeserver. You don't need to restart
Conduit, but if it doesn't work, restarting while the appservice is running
could help.
## Appservice-specific instructions
### Tested appservices
These appservices have been tested and work with Conduit without any extra steps:
- [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord)
- [mautrix-hangouts](https://github.com/mautrix/hangouts/)
- [mautrix-telegram](https://github.com/mautrix/telegram/)
### [mautrix-signal](https://github.com/mautrix/signal)
There are a few things you need to do, in order for the Signal bridge (at least
up to version `0.2.0`) to work. How you do this depends on whether you use
Docker or `virtualenv` to run it. In either case you need to modify
[portal.py](https://github.com/mautrix/signal/blob/master/mautrix_signal/portal.py).
Do this **before** following the bridge installation guide.
1. **Create a copy of `portal.py`**. Go to
[portal.py](https://github.com/mautrix/signal/blob/master/mautrix_signal/portal.py)
at [mautrix-signal](https://github.com/mautrix/signal) (make sure you change to
the correct commit/version of mautrix-signal you're using) and copy its
content. Create a new `portal.py` on your system and paste the content in.
2. **Patch the copy**. Exact line numbers may be slightly different, look nearby if they don't match:
- [Line 1020](https://github.com/mautrix/signal/blob/4ea831536f154aba6419d13292479eb383ea3308/mautrix_signal/portal.py#L1020)
```diff
--- levels.users[self.main_intent.mxid] = 9001 if is_initial else 100
+++ levels.users[self.main_intent.mxid] = 100 if is_initial else 100
```
- [Between lines 1041 and 1042](https://github.com/mautrix/signal/blob/4ea831536f154aba6419d13292479eb383ea3308/mautrix_signal/portal.py#L1041-L1042) add a new line:
```diff
"type": str(EventType.ROOM_POWER_LEVELS),
+++ "state_key": "",
"content": power_levels.serialize(),
```
3. **Deploy the patch**. This is different depending on how you have `mautrix-signal` deployed:
- [*If using virtualenv*] Copy your patched `portal.py` to `./lib/python3.7/site-packages/mautrix_signal/portal.py` (the exact version of Python may be different on your system).
- [*If using Docker*] Map the patched `portal.py` into the `mautrix-signal` container:
```yaml
volumes:
- ./your/path/on/host/portal.py:/usr/lib/python3.9/site-packages/mautrix_signal/portal.py
```
4. Now continue with the [bridge installation instructions ](https://docs.mau.fi/bridges/index.html) and the general bridge notes above.

10
CROSS_COMPILE.md
Unescape View File

@ -1,11 +1,13 @@ @@ -1,11 +1,13 @@
Install docker:
```
$ sudo apt install docker
$ sudo usermod -aG docker $USER
$ exec sudo su -l $USER
Then log out and back in.
$ sudo systemctl start docker
$ cargo install cross
$ cross build --release --target armv7-unknown-linux-musleabihf
```
$ cross build --release --features tls_vendored --target armv7-unknown-linux-musleabihf
The cross-compiled binary is at target/armv7-unknown-linux-musleabihf/release/conduit

1631
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

103
Cargo.toml
Unescape View File

@ -6,7 +6,7 @@ authors = ["timokoesters <timo@koesters.xyz>"] @@ -6,7 +6,7 @@ authors = ["timokoesters <timo@koesters.xyz>"]
homepage = "https://conduit.rs"
repository = "https://gitlab.com/famedly/conduit"
readme = "README.md"
version = "0.2.0"
version = "0.1.0"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@ -14,45 +14,45 @@ edition = "2018" @@ -14,45 +14,45 @@ edition = "2018"
[dependencies]
# Used to handle requests
# TODO: This can become optional as soon as proper configs are supported
# rocket = { git = "https://github.com/SergioBenitez/Rocket.git", rev = "801e04bd5369eb39e126c75f6d11e1e9597304d8", features = ["tls"] } # Used to handle requests
rocket = { version = "0.5.0-rc.1", features = ["tls"] } # Used to handle requests
rocket = { git = "https://github.com/SergioBenitez/Rocket.git", rev = "93e62c86eddf7cc9a7fc40b044182f83f0d7d92a", features = ["tls"] } # Used to handle requests
#rocket = { git = "https://github.com/timokoesters/Rocket.git", branch = "empty_parameters", default-features = false, features = ["tls"] }
# Used for matrix spec type definitions and helpers
#ruma = { version = "0.4.0", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-pre-spec", "unstable-exhaustive-types"] }
ruma = { git = "https://github.com/ruma/ruma", rev = "16f031fabb7871fcd738b0f25391193ee4ca28a9", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-pre-spec", "unstable-exhaustive-types"] }
#ruma = { git = "https://github.com/timokoesters/ruma", rev = "50c1db7e0a3a21fc794b0cce3b64285a4c750c71", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-pre-spec", "unstable-exhaustive-types"] }
#ruma = { path = "../ruma/crates/ruma", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-pre-spec", "unstable-exhaustive-types"] }
#ruma = { git = "https://github.com/ruma/ruma", features = ["rand", "appservice-api", "client-api", "federation-api", "unstable-pre-spec", "unstable-synapse-quirks", "unstable-exhaustive-types"], rev = "0a10afe6dacc2b7a50a8002c953d10b7fb4e37bc" }
# ruma = { git = "https://github.com/DevinR528/ruma", features = ["rand", "client-api", "federation-api", "unstable-exhaustive-types", "unstable-pre-spec", "unstable-synapse-quirks"], branch = "verified-export" }
ruma = { path = "../ruma/ruma", features = ["unstable-exhaustive-types", "rand", "client-api", "federation-api", "push-gateway-api", "unstable-pre-spec", "unstable-synapse-quirks"] }
# Used when doing state resolution
# state-res = { git = "https://github.com/timokoesters/state-res", branch = "timo-spec-comp", features = ["unstable-pre-spec"] }
# TODO: remove the gen-eventid feature
#state-res = { git = "https://github.com/ruma/state-res", branch = "main", features = ["unstable-pre-spec", "gen-eventid"] }
# state-res = { git = "https://github.com/ruma/state-res", rev = "791c66d73cf064d09db0cdf767d5fef43a343425", features = ["unstable-pre-spec", "gen-eventid"] }
state-res = { path = "../state-res", features = ["unstable-pre-spec", "gen-eventid"] }
# Used for long polling and federation sender, should be the same as rocket::tokio
tokio = "1.11.0"
tokio = "1.2.0"
# Used for storing data permanently
sled = { version = "0.34.6", features = ["compression", "no_metrics"], optional = true }
#sled = { git = "https://github.com/spacejam/sled.git", rev = "e4640e0773595229f398438886f19bca6f7326a2", features = ["compression"] }
# Used for the http request / response body type for Ruma endpoints used with reqwest
bytes = "1.1.0"
sled = { version = "0.34.6", default-features = false }
# Used for emitting log entries
log = "0.4.14"
# Used for rocket<->ruma conversions
http = "0.2.4"
http = "0.2.3"
# Used to find data directory for default db path
directories = "3.0.2"
directories = "3.0.1"
# Used for ruma wrapper
serde_json = { version = "1.0.67", features = ["raw_value"] }
serde_json = { version = "1.0.64", features = ["raw_value"] }
# Used for appservice registration files
serde_yaml = "0.8.20"
serde_yaml = "0.8.17"
# Used for pdu definition
serde = { version = "1.0.130", features = ["rc"] }
serde = "1.0.123"
# Used for secure identifiers
rand = "0.8.4"
rand = "0.8.3"
# Used to hash passwords
rust-argon2 = "0.8.3"
# Used to send requests
reqwest = { version = "0.11.4", default-features = false, features = ["rustls-tls-native-roots", "socks"] }
# Custom TLS verifier
rustls = { version = "0.19.1", features = ["dangerous_configuration"] }
rustls-native-certs = "0.5.0"
webpki = "0.22.0"
reqwest = { version = "0.11.1" }
# Used for conduit::Error type
thiserror = "1.0.28"
thiserror = "1.0.24"
# Used to generate thumbnails for images
image = { version = "0.23.14", default-features = false, features = ["jpeg", "png", "gif"] }
# Used to encode server public key
@ -60,36 +60,23 @@ base64 = "0.13.0" @@ -60,36 +60,23 @@ base64 = "0.13.0"
# Used when hashing the state
ring = "0.16.20"
# Used when querying the SRV record of other servers
trust-dns-resolver = "0.20.3"
trust-dns-resolver = "0.20.0"
# Used to find matching events for appservices
regex = "1.5.4"
regex = "1.4.3"
# jwt jsonwebtokens
jsonwebtoken = "7.2.0"
# Performance measurements
tracing = { version = "0.1.26", features = ["release_max_level_warn"] }
tracing-subscriber = "0.2.20"
tracing-flame = "0.1.0"
opentelemetry = { version = "0.16.0", features = ["rt-tokio"] }
opentelemetry-jaeger = { version = "0.15.0", features = ["rt-tokio"] }
lru-cache = "0.1.2"
rusqlite = { version = "0.25.3", optional = true, features = ["bundled"] }
parking_lot = { version = "0.11.2", optional = true }
crossbeam = { version = "0.8.1", optional = true }
num_cpus = "1.13.0"
threadpool = "1.8.1"
heed = { git = "https://github.com/timokoesters/heed.git", rev = "f6f825da7fb2c758867e05ad973ef800a6fe1d5d", optional = true }
thread_local = "1.1.3"
# used for TURN server authentication
hmac = "0.11.0"
sha-1 = "0.9.8"
tracing = "0.1.25"
opentelemetry = "0.12.0"
tracing-subscriber = "0.2.16"
tracing-opentelemetry = "0.11.0"
opentelemetry-jaeger = "0.11.0"
pretty_env_logger = "0.4.0"
[features]
default = ["conduit_bin", "backend_sqlite"]
backend_sled = ["sled"]
backend_sqlite = ["sqlite"]
backend_heed = ["heed", "crossbeam"]
sqlite = ["rusqlite", "parking_lot", "crossbeam", "tokio/signal"]
default = ["conduit_bin"]
conduit_bin = [] # TODO: add rocket to this when it is optional
tls_vendored = ["reqwest/native-tls-vendored"]
[[bin]]
name = "conduit"
@ -112,29 +99,13 @@ instead of a server that has high scalability.""" @@ -112,29 +99,13 @@ instead of a server that has high scalability."""
section = "net"
priority = "optional"
assets = [
["debian/env.local", "etc/matrix-conduit/local", "644"],
["debian/README.Debian", "usr/share/doc/matrix-conduit/", "644"],
["README.md", "usr/share/doc/matrix-conduit/", "644"],
["target/release/conduit", "usr/sbin/matrix-conduit", "755"],
]
conf-files = [
"/etc/matrix-conduit/conduit.toml"
"/etc/matrix-conduit/local"
]
maintainer-scripts = "debian/"
systemd-units = { unit-name = "matrix-conduit" }
[profile.dev]
lto = 'off'
incremental = true
[profile.release]
lto = 'thin'
incremental = true
codegen-units=32
# If you want to make flamegraphs, enable debug info:
# debug = true
# For releases also try to max optimizations for dependencies:
[profile.release.build-override]
opt-level = 3
[profile.release.package."*"]
opt-level = 3

141
DEPLOY.md
Unescape View File

@ -2,58 +2,28 @@ @@ -2,58 +2,28 @@
## Getting help
If you run into any problems while setting up Conduit, write an email to `timo@koesters.xyz`, ask us
in `#conduit:matrix.org` or [open an issue on GitLab](https://gitlab.com/famedly/conduit/-/issues/new).
If you run into any problems while setting up Conduit, write an email to `support@conduit.rs`, ask us in `#conduit:matrix.org` or [open an issue on GitLab](https://gitlab.com/famedly/conduit/-/issues/new).
## Installing Conduit
Although you might be able to compile Conduit for Windows, we do recommend running it on a linux server. We therefore
only offer Linux binaries.
You may simply download the binary that fits your machine. Run `uname -m` to see what you need. Now copy the right url:
| CPU Architecture | Download stable version |
| ------------------------------------------- | ------------------------------ |
| x84_64 / amd64 (Most servers and computers) | [Download][x84_64-musl-master] |
| armv6 | [Download][armv6-musl-master] |
| armv7 (e.g. Raspberry Pi by default) | [Download][armv7-musl-master] |
| armv8 / aarch64 | [Download][armv8-musl-master] |
[x84_64-musl-master]: https://gitlab.com/famedly/conduit/-/jobs/artifacts/master/raw/conduit-x86_64-unknown-linux-musl?job=build:release:cargo:x86_64-unknown-linux-musl
[armv6-musl-master]: https://gitlab.com/famedly/conduit/-/jobs/artifacts/master/raw/conduit-arm-unknown-linux-musleabihf?job=build:release:cargo:arm-unknown-linux-musleabihf
[armv7-musl-master]: https://gitlab.com/famedly/conduit/-/jobs/artifacts/master/raw/conduit-armv7-unknown-linux-musleabihf?job=build:release:cargo:armv7-unknown-linux-musleabihf
[armv8-musl-master]: https://gitlab.com/famedly/conduit/-/jobs/artifacts/master/raw/conduit-aarch64-unknown-linux-musl?job=build:release:cargo:aarch64-unknown-linux-musl
You have to download the binary that fits your machine. Run `uname -m` to see
what you need. Now copy the right url:
- x84_64: `https://conduit.rs/master/x86_64/conduit-bin`
- armv7: `https://conduit.rs/master/armv7/conduit-bin`
- armv8: `https://conduit.rs/master/armv8/conduit-bin`
- arm: `https://conduit.rs/master/arm/conduit-bin`
```bash
$ sudo wget -O /usr/local/bin/matrix-conduit <url>
$ sudo chmod +x /usr/local/bin/matrix-conduit
```
Alternatively, you may compile the binary yourself using
```bash
$ cargo build --release
```
Note that this currently requires Rust 1.50.
If you want to cross compile Conduit to another architecture, read the [Cross-Compile Guide](CROSS_COMPILE.md).
## Adding a Conduit user
While Conduit can run as any user it is usually better to use dedicated users for different services. This also allows
you to make sure that the file permissions are correctly set up.
In Debian you can use this command to create a Conduit user:
```bash
sudo adduser --system conduit --no-create-home
```
## Setting up a systemd service
Now we'll set up a systemd service for Conduit, so it's easy to start/stop Conduit and set it to autostart when your
server reboots. Simply paste the default systemd service you can find below into
Now we'll set up a systemd service for Conduit, so it's easy to start/stop
Conduit and set it to autostart when your server reboots. Simply paste the
default systemd service you can find below into
`/etc/systemd/system/conduit.service`.
```systemd
@ -63,8 +33,8 @@ After=network.target @@ -63,8 +33,8 @@ After=network.target
[Service]
Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml"
User=conduit
Group=nogroup
User=root
Group=root
Restart=always
ExecStart=/usr/local/bin/matrix-conduit
@ -73,16 +43,14 @@ WantedBy=multi-user.target @@ -73,16 +43,14 @@ WantedBy=multi-user.target
```
Finally, run
```bash
$ sudo systemctl daemon-reload
```
## Creating the Conduit configuration file
Now we need to create the Conduit's config file in `/etc/matrix-conduit/conduit.toml`. Paste this in **and take a moment
to read it. You need to change at least the server name.**
## Creating the Conduit configuration file
Now we need to create the Conduit's config file in `/etc/matrix-conduit/conduit.toml`. Paste this in **and take a moment to read it. You need to change at least the server name.**
```toml
[global]
# The server_name is the name of this server. It is used as a suffix for user
@ -108,40 +76,21 @@ port = 6167 @@ -108,40 +76,21 @@ port = 6167
# Max size for uploads
max_request_size = 20_000_000 # in bytes
# Enables registration. If set to false, no users can register on this server.
allow_registration = true
# Disabling registration means no new users will be able to register on this server
allow_registration = false
# Disable encryption, so no new encrypted rooms can be created
# Note: existing rooms will continue to work
allow_encryption = true
allow_federation = true
trusted_servers = ["matrix.org"]
#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
#cache_capacity = 1073741824 # in bytes, 1024 * 1024 * 1024
#max_concurrent_requests = 4 # How many requests Conduit sends to other servers at the same time
#workers = 4 # default: cpu core count * 2
address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
# The total amount of memory that the database will use.
#db_cache_capacity_mb = 200
```
## Setting the correct file permissions
As we are using a Conduit specific user we need to allow it to read the config. To do that you can run this command on
Debian:
```bash
sudo chown -R conduit:nogroup /etc/matrix-conduit
```
If you use the default database path you also need to run this:
```bash
sudo mkdir -p /var/lib/matrix-conduit/conduit_db
sudo chown -R conduit:nogroup /var/lib/matrix-conduit/conduit_db
```
## Setting up the Reverse Proxy
@ -150,8 +99,7 @@ This depends on whether you use Apache, Nginx or another web server. @@ -150,8 +99,7 @@ This depends on whether you use Apache, Nginx or another web server.
### Apache
Create `/etc/apache2/sites-enabled/050-conduit.conf` and copy-and-paste this:
```apache
```
Listen 8448
<VirtualHost *:443 *:8448>
@ -159,81 +107,58 @@ Listen 8448 @@ -159,81 +107,58 @@ Listen 8448
ServerName your.server.name # EDIT THIS
AllowEncodedSlashes NoDecode
ProxyPass /_matrix/ http://127.0.0.1:6167/_matrix/ nocanon
ProxyPassReverse /_matrix/ http://127.0.0.1:6167/_matrix/
ProxyPass /_matrix/ http://localhost:6167/
ProxyPassReverse /_matrix/ http://localhost:6167/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/your.server.name/fullchain.pem # EDIT THIS
SSLCertificateKeyFile /etc/letsencrypt/live/your.server.name/privkey.pem # EDIT THIS
</VirtualHost>
```
**You need to make some edits again.** When you are done, run
```bash
$ sudo systemctl reload apache2
```
### Nginx
If you use Nginx and not Apache, add the following server section inside the http section of `/etc/nginx/nginx.conf`
### Nginx
```nginx
If you use Nginx and not Apache, add the following server section inside the
http section of `/etc/nginx/nginx.conf`
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 8448 ssl http2;
listen [::]:8448 ssl http2;
listen 443;
listen 8448;
server_name your.server.name; # EDIT THIS
merge_slashes off;
location /_matrix/ {
proxy_pass http://127.0.0.1:6167$request_uri;
proxy_set_header Host $http_host;
proxy_buffering off;
proxy_pass http://localhost:6167/_matrix/;
}
ssl_certificate /etc/letsencrypt/live/your.server.name/fullchain.pem; # EDIT THIS
ssl_certificate_key /etc/letsencrypt/live/your.server.name/privkey.pem; # EDIT THIS
ssl_trusted_certificate /etc/letsencrypt/live/your.server.name/chain.pem; # EDIT THIS
include /etc/letsencrypt/options-ssl-nginx.conf;
}
```
**You need to make some edits again.** When you are done, run
```bash
$ sudo systemctl reload nginx
```
## SSL Certificate
The easiest way to get an SSL certificate, if you don't have one already, is to install `certbot` and run this:
```bash
$ sudo certbot -d your.server.name
```
## You're done!
Now you can start Conduit with:
```bash
$ sudo systemctl start conduit
```
Set it to start automatically when your system boots with:
```bash
$ sudo systemctl enable conduit
```
## How do I know it works?
You can open <https://app.element.io>, enter your homeserver and try to register.
You can also use these commands as a quick health check.
```bash
$ curl https://your.server.name/_matrix/client/versions
$ curl https://your.server.name:8448/_matrix/client/versions
```
If you want to set up an appservice, take a look at the [Appservice Guide](APPSERVICES.md).

137
Dockerfile
Unescape View File

@ -1,65 +1,73 @@ @@ -1,65 +1,73 @@
# syntax=docker/dockerfile:1
FROM docker.io/rust:1.53-alpine AS builder
WORKDIR /usr/src/conduit
# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
# Install required packages to build Conduit and it's dependencies
RUN apk add musl-dev
# == Build dependencies without our own code separately for caching ==
#
# Need a fake main.rs since Cargo refuses to build anything otherwise.
#
# See https://github.com/rust-lang/cargo/issues/2644 for a Cargo feature
# request that would allow just dependencies to be compiled, presumably
# regardless of whether source files are available.
RUN mkdir src && touch src/lib.rs && echo 'fn main() {}' > src/main.rs
COPY Cargo.toml Cargo.lock ./
RUN cargo build --release && rm -r src
########################## BUILD IMAGE ##########################
# Alpine build image to build Conduit's statically compiled binary
FROM alpine:3.12 as builder
# Copy over actual Conduit sources
COPY src src
# Specifies if the local project is build or if Conduit gets build
# from the official git repository. Defaults to the git repo.
ARG LOCAL=false
# Specifies which revision/commit is build. Defaults to HEAD
ARG GIT_REF=origin/master
# main.rs and lib.rs need their timestamp updated for this to work correctly since
# otherwise the build with the fake main.rs from above is newer than the
# source files (COPY preserves timestamps).
#
# Builds conduit and places the binary at /usr/src/conduit/target/release/conduit
RUN touch src/main.rs && touch src/lib.rs && cargo build --release
# Add 'edge'-repository to get Rust 1.45
RUN sed -i \
-e 's|v3\.12|edge|' \
/etc/apk/repositories
# ---------------------------------------------------------------------------------------------------------------
# Stuff below this line actually ends up in the resulting docker image
# ---------------------------------------------------------------------------------------------------------------
FROM docker.io/alpine:3.15.0 AS runner
# Standard port on which Conduit launches.
# You still need to map the port when using the docker command or docker-compose.
EXPOSE 6167
# Note from @jfowl: I would like to remove this in the future and just have the Docker version be configured with envs.
ENV CONDUIT_CONFIG="/srv/conduit/conduit.toml"
# Conduit needs:
# ca-certificates: for https
# libgcc: Apparently this is needed, even if I (@jfowl) don't know exactly why. But whatever, it's not that big.
# Install packages needed for building all crates
RUN apk add --no-cache \
ca-certificates \
libgcc
# Created directory for the database and media files
cargo \
openssl-dev
# Copy project files from current folder
COPY . .
# Build it from the copied local files or from the official git repository
RUN if [[ $LOCAL == "true" ]]; then \
cargo install --path . ; \
else \
cargo install --git "https://github.com/timokoesters/conduit.git" --rev ${GIT_REF}; \
fi
########################## RUNTIME IMAGE ##########################
# Create new stage with a minimal image for the actual
# runtime image/container
FROM alpine:3.12
ARG CREATED
ARG VERSION
ARG GIT_REF=HEAD
# Labels according to https://github.com/opencontainers/image-spec/blob/master/annotations.md
# including a custom label specifying the build command
LABEL org.opencontainers.image.created=${CREATED} \
org.opencontainers.image.authors="Conduit Contributors" \
org.opencontainers.image.title="Conduit" \
org.opencontainers.image.version=${VERSION} \
org.opencontainers.image.vendor="Conduit Contributors" \
org.opencontainers.image.description="A Matrix homeserver written in Rust" \
org.opencontainers.image.url="https://conduit.rs/" \
org.opencontainers.image.revision=${GIT_REF} \
org.opencontainers.image.source="https://git.koesters.xyz/timo/conduit.git" \
org.opencontainers.image.licenses="Apache-2.0" \
org.opencontainers.image.documentation="" \
org.opencontainers.image.ref.name="" \
org.label-schema.docker.build="docker build . -t matrixconduit/matrix-conduit:latest --build-arg CREATED=$(date -u +'%Y-%m-%dT%H:%M:%SZ') --build-arg VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml)" \
maintainer="Weasy666"
# Standard port on which Rocket launches
EXPOSE 8000
# Copy config files from context and the binary from
# the "builder" stage to the current stage into folder
# /srv/conduit and create data folder for database
RUN mkdir -p /srv/conduit/.local/share/conduit
COPY --from=builder /root/.cargo/bin/conduit /srv/conduit/
# Test if Conduit is still alive, uses the same endpoint as Element
COPY ./docker/healthcheck.sh /srv/conduit/healthcheck.sh
HEALTHCHECK --start-period=5s --interval=5s CMD ./healthcheck.sh
# Copy over the actual Conduit binary from the builder stage
COPY --from=builder /usr/src/conduit/target/release/conduit /srv/conduit/conduit
# Improve security: Don't run stuff as root, that does not need to run as root:
# Add www-data user and group with UID 82, as used by alpine
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install
RUN set -x ; \
@ -69,13 +77,22 @@ RUN set -x ; \ @@ -69,13 +77,22 @@ RUN set -x ; \
# Change ownership of Conduit files to www-data user and group
RUN chown -cR www-data:www-data /srv/conduit
RUN chmod +x /srv/conduit/healthcheck.sh
# Change user to www-data
# Install packages needed to run Conduit
RUN apk add --no-cache \
ca-certificates \
curl \
libgcc
# Create a volume for the database, to persist its contents
VOLUME ["/srv/conduit/.local/share/conduit"]
# Test if Conduit is still alive, uses the same endpoint as Element
HEALTHCHECK --start-period=2s CMD curl --fail -s http://localhost:8000/_matrix/client/versions || curl -k --fail -s https://localhost:8000/_matrix/client/versions || exit 1
# Set user to www-data
USER www-data
# Set container home directory
WORKDIR /srv/conduit
# Run Conduit and print backtraces on panics
ENV RUST_BACKTRACE=1
ENTRYPOINT [ "/srv/conduit/conduit" ]
# Run Conduit
ENTRYPOINT [ "/srv/conduit/conduit" ]

73
README.md
Unescape View File

@ -1,73 +1,66 @@ @@ -1,73 +1,66 @@
# Conduit
### A Matrix homeserver written in Rust
[![Liberapay](https://img.shields.io/liberapay/receives/timokoesters?logo=liberapay)](https://liberapay.com/timokoesters)
[![Matrix](https://img.shields.io/matrix/conduit:conduit.rs?server_fqdn=conduit.koesters.xyz)](https://matrix.to/#/#conduit:matrix.org)
#### What is the goal?
An efficient Matrix homeserver that's easy to set up and just works. You can install
A fast Matrix homeserver that's easy to set up and just works. You can install
it on a mini-computer like the Raspberry Pi to host Matrix for your family,
friends or company.
#### Can I try it out?
Yes! You can test our Conduit instance by opening a Matrix client (<https://app.element.io> or Element Android for
example) and registering on the `conduit.rs` homeserver.
Yes! Just open a Matrix client (<https://app.element.io> or Element Android for
example) and register on the `https://conduit.koesters.xyz` homeserver.
It is hosted on a ODROID HC 2 with 2GB RAM and a SAMSUNG Exynos 5422 CPU, which
was used in the Samsung Galaxy S5. It joined many big rooms including Matrix
HQ.
#### How can I deploy my own?
##### Deploy
#### What is the current status?
Download or compile a conduit binary and call it from somewhere like a systemd script. [Read
more](DEPLOY.md)
As of 2021-09-01, Conduit is Beta, meaning you can join and participate in most
Matrix rooms, but not all features are supported and you might run into bugs
from time to time.
##### Deploy using Docker
There are still a few important features missing:
Pull and run the docker image with
- E2EE verification over federation
- Outgoing read receipts, typing, presence over federation
``` bash
docker pull matrixconduit/matrix-conduit:latest
docker run -d -p 8448:8000 -v db:/srv/conduit/.local/share/conduit matrixconduit/matrix-conduit:latest
```
Check out the [Conduit 1.0 Release Milestone](https://gitlab.com/famedly/conduit/-/milestones/3).
Or build and run it with docker or docker-compose. [Read more](docker/README.md)
#### What is it build on?
#### How can I deploy my own?
- [Ruma](https://www.ruma.io): Useful structures for endpoint requests and
responses that can be (de)serialized
- [Sled](https://github.com/spacejam/sled): A simple (key, value) database with
good performance
- [Rocket](https://rocket.rs): A flexible web framework
Simple install (this was tested the most): [DEPLOY.md](DEPLOY.md)\
Debian package: [debian/README.Debian](debian/README.Debian)\
Docker: [docker/README.md](docker/README.md)
#### What are the biggest things still missing?
If you want to connect an Appservice to Conduit, take a look at [APPSERVICES.md](APPSERVICES.md).
- Appservices (Bridges and Bots)
- Most federation features (invites, e2ee)
- Push notifications on mobile
- Notification settings
- Lots of testing
Also check out the [milestones](https://git.koesters.xyz/timo/conduit/milestones).
#### How can I contribute?
1. Look for an issue you would like to work on and make sure it's not assigned
to other users
2. Ask someone to assign the issue to you (comment on the issue or chat in
#conduit:nordgedanken.dev)
3. Fork the repo and work on the issue. #conduit:nordgedanken.dev is happy to help :)
4. Submit a MR
#### Thanks to
Thanks to Famedly, Prototype Fund (DLR and German BMBF) and all other individuals for financially supporting this project.
Thanks to the contributors to Conduit and all libraries we use, for example:
- Ruma: A clean library for the Matrix Spec in Rust
- Rocket: A flexible web framework
#conduit:matrix.org)
3. Fork the repo and work on the issue. #conduit:matrix.org is happy to help :)
4. Submit a PR
#### Donate
Liberapay: <https://liberapay.com/timokoesters/>\
Bitcoin: `bc1qnnykf986tw49ur7wx9rpw2tevpsztvar5x8w4n`
#### Logo
Lightning Bolt Logo: https://github.com/mozilla/fxemoji/blob/gh-pages/svgs/nature/u26A1-bolt.svg \
Logo License: https://github.com/mozilla/fxemoji/blob/gh-pages/LICENSE.md

20
conduit-example.toml
Unescape View File

@ -11,8 +11,8 @@ @@ -11,8 +11,8 @@
# YOU NEED TO EDIT THIS
#server_name = "your.server.name"
# This is the only directory where Conduit will save its data
database_path = "/var/lib/conduit/"
# This is the only directly where Conduit will save its data
database_path = "/var/lib/conduit/conduit.db"
# The port Conduit will be running on. You need to set up a reverse proxy in
# your web server (e.g. apache or nginx), so all requests to /_matrix on port
@ -22,8 +22,8 @@ port = 6167 @@ -22,8 +22,8 @@ port = 6167
# Max size for uploads
max_request_size = 20_000_000 # in bytes
# Enables registration. If set to false, no users can register on this server.
allow_registration = true
# Disable registration. No new users will be able to register on this server
#allow_registration = false
# Disable encryption, so no new encrypted rooms can be created
# Note: existing rooms will continue to work
@ -33,16 +33,8 @@ allow_registration = true @@ -33,16 +33,8 @@ allow_registration = true
# Enable jaeger to support monitoring and troubleshooting through jaeger
#allow_jaeger = false
trusted_servers = ["matrix.org"]
#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
#log = "info,state_res=warn,rocket=off,_=off,sled=off"
#cache_capacity = 1073741824 # in bytes, 1024 * 1024 * 1024
#max_concurrent_requests = 4 # How many requests Conduit sends to other servers at the same time
#workers = 4 # default: cpu core count * 2
address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
#address = "0.0.0.0" # If Conduit is running in a container, make sure the reverse proxy (ie. Traefik) can reach it.
proxy = "none" # more examples can be found at src/database/proxy.rs:6
# The total amount of memory that the database will use.
#db_cache_capacity_mb = 200

20
debian/README.Debian vendored
Unescape View File

@ -4,25 +4,25 @@ Conduit for Debian @@ -4,25 +4,25 @@ Conduit for Debian
Configuration
-------------
When installed, Debconf generates the configuration of the homeserver
(host)name, the address and port it listens on. This configuration ends up in
/etc/matrix-conduit/conduit.toml.
When installed, Debconf handles the configuration of the homeserver (host)name,
the address and port it listens on. These configuration variables end up in
/etc/matrix-conduit/debian.
You can tweak more detailed settings by uncommenting and setting the variables
in /etc/matrix-conduit/conduit.toml. This involves settings such as the maximum
file size for download/upload, enabling federation, etc.
in /etc/matrix-conduit/local. This involves settings such as the maximum file
size for download/upload, enabling federation, etc.
Running
-------
The package uses the matrix-conduit.service systemd unit file to start and
stop Conduit. It loads the configuration file mentioned above to set up the
stop Conduit. It loads the configuration files mentioned above to set up the
environment before running the server.
This package assumes by default that Conduit will be placed behind a reverse
proxy such as Apache or nginx. This default deployment entails just listening
on 127.0.0.1 and the free port 6167 and is reachable via a client using the URL
http://localhost:6167.
This package assumes by default that Conduit is placed behind a reverse proxy
such as Apache or nginx. This default deployment entails just listening on
127.0.0.1 and the free port 14004 and is reachable via a client using the URL
http://localhost:14004.
At a later stage this packaging may support also setting up TLS and running
stand-alone. In this case, however, you need to set up some certificates and

33
debian/env.local vendored
Unescape View File

@ -0,0 +1,33 @@ @@ -0,0 +1,33 @@
# Conduit homeserver local configuration
#
# Conduit is an application based on the Rocket web framework.
# Configuration of Conduit happens via Debconf (see the resulting config in
# `/etc/matrix-conduit/debian`) and optionally by uncommenting and tweaking the
# variables in this file below.
# The maximum size of a Matrix HTTP requests in bytes.
#
# This mostly affects the size of files that can be downloaded/uploaded.
# It defaults to 20971520 (20MB).
#ROCKET_MAX_REQUEST_SIZE=20971520
# Whether user registration is allowed.
#
# User registration is not disabled by default.
#ROCKET_REGISTRATION_DISABLED=false
# Whether encryption is enabled.
#
# (End-to-end) encryption is not disabled by default.
#ROCKET_ENCRYPTION_DISABLED=false
# Whether federation with other Matrix servers is enabled.
#
# Federation is not enabled by default; it is still experimental.
#ROCKET_FEDERATION_ENABLED=false
# The log level of the homeserver.
#
# The log level is "critical" by default.
# Allowed values are: "off", "normal", "debug", "critical"
#ROCKET_LOG="critical"

5
debian/matrix-conduit.service vendored
Unescape View File

@ -34,7 +34,10 @@ SystemCallFilter=@system-service @@ -34,7 +34,10 @@ SystemCallFilter=@system-service
SystemCallErrorNumber=EPERM
StateDirectory=matrix-conduit
Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml"
Environment="ROCKET_ENV=production"
Environment="ROCKET_DATABASE_PATH=/var/lib/matrix-conduit"
EnvironmentFile=/etc/matrix-conduit/debian
EnvironmentFile=/etc/matrix-conduit/local
ExecStart=/usr/sbin/matrix-conduit
Restart=on-failure

90
debian/postinst vendored
Unescape View File

@ -4,8 +4,8 @@ set -e @@ -4,8 +4,8 @@ set -e
. /usr/share/debconf/confmodule
CONDUIT_CONFIG_PATH=/etc/matrix-conduit
CONDUIT_CONFIG_FILE="${CONDUIT_CONFIG_PATH}/conduit.toml"
CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit/conduit_db
CONDUIT_CONFIG_FILE="$CONDUIT_CONFIG_PATH/debian"
CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit
case "$1" in
configure)
@ -13,7 +13,7 @@ case "$1" in @@ -13,7 +13,7 @@ case "$1" in
if ! getent passwd _matrix-conduit > /dev/null ; then
echo 'Adding system user for the Conduit Matrix homeserver' 1>&2
adduser --system --group --quiet \
--home "$CONDUIT_DATABASE_PATH" \
--home $CONDUIT_DATABASE_PATH \
--disabled-login \
--force-badname \
_matrix-conduit
@ -25,62 +25,48 @@ case "$1" in @@ -25,62 +25,48 @@ case "$1" in
chown _matrix-conduit "$CONDUIT_DATABASE_PATH"
fi
if [ ! -e "$CONDUIT_CONFIG_FILE" ]; then
# Write the debconf values in the config.
db_get matrix-conduit/hostname
CONDUIT_SERVER_NAME="$RET"
db_get matrix-conduit/address
CONDUIT_ADDRESS="$RET"
db_get matrix-conduit/port
CONDUIT_PORT="$RET"
mkdir -p "$CONDUIT_CONFIG_PATH"
cat > "$CONDUIT_CONFIG_FILE" << EOF
[global]
# The server_name is the name of this server. It is used as a suffix for user
# and room ids. Examples: matrix.org, conduit.rs
# The Conduit server needs to be reachable at https://your.server.name/ on port
# 443 (client-server) and 8448 (federation) OR you can create /.well-known
# files to redirect requests. See
# https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client
# and https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server
# for more information.
server_name = "${CONDUIT_SERVER_NAME}"
# Write the debconf values in the config.
db_get matrix-conduit/hostname
ROCKET_SERVER_NAME="$RET"
db_get matrix-conduit/address
ROCKET_ADDRESS="$RET"
db_get matrix-conduit/port
ROCKET_PORT="$RET"
cat >"$CONDUIT_CONFIG_FILE" << EOF
# Conduit homeserver Debian configuration
#
# Conduit is an application based on the Rocket web framework.
# Configuration of Conduit happens via Debconf (of which the resulting config
# is in this file) and optionally by uncommenting and tweaking the variables in
# /etc/matrix-conduit/local.
# This is the only directory where Conduit will save its data.
database_path = "${CONDUIT_DATABASE_PATH}"
# THIS FILE IS GENERATED BY DEBCONF AND WILL BE OVERRIDDEN!
#
# Please make changes by running:
#
# \$ dpkg-reconfigure matrix-conduit
#
# or by providing overriding changes in /etc/matrix-conduit/local.
# The address Conduit will be listening on.
# The server (host)name of the Matrix homeserver.
#
# This is the hostname the homeserver will be reachable at via a client.
ROCKET_SERVER_NAME="$ROCKET_SERVER_NAME"
# The address the Matrix homeserver listens on.
#
# By default the server listens on address 0.0.0.0. Change this to 127.0.0.1 to
# only listen on the localhost when using a reverse proxy.
address = "${CONDUIT_ADDRESS}"
# The port Conduit will be running on. You need to set up a reverse proxy in
# your web server (e.g. apache or nginx), so all requests to /_matrix on port
# 443 and 8448 will be forwarded to the Conduit instance running on this port.
port = ${CONDUIT_PORT}
# Max size for uploads
max_request_size = 20_000_000 # in bytes
# Enables registration. If set to false, no users can register on this server.
allow_registration = true
ROCKET_ADDRESS="$ROCKET_ADDRESS"
# Disable encryption, so no new encrypted rooms can be created.
# Note: Existing rooms will continue to work.
#allow_encryption = false
#allow_federation = false
# The port of the Matrix homeserver.
#
# This port is could be any available port if accessed by a reverse proxy.
# By default the server listens on port 8000.
ROCKET_PORT="$ROCKET_PORT"
# Enable jaeger to support monitoring and troubleshooting through jaeger.
#allow_jaeger = false
#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
#log = "info,state_res=warn,rocket=off,_=off,sled=off"
#workers = 4 # default: cpu core count * 2
# The total amount of memory that the database will use.
#db_cache_capacity_mb = 200
# THIS FILE IS GENERATED BY DEBCONF AND WILL BE OVERRIDDEN!
EOF
fi
;;
esac

5
debian/postrm vendored
Unescape View File

@ -1,16 +1,11 @@ @@ -1,16 +1,11 @@
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
CONDUIT_CONFIG_PATH=/etc/matrix-conduit
CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit
case $1 in
purge)
# Remove debconf changes from the db
db_purge
# Per https://www.debian.org/doc/debian-policy/ch-files.html#behavior
# "configuration files must be preserved when the package is removed, and
# only deleted when the package is purged."

2
debian/templates vendored
Unescape View File

@ -16,6 +16,6 @@ Description: The listen address of the Matrix homeserver @@ -16,6 +16,6 @@ Description: The listen address of the Matrix homeserver
Template: matrix-conduit/port
Type: string
Default: 6167
Default: 14004
Description: The port of the Matrix homeserver
This port is most often just accessed by a reverse proxy.

43
docker-compose.yml
Unescape View File

@ -3,7 +3,7 @@ version: '3' @@ -3,7 +3,7 @@ version: '3'
services:
homeserver:
### If you already built the Conduit image with 'docker build' or want to use a registry image,
### If you already built the Conduit image with 'docker build' or want to use the Docker Hub image,
### then you are ready to go.
image: matrixconduit/matrix-conduit:latest
### If you want to build a fresh image from the sources, then comment the image line and uncomment the
@ -12,41 +12,36 @@ services: @@ -12,41 +12,36 @@ services:
# build:
# context: .
# args:
# CREATED: '2021-03-16T08:18:27Z'
# VERSION: '0.1.0'
# CREATED:
# VERSION:
# LOCAL: 'false'
# GIT_REF: origin/master
# GIT_REF: HEAD
restart: unless-stopped
ports:
- 8448:6167
- 8448:8000
volumes:
- db:/srv/conduit/.local/share/conduit
### Uncomment if you want to use conduit.toml to configure Conduit
### Note: Set env vars will override conduit.toml values
# - ./conduit.toml:/srv/conduit/conduit.toml
### Uncomment if you want to use Rocket.toml to configure Conduit
### Note: Set env vars will override Rocket.toml values
# - ./Rocket.toml:/srv/conduit/Rocket.toml
environment:
CONDUIT_SERVER_NAME: localhost:6167 # replace with your own name
CONDUIT_TRUSTED_SERVERS: '["matrix.org"]'
CONDUIT_ALLOW_REGISTRATION: 'true'
ROCKET_SERVER_NAME: localhost:8000 # replace with your own name
### Uncomment and change values as desired
# CONDUIT_ADDRESS: 0.0.0.0
# CONDUIT_PORT: 6167
# CONDUIT_CONFIG: '/srv/conduit/conduit.toml' # if you want to configure purely by env vars, set this to an empty string ''
# Available levels are: error, warn, info, debug, trace - more info at: https://docs.rs/env_logger/*/env_logger/#enabling-logging
# CONDUIT_LOG: info # default is: "info,rocket=off,_=off,sled=off"
# CONDUIT_ALLOW_JAEGER: 'false'
# CONDUIT_ALLOW_ENCRYPTION: 'false'
# CONDUIT_ALLOW_FEDERATION: 'false'
# CONDUIT_DATABASE_PATH: /srv/conduit/.local/share/conduit
# CONDUIT_WORKERS: 10
# CONDUIT_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB
# ROCKET_LOG: normal # Available levels are: off, debug, normal, critical
# ROCKET_PORT: 8000
# ROCKET_REGISTRATION_DISABLED: 'true'
# ROCKET_ENCRYPTION_DISABLED: 'true'
# ROCKET_FEDERATION_ENABLED: 'true'
# ROCKET_DATABASE_PATH: /srv/conduit/.local/share/conduit
# ROCKET_WORKERS: 10
# ROCKET_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB
### Uncomment if you want to use your own Element-Web App.
### Note: You need to provide a config.json for Element and you also need a second
### Domain or Subdomain for the communication between Element and Conduit
### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
# element-web:
# image: vectorim/element-web:latest
# image: vectorim/riot-web:latest
# restart: unless-stopped
# ports:
# - 8009:80
@ -56,4 +51,4 @@ services: @@ -56,4 +51,4 @@ services:
# - homeserver
volumes:
db:
db:

113
docker/README.md
Unescape View File

@ -2,120 +2,71 @@ @@ -2,120 +2,71 @@
> **Note:** To run and use Conduit you should probably use it with a Domain or Subdomain behind a reverse proxy (like Nginx, Traefik, Apache, ...) with a Lets Encrypt certificate.
## Docker
### Build & Dockerfile
The Dockerfile provided by Conduit has two stages, each of which creates an image.
1. **Builder:** Builds the binary from local context or by cloning a git revision from the official repository.
2. **Runner:** Copies the built binary from **Builder** and sets up the runtime environment, like creating a volume to persist the database and applying the correct permissions.
2. **Runtime:** Copies the built binary from **Builder** and sets up the runtime environment, like creating a volume to persist the database and applying the correct permissions.
The Dockerfile includes a few build arguments that should be supplied when building it.
``` Dockerfile
ARG LOCAL=false
ARG CREATED
ARG VERSION
ARG GIT_REF=HEAD
```
- **CREATED:** Date and time as string (date-time as defined by RFC 3339). Will be used to create the Open Container Initiative compliant label `org.opencontainers.image.created`. Supply by it like this `$(date -u +'%Y-%m-%dT%H:%M:%SZ')`
- **VERSION:** The SemVer version of Conduit, which is in the image. Will be used to create the Open Container Initiative compliant label `org.opencontainers.image.version`. If you have a `Cargo.toml` in your build context, you can get it with `$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml)`
- **LOCAL:** *(Optional)* A boolean value, specifies if the local build context should be used, or if the official repository will be cloned. If not supplied with the build command, it will default to `false`.
- **GIT_REF:** *(Optional)* A git ref, like `HEAD` or a commit ID. The supplied ref will be used to create the Open Container Initiative compliant label `org.opencontainers.image.revision` and will be the ref that is cloned from the repository when not building from the local context. If not supplied with the build command, it will default to `HEAD`.
To build the image you can use the following command
```bash
docker build --tag matrixconduit/matrix-conduit:latest .
``` bash
docker build . -t matrixconduit/matrix-conduit:latest --build-arg CREATED=$(date -u +'%Y-%m-%dT%H:%M:%SZ') --build-arg VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml)
```
which also will tag the resulting image as `matrixconduit/matrix-conduit:latest`.
**Note:** it ommits the two optional `build-arg`s.
### Run
After building the image you can simply run it with
```bash
docker run -d -p 8448:6167 -v ~/conduit.toml:/srv/conduit/conduit.toml -v db:/srv/conduit/.local/share/conduit matrixconduit/matrix-conduit:latest
``` bash
docker run -d -p 8448:8000 -v db:/srv/conduit/.local/share/conduit -e ROCKET_SERVER_NAME="localhost:8000" matrixconduit/matrix-conduit:latest
```
or you can skip the build step and pull the image from one of the following registries:
| Registry | Image | Size |
| --------------- | --------------------------------------------------------------- | --------------------- |
| Docker Hub | [matrixconduit/matrix-conduit:latest][dh] | ![Image Size][shield] |
| GitLab Registry | [registry.gitlab.com/famedly/conduit/matrix-conduit:latest][gl] | ![Image Size][shield] |
[dh]: https://hub.docker.com/r/matrixconduit/matrix-conduit
[gl]: https://gitlab.com/famedly/conduit/container_registry/
[shield]: https://img.shields.io/docker/image-size/matrixconduit/matrix-conduit/latest
The `-d` flag lets the container run in detached mode. You now need to supply a `conduit.toml` config file, an example can be found [here](../conduit-example.toml).
You can pass in different env vars to change config values on the fly. You can even configure Conduit completely by using env vars, but for that you need
to pass `-e CONDUIT_CONFIG=""` into your container. For an overview of possible values, please take a look at the `docker-compose.yml` file.
For detached mode, you also need to use the `-d` flag. You can pass in more env vars as are shown here, for an overview of possible values, you can take a look at the `docker-compose.yml` file.
If you just want to test Conduit for a short time, you can use the `--rm` flag, which will clean up everything related to your container after you stop it.
## Docker-compose
If the docker command is not for you or your setup, you can also use one of the provided `docker-compose` files. Depending on your proxy setup, use the [`docker-compose.traefik.yml`](docker-compose.traefik.yml) and [`docker-compose.override.traefik.yml`](docker-compose.override.traefik.yml) for Traefik (don't forget to remove `.traefik` from the filenames) or the normal [`docker-compose.yml`](../docker-compose.yml) for every other reverse proxy. Additional info about deploying
Conduit can be found [here](../DEPLOY.md).
If the docker command is not for you or your setup, you can also use one of the provided `docker-compose` files. Depending on your proxy setup, use the [`docker-compose.traefik.yml`](docker-compose.traefik.yml) including [`docker-compose.override.traefik.yml`](docker-compose.override.traefik.yml) or the normal [`docker-compose.yml`](../docker-compose.yml) for every other reverse proxy.
### Build
To build the Conduit image with docker-compose, you first need to open and modify the `docker-compose.yml` file. There you need to comment the `image:` option and uncomment the `build:` option. Then call docker-compose with:
```bash
docker-compose up
``` bash
CREATED=$(date -u +'%Y-%m-%dT%H:%M:%SZ') VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml) docker-compose up
```
This will also start the container right afterwards, so if want it to run in detached mode, you also should use the `-d` flag.
This will also start the container right afterwards, so if want it to run in detached mode, you also should use the `-d` flag. For possible `build-args`, please take a look at the above `Build & Dockerfile` section.
### Run
If you already have built the image or want to use one from the registries, you can just start the container and everything else in the compose file in detached mode with:
If you already have built the image, you can just start the container and everything else in the compose file in detached mode with:
```bash
``` bash
docker-compose up -d
```
> **Note:** Don't forget to modify and adjust the compose file to your needs.
### Use Traefik as Proxy
As a container user, you probably know about Traefik. It is a easy to use reverse proxy for making containerized app and services available through the web. With the
two provided files, [`docker-compose.traefik.yml`](docker-compose.traefik.yml) and [`docker-compose.override.traefik.yml`](docker-compose.override.traefik.yml), it is
equally easy to deploy and use Conduit, with a little caveat. If you already took a look at the files, then you should have seen the `well-known` service, and that is
the little caveat. Traefik is simply a proxy and loadbalancer and is not able to serve any kind of content, but for Conduit to federate, we need to either expose ports
`443` and `8448` or serve two endpoints `.well-known/matrix/client` and `.well-known/matrix/server`.
With the service `well-known` we use a single `nginx` container that will serve those two files.
So...step by step:
1. Copy [`docker-compose.traefik.yml`](docker-compose.traefik.yml) and [`docker-compose.override.traefik.yml`](docker-compose.override.traefik.yml) from the repository and remove `.traefik` from the filenames.
2. Open both files and modify/adjust them to your needs. Meaning, change the `CONDUIT_SERVER_NAME` and the volume host mappings according to your needs.
3. Create the `conduit.toml` config file, an example can be found [here](../conduit-example.toml), or set `CONDUIT_CONFIG=""` and configure Conduit per env vars.
4. Uncomment the `element-web` service if you want to host your own Element Web Client and create a `element_config.json`.
5. Create the files needed by the `well-known` service.
- `./nginx/matrix.conf` (relative to the compose file, you can change this, but then also need to change the volume mapping)
```nginx
server {
server_name <SUBDOMAIN>.<DOMAIN>;
listen 80 default_server;
location /.well-known/matrix/ {
root /var/www;
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
}
```
- `./nginx/www/.well-known/matrix/client` (relative to the compose file, you can change this, but then also need to change the volume mapping)
```json
{
"m.homeserver": {
"base_url": "https://<SUBDOMAIN>.<DOMAIN>"
}
}
```
- `./nginx/www/.well-known/matrix/server` (relative to the compose file, you can change this, but then also need to change the volume mapping)
```json
{
"m.server": "<SUBDOMAIN>.<DOMAIN>:443"
}
```
6. Run `docker-compose up -d`
7. Connect to your homeserver with your preferred client and create a user. You should do this immediatly after starting Conduit, because the first created user is the admin.

78
docker/ci-binaries-packaging.Dockerfile
Unescape View File

@ -1,78 +0,0 @@ @@ -1,78 +0,0 @@
# syntax=docker/dockerfile:1
# ---------------------------------------------------------------------------------------------------------
# This Dockerfile is intended to be built as part of Conduit's CI pipeline.
# It does not build Conduit in Docker, but just copies the matching build artifact from the build jobs.
#
# It is mostly based on the normal Conduit Dockerfile, but adjusted in a few places to maximise caching.
# Credit's for the original Dockerfile: Weasy666.
# ---------------------------------------------------------------------------------------------------------
FROM docker.io/alpine:3.15.0 AS runner
# Standard port on which Conduit launches.
# You still need to map the port when using the docker command or docker-compose.
EXPOSE 6167
# Note from @jfowl: I would like to remove this in the future and just have the Docker version be configured with envs.
ENV CONDUIT_CONFIG="/srv/conduit/conduit.toml"
# Conduit needs:
# ca-certificates: for https
# libgcc: Apparently this is needed, even if I (@jfowl) don't know exactly why. But whatever, it's not that big.
RUN apk add --no-cache \
ca-certificates \
libgcc
ARG CREATED
ARG VERSION
ARG GIT_REF
# Labels according to https://github.com/opencontainers/image-spec/blob/master/annotations.md
# including a custom label specifying the build command
LABEL org.opencontainers.image.created=${CREATED} \
org.opencontainers.image.authors="Conduit Contributors" \
org.opencontainers.image.title="Conduit" \
org.opencontainers.image.version=${VERSION} \
org.opencontainers.image.vendor="Conduit Contributors" \
org.opencontainers.image.description="A Matrix homeserver written in Rust" \
org.opencontainers.image.url="https://conduit.rs/" \
org.opencontainers.image.revision=${GIT_REF} \
org.opencontainers.image.source="https://gitlab.com/famedly/conduit.git" \
org.opencontainers.image.licenses="Apache-2.0" \
org.opencontainers.image.documentation="https://gitlab.com/famedly/conduit" \
org.opencontainers.image.ref.name=""
# Created directory for the database and media files
RUN mkdir -p /srv/conduit/.local/share/conduit
# Test if Conduit is still alive, uses the same endpoint as Element
COPY ./docker/healthcheck.sh /srv/conduit/healthcheck.sh
HEALTHCHECK --start-period=5s --interval=5s CMD ./healthcheck.sh
# Depending on the target platform (e.g. "linux/arm/v7", "linux/arm64/v8", or "linux/amd64")
# copy the matching binary into this docker image
ARG TARGETPLATFORM
COPY ./$TARGETPLATFORM /srv/conduit/conduit
# Improve security: Don't run stuff as root, that does not need to run as root:
# Add www-data user and group with UID 82, as used by alpine
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install
RUN set -x ; \
addgroup -Sg 82 www-data 2>/dev/null ; \
adduser -S -D -H -h /srv/conduit -G www-data -g www-data www-data 2>/dev/null ; \
addgroup www-data www-data 2>/dev/null && exit 0 ; exit 1
# Change ownership of Conduit files to www-data user and group
RUN chown -cR www-data:www-data /srv/conduit
RUN chmod +x /srv/conduit/healthcheck.sh
# Change user to www-data
USER www-data
# Set container home directory
WORKDIR /srv/conduit
# Run Conduit and print backtraces on panics
ENV RUST_BACKTRACE=1
ENTRYPOINT [ "/srv/conduit/conduit" ]

23
docker/docker-compose.override.traefik.yml
Unescape View File

@ -10,29 +10,6 @@ services: @@ -10,29 +10,6 @@ services:
- "traefik.http.routers.to-conduit.rule=Host(`<SUBDOMAIN>.<DOMAIN>`)" # Change to the address on which Conduit is hosted
- "traefik.http.routers.to-conduit.tls=true"
- "traefik.http.routers.to-conduit.tls.certresolver=letsencrypt"
- "traefik.http.routers.to-conduit.middlewares=cors-headers@docker"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
# We need some way to server the client and server .well-known json. The simplest way is to use a nginx container
# to serve those two as static files. If you want to use a different way, delete or comment the below service, here
# and in the docker-compose file.
well-known:
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.to-matrix-wellknown.rule=Host(`<SUBDOMAIN>.<DOMAIN>`) && PathPrefix(`/.well-known/matrix`)"
- "traefik.http.routers.to-matrix-wellknown.tls=true"
- "traefik.http.routers.to-matrix-wellknown.tls.certresolver=letsencrypt"
- "traefik.http.routers.to-matrix-wellknown.middlewares=cors-headers@docker"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
### Uncomment this if you uncommented Element-Web App in the docker-compose.yml
# element-web:

48
docker/docker-compose.traefik.yml
Unescape View File

@ -12,51 +12,35 @@ services: @@ -12,51 +12,35 @@ services:
# build:
# context: .
# args:
# CREATED: '2021-03-16T08:18:27Z'
# VERSION: '0.1.0'
# CREATED:
# VERSION:
# LOCAL: 'false'
# GIT_REF: origin/master
# GIT_REF: HEAD
restart: unless-stopped
volumes:
- db:/srv/conduit/.local/share/conduit
### Uncomment if you want to use conduit.toml to configure Conduit
### Note: Set env vars will override conduit.toml values
# - ./conduit.toml:/srv/conduit/conduit.toml
### Uncomment if you want to use Rocket.toml to configure Conduit
### Note: Set env vars will override Rocket.toml values
# - ./Rocket.toml:/srv/conduit/Rocket.toml
networks:
- proxy
environment:
CONDUIT_SERVER_NAME: localhost:6167 # replace with your own name
CONDUIT_TRUSTED_SERVERS: '["matrix.org"]'
CONDUIT_ALLOW_REGISTRATION : 'true'
ROCKET_SERVER_NAME: localhost:8000 # replace with your own name
### Uncomment and change values as desired
# CONDUIT_ADDRESS: 0.0.0.0
# CONDUIT_PORT: 6167
# CONDUIT_CONFIG: '/srv/conduit/conduit.toml' # if you want to configure purely by env vars, set this to an empty string ''
# Available levels are: error, warn, info, debug, trace - more info at: https://docs.rs/env_logger/*/env_logger/#enabling-logging
# CONDUIT_LOG: info # default is: "info,rocket=off,_=off,sled=off"
# CONDUIT_ALLOW_JAEGER: 'false'
# CONDUIT_ALLOW_ENCRYPTION: 'false'
# CONDUIT_ALLOW_FEDERATION: 'false'
# CONDUIT_DATABASE_PATH: /srv/conduit/.local/share/conduit
# CONDUIT_WORKERS: 10
# CONDUIT_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB
# We need some way to server the client and server .well-known json. The simplest way is to use a nginx container
# to serve those two as static files. If you want to use a different way, delete or comment the below service, here
# and in the docker-compose override file.
well-known:
image: nginx:latest
restart: unless-stopped
volumes:
- ./nginx/matrix.conf:/etc/nginx/conf.d/matrix.conf # the config to serve the .well-known/matrix files
- ./nginx/www:/var/www/ # location of the client and server .well-known-files
# ROCKET_LOG: normal # Available levels are: off, debug, normal, critical
# ROCKET_PORT: 8000
# ROCKET_REGISTRATION_DISABLED: 'true'
# ROCKET_ENCRYPTION_DISABLED: 'true'
# ROCKET_DATABASE_PATH: /srv/conduit/.local/share/conduit
# ROCKET_WORKERS: 10
# ROCKET_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB
### Uncomment if you want to use your own Element-Web App.
### Note: You need to provide a config.json for Element and you also need a second
### Domain or Subdomain for the communication between Element and Conduit
### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
# element-web:
# image: vectorim/element-web:latest
# image: vectorim/riot-web:latest
# restart: unless-stopped
# volumes:
# - ./element_config.json:/app/config.json
@ -69,7 +53,7 @@ volumes: @@ -69,7 +53,7 @@ volumes:
db:
networks:
# This is the network Traefik listens to, if your network has a different
# This is the network Traefik listens to, if you network has a different
# name, don't forget to change it here and in the docker-compose.override.yml
proxy:
external: true

13
docker/healthcheck.sh
Unescape View File

@ -1,13 +0,0 @@ @@ -1,13 +0,0 @@
#!/bin/sh
# If the port is not specified as env var, take it from the config file
if [ -z ${CONDUIT_PORT} ]; then
CONDUIT_PORT=$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*')
fi
# The actual health check.
# We try to first get a response on HTTP and when that fails on HTTPS and when that fails, we exit with code 1.
# TODO: Change this to a single wget call. Do we have a config value that we can check for that?
wget --no-verbose --tries=1 --spider "http://localhost:${CONDUIT_PORT}/_matrix/client/versions" || \
wget --no-verbose --tries=1 --spider "https://localhost:${CONDUIT_PORT}/_matrix/client/versions" || \
exit 1

2
rust-toolchain
Unescape View File

@ -1 +1 @@ @@ -1 +1 @@
1.53
1.47.0

1
rustfmt.toml
Unescape View File

@ -1,2 +1 @@ @@ -1,2 +1 @@
unstable_features = true
imports_granularity="Crate"

108
src/appservice_server.rs
Unescape View File

@ -1,15 +1,14 @@ @@ -1,15 +1,14 @@
use crate::{utils, Error, Result};
use bytes::BytesMut;
use ruma::api::{IncomingResponse, OutgoingRequest, SendAccessToken};
use http::header::{HeaderValue, CONTENT_TYPE};
use log::warn;
use ruma::api::OutgoingRequest;
use std::{
convert::{TryFrom, TryInto},
fmt::Debug,
mem,
time::Duration,
};
use tracing::warn;
pub(crate) async fn send_request<T: OutgoingRequest>(
pub async fn send_request<T: OutgoingRequest>(
globals: &crate::database::globals::Globals,
registration: serde_yaml::Value,
request: T,
@ -21,9 +20,8 @@ where @@ -21,9 +20,8 @@ where
let hs_token = registration.get("hs_token").unwrap().as_str().unwrap();
let mut http_request = request
.try_into_http_request::<BytesMut>(destination, SendAccessToken::IfRequired(""))
.unwrap()
.map(|body| body.freeze());
.try_into_http_request(&destination, Some(""))
.unwrap();
let mut parts = http_request.uri().clone().into_parts();
let old_path_and_query = parts.path_and_query.unwrap().as_str().to_owned();
@ -40,55 +38,67 @@ where @@ -40,55 +38,67 @@ where
);
*http_request.uri_mut() = parts.try_into().expect("our manipulation is always valid");
http_request.headers_mut().insert(
CONTENT_TYPE,
HeaderValue::from_str("application/json").unwrap(),
);
let mut reqwest_request = reqwest::Request::try_from(http_request)
.expect("all http requests are valid reqwest requests");
*reqwest_request.timeout_mut() = Some(Duration::from_secs(30));
let url = reqwest_request.url().clone();
let mut response = globals
.reqwest_client()?
.build()?
.execute(reqwest_request)
.await?;
let reqwest_response = globals.reqwest_client().execute(reqwest_request).await;
// reqwest::Response -> http::Response conversion
let status = response.status();
let mut http_response_builder = http::Response::builder()
.status(status)
.version(response.version());
mem::swap(
response.headers_mut(),
http_response_builder
.headers_mut()
.expect("http::response::Builder is usable"),
);
// Because reqwest::Response -> http::Response is complicated:
match reqwest_response {
Ok(mut reqwest_response) => {
let status = reqwest_response.status();
let mut http_response = http::Response::builder().status(status);
let headers = http_response.headers_mut().unwrap();
let body = response.bytes().await.unwrap_or_else(|e| {
warn!("server error: {}", e);
Vec::new().into()
}); // TODO: handle timeout
for (k, v) in reqwest_response.headers_mut().drain() {
if let Some(key) = k {
headers.insert(key, v);
}
}
if status != 200 {
warn!(
"Appservice returned bad response {} {}\n{}\n{:?}",
destination,
status,
url,
utils::string_from_bytes(&body)
);
}
let status = reqwest_response.status();
let response = T::IncomingResponse::try_from_http_response(
http_response_builder
.body(body)
.expect("reqwest body is valid http body"),
);
response.map_err(|_| {
warn!(
"Appservice returned invalid response bytes {}\n{}",
destination, url
);
Error::BadServerResponse("Server returned bad response.")
})
let body = reqwest_response
.bytes()
.await
.unwrap_or_else(|e| {
warn!("server error: {}", e);
Vec::new().into()
}) // TODO: handle timeout
.into_iter()
.collect::<Vec<_>>();
if status != 200 {
warn!(
"Appservice returned bad response {} {}\n{}\n{:?}",
destination,
status,
url,
utils::string_from_bytes(&body)
);
}
let response = T::IncomingResponse::try_from(
http_response
.body(body)
.expect("reqwest body is valid http body"),
);
response.map_err(|_| {
warn!(
"Appservice returned invalid response bytes {}\n{}",
destination, url
);
Error::BadServerResponse("Server returned bad response.")
})
}
Err(e) => Err(e.into()),
}
}

346
src/client_server/account.rs
Unescape View File

@ -1,38 +1,28 @@ @@ -1,38 +1,28 @@
use std::{collections::BTreeMap, convert::TryInto, sync::Arc};
use std::{collections::BTreeMap, convert::TryInto};
use super::{DEVICE_ID_LENGTH, SESSION_ID_LENGTH, TOKEN_LENGTH};
use crate::{database::DatabaseGuard, pdu::PduBuilder, utils, ConduitResult, Error, Ruma};
use super::{State, DEVICE_ID_LENGTH, SESSION_ID_LENGTH, TOKEN_LENGTH};
use crate::{pdu::PduBuilder, utils, ConduitResult, Database, Error, Ruma};
use log::info;
use ruma::{
api::client::{
error::ErrorKind,
r0::{
account::{
change_password, deactivate, get_3pids, get_username_availability, register,
whoami, ThirdPartyIdRemovalStatus,
change_password, deactivate, get_username_availability, register, whoami,
ThirdPartyIdRemovalStatus,
},
uiaa::{AuthFlow, AuthType, UiaaInfo},
uiaa::{AuthFlow, UiaaInfo},
},
},
events::{
room::{
canonical_alias::RoomCanonicalAliasEventContent,
create::RoomCreateEventContent,
guest_access::{GuestAccess, RoomGuestAccessEventContent},
history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
join_rules::{JoinRule, RoomJoinRulesEventContent},
member::{MembershipState, RoomMemberEventContent},
message::RoomMessageEventContent,
name::RoomNameEventContent,
power_levels::RoomPowerLevelsEventContent,
topic::RoomTopicEventContent,
canonical_alias, guest_access, history_visibility, join_rules, member, message, name,
topic,
},
EventType,
},
identifiers::RoomName,
push, RoomAliasId, RoomId, RoomVersionId, UserId,
RoomAliasId, RoomId, RoomVersionId, UserId,
};
use serde_json::value::to_raw_value;
use tracing::info;
use register::RegistrationKind;
#[cfg(feature = "conduit_bin")]
@ -44,19 +34,15 @@ const GUEST_NAME_LENGTH: usize = 10; @@ -44,19 +34,15 @@ const GUEST_NAME_LENGTH: usize = 10;
///
/// Checks if a username is valid and available on this server.
///
/// Conditions for returning true:
/// - The user id is not historical
/// - The server name of the user id matches this server
/// - No user or appservice on this server already claimed this username
///
/// Note: This will not reserve the username, so the username might become invalid when trying to register
/// - Returns true if no user or appservice on this server claimed this username
/// - This will not reserve the username, so the username might become invalid when trying to register
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/register/available", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_register_available_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_username_availability::Request<'_>>,
) -> ConduitResult<get_username_availability::Response> {
// Validate user id
@ -88,25 +74,21 @@ pub async fn get_register_available_route( @@ -88,25 +74,21 @@ pub async fn get_register_available_route(
///
/// Register an account on this homeserver.
///
/// You can use [`GET /_matrix/client/r0/register/available`](fn.get_register_available_route.html)
/// to check if the user id is valid and available.
///
/// - Only works if registration is enabled
/// - If type is guest: ignores all parameters except initial_device_display_name
/// - If sender is not appservice: Requires UIAA (but we only use a dummy stage)
/// - If type is not guest and no username is given: Always fails after UIAA check
/// - Creates a new account and populates it with default account data
/// - If `inhibit_login` is false: Creates a device and returns device id and access_token
/// - Returns the device id and access_token unless `inhibit_login` is true
/// - When registering a guest account, all parameters except initial_device_display_name will be
/// ignored
/// - Creates a new account and a device for it
/// - The account will be populated with default account data
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/register", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn register_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<register::Request<'_>>,
) -> ConduitResult<register::Response> {
if !db.globals.allow_registration() && !body.from_appservice {
if !db.globals.allow_registration() {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"Registration has been disabled.",
@ -141,7 +123,7 @@ pub async fn register_route( @@ -141,7 +123,7 @@ pub async fn register_route(
))?;
// Check if username is creative enough
if db.users.exists(&user_id)? {
if !missing_username && db.users.exists(&user_id)? {
return Err(Error::BadRequest(
ErrorKind::UserInUse,
"Desired user ID is already taken.",
@ -151,7 +133,7 @@ pub async fn register_route( @@ -151,7 +133,7 @@ pub async fn register_route(
// UIAA
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Dummy],
stages: vec!["m.login.dummy".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -161,31 +143,17 @@ pub async fn register_route( @@ -161,31 +143,17 @@ pub async fn register_route(
if !body.from_appservice {
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
&UserId::parse_with_server_name("", db.globals.server_name())
.expect("we know this is valid"),
"".into(),
auth,
&uiaainfo,
&db.users,
&db.globals,
)?;
let (worked, uiaainfo) =
db.uiaa
.try_auth(&user_id, "".into(), auth, &uiaainfo, &db.users, &db.globals)?;
if !worked {
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa.create(
&UserId::parse_with_server_name("", db.globals.server_name())
.expect("we know this is valid"),
"".into(),
&uiaainfo,
&json,
)?;
db.uiaa.create(&user_id, "".into(), &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
}
@ -199,31 +167,26 @@ pub async fn register_route( @@ -199,31 +167,26 @@ pub async fn register_route(
let password = if is_guest {
None
} else {
body.password.as_deref()
};
body.password.clone()
}
.unwrap_or_default();
// Create user
db.users.create(&user_id, password)?;
db.users.create(&user_id, &password)?;
// Default to pretty displayname
let displayname = format!("{} ⚡", user_id.localpart());
db.users
.set_displayname(&user_id, Some(displayname.clone()))?;
// Initial account data
// Initial data
db.account_data.update(
None,
&user_id,
EventType::PushRules,
&ruma::events::push_rules::PushRulesEvent {
content: ruma::events::push_rules::PushRulesEventContent {
global: push::Ruleset::server_default(&user_id),
global: crate::push_rules::default_pushrules(&user_id),
},
},
&db.globals,
)?;
// Inhibit login does not work for guests
if !is_guest && body.inhibit_login {
return Ok(register::Response {
access_token: None,
@ -244,7 +207,7 @@ pub async fn register_route( @@ -244,7 +207,7 @@ pub async fn register_route(
// Generate new token for the device
let token = utils::random_string(TOKEN_LENGTH);
// Create device for this account
// Add device
db.users.create_device(
&user_id,
&device_id,
@ -252,38 +215,26 @@ pub async fn register_route( @@ -252,38 +215,26 @@ pub async fn register_route(
body.initial_device_display_name.clone(),
)?;
// If this is the first user on this server, create the admin room
if db.users.count()? == 1 {
// If this is the first user on this server, create the admins room
if db.users.count() == 1 {
// Create a user for the server
let conduit_user = UserId::parse_with_server_name("conduit", db.globals.server_name())
.expect("@conduit:server_name is valid");
db.users.create(&conduit_user, None)?;
db.users.create(&conduit_user, "")?;
let room_id = RoomId::new(db.globals.server_name());
db.rooms.get_or_create_shortroomid(&room_id, &db.globals)?;
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
let mut content = RoomCreateEventContent::new(conduit_user.clone());
let mut content = ruma::events::room::create::CreateEventContent::new(conduit_user.clone());
content.federate = true;
content.predecessor = None;
content.room_version = RoomVersionId::V6;
content.room_version = RoomVersionId::Version6;
// 1. The room create event
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomCreate,
content: to_raw_value(&content).expect("event is valid, we just created it"),
content: serde_json::to_value(content).expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
@ -291,22 +242,18 @@ pub async fn register_route( @@ -291,22 +242,18 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 2. Make conduit bot join
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
membership: MembershipState::Join,
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Join,
displayname: None,
avatar_url: None,
is_direct: None,
third_party_invite: None,
blurhash: None,
reason: None,
join_authorized_via_users_server: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
@ -316,7 +263,6 @@ pub async fn register_route( @@ -316,7 +263,6 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 3. Power levels
@ -327,10 +273,22 @@ pub async fn register_route( @@ -327,10 +273,22 @@ pub async fn register_route(
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomPowerLevels,
content: to_raw_value(&RoomPowerLevelsEventContent {
users,
..Default::default()
})
content: serde_json::to_value(
ruma::events::room::power_levels::PowerLevelsEventContent {
ban: 50.into(),
events: BTreeMap::new(),
events_default: 0.into(),
invite: 50.into(),
kick: 50.into(),
redact: 50.into(),
state_default: 50.into(),
users,
users_default: 0.into(),
notifications: ruma::events::room::power_levels::NotificationPowerLevels {
room: 50.into(),
},
},
)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
@ -339,15 +297,16 @@ pub async fn register_route( @@ -339,15 +297,16 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 4.1 Join Rules
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomJoinRules,
content: to_raw_value(&RoomJoinRulesEventContent::new(JoinRule::Invite))
.expect("event is valid, we just created it"),
content: serde_json::to_value(join_rules::JoinRulesEventContent::new(
join_rules::JoinRule::Invite,
))
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
@ -355,16 +314,17 @@ pub async fn register_route( @@ -355,16 +314,17 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 4.2 History Visibility
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomHistoryVisibility,
content: to_raw_value(&RoomHistoryVisibilityEventContent::new(
HistoryVisibility::Shared,
))
content: serde_json::to_value(
history_visibility::HistoryVisibilityEventContent::new(
history_visibility::HistoryVisibility::Shared,
),
)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
@ -373,15 +333,16 @@ pub async fn register_route( @@ -373,15 +333,16 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 4.3 Guest Access
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomGuestAccess,
content: to_raw_value(&RoomGuestAccessEventContent::new(GuestAccess::Forbidden))
.expect("event is valid, we just created it"),
content: serde_json::to_value(guest_access::GuestAccessEventContent::new(
guest_access::GuestAccess::Forbidden,
))
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
@ -389,17 +350,18 @@ pub async fn register_route( @@ -389,17 +350,18 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// 6. Events implied by name and topic
let room_name = RoomName::parse(format!("{} Admin Room", db.globals.server_name()))
.expect("Room name is valid");
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomName,
content: to_raw_value(&RoomNameEventContent::new(Some(room_name)))
.expect("event is valid, we just created it"),
content: serde_json::to_value(
name::NameEventContent::new("Admin Room".to_owned()).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Name is invalid.")
})?,
)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
@ -407,13 +369,12 @@ pub async fn register_route( @@ -407,13 +369,12 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomTopic,
content: to_raw_value(&RoomTopicEventContent {
content: serde_json::to_value(topic::TopicEventContent {
topic: format!("Manage {}", db.globals.server_name()),
})
.expect("event is valid, we just created it"),
@ -424,18 +385,17 @@ pub async fn register_route( @@ -424,18 +385,17 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
// Room alias
let alias: Box<RoomAliasId> = format!("#admins:{}", db.globals.server_name())
let alias: RoomAliasId = format!("#admins:{}", db.globals.server_name())
.try_into()
.expect("#admins:server_name is a valid alias name");
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomCanonicalAlias,
content: to_raw_value(&RoomCanonicalAliasEventContent {
content: serde_json::to_value(canonical_alias::CanonicalAliasEventContent {
alias: Some(alias.clone()),
alt_aliases: Vec::new(),
})
@ -447,7 +407,6 @@ pub async fn register_route( @@ -447,7 +407,6 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
db.rooms.set_alias(&alias, Some(&room_id), &db.globals)?;
@ -456,15 +415,12 @@ pub async fn register_route( @@ -456,15 +415,12 @@ pub async fn register_route(
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
membership: MembershipState::Invite,
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Invite,
displayname: None,
avatar_url: None,
is_direct: None,
third_party_invite: None,
blurhash: None,
reason: None,
join_authorized_via_users_server: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
@ -474,20 +430,16 @@ pub async fn register_route( @@ -474,20 +430,16 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
membership: MembershipState::Join,
displayname: Some(displayname),
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Join,
displayname: None,
avatar_url: None,
is_direct: None,
third_party_invite: None,
blurhash: None,
reason: None,
join_authorized_via_users_server: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
@ -497,16 +449,15 @@ pub async fn register_route( @@ -497,16 +449,15 @@ pub async fn register_route(
&user_id,
&room_id,
&db,
&state_lock,
)?;
// Send welcome message
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMessage,
content: to_raw_value(&RoomMessageEventContent::text_html(
"## Thank you for trying out Conduit!\n\nConduit is currently in Beta. This means you can join and participate in most Matrix rooms, but not all features are supported and you might run into bugs from time to time.\n\nHelpful links:\n> Website: https://conduit.rs\n> Git and Documentation: https://gitlab.com/famedly/conduit\n> Report issues: https://gitlab.com/famedly/conduit/-/issues\n\nHere are some rooms you can join (by typing the command):\n\nConduit room (Ask questions and get notified on updates):\n`/join #conduit:fachschaften.org`\n\nConduit lounge (Off-topic, only Conduit users are allowed to join)\n`/join #conduit-lounge:conduit.rs`".to_owned(),
"<h2>Thank you for trying out Conduit!</h2>\n<p>Conduit is currently in Beta. This means you can join and participate in most Matrix rooms, but not all features are supported and you might run into bugs from time to time.</p>\n<p>Helpful links:</p>\n<blockquote>\n<p>Website: https://conduit.rs<br>Git and Documentation: https://gitlab.com/famedly/conduit<br>Report issues: https://gitlab.com/famedly/conduit/-/issues</p>\n</blockquote>\n<p>Here are some rooms you can join (by typing the command):</p>\n<p>Conduit room (Ask questions and get notified on updates):<br><code>/join #conduit:fachschaften.org</code></p>\n<p>Conduit lounge (Off-topic, only Conduit users are allowed to join)<br><code>/join #conduit-lounge:conduit.rs</code></p>\n".to_owned(),
content: serde_json::to_value(message::MessageEventContent::text_html(
"Thanks for trying out Conduit! This software is still in development, so expect many bugs and missing features. If you have federation enabled, you can join the Conduit chat room by typing `/join #conduit:matrix.org`. **Important: Please don't join any other Matrix rooms over federation without permission from the room's admins.** Some actions might trigger bugs in other server implementations, breaking the chat for everyone else.".to_owned(),
"Thanks for trying out Conduit! This software is still in development, so expect many bugs and missing features. If you have federation enabled, you can join the Conduit chat room by typing <code>/join #conduit:matrix.org</code>. <strong>Important: Please don't join any other Matrix rooms over federation without permission from the room's admins.</strong> Some actions might trigger bugs in other server implementations, breaking the chat for everyone else.".to_owned(),
))
.expect("event is valid, we just created it"),
unsigned: None,
@ -516,13 +467,12 @@ pub async fn register_route( @@ -516,13 +467,12 @@ pub async fn register_route(
&conduit_user,
&room_id,
&db,
&state_lock,
)?;
}
info!("{} registered on this server", user_id);
db.flush()?;
db.flush().await?;
Ok(register::Response {
access_token: Some(token),
@ -536,23 +486,16 @@ pub async fn register_route( @@ -536,23 +486,16 @@ pub async fn register_route(
///
/// Changes the password of this account.
///
/// - Requires UIAA to verify user password
/// - Changes the password of the sender user
/// - The password hash is calculated using argon2 with 32 character salt, the plain password is
/// not saved
///
/// If logout_devices is true it does the following for each device except the sender device:
/// - Invalidates access token
/// - Deletes device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets to-device events
/// - Triggers device list updates
/// - Invalidates all other access tokens if logout_devices is true
/// - Deletes all other devices and most of their data (to-device events, last seen, etc.) if
/// logout_devices is true
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/account/password", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn change_password_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<change_password::Request<'_>>,
) -> ConduitResult<change_password::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -560,7 +503,7 @@ pub async fn change_password_route( @@ -560,7 +503,7 @@ pub async fn change_password_route(
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Password],
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -570,7 +513,7 @@ pub async fn change_password_route( @@ -570,7 +513,7 @@ pub async fn change_password_route(
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
sender_user,
&sender_user,
sender_device,
auth,
&uiaainfo,
@ -581,40 +524,36 @@ pub async fn change_password_route( @@ -581,40 +524,36 @@ pub async fn change_password_route(
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa
.create(sender_user, sender_device, &uiaainfo, &json)?;
db.uiaa.create(&sender_user, &sender_device, &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
db.users
.set_password(sender_user, Some(&body.new_password))?;
db.users.set_password(&sender_user, &body.new_password)?;
if body.logout_devices {
// Logout all devices except the current one
for id in db
.users
.all_device_ids(sender_user)
.all_device_ids(&sender_user)
.filter_map(|id| id.ok())
.filter(|id| id != sender_device)
{
db.users.remove_device(sender_user, &id)?;
db.users.remove_device(&sender_user, &id)?;
}
}
db.flush()?;
db.flush().await?;
Ok(change_password::Response {}.into())
Ok(change_password::Response.into())
}
/// # `GET _matrix/client/r0/account/whoami`
///
/// Get user_id of the sender user.
/// Get user_id of this account.
///
/// Note: Also works for Application Services
/// - Also works for Application Services
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/account/whoami", data = "<body>")
@ -630,13 +569,11 @@ pub async fn whoami_route(body: Ruma<whoami::Request>) -> ConduitResult<whoami:: @@ -630,13 +569,11 @@ pub async fn whoami_route(body: Ruma<whoami::Request>) -> ConduitResult<whoami::
/// # `POST /_matrix/client/r0/account/deactivate`
///
/// Deactivate sender user account.
/// Deactivate this user's account
///
/// - Leaves all rooms and rejects all invitations
/// - Invalidates all access tokens
/// - Deletes all device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets all to-device events
/// - Triggers device list updates
/// - Deletes all devices
/// - Removes ability to log in again
#[cfg_attr(
feature = "conduit_bin",
@ -644,7 +581,7 @@ pub async fn whoami_route(body: Ruma<whoami::Request>) -> ConduitResult<whoami:: @@ -644,7 +581,7 @@ pub async fn whoami_route(body: Ruma<whoami::Request>) -> ConduitResult<whoami::
)]
#[tracing::instrument(skip(db, body))]
pub async fn deactivate_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<deactivate::Request<'_>>,
) -> ConduitResult<deactivate::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -652,7 +589,7 @@ pub async fn deactivate_route( @@ -652,7 +589,7 @@ pub async fn deactivate_route(
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Password],
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -662,8 +599,8 @@ pub async fn deactivate_route( @@ -662,8 +599,8 @@ pub async fn deactivate_route(
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
sender_user,
sender_device,
&sender_user,
&sender_device,
auth,
&uiaainfo,
&db.users,
@ -673,71 +610,47 @@ pub async fn deactivate_route( @@ -673,71 +610,47 @@ pub async fn deactivate_route(
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa
.create(sender_user, sender_device, &uiaainfo, &json)?;
db.uiaa.create(&sender_user, &sender_device, &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
// Leave all joined rooms and reject all invitations
// TODO: work over federation invites
let all_rooms = db
for room_id in db
.rooms
.rooms_joined(sender_user)
.chain(
db.rooms
.rooms_invited(sender_user)
.map(|t| t.map(|(r, _)| r)),
)
.collect::<Vec<_>>();
for room_id in all_rooms {
.rooms_joined(&sender_user)
.chain(db.rooms.rooms_invited(&sender_user))
{
let room_id = room_id?;
let event = RoomMemberEventContent {
membership: MembershipState::Leave,
let event = member::MemberEventContent {
membership: member::MembershipState::Leave,
displayname: None,
avatar_url: None,
is_direct: None,
third_party_invite: None,
blurhash: None,
reason: None,
join_authorized_via_users_server: None,
};
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&event).expect("event is valid, we just created it"),
content: serde_json::to_value(event).expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
}
// Remove devices and mark account as deactivated
db.users.deactivate_account(sender_user)?;
db.users.deactivate_account(&sender_user)?;
info!("{} deactivated their account", sender_user);
db.flush()?;
db.flush().await?;
Ok(deactivate::Response {
id_server_unbind_result: ThirdPartyIdRemovalStatus::NoSupport,
@ -745,19 +658,16 @@ pub async fn deactivate_route( @@ -745,19 +658,16 @@ pub async fn deactivate_route(
.into())
}
/// # `GET _matrix/client/r0/account/3pid`
///
/// Get a list of third party identifiers associated with this account.
///
/// - Currently always returns empty list
/*/
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/account/3pid", data = "<body>")
)]
pub async fn third_party_route(
body: Ruma<get_3pids::Request>,
) -> ConduitResult<get_3pids::Response> {
let _sender_user = body.sender_user.as_ref().expect("user is authenticated");
body: Ruma<account::add_3pid::Request<'_>>,
) -> ConduitResult<account::add_3pid::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
Ok(get_3pids::Response::new(Vec::new()).into())
Ok(account::add_3pid::Response::default().into())
}
*/

65
src/client_server/alias.rs
Unescape View File

@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
use crate::{database::DatabaseGuard, ConduitResult, Database, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use regex::Regex;
use ruma::{
api::{
@ -15,25 +16,15 @@ use ruma::{ @@ -15,25 +16,15 @@ use ruma::{
#[cfg(feature = "conduit_bin")]
use rocket::{delete, get, put};
/// # `PUT /_matrix/client/r0/directory/room/{roomAlias}`
///
/// Creates a new room alias on this server.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/directory/room/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn create_alias_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_alias::Request<'_>>,
) -> ConduitResult<create_alias::Response> {
if body.room_alias.server_name() != db.globals.server_name() {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Alias is from another server.",
));
}
if db.rooms.id_from_alias(&body.room_alias)?.is_some() {
return Err(Error::Conflict("Alias already exists."));
}
@ -41,60 +32,40 @@ pub async fn create_alias_route( @@ -41,60 +32,40 @@ pub async fn create_alias_route(
db.rooms
.set_alias(&body.room_alias, Some(&body.room_id), &db.globals)?;
db.flush()?;
db.flush().await?;
Ok(create_alias::Response::new().into())
}
/// # `DELETE /_matrix/client/r0/directory/room/{roomAlias}`
///
/// Deletes a room alias from this server.
///
/// - TODO: additional access control checks
/// - TODO: Update canonical alias event
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/r0/directory/room/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_alias_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_alias::Request<'_>>,
) -> ConduitResult<delete_alias::Response> {
if body.room_alias.server_name() != db.globals.server_name() {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Alias is from another server.",
));
}
db.rooms.set_alias(&body.room_alias, None, &db.globals)?;
// TODO: update alt_aliases?
db.flush()?;
db.flush().await?;
Ok(delete_alias::Response::new().into())
}
/// # `GET /_matrix/client/r0/directory/room/{roomAlias}`
///
/// Resolve an alias locally or over federation.
///
/// - TODO: Suggest more servers to join via
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/directory/room/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_alias_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_alias::Request<'_>>,
) -> ConduitResult<get_alias::Response> {
get_alias_helper(&db, &body.room_alias).await
}
pub(crate) async fn get_alias_helper(
pub async fn get_alias_helper(
db: &Database,
room_alias: &RoomAliasId,
) -> ConduitResult<get_alias::Response> {
@ -112,24 +83,18 @@ pub(crate) async fn get_alias_helper( @@ -112,24 +83,18 @@ pub(crate) async fn get_alias_helper(
}
let mut room_id = None;
match db.rooms.id_from_alias(room_alias)? {
match db.rooms.id_from_alias(&room_alias)? {
Some(r) => room_id = Some(r),
None => {
for (_id, registration) in db.appservice.all()? {
for (_id, registration) in db.appservice.iter_all().filter_map(|r| r.ok()) {
let aliases = registration
.get("namespaces")
.and_then(|ns| ns.get("aliases"))
.and_then(|aliases| aliases.as_sequence())
.map_or_else(Vec::new, |aliases| {
aliases
.iter()
.filter_map(|aliases| Regex::new(aliases.get("regex")?.as_str()?).ok())
.collect::<Vec<_>>()
});
.and_then(|users| users.get("regex"))
.and_then(|regex| regex.as_str())
.and_then(|regex| Regex::new(regex).ok());
if aliases
.iter()
.any(|aliases| aliases.is_match(room_alias.as_str()))
if aliases.map_or(false, |aliases| aliases.is_match(room_alias.as_str()))
&& db
.sending
.send_appservice_request(
@ -140,7 +105,7 @@ pub(crate) async fn get_alias_helper( @@ -140,7 +105,7 @@ pub(crate) async fn get_alias_helper(
.await
.is_ok()
{
room_id = Some(db.rooms.id_from_alias(room_alias)?.ok_or_else(|| {
room_id = Some(db.rooms.id_from_alias(&room_alias)?.ok_or_else(|| {
Error::bad_config("Appservice lied to us. Room does not exist.")
})?);
break;

191
src/client_server/backup.rs
Unescape View File

@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::api::client::{
error::ErrorKind,
r0::backup::{
@ -12,66 +13,57 @@ use ruma::api::client::{ @@ -12,66 +13,57 @@ use ruma::api::client::{
#[cfg(feature = "conduit_bin")]
use rocket::{delete, get, post, put};
/// # `POST /_matrix/client/r0/room_keys/version`
///
/// Creates a new backup.
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/unstable/room_keys/version", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn create_backup_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_backup::Request>,
) -> ConduitResult<create_backup::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let version = db
.key_backups
.create_backup(sender_user, &body.algorithm, &db.globals)?;
.create_backup(&sender_user, &body.algorithm, &db.globals)?;
db.flush()?;
db.flush().await?;
Ok(create_backup::Response { version }.into())
}
/// # `PUT /_matrix/client/r0/room_keys/version/{version}`
///
/// Update information about an existing backup. Only `auth_data` can be modified.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/unstable/room_keys/version/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn update_backup_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<update_backup::Request<'_>>,
) -> ConduitResult<update_backup::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.key_backups
.update_backup(sender_user, &body.version, &body.algorithm, &db.globals)?;
.update_backup(&sender_user, &body.version, &body.algorithm, &db.globals)?;
db.flush()?;
db.flush().await?;
Ok(update_backup::Response {}.into())
Ok(update_backup::Response.into())
}
/// # `GET /_matrix/client/r0/room_keys/version`
///
/// Get information about the latest backup version.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/unstable/room_keys/version", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_latest_backup_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_latest_backup::Request>,
) -> ConduitResult<get_latest_backup::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let (version, algorithm) =
db.key_backups
.get_latest_backup(sender_user)?
.get_latest_backup(&sender_user)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"Key backup does not exist.",
@ -86,22 +78,19 @@ pub async fn get_latest_backup_route( @@ -86,22 +78,19 @@ pub async fn get_latest_backup_route(
.into())
}
/// # `GET /_matrix/client/r0/room_keys/version`
///
/// Get information about an existing backup.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/unstable/room_keys/version/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_backup_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_backup::Request<'_>>,
) -> ConduitResult<get_backup::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let algorithm = db
.key_backups
.get_backup(sender_user, &body.version)?
.get_backup(&sender_user, &body.version)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"Key backup does not exist.",
@ -116,73 +105,50 @@ pub async fn get_backup_route( @@ -116,73 +105,50 @@ pub async fn get_backup_route(
.into())
}
/// # `DELETE /_matrix/client/r0/room_keys/version/{version}`
///
/// Delete an existing key backup.
///
/// - Deletes both information about the backup, as well as all key data related to the backup
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/unstable/room_keys/version/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_backup_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_backup::Request<'_>>,
) -> ConduitResult<delete_backup::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.key_backups.delete_backup(sender_user, &body.version)?;
db.key_backups.delete_backup(&sender_user, &body.version)?;
db.flush()?;
db.flush().await?;
Ok(delete_backup::Response {}.into())
Ok(delete_backup::Response.into())
}
/// # `PUT /_matrix/client/r0/room_keys/keys`
///
/// Add the received backup keys to the database.
///
/// - Only manipulating the most recently created version of the backup is allowed
/// - Adds the keys to the backup
/// - Returns the new number of keys in this backup and the etag
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/unstable/room_keys/keys", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn add_backup_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<add_backup_keys::Request<'_>>,
) -> ConduitResult<add_backup_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if Some(&body.version)
!= db
.key_backups
.get_latest_backup_version(sender_user)?
.as_ref()
{
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"You may only manipulate the most recently created version of the backup.",
));
}
for (room_id, room) in &body.rooms {
for (session_id, key_data) in &room.sessions {
db.key_backups.add_key(
sender_user,
&sender_user,
&body.version,
room_id,
session_id,
key_data,
&room_id,
&session_id,
&key_data,
&db.globals,
)?
}
}
db.flush()?;
db.flush().await?;
Ok(add_backup_keys::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),
@ -191,48 +157,30 @@ pub async fn add_backup_keys_route( @@ -191,48 +157,30 @@ pub async fn add_backup_keys_route(
.into())
}
/// # `PUT /_matrix/client/r0/room_keys/keys/{roomId}`
///
/// Add the received backup keys to the database.
///
/// - Only manipulating the most recently created version of the backup is allowed
/// - Adds the keys to the backup
/// - Returns the new number of keys in this backup and the etag
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/unstable/room_keys/keys/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn add_backup_key_sessions_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<add_backup_key_sessions::Request<'_>>,
) -> ConduitResult<add_backup_key_sessions::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if Some(&body.version)
!= db
.key_backups
.get_latest_backup_version(sender_user)?
.as_ref()
{
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"You may only manipulate the most recently created version of the backup.",
));
}
for (session_id, key_data) in &body.sessions {
db.key_backups.add_key(
sender_user,
&sender_user,
&body.version,
&body.room_id,
session_id,
key_data,
&session_id,
&key_data,
&db.globals,
)?
}
db.flush()?;
db.flush().await?;
Ok(add_backup_key_sessions::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),
@ -241,38 +189,20 @@ pub async fn add_backup_key_sessions_route( @@ -241,38 +189,20 @@ pub async fn add_backup_key_sessions_route(
.into())
}
/// # `PUT /_matrix/client/r0/room_keys/keys/{roomId}/{sessionId}`
///
/// Add the received backup key to the database.
///
/// - Only manipulating the most recently created version of the backup is allowed
/// - Adds the keys to the backup
/// - Returns the new number of keys in this backup and the etag
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/unstable/room_keys/keys/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn add_backup_key_session_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<add_backup_key_session::Request<'_>>,
) -> ConduitResult<add_backup_key_session::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if Some(&body.version)
!= db
.key_backups
.get_latest_backup_version(sender_user)?
.as_ref()
{
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"You may only manipulate the most recently created version of the backup.",
));
}
db.key_backups.add_key(
sender_user,
&sender_user,
&body.version,
&body.room_id,
&body.session_id,
@ -280,7 +210,7 @@ pub async fn add_backup_key_session_route( @@ -280,7 +210,7 @@ pub async fn add_backup_key_session_route(
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(add_backup_key_session::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),
@ -289,88 +219,79 @@ pub async fn add_backup_key_session_route( @@ -289,88 +219,79 @@ pub async fn add_backup_key_session_route(
.into())
}
/// # `GET /_matrix/client/r0/room_keys/keys`
///
/// Retrieves all keys from the backup.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/unstable/room_keys/keys", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_backup_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_backup_keys::Request<'_>>,
) -> ConduitResult<get_backup_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let rooms = db.key_backups.get_all(sender_user, &body.version)?;
let rooms = db.key_backups.get_all(&sender_user, &body.version)?;
Ok(get_backup_keys::Response { rooms }.into())
}
/// # `GET /_matrix/client/r0/room_keys/keys/{roomId}`
///
/// Retrieves all keys from the backup for a given room.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/unstable/room_keys/keys/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_backup_key_sessions_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_backup_key_sessions::Request<'_>>,
) -> ConduitResult<get_backup_key_sessions::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sessions = db
.key_backups
.get_room(sender_user, &body.version, &body.room_id)?;
.get_room(&sender_user, &body.version, &body.room_id);
Ok(get_backup_key_sessions::Response { sessions }.into())
}
/// # `GET /_matrix/client/r0/room_keys/keys/{roomId}/{sessionId}`
///
/// Retrieves a key from the backup.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/unstable/room_keys/keys/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_backup_key_session_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_backup_key_session::Request<'_>>,
) -> ConduitResult<get_backup_key_session::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let key_data = db
.key_backups
.get_session(sender_user, &body.version, &body.room_id, &body.session_id)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"Backup key not found for this user's session.",
))?;
.get_session(&sender_user, &body.version, &body.room_id, &body.session_id)?
.ok_or_else(|| {
Error::BadRequest(
ErrorKind::NotFound,
"Backup key not found for this user's session.",
)
})?;
Ok(get_backup_key_session::Response { key_data }.into())
}
/// # `DELETE /_matrix/client/r0/room_keys/keys`
///
/// Delete the keys from the backup.
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/unstable/room_keys/keys", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_backup_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_backup_keys::Request<'_>>,
) -> ConduitResult<delete_backup_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.key_backups.delete_all_keys(sender_user, &body.version)?;
db.key_backups
.delete_all_keys(&sender_user, &body.version)?;
db.flush()?;
db.flush().await?;
Ok(delete_backup_keys::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),
@ -379,24 +300,21 @@ pub async fn delete_backup_keys_route( @@ -379,24 +300,21 @@ pub async fn delete_backup_keys_route(
.into())
}
/// # `DELETE /_matrix/client/r0/room_keys/keys/{roomId}`
///
/// Delete the keys from the backup for a given room.
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/unstable/room_keys/keys/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_backup_key_sessions_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_backup_key_sessions::Request<'_>>,
) -> ConduitResult<delete_backup_key_sessions::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.key_backups
.delete_room_keys(sender_user, &body.version, &body.room_id)?;
.delete_room_keys(&sender_user, &body.version, &body.room_id)?;
db.flush()?;
db.flush().await?;
Ok(delete_backup_key_sessions::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),
@ -405,24 +323,21 @@ pub async fn delete_backup_key_sessions_route( @@ -405,24 +323,21 @@ pub async fn delete_backup_key_sessions_route(
.into())
}
/// # `DELETE /_matrix/client/r0/room_keys/keys/{roomId}/{sessionId}`
///
/// Delete a key from the backup.
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/unstable/room_keys/keys/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_backup_key_session_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_backup_key_session::Request<'_>>,
) -> ConduitResult<delete_backup_key_session::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.key_backups
.delete_room_key(sender_user, &body.version, &body.room_id, &body.session_id)?;
.delete_room_key(&sender_user, &body.version, &body.room_id, &body.session_id)?;
db.flush()?;
db.flush().await?;
Ok(delete_backup_key_session::Response {
count: (db.key_backups.count_keys(sender_user, &body.version)? as u32).into(),

21
src/client_server/capabilities.rs
Unescape View File

@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
use crate::{ConduitResult, Ruma};
use crate::ConduitResult;
use ruma::{
api::client::r0::capabilities::{
get_capabilities, Capabilities, RoomVersionStability, RoomVersionsCapability,
@ -12,22 +12,17 @@ use rocket::get; @@ -12,22 +12,17 @@ use rocket::get;
/// # `GET /_matrix/client/r0/capabilities`
///
/// Get information on the supported feature set and other relevent capabilities of this server.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/capabilities", data = "<_body>")
)]
#[tracing::instrument(skip(_body))]
pub async fn get_capabilities_route(
_body: Ruma<get_capabilities::Request>,
) -> ConduitResult<get_capabilities::Response> {
/// Get information on this server's supported feature set and other relevent capabilities.
#[cfg_attr(feature = "conduit_bin", get("/_matrix/client/r0/capabilities"))]
#[tracing::instrument]
pub async fn get_capabilities_route() -> ConduitResult<get_capabilities::Response> {
let mut available = BTreeMap::new();
available.insert(RoomVersionId::V5, RoomVersionStability::Stable);
available.insert(RoomVersionId::V6, RoomVersionStability::Stable);
available.insert(RoomVersionId::Version5, RoomVersionStability::Stable);
available.insert(RoomVersionId::Version6, RoomVersionStability::Stable);
let mut capabilities = Capabilities::new();
capabilities.room_versions = RoomVersionsCapability {
default: RoomVersionId::V6,
default: RoomVersionId::Version6,
available,
};

126
src/client_server/config.rs
Unescape View File

@ -1,36 +1,29 @@ @@ -1,36 +1,29 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::{
api::client::{
error::ErrorKind,
r0::config::{
get_global_account_data, get_room_account_data, set_global_account_data,
set_room_account_data,
},
r0::config::{get_global_account_data, set_global_account_data},
},
events::{AnyGlobalAccountDataEventContent, AnyRoomAccountDataEventContent},
events::{custom::CustomEventContent, BasicEvent},
serde::Raw,
};
use serde::Deserialize;
use serde_json::{json, value::RawValue as RawJsonValue};
#[cfg(feature = "conduit_bin")]
use rocket::{get, put};
/// # `PUT /_matrix/client/r0/user/{userId}/account_data/{type}`
///
/// Sets some account data for the sender user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/user/<_>/account_data/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_global_account_data_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_global_account_data::Request<'_>>,
) -> ConduitResult<set_global_account_data::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let data: serde_json::Value = serde_json::from_str(body.data.get())
let data = serde_json::from_str(body.data.get())
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Data is invalid."))?;
let event_type = body.event_type.to_string();
@ -39,121 +32,34 @@ pub async fn set_global_account_data_route( @@ -39,121 +32,34 @@ pub async fn set_global_account_data_route(
None,
sender_user,
event_type.clone().into(),
&json!({
"type": event_type,
"content": data,
}),
&db.globals,
)?;
db.flush()?;
Ok(set_global_account_data::Response {}.into())
}
/// # `PUT /_matrix/client/r0/user/{userId}/rooms/{roomId}/account_data/{type}`
///
/// Sets some room account data for the sender user.
#[cfg_attr(
feature = "conduit_bin",
put(
"/_matrix/client/r0/user/<_>/rooms/<_>/account_data/<_>",
data = "<body>"
)
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_room_account_data_route(
db: DatabaseGuard,
body: Ruma<set_room_account_data::Request<'_>>,
) -> ConduitResult<set_room_account_data::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let data: serde_json::Value = serde_json::from_str(body.data.get())
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Data is invalid."))?;
let event_type = body.event_type.to_string();
db.account_data.update(
Some(&body.room_id),
sender_user,
event_type.clone().into(),
&json!({
"type": event_type,
"content": data,
}),
&BasicEvent {
content: CustomEventContent { event_type, data },
},
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(set_room_account_data::Response {}.into())
Ok(set_global_account_data::Response.into())
}
/// # `GET /_matrix/client/r0/user/{userId}/account_data/{type}`
///
/// Gets some account data for the sender user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/user/<_>/account_data/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_global_account_data_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_global_account_data::Request<'_>>,
) -> ConduitResult<get_global_account_data::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let event: Box<RawJsonValue> = db
.account_data
.get(None, sender_user, body.event_type.clone().into())?
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Data not found."))?;
let account_data = serde_json::from_str::<ExtractGlobalEventContent>(event.get())
.map_err(|_| Error::bad_database("Invalid account data event in db."))?
.content;
Ok(get_global_account_data::Response { account_data }.into())
}
/// # `GET /_matrix/client/r0/user/{userId}/rooms/{roomId}/account_data/{type}`
///
/// Gets some room account data for the sender user.
#[cfg_attr(
feature = "conduit_bin",
get(
"/_matrix/client/r0/user/<_>/rooms/<_>/account_data/<_>",
data = "<body>"
)
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_room_account_data_route(
db: DatabaseGuard,
body: Ruma<get_room_account_data::Request<'_>>,
) -> ConduitResult<get_room_account_data::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let event: Box<RawJsonValue> = db
let data = db
.account_data
.get(
Some(&body.room_id),
sender_user,
body.event_type.clone().into(),
)?
.get::<Raw<ruma::events::AnyBasicEvent>>(None, sender_user, body.event_type.clone().into())?
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Data not found."))?;
let account_data = serde_json::from_str::<ExtractRoomEventContent>(event.get())
.map_err(|_| Error::bad_database("Invalid account data event in db."))?
.content;
Ok(get_room_account_data::Response { account_data }.into())
}
#[derive(Deserialize)]
struct ExtractRoomEventContent {
content: Raw<AnyRoomAccountDataEventContent>,
}
db.flush().await?;
#[derive(Deserialize)]
struct ExtractGlobalEventContent {
content: Raw<AnyGlobalAccountDataEventContent>,
Ok(get_global_account_data::Response { account_data: data }.into())
}

48
src/client_server/context.rs
Unescape View File

@ -1,23 +1,18 @@ @@ -1,23 +1,18 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::api::client::{error::ErrorKind, r0::context::get_context};
use std::convert::TryFrom;
#[cfg(feature = "conduit_bin")]
use rocket::get;
/// # `GET /_matrix/client/r0/rooms/{roomId}/context`
///
/// Allows loading room history around an event.
///
/// - Only works if the user is joined (TODO: always allow, but only show events if the user was
/// joined, depending on history_visibility)
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/context/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_context_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_context::Request<'_>>,
) -> ConduitResult<get_context::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -29,28 +24,23 @@ pub async fn get_context_route( @@ -29,28 +24,23 @@ pub async fn get_context_route(
));
}
let base_pdu_id = db
.rooms
.get_pdu_id(&body.event_id)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"Base event id not found.",
))?;
let base_token = db.rooms.pdu_count(&base_pdu_id)?;
let base_event = db
.rooms
.get_pdu_from_id(&base_pdu_id)?
.get_pdu(&body.event_id)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"Base event not found.",
))?
.to_room_event();
let events_before: Vec<_> = db
let base_token = db
.rooms
.pdus_until(sender_user, &body.room_id, base_token)?
.get_pdu_count(&body.event_id)?
.expect("event still exists");
let events_before = db
.rooms
.pdus_until(&sender_user, &body.room_id, base_token)
.take(
u32::try_from(body.limit).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Limit value is invalid.")
@ -58,21 +48,21 @@ pub async fn get_context_route( @@ -58,21 +48,21 @@ pub async fn get_context_route(
/ 2,
)
.filter_map(|r| r.ok()) // Remove buggy events
.collect();
.collect::<Vec<_>>();
let start_token = events_before
.last()
.and_then(|(pdu_id, _)| db.rooms.pdu_count(pdu_id).ok())
.map(|count| count.to_string());
let events_before: Vec<_> = events_before
let events_before = events_before
.into_iter()
.map(|(_, pdu)| pdu.to_room_event())
.collect();
.collect::<Vec<_>>();
let events_after: Vec<_> = db
let events_after = db
.rooms
.pdus_after(sender_user, &body.room_id, base_token)?
.pdus_after(&sender_user, &body.room_id, base_token)
.take(
u32::try_from(body.limit).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Limit value is invalid.")
@ -80,17 +70,17 @@ pub async fn get_context_route( @@ -80,17 +70,17 @@ pub async fn get_context_route(
/ 2,
)
.filter_map(|r| r.ok()) // Remove buggy events
.collect();
.collect::<Vec<_>>();
let end_token = events_after
.last()
.and_then(|(pdu_id, _)| db.rooms.pdu_count(pdu_id).ok())
.map(|count| count.to_string());
let events_after: Vec<_> = events_after
let events_after = events_after
.into_iter()
.map(|(_, pdu)| pdu.to_room_event())
.collect();
.collect::<Vec<_>>();
let mut resp = get_context::Response::new();
resp.start = start_token;

96
src/client_server/device.rs
Unescape View File

@ -1,9 +1,10 @@ @@ -1,9 +1,10 @@
use crate::{database::DatabaseGuard, utils, ConduitResult, Error, Ruma};
use super::State;
use crate::{utils, ConduitResult, Database, Error, Ruma};
use ruma::api::client::{
error::ErrorKind,
r0::{
device::{self, delete_device, delete_devices, get_device, get_devices, update_device},
uiaa::{AuthFlow, AuthType, UiaaInfo},
uiaa::{AuthFlow, UiaaInfo},
},
};
@ -11,96 +12,78 @@ use super::SESSION_ID_LENGTH; @@ -11,96 +12,78 @@ use super::SESSION_ID_LENGTH;
#[cfg(feature = "conduit_bin")]
use rocket::{delete, get, post, put};
/// # `GET /_matrix/client/r0/devices`
///
/// Get metadata on all devices of the sender user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/devices", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_devices_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_devices::Request>,
) -> ConduitResult<get_devices::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let devices: Vec<device::Device> = db
let devices = db
.users
.all_devices_metadata(sender_user)
.filter_map(|r| r.ok()) // Filter out buggy devices
.collect();
.collect::<Vec<device::Device>>();
Ok(get_devices::Response { devices }.into())
}
/// # `GET /_matrix/client/r0/devices/{deviceId}`
///
/// Get metadata on a single device of the sender user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/devices/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_device_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_device::Request<'_>>,
) -> ConduitResult<get_device::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let device = db
.users
.get_device_metadata(sender_user, &body.body.device_id)?
.get_device_metadata(&sender_user, &body.body.device_id)?
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Device not found."))?;
Ok(get_device::Response { device }.into())
}
/// # `PUT /_matrix/client/r0/devices/{deviceId}`
///
/// Updates the metadata on a given device of the sender user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/devices/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn update_device_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<update_device::Request<'_>>,
) -> ConduitResult<update_device::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let mut device = db
.users
.get_device_metadata(sender_user, &body.device_id)?
.get_device_metadata(&sender_user, &body.device_id)?
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Device not found."))?;
device.display_name = body.display_name.clone();
db.users
.update_device_metadata(sender_user, &body.device_id, &device)?;
.update_device_metadata(&sender_user, &body.device_id, &device)?;
db.flush()?;
db.flush().await?;
Ok(update_device::Response {}.into())
Ok(update_device::Response.into())
}
/// # `PUT /_matrix/client/r0/devices/{deviceId}`
///
/// Deletes the given device.
///
/// - Requires UIAA to verify user password
/// - Invalidates access token
/// - Deletes device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets to-device events
/// - Triggers device list updates
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/r0/devices/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_device_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_device::Request<'_>>,
) -> ConduitResult<delete_device::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -109,7 +92,7 @@ pub async fn delete_device_route( @@ -109,7 +92,7 @@ pub async fn delete_device_route(
// UIAA
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Password],
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -119,8 +102,8 @@ pub async fn delete_device_route( @@ -119,8 +102,8 @@ pub async fn delete_device_route(
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
sender_user,
sender_device,
&sender_user,
&sender_device,
auth,
&uiaainfo,
&db.users,
@ -130,40 +113,26 @@ pub async fn delete_device_route( @@ -130,40 +113,26 @@ pub async fn delete_device_route(
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa
.create(sender_user, sender_device, &uiaainfo, &json)?;
db.uiaa.create(&sender_user, &sender_device, &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
db.users.remove_device(sender_user, &body.device_id)?;
db.users.remove_device(&sender_user, &body.device_id)?;
db.flush()?;
db.flush().await?;
Ok(delete_device::Response {}.into())
Ok(delete_device::Response.into())
}
/// # `PUT /_matrix/client/r0/devices/{deviceId}`
///
/// Deletes the given device.
///
/// - Requires UIAA to verify user password
///
/// For each device:
/// - Invalidates access token
/// - Deletes device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets to-device events
/// - Triggers device list updates
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/delete_devices", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_devices_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_devices::Request<'_>>,
) -> ConduitResult<delete_devices::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -172,7 +141,7 @@ pub async fn delete_devices_route( @@ -172,7 +141,7 @@ pub async fn delete_devices_route(
// UIAA
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Password],
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -182,8 +151,8 @@ pub async fn delete_devices_route( @@ -182,8 +151,8 @@ pub async fn delete_devices_route(
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
sender_user,
sender_device,
&sender_user,
&sender_device,
auth,
&uiaainfo,
&db.users,
@ -193,20 +162,17 @@ pub async fn delete_devices_route( @@ -193,20 +162,17 @@ pub async fn delete_devices_route(
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa
.create(sender_user, sender_device, &uiaainfo, &json)?;
db.uiaa.create(&sender_user, &sender_device, &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
for device_id in &body.devices {
db.users.remove_device(sender_user, device_id)?
db.users.remove_device(&sender_user, &device_id)?
}
db.flush()?;
db.flush().await?;
Ok(delete_devices::Response {}.into())
Ok(delete_devices::Response.into())
}

296
src/client_server/directory.rs
Unescape View File

@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
use std::convert::TryInto;
use crate::{database::DatabaseGuard, ConduitResult, Database, Error, Result, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Result, Ruma};
use log::info;
use ruma::{
api::{
client::{
@ -17,35 +17,23 @@ use ruma::{ @@ -17,35 +17,23 @@ use ruma::{
},
directory::{Filter, IncomingFilter, IncomingRoomNetwork, PublicRoomsChunk, RoomNetwork},
events::{
room::{
avatar::RoomAvatarEventContent,
canonical_alias::RoomCanonicalAliasEventContent,
guest_access::{GuestAccess, RoomGuestAccessEventContent},
history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
name::RoomNameEventContent,
topic::RoomTopicEventContent,
},
room::{avatar, canonical_alias, guest_access, history_visibility, name, topic},
EventType,
},
serde::Raw,
ServerName, UInt,
};
use tracing::{info, warn};
#[cfg(feature = "conduit_bin")]
use rocket::{get, post, put};
/// # `POST /_matrix/client/r0/publicRooms`
///
/// Lists the public rooms on this server.
///
/// - Rooms are ordered by the number of joined members
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/publicRooms", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_public_rooms_filtered_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_public_rooms_filtered::Request<'_>>,
) -> ConduitResult<get_public_rooms_filtered::Response> {
get_public_rooms_filtered_helper(
@ -59,18 +47,13 @@ pub async fn get_public_rooms_filtered_route( @@ -59,18 +47,13 @@ pub async fn get_public_rooms_filtered_route(
.await
}
/// # `GET /_matrix/client/r0/publicRooms`
///
/// Lists the public rooms on this server.
///
/// - Rooms are ordered by the number of joined members
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/publicRooms", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_public_rooms_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_public_rooms::Request<'_>>,
) -> ConduitResult<get_public_rooms::Response> {
let response = get_public_rooms_filtered_helper(
@ -93,51 +76,43 @@ pub async fn get_public_rooms_route( @@ -93,51 +76,43 @@ pub async fn get_public_rooms_route(
.into())
}
/// # `PUT /_matrix/client/r0/directory/list/room/{roomId}`
///
/// Sets the visibility of a given room in the room directory.
///
/// - TODO: Access control checks
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/directory/list/room/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_room_visibility_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_room_visibility::Request<'_>>,
) -> ConduitResult<set_room_visibility::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
match &body.visibility {
room::Visibility::Public => {
db.rooms.set_public(&body.room_id, true)?;
info!("{} made {} public", sender_user, body.room_id);
}
room::Visibility::Private => db.rooms.set_public(&body.room_id, false)?,
_ => {
room::Visibility::_Custom(_s) => {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Room visibility type is not supported.",
));
}
room::Visibility::Public => {
db.rooms.set_public(&body.room_id, true)?;
info!("{} made {} public", sender_user, body.room_id);
}
room::Visibility::Private => db.rooms.set_public(&body.room_id, false)?,
}
db.flush()?;
db.flush().await?;
Ok(set_room_visibility::Response {}.into())
Ok(set_room_visibility::Response.into())
}
/// # `GET /_matrix/client/r0/directory/list/room/{roomId}`
///
/// Gets the visibility of a given room in the room directory.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/directory/list/room/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_room_visibility_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_room_visibility::Request<'_>>,
) -> ConduitResult<get_room_visibility::Response> {
Ok(get_room_visibility::Response {
@ -150,7 +125,7 @@ pub async fn get_room_visibility_route( @@ -150,7 +125,7 @@ pub async fn get_room_visibility_route(
.into())
}
pub(crate) async fn get_public_rooms_filtered_helper(
pub async fn get_public_rooms_filtered_helper(
db: &Database,
server: Option<&ServerName>,
limit: Option<UInt>,
@ -158,7 +133,9 @@ pub(crate) async fn get_public_rooms_filtered_helper( @@ -158,7 +133,9 @@ pub(crate) async fn get_public_rooms_filtered_helper(
filter: &IncomingFilter,
_network: &IncomingRoomNetwork,
) -> ConduitResult<get_public_rooms_filtered::Response> {
if let Some(other_server) = server.filter(|server| *server != db.globals.server_name().as_str())
if let Some(other_server) = server
.clone()
.filter(|server| *server != db.globals.server_name().as_str())
{
let response = db
.sending
@ -167,7 +144,7 @@ pub(crate) async fn get_public_rooms_filtered_helper( @@ -167,7 +144,7 @@ pub(crate) async fn get_public_rooms_filtered_helper(
other_server,
federation::directory::get_public_rooms_filtered::v1::Request {
limit,
since,
since: since.as_deref(),
filter: Filter {
generic_search_term: filter.generic_search_term.as_deref(),
},
@ -183,12 +160,15 @@ pub(crate) async fn get_public_rooms_filtered_helper( @@ -183,12 +160,15 @@ pub(crate) async fn get_public_rooms_filtered_helper(
.map(|c| {
// Convert ruma::api::federation::directory::get_public_rooms::v1::PublicRoomsChunk
// to ruma::api::client::r0::directory::PublicRoomsChunk
serde_json::from_str(
&serde_json::to_string(&c)
.expect("PublicRoomsChunk::to_string always works"),
Ok::<_, Error>(
serde_json::from_str(
&serde_json::to_string(&c)
.expect("PublicRoomsChunk::to_string always works"),
)
.expect("federation and client-server PublicRoomsChunk are the same type"),
)
.expect("federation and client-server PublicRoomsChunk are the same type")
})
.filter_map(|r| r.ok())
.collect(),
prev_batch: response.prev_batch,
next_batch: response.next_batch,
@ -223,139 +203,129 @@ pub(crate) async fn get_public_rooms_filtered_helper( @@ -223,139 +203,129 @@ pub(crate) async fn get_public_rooms_filtered_helper(
}
}
let mut all_rooms: Vec<_> = db
.rooms
.public_rooms()
.map(|room_id| {
let room_id = room_id?;
let mut all_rooms =
db.rooms
.public_rooms()
.map(|room_id| {
let room_id = room_id?;
// TODO: Do not load full state?
let state = db.rooms.room_state_full(&room_id)?;
let chunk = PublicRoomsChunk {
aliases: Vec::new(),
canonical_alias: db
.rooms
.room_state_get(&room_id, &EventType::RoomCanonicalAlias, "")?
.map_or(Ok(None), |s| {
serde_json::from_str(s.content.get())
.map(|c: RoomCanonicalAliasEventContent| c.alias)
let chunk = PublicRoomsChunk {
aliases: Vec::new(),
canonical_alias: state
.get(&(EventType::RoomCanonicalAlias, "".to_owned()))
.map_or(Ok::<_, Error>(None), |s| {
Ok(serde_json::from_value::<
Raw<canonical_alias::CanonicalAliasEventContent>,
>(s.content.clone())
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database("Invalid canonical alias event in database.")
})
})?,
name: db
.rooms
.room_state_get(&room_id, &EventType::RoomName, "")?
.map_or(Ok(None), |s| {
serde_json::from_str(s.content.get())
.map(|c: RoomNameEventContent| c.name)
})?
.alias)
})?,
name: state.get(&(EventType::RoomName, "".to_owned())).map_or(
Ok::<_, Error>(None),
|s| {
Ok(serde_json::from_value::<Raw<name::NameEventContent>>(
s.content.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database("Invalid room name event in database.")
})
})?,
num_joined_members: db
.rooms
.room_joined_count(&room_id)?
.unwrap_or_else(|| {
warn!("Room {} has no member count", room_id);
0
})
.try_into()
.expect("user count should not be that big"),
topic: db
.rooms
.room_state_get(&room_id, &EventType::RoomTopic, "")?
.map_or(Ok(None), |s| {
serde_json::from_str(s.content.get())
.map(|c: RoomTopicEventContent| Some(c.topic))
.map_err(|_| {
Error::bad_database("Invalid room topic event in database.")
})
})?,
world_readable: db
.rooms
.room_state_get(&room_id, &EventType::RoomHistoryVisibility, "")?
.map_or(Ok(false), |s| {
serde_json::from_str(s.content.get())
.map(|c: RoomHistoryVisibilityEventContent| {
c.history_visibility == HistoryVisibility::WorldReadable
})
})?
.name()
.map(|n| n.to_owned()))
},
)?,
num_joined_members: (db.rooms.room_members(&room_id).count() as u32).into(),
room_id,
topic: state.get(&(EventType::RoomTopic, "".to_owned())).map_or(
Ok::<_, Error>(None),
|s| {
Ok(Some(
serde_json::from_value::<Raw<topic::TopicEventContent>>(
s.content.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database("Invalid room topic event in database.")
})?
.topic,
))
},
)?,
world_readable: state
.get(&(EventType::RoomHistoryVisibility, "".to_owned()))
.map_or(Ok::<_, Error>(false), |s| {
Ok(serde_json::from_value::<
Raw<history_visibility::HistoryVisibilityEventContent>,
>(s.content.clone())
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database(
"Invalid room history visibility event in database.",
)
})
})?,
guest_can_join: db
.rooms
.room_state_get(&room_id, &EventType::RoomGuestAccess, "")?
.map_or(Ok(false), |s| {
serde_json::from_str(s.content.get())
.map(|c: RoomGuestAccessEventContent| {
c.guest_access == GuestAccess::CanJoin
})
})?
.history_visibility
== history_visibility::HistoryVisibility::WorldReadable)
})?,
guest_can_join: state
.get(&(EventType::RoomGuestAccess, "".to_owned()))
.map_or(Ok::<_, Error>(false), |s| {
Ok(
serde_json::from_value::<Raw<guest_access::GuestAccessEventContent>>(
s.content.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database("Invalid room guest access event in database.")
})
})?,
avatar_url: db
.rooms
.room_state_get(&room_id, &EventType::RoomAvatar, "")?
.map(|s| {
serde_json::from_str(s.content.get())
.map(|c: RoomAvatarEventContent| c.url)
.map_err(|_| {
Error::bad_database("Invalid room avatar event in database.")
})
})
.transpose()?
// url is now an Option<String> so we must flatten
.flatten(),
room_id,
};
Ok(chunk)
})
.filter_map(|r: Result<_>| r.ok()) // Filter out buggy rooms
.filter(|chunk| {
if let Some(query) = filter
.generic_search_term
.as_ref()
.map(|q| q.to_lowercase())
{
if let Some(name) = &chunk.name {
if name.as_str().to_lowercase().contains(&query) {
return true;
}
}
if let Some(topic) = &chunk.topic {
if topic.to_lowercase().contains(&query) {
return true;
}
}
if let Some(canonical_alias) = &chunk.canonical_alias {
if canonical_alias.as_str().to_lowercase().contains(&query) {
return true;
}
}
false
} else {
// No search term
true
}
})
// We need to collect all, so we can sort by member count
.collect();
})?
.guest_access
== guest_access::GuestAccess::CanJoin,
)
})?,
avatar_url: state
.get(&(EventType::RoomAvatar, "".to_owned()))
.map(|s| {
Ok::<_, Error>(
serde_json::from_value::<Raw<avatar::AvatarEventContent>>(
s.content.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| {
Error::bad_database("Invalid room avatar event in database.")
})?
.url,
)
})
.transpose()?
// url is now an Option<String> so we must flatten
.flatten(),
};
Ok(chunk)
})
.filter_map(|r: Result<_>| r.ok()) // Filter out buggy rooms
// We need to collect all, so we can sort by member count
.collect::<Vec<_>>();
all_rooms.sort_by(|l, r| r.num_joined_members.cmp(&l.num_joined_members));
let total_room_count_estimate = (all_rooms.len() as u32).into();
let chunk: Vec<_> = all_rooms
let chunk = all_rooms
.into_iter()
.skip(num_since as usize)
.take(limit as usize)
.collect();
.collect::<Vec<_>>();
let prev_batch = if num_since == 0 {
None

6
src/client_server/filter.rs
Unescape View File

@ -4,9 +4,6 @@ use ruma::api::client::r0::filter::{self, create_filter, get_filter}; @@ -4,9 +4,6 @@ use ruma::api::client::r0::filter::{self, create_filter, get_filter};
#[cfg(feature = "conduit_bin")]
use rocket::{get, post};
/// # `GET /_matrix/client/r0/user/{userId}/filter/{filterId}`
///
/// TODO: Loads a filter that was previously created.
#[cfg_attr(feature = "conduit_bin", get("/_matrix/client/r0/user/<_>/filter/<_>"))]
#[tracing::instrument]
pub async fn get_filter_route() -> ConduitResult<get_filter::Response> {
@ -21,9 +18,6 @@ pub async fn get_filter_route() -> ConduitResult<get_filter::Response> { @@ -21,9 +18,6 @@ pub async fn get_filter_route() -> ConduitResult<get_filter::Response> {
.into())
}
/// # `PUT /_matrix/client/r0/user/{userId}/filter`
///
/// TODO: Creates a new filter to be used by other endpoints.
#[cfg_attr(feature = "conduit_bin", post("/_matrix/client/r0/user/<_>/filter"))]
#[tracing::instrument]
pub async fn create_filter_route() -> ConduitResult<create_filter::Response> {

386
src/client_server/keys.rs
Unescape View File

@ -1,42 +1,30 @@ @@ -1,42 +1,30 @@
use super::SESSION_ID_LENGTH;
use crate::{database::DatabaseGuard, utils, ConduitResult, Database, Error, Result, Ruma};
use rocket::futures::{prelude::*, stream::FuturesUnordered};
use super::{State, SESSION_ID_LENGTH};
use crate::{utils, ConduitResult, Database, Error, Ruma};
use ruma::{
api::{
client::{
error::ErrorKind,
r0::{
keys::{
claim_keys, get_key_changes, get_keys, upload_keys, upload_signatures,
upload_signing_keys,
},
uiaa::{AuthFlow, AuthType, UiaaInfo},
api::client::{
error::ErrorKind,
r0::{
keys::{
claim_keys, get_key_changes, get_keys, upload_keys, upload_signatures,
upload_signing_keys,
},
uiaa::{AuthFlow, UiaaInfo},
},
federation,
},
encryption::UnsignedDeviceInfo,
DeviceId, DeviceKeyAlgorithm, UserId,
};
use serde_json::json;
use std::collections::{BTreeMap, HashMap, HashSet};
use std::collections::{BTreeMap, HashSet};
#[cfg(feature = "conduit_bin")]
use rocket::{get, post};
/// # `POST /_matrix/client/r0/keys/upload`
///
/// Publish end-to-end encryption keys for the sender device.
///
/// - Adds one time keys
/// - If there are no device keys yet: Adds device keys (TODO: merge with existing keys?)
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/keys/upload", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn upload_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<upload_keys::Request>,
) -> ConduitResult<upload_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -55,7 +43,6 @@ pub async fn upload_keys_route( @@ -55,7 +43,6 @@ pub async fn upload_keys_route(
}
if let Some(device_keys) = &body.device_keys {
// TODO: merge this and the existing event?
// This check is needed to assure that signatures are kept
if db
.users
@ -72,7 +59,7 @@ pub async fn upload_keys_route( @@ -72,7 +59,7 @@ pub async fn upload_keys_route(
}
}
db.flush()?;
db.flush().await?;
Ok(upload_keys::Response {
one_time_key_counts: db.users.count_one_time_keys(sender_user, sender_device)?,
@ -80,66 +67,128 @@ pub async fn upload_keys_route( @@ -80,66 +67,128 @@ pub async fn upload_keys_route(
.into())
}
/// # `POST /_matrix/client/r0/keys/query`
///
/// Get end-to-end encryption keys for the given users.
///
/// - Always fetches users from other servers over federation
/// - Gets master keys, self-signing keys, user signing keys and device keys.
/// - The master and self-signing keys contain signatures that the user is allowed to see
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/keys/query", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_keys::Request<'_>>,
) -> ConduitResult<get_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let response = get_keys_helper(
Some(sender_user),
&body.device_keys,
|u| u == sender_user,
&db,
)
.await?;
let mut master_keys = BTreeMap::new();
let mut self_signing_keys = BTreeMap::new();
let mut user_signing_keys = BTreeMap::new();
let mut device_keys = BTreeMap::new();
for (user_id, device_ids) in &body.device_keys {
if device_ids.is_empty() {
let mut container = BTreeMap::new();
for device_id in db.users.all_device_ids(user_id) {
let device_id = device_id?;
if let Some(mut keys) = db.users.get_device_keys(user_id, &device_id)? {
let metadata = db
.users
.get_device_metadata(user_id, &device_id)?
.ok_or_else(|| {
Error::bad_database("all_device_keys contained nonexistent device.")
})?;
keys.unsigned = UnsignedDeviceInfo {
device_display_name: metadata.display_name,
};
container.insert(device_id, keys);
}
}
device_keys.insert(user_id.clone(), container);
} else {
for device_id in device_ids {
let mut container = BTreeMap::new();
if let Some(mut keys) = db.users.get_device_keys(&user_id.clone(), &device_id)? {
let metadata = db.users.get_device_metadata(user_id, &device_id)?.ok_or(
Error::BadRequest(
ErrorKind::InvalidParam,
"Tried to get keys for nonexistent device.",
),
)?;
keys.unsigned = UnsignedDeviceInfo {
device_display_name: metadata.display_name,
};
Ok(response.into())
container.insert(device_id.clone(), keys);
}
device_keys.insert(user_id.clone(), container);
}
}
if let Some(master_key) = db.users.get_master_key(user_id, sender_user)? {
master_keys.insert(user_id.clone(), master_key);
}
if let Some(self_signing_key) = db.users.get_self_signing_key(user_id, sender_user)? {
self_signing_keys.insert(user_id.clone(), self_signing_key);
}
if user_id == sender_user {
if let Some(user_signing_key) = db.users.get_user_signing_key(sender_user)? {
user_signing_keys.insert(user_id.clone(), user_signing_key);
}
}
}
Ok(get_keys::Response {
master_keys,
self_signing_keys,
user_signing_keys,
device_keys,
failures: BTreeMap::new(),
}
.into())
}
/// # `POST /_matrix/client/r0/keys/claim`
///
/// Claims one-time keys
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/keys/claim", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn claim_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<claim_keys::Request>,
) -> ConduitResult<claim_keys::Response> {
let response = claim_keys_helper(&body.one_time_keys, &db).await?;
let mut one_time_keys = BTreeMap::new();
for (user_id, map) in &body.one_time_keys {
let mut container = BTreeMap::new();
for (device_id, key_algorithm) in map {
if let Some(one_time_keys) =
db.users
.take_one_time_key(user_id, device_id, key_algorithm, &db.globals)?
{
let mut c = BTreeMap::new();
c.insert(one_time_keys.0, one_time_keys.1);
container.insert(device_id.clone(), c);
}
}
one_time_keys.insert(user_id.clone(), container);
}
db.flush()?;
db.flush().await?;
Ok(response.into())
Ok(claim_keys::Response {
failures: BTreeMap::new(),
one_time_keys,
}
.into())
}
/// # `POST /_matrix/client/r0/keys/device_signing/upload`
///
/// Uploads end-to-end key information for the sender user.
///
/// - Requires UIAA to verify password
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/unstable/keys/device_signing/upload", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn upload_signing_keys_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<upload_signing_keys::Request<'_>>,
) -> ConduitResult<upload_signing_keys::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -148,7 +197,7 @@ pub async fn upload_signing_keys_route( @@ -148,7 +197,7 @@ pub async fn upload_signing_keys_route(
// UIAA
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec![AuthType::Password],
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
@ -158,8 +207,8 @@ pub async fn upload_signing_keys_route( @@ -158,8 +207,8 @@ pub async fn upload_signing_keys_route(
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db.uiaa.try_auth(
sender_user,
sender_device,
&sender_user,
&sender_device,
auth,
&uiaainfo,
&db.users,
@ -169,19 +218,16 @@ pub async fn upload_signing_keys_route( @@ -169,19 +218,16 @@ pub async fn upload_signing_keys_route(
return Err(Error::Uiaa(uiaainfo));
}
// Success!
} else if let Some(json) = body.json_body {
} else {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
db.uiaa
.create(sender_user, sender_device, &uiaainfo, &json)?;
db.uiaa.create(&sender_user, &sender_device, &uiaainfo)?;
return Err(Error::Uiaa(uiaainfo));
} else {
return Err(Error::BadRequest(ErrorKind::NotJson, "Not json."));
}
if let Some(master_key) = &body.master_key {
db.users.add_cross_signing_keys(
sender_user,
master_key,
&master_key,
&body.self_signing_key,
&body.user_signing_key,
&db.rooms,
@ -189,21 +235,18 @@ pub async fn upload_signing_keys_route( @@ -189,21 +235,18 @@ pub async fn upload_signing_keys_route(
)?;
}
db.flush()?;
db.flush().await?;
Ok(upload_signing_keys::Response {}.into())
Ok(upload_signing_keys::Response.into())
}
/// # `POST /_matrix/client/r0/keys/signatures/upload`
///
/// Uploads end-to-end key signatures from the sender user.
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/unstable/keys/signatures/upload", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn upload_signatures_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<upload_signatures::Request>,
) -> ConduitResult<upload_signatures::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -242,10 +285,10 @@ pub async fn upload_signatures_route( @@ -242,10 +285,10 @@ pub async fn upload_signatures_route(
.to_owned(),
);
db.users.sign_key(
user_id,
key_id,
&user_id,
&key_id,
signature,
sender_user,
&sender_user,
&db.rooms,
&db.globals,
)?;
@ -253,23 +296,18 @@ pub async fn upload_signatures_route( @@ -253,23 +296,18 @@ pub async fn upload_signatures_route(
}
}
db.flush()?;
db.flush().await?;
Ok(upload_signatures::Response {}.into())
Ok(upload_signatures::Response.into())
}
/// # `POST /_matrix/client/r0/keys/changes`
///
/// Gets a list of users who have updated their device identity keys since the previous sync token.
///
/// - TODO: left users
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/keys/changes", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_key_changes_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_key_changes::Request<'_>>,
) -> ConduitResult<get_key_changes::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -313,191 +351,3 @@ pub async fn get_key_changes_route( @@ -313,191 +351,3 @@ pub async fn get_key_changes_route(
}
.into())
}
pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
sender_user: Option<&UserId>,
device_keys_input: &BTreeMap<Box<UserId>, Vec<Box<DeviceId>>>,
allowed_signatures: F,
db: &Database,
) -> Result<get_keys::Response> {
let mut master_keys = BTreeMap::new();
let mut self_signing_keys = BTreeMap::new();
let mut user_signing_keys = BTreeMap::new();
let mut device_keys = BTreeMap::new();
let mut get_over_federation = HashMap::new();
for (user_id, device_ids) in device_keys_input {
let user_id: &UserId = &**user_id;
if user_id.server_name() != db.globals.server_name() {
get_over_federation
.entry(user_id.server_name())
.or_insert_with(Vec::new)
.push((user_id, device_ids));
continue;
}
if device_ids.is_empty() {
let mut container = BTreeMap::new();
for device_id in db.users.all_device_ids(user_id) {
let device_id = device_id?;
if let Some(mut keys) = db.users.get_device_keys(user_id, &device_id)? {
let metadata = db
.users
.get_device_metadata(user_id, &device_id)?
.ok_or_else(|| {
Error::bad_database("all_device_keys contained nonexistent device.")
})?;
keys.unsigned = UnsignedDeviceInfo {
device_display_name: metadata.display_name,
};
container.insert(device_id, keys);
}
}
device_keys.insert(user_id.to_owned(), container);
} else {
for device_id in device_ids {
let mut container = BTreeMap::new();
if let Some(mut keys) = db.users.get_device_keys(user_id, device_id)? {
let metadata = db.users.get_device_metadata(user_id, device_id)?.ok_or(
Error::BadRequest(
ErrorKind::InvalidParam,
"Tried to get keys for nonexistent device.",
),
)?;
keys.unsigned = UnsignedDeviceInfo {
device_display_name: metadata.display_name,
};
container.insert(device_id.to_owned(), keys);
}
device_keys.insert(user_id.to_owned(), container);
}
}
if let Some(master_key) = db.users.get_master_key(user_id, &allowed_signatures)? {
master_keys.insert(user_id.to_owned(), master_key);
}
if let Some(self_signing_key) = db
.users
.get_self_signing_key(user_id, &allowed_signatures)?
{
self_signing_keys.insert(user_id.to_owned(), self_signing_key);
}
if Some(user_id) == sender_user {
if let Some(user_signing_key) = db.users.get_user_signing_key(user_id)? {
user_signing_keys.insert(user_id.to_owned(), user_signing_key);
}
}
}
let mut failures = BTreeMap::new();
let mut futures: FuturesUnordered<_> = get_over_federation
.into_iter()
.map(|(server, vec)| async move {
let mut device_keys_input_fed = BTreeMap::new();
for (user_id, keys) in vec {
device_keys_input_fed.insert(user_id.to_owned(), keys.clone());
}
(
server,
db.sending
.send_federation_request(
&db.globals,
server,
federation::keys::get_keys::v1::Request {
device_keys: device_keys_input_fed,
},
)
.await,
)
})
.collect();
while let Some((server, response)) = futures.next().await {
match response {
Ok(response) => {
master_keys.extend(response.master_keys);
self_signing_keys.extend(response.self_signing_keys);
device_keys.extend(response.device_keys);
}
Err(_e) => {
failures.insert(server.to_string(), json!({}));
}
}
}
Ok(get_keys::Response {
master_keys,
self_signing_keys,
user_signing_keys,
device_keys,
failures,
})
}
pub(crate) async fn claim_keys_helper(
one_time_keys_input: &BTreeMap<Box<UserId>, BTreeMap<Box<DeviceId>, DeviceKeyAlgorithm>>,
db: &Database,
) -> Result<claim_keys::Response> {
let mut one_time_keys = BTreeMap::new();
let mut get_over_federation = BTreeMap::new();
for (user_id, map) in one_time_keys_input {
if user_id.server_name() != db.globals.server_name() {
get_over_federation
.entry(user_id.server_name())
.or_insert_with(Vec::new)
.push((user_id, map));
}
let mut container = BTreeMap::new();
for (device_id, key_algorithm) in map {
if let Some(one_time_keys) =
db.users
.take_one_time_key(user_id, device_id, key_algorithm, &db.globals)?
{
let mut c = BTreeMap::new();
c.insert(one_time_keys.0, one_time_keys.1);
container.insert(device_id.clone(), c);
}
}
one_time_keys.insert(user_id.clone(), container);
}
let mut failures = BTreeMap::new();
for (server, vec) in get_over_federation {
let mut one_time_keys_input_fed = BTreeMap::new();
for (user_id, keys) in vec {
one_time_keys_input_fed.insert(user_id.clone(), keys.clone());
}
// Ignore failures
if let Ok(keys) = db
.sending
.send_federation_request(
&db.globals,
server,
federation::keys::claim_keys::v1::Request {
one_time_keys: one_time_keys_input_fed,
},
)
.await
{
one_time_keys.extend(keys.one_time_keys);
} else {
failures.insert(server.to_string(), json!({}));
}
}
Ok(claim_keys::Response {
failures,
one_time_keys,
})
}

122
src/client_server/media.rs
Unescape View File

@ -1,25 +1,20 @@ @@ -1,25 +1,20 @@
use crate::{
database::{media::FileMeta, DatabaseGuard},
utils, ConduitResult, Error, Ruma,
};
use super::State;
use crate::{database::media::FileMeta, utils, ConduitResult, Database, Error, Ruma};
use ruma::api::client::{
error::ErrorKind,
r0::media::{create_content, get_content, get_content_thumbnail, get_media_config},
};
use std::convert::TryInto;
#[cfg(feature = "conduit_bin")]
use rocket::{get, post};
use std::convert::TryInto;
const MXC_LENGTH: usize = 32;
/// # `GET /_matrix/media/r0/config`
///
/// Returns max upload size.
#[cfg_attr(feature = "conduit_bin", get("/_matrix/media/r0/config"))]
#[tracing::instrument(skip(db))]
pub async fn get_media_config_route(
db: DatabaseGuard,
db: State<'_, Database>,
) -> ConduitResult<get_media_config::Response> {
Ok(get_media_config::Response {
upload_size: db.globals.max_request_size().into(),
@ -27,19 +22,13 @@ pub async fn get_media_config_route( @@ -27,19 +22,13 @@ pub async fn get_media_config_route(
.into())
}
/// # `POST /_matrix/media/r0/upload`
///
/// Permanently save media in the server.
///
/// - Some metadata will be saved in the database
/// - Media will be saved in the media/ directory
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/media/r0/upload", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn create_content_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_content::Request<'_>>,
) -> ConduitResult<create_content::Response> {
let mxc = format!(
@ -47,56 +36,43 @@ pub async fn create_content_route( @@ -47,56 +36,43 @@ pub async fn create_content_route(
db.globals.server_name(),
utils::random_string(MXC_LENGTH)
);
db.media.create(
mxc.clone(),
&body.filename.as_deref(),
&body.content_type.as_deref(),
&body.file,
)?;
db.media
.create(
mxc.clone(),
&db.globals,
&body
.filename
.as_ref()
.map(|filename| "inline; filename=".to_owned() + filename)
.as_deref(),
&body.content_type.as_deref(),
&body.file,
)
.await?;
db.flush()?;
db.flush().await?;
Ok(create_content::Response {
content_uri: mxc.try_into().expect("Invalid mxc:// URI"),
content_uri: mxc,
blurhash: None,
}
.into())
}
/// # `POST /_matrix/media/r0/download/{serverName}/{mediaId}`
///
/// Load media from our server or over federation.
///
/// - Only allows federation if `allow_remote` is true
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/media/r0/download/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_content_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_content::Request<'_>>,
) -> ConduitResult<get_content::Response> {
let mxc = format!("mxc://{}/{}", body.server_name, body.media_id);
if let Some(FileMeta {
content_disposition,
filename,
content_type,
file,
}) = db.media.get(&db.globals, &mxc).await?
}) = db.media.get(&mxc)?
{
Ok(get_content::Response {
file,
content_type,
content_disposition,
content_disposition: filename,
}
.into())
} else if &*body.server_name != db.globals.server_name() && body.allow_remote {
@ -113,15 +89,12 @@ pub async fn get_content_route( @@ -113,15 +89,12 @@ pub async fn get_content_route(
)
.await?;
db.media
.create(
mxc,
&db.globals,
&get_content_response.content_disposition.as_deref(),
&get_content_response.content_type.as_deref(),
&get_content_response.file,
)
.await?;
db.media.create(
mxc,
&get_content_response.content_disposition.as_deref(),
&get_content_response.content_type.as_deref(),
&get_content_response.file,
)?;
Ok(get_content_response.into())
} else {
@ -129,38 +102,28 @@ pub async fn get_content_route( @@ -129,38 +102,28 @@ pub async fn get_content_route(
}
}
/// # `POST /_matrix/media/r0/thumbnail/{serverName}/{mediaId}`
///
/// Load media thumbnail from our server or over federation.
///
/// - Only allows federation if `allow_remote` is true
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/media/r0/thumbnail/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_content_thumbnail_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_content_thumbnail::Request<'_>>,
) -> ConduitResult<get_content_thumbnail::Response> {
let mxc = format!("mxc://{}/{}", body.server_name, body.media_id);
if let Some(FileMeta {
content_type, file, ..
}) = db
.media
.get_thumbnail(
mxc.clone(),
&db.globals,
body.width
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Width is invalid."))?,
body.height
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Width is invalid."))?,
)
.await?
{
}) = db.media.get_thumbnail(
mxc.clone(),
body.width
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Width is invalid."))?,
body.height
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Width is invalid."))?,
)? {
Ok(get_content_thumbnail::Response { file, content_type }.into())
} else if &*body.server_name != db.globals.server_name() && body.allow_remote {
let get_thumbnail_response = db
@ -179,17 +142,14 @@ pub async fn get_content_thumbnail_route( @@ -179,17 +142,14 @@ pub async fn get_content_thumbnail_route(
)
.await?;
db.media
.upload_thumbnail(
mxc,
&db.globals,
&None,
&get_thumbnail_response.content_type,
body.width.try_into().expect("all UInts are valid u32s"),
body.height.try_into().expect("all UInts are valid u32s"),
&get_thumbnail_response.file,
)
.await?;
db.media.upload_thumbnail(
mxc,
&None,
&get_thumbnail_response.content_type,
body.width.try_into().expect("all UInts are valid u32s"),
body.height.try_into().expect("all UInts are valid u32s"),
&get_thumbnail_response.file,
)?;
Ok(get_thumbnail_response.into())
} else {

951
src/client_server/membership.rs
View File

File diff suppressed because it is too large Load Diff

100
src/client_server/message.rs
Unescape View File

@ -1,53 +1,33 @@ @@ -1,53 +1,33 @@
use crate::{database::DatabaseGuard, pdu::PduBuilder, utils, ConduitResult, Error, Ruma};
use super::State;
use crate::{pdu::PduBuilder, utils, ConduitResult, Database, Error, Ruma};
use ruma::{
api::client::{
error::ErrorKind,
r0::message::{get_message_events, send_message_event},
},
events::EventType,
events::EventContent,
EventId,
};
use std::{
collections::BTreeMap,
convert::{TryFrom, TryInto},
};
use std::{collections::BTreeMap, convert::TryInto, sync::Arc};
#[cfg(feature = "conduit_bin")]
use rocket::{get, put};
/// # `PUT /_matrix/client/r0/rooms/{roomId}/send/{eventType}/{txnId}`
///
/// Send a message event into the room.
///
/// - Is a NOOP if the txn id was already used before and returns the same event id again
/// - The only requirement for the content is that it has to be valid json
/// - Tries to send the event into the room, auth rules will determine if it is allowed
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/rooms/<_>/send/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn send_message_event_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<send_message_event::Request<'_>>,
) -> ConduitResult<send_message_event::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sender_device = body.sender_device.as_deref();
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(body.room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
// Forbid m.room.encrypted if encryption is disabled
if &body.event_type == "m.room.encrypted" && !db.globals.allow_encryption() {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"Encryption has been disabled",
));
}
// Check if this is a new transaction id
if let Some(response) =
db.transaction_ids
@ -62,10 +42,11 @@ pub async fn send_message_event_route( @@ -62,10 +42,11 @@ pub async fn send_message_event_route(
));
}
let event_id = utils::string_from_bytes(&response)
.map_err(|_| Error::bad_database("Invalid txnid bytes in database."))?
.try_into()
.map_err(|_| Error::bad_database("Invalid event id in txnid data."))?;
let event_id = EventId::try_from(
utils::string_from_bytes(&response)
.map_err(|_| Error::bad_database("Invalid txnid bytes in database."))?,
)
.map_err(|_| Error::bad_database("Invalid event id in txnid data."))?;
return Ok(send_message_event::Response { event_id }.into());
}
@ -74,17 +55,21 @@ pub async fn send_message_event_route( @@ -74,17 +55,21 @@ pub async fn send_message_event_route(
let event_id = db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::from(&body.event_type),
content: serde_json::from_str(body.body.body.json().get())
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?,
event_type: body.content.event_type().into(),
content: serde_json::from_str(
body.json_body
.as_ref()
.ok_or(Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?
.get(),
)
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?,
unsigned: Some(unsigned),
state_key: None,
redacts: None,
},
sender_user,
&sender_user,
&body.room_id,
&db,
&state_lock,
)?;
db.transaction_ids.add_txnid(
@ -94,26 +79,18 @@ pub async fn send_message_event_route( @@ -94,26 +79,18 @@ pub async fn send_message_event_route(
event_id.as_bytes(),
)?;
drop(state_lock);
db.flush()?;
db.flush().await?;
Ok(send_message_event::Response::new((*event_id).to_owned()).into())
Ok(send_message_event::Response::new(event_id).into())
}
/// # `GET /_matrix/client/r0/rooms/{roomId}/messages`
///
/// Allows paginating through room history.
///
/// - Only works if the user is joined (TODO: always allow, but only show events where the user was
/// joined, depending on history_visibility)
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/messages", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_message_events_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_message_events::Request<'_>>,
) -> ConduitResult<get_message_events::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -134,13 +111,16 @@ pub async fn get_message_events_route( @@ -134,13 +111,16 @@ pub async fn get_message_events_route(
let to = body.to.as_ref().map(|t| t.parse());
// Use limit or else 10
let limit = body.limit.try_into().map_or(10_usize, |l: u32| l as usize);
let limit = body
.limit
.try_into()
.map_or(Ok::<_, Error>(10_usize), |l: u32| Ok(l as usize))?;
match body.dir {
get_message_events::Direction::Forward => {
let events_after: Vec<_> = db
let events_after = db
.rooms
.pdus_after(sender_user, &body.room_id, from)?
.pdus_after(&sender_user, &body.room_id, from)
.take(limit)
.filter_map(|r| r.ok()) // Filter out buggy events
.filter_map(|(pdu_id, pdu)| {
@ -150,14 +130,14 @@ pub async fn get_message_events_route( @@ -150,14 +130,14 @@ pub async fn get_message_events_route(
.ok()
})
.take_while(|&(k, _)| Some(Ok(k)) != to) // Stop at `to`
.collect();
.collect::<Vec<_>>();
let end_token = events_after.last().map(|(count, _)| count.to_string());
let events_after: Vec<_> = events_after
let events_after = events_after
.into_iter()
.map(|(_, pdu)| pdu.to_room_event())
.collect();
.collect::<Vec<_>>();
let mut resp = get_message_events::Response::new();
resp.start = Some(body.from.to_owned());
@ -168,9 +148,9 @@ pub async fn get_message_events_route( @@ -168,9 +148,9 @@ pub async fn get_message_events_route(
Ok(resp.into())
}
get_message_events::Direction::Backward => {
let events_before: Vec<_> = db
let events_before = db
.rooms
.pdus_until(sender_user, &body.room_id, from)?
.pdus_until(&sender_user, &body.room_id, from)
.take(limit)
.filter_map(|r| r.ok()) // Filter out buggy events
.filter_map(|(pdu_id, pdu)| {
@ -180,14 +160,14 @@ pub async fn get_message_events_route( @@ -180,14 +160,14 @@ pub async fn get_message_events_route(
.ok()
})
.take_while(|&(k, _)| Some(Ok(k)) != to) // Stop at `to`
.collect();
.collect::<Vec<_>>();
let start_token = events_before.last().map(|(count, _)| count.to_string());
let events_before: Vec<_> = events_before
let events_before = events_before
.into_iter()
.map(|(_, pdu)| pdu.to_room_event())
.collect();
.collect::<Vec<_>>();
let mut resp = get_message_events::Response::new();
resp.start = Some(body.from.to_owned());

17
src/client_server/mod.rs
Unescape View File

@ -16,7 +16,6 @@ mod profile; @@ -16,7 +16,6 @@ mod profile;
mod push;
mod read_marker;
mod redact;
mod report;
mod room;
mod search;
mod session;
@ -48,7 +47,6 @@ pub use profile::*; @@ -48,7 +47,6 @@ pub use profile::*;
pub use push::*;
pub use read_marker::*;
pub use redact::*;
pub use report::*;
pub use room::*;
pub use search::*;
pub use session::*;
@ -66,19 +64,18 @@ pub use voip::*; @@ -66,19 +64,18 @@ pub use voip::*;
use super::State;
#[cfg(feature = "conduit_bin")]
use {
crate::ConduitResult, rocket::options, ruma::api::client::r0::to_device::send_event_to_device,
crate::ConduitResult,
rocket::{options, State},
ruma::api::client::r0::to_device::send_event_to_device,
};
pub const DEVICE_ID_LENGTH: usize = 10;
pub const TOKEN_LENGTH: usize = 256;
pub const SESSION_ID_LENGTH: usize = 256;
const DEVICE_ID_LENGTH: usize = 10;
const TOKEN_LENGTH: usize = 256;
const SESSION_ID_LENGTH: usize = 256;
/// # `OPTIONS`
///
/// Web clients use this to get CORS headers.
#[cfg(feature = "conduit_bin")]
#[options("/<_..>")]
#[tracing::instrument]
pub async fn options_route() -> ConduitResult<send_event_to_device::Response> {
Ok(send_event_to_device::Response {}.into())
Ok(send_event_to_device::Response.into())
}

77
src/client_server/presence.rs
Unescape View File

@ -1,35 +1,33 @@ @@ -1,35 +1,33 @@
use crate::{database::DatabaseGuard, utils, ConduitResult, Ruma};
use ruma::api::client::r0::presence::{get_presence, set_presence};
use std::{convert::TryInto, time::Duration};
use super::State;
use crate::{utils, ConduitResult, Database, Ruma};
use ruma::api::client::r0::presence::set_presence;
use std::convert::TryInto;
#[cfg(feature = "conduit_bin")]
use rocket::{get, put};
use rocket::put;
/// # `PUT /_matrix/client/r0/presence/{userId}/status`
///
/// Sets the presence state of the sender user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/presence/<_>/status", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_presence_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_presence::Request<'_>>,
) -> ConduitResult<set_presence::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
for room_id in db.rooms.rooms_joined(sender_user) {
for room_id in db.rooms.rooms_joined(&sender_user) {
let room_id = room_id?;
db.rooms.edus.update_presence(
sender_user,
&sender_user,
&room_id,
ruma::events::presence::PresenceEvent {
content: ruma::events::presence::PresenceEventContent {
avatar_url: db.users.avatar_url(sender_user)?,
avatar_url: db.users.avatar_url(&sender_user)?,
currently_active: None,
displayname: db.users.displayname(sender_user)?,
displayname: db.users.displayname(&sender_user)?,
last_active_ago: Some(
utils::millis_since_unix_epoch()
.try_into()
@ -44,58 +42,7 @@ pub async fn set_presence_route( @@ -44,58 +42,7 @@ pub async fn set_presence_route(
)?;
}
db.flush()?;
db.flush().await?;
Ok(set_presence::Response {}.into())
}
/// # `GET /_matrix/client/r0/presence/{userId}/status`
///
/// Gets the presence state of the given user.
///
/// - Only works if you share a room with the user
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/presence/<_>/status", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_presence_route(
db: DatabaseGuard,
body: Ruma<get_presence::Request<'_>>,
) -> ConduitResult<get_presence::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let mut presence_event = None;
for room_id in db
.rooms
.get_shared_rooms(vec![sender_user.clone(), body.user_id.clone()])?
{
let room_id = room_id?;
if let Some(presence) = db
.rooms
.edus
.get_last_presence_event(sender_user, &room_id)?
{
presence_event = Some(presence);
break;
}
}
if let Some(presence) = presence_event {
Ok(get_presence::Response {
// TODO: Should ruma just use the presenceeventcontent type here?
status_msg: presence.content.status_msg,
currently_active: presence.content.currently_active,
last_active_ago: presence
.content
.last_active_ago
.map(|millis| Duration::from_millis(millis.into())),
presence: presence.content.presence,
}
.into())
} else {
todo!();
}
Ok(set_presence::Response.into())
}

321
src/client_server/profile.rs
Unescape View File

@ -1,105 +1,81 @@ @@ -1,105 +1,81 @@
use crate::{database::DatabaseGuard, pdu::PduBuilder, utils, ConduitResult, Error, Ruma};
use super::State;
use crate::{pdu::PduBuilder, utils, ConduitResult, Database, Error, Ruma};
use ruma::{
api::{
client::{
error::ErrorKind,
r0::profile::{
get_avatar_url, get_display_name, get_profile, set_avatar_url, set_display_name,
},
api::client::{
error::ErrorKind,
r0::profile::{
get_avatar_url, get_display_name, get_profile, set_avatar_url, set_display_name,
},
federation::{self, query::get_profile_information::v1::ProfileField},
},
events::{room::member::RoomMemberEventContent, EventType},
events::EventType,
serde::Raw,
};
use serde_json::value::to_raw_value;
use std::{convert::TryInto, sync::Arc};
#[cfg(feature = "conduit_bin")]
use rocket::{get, put};
use std::convert::TryInto;
/// # `PUT /_matrix/client/r0/profile/{userId}/displayname`
///
/// Updates the displayname.
///
/// - Also makes sure other users receive the update using presence EDUs
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/profile/<_>/displayname", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_displayname_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_display_name::Request<'_>>,
) -> ConduitResult<set_display_name::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.users
.set_displayname(sender_user, body.displayname.clone())?;
.set_displayname(&sender_user, body.displayname.clone())?;
// Send a new membership event and presence update into all joined rooms
let all_rooms_joined: Vec<_> = db
.rooms
.rooms_joined(sender_user)
.filter_map(|r| r.ok())
.map(|room_id| {
Ok::<_, Error>((
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
displayname: body.displayname.clone(),
..serde_json::from_str(
db.rooms
.room_state_get(
&room_id,
&EventType::RoomMember,
&sender_user.to_string(),
)?
.ok_or_else(|| {
Error::bad_database(
"Tried to send displayname update for user not in the \
room.",
)
})?
.content
.get(),
)
.map_err(|_| Error::bad_database("Database contains invalid PDU."))?
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
room_id,
))
})
.filter_map(|r| r.ok())
.collect();
for (pdu_builder, room_id) in all_rooms_joined {
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
let _ = db
.rooms
.build_and_append_pdu(pdu_builder, sender_user, &room_id, &db, &state_lock);
for room_id in db.rooms.rooms_joined(&sender_user) {
let room_id = room_id?;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: serde_json::to_value(ruma::events::room::member::MemberEventContent {
displayname: body.displayname.clone(),
..serde_json::from_value::<Raw<_>>(
db.rooms
.room_state_get(
&room_id,
&EventType::RoomMember,
&sender_user.to_string(),
)?
.ok_or_else(|| {
Error::bad_database(
"Tried to send displayname update for user not in the room.",
)
})?
.1
.content
.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| Error::bad_database("Database contains invalid PDU."))?
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
&sender_user,
&room_id,
&db,
)?;
// Presence update
db.rooms.edus.update_presence(
sender_user,
&sender_user,
&room_id,
ruma::events::presence::PresenceEvent {
content: ruma::events::presence::PresenceEventContent {
avatar_url: db.users.avatar_url(sender_user)?,
avatar_url: db.users.avatar_url(&sender_user)?,
currently_active: None,
displayname: db.users.displayname(sender_user)?,
displayname: db.users.displayname(&sender_user)?,
last_active_ago: Some(
utils::millis_since_unix_epoch()
.try_into()
@ -114,135 +90,87 @@ pub async fn set_displayname_route( @@ -114,135 +90,87 @@ pub async fn set_displayname_route(
)?;
}
db.flush()?;
db.flush().await?;
Ok(set_display_name::Response {}.into())
Ok(set_display_name::Response.into())
}
/// # `GET /_matrix/client/r0/profile/{userId}/displayname`
///
/// Returns the displayname of the user.
///
/// - If user is on another server: Fetches displayname over federation
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/profile/<_>/displayname", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_displayname_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_display_name::Request<'_>>,
) -> ConduitResult<get_display_name::Response> {
if body.user_id.server_name() != db.globals.server_name() {
let response = db
.sending
.send_federation_request(
&db.globals,
body.user_id.server_name(),
federation::query::get_profile_information::v1::Request {
user_id: &body.user_id,
field: Some(&ProfileField::DisplayName),
},
)
.await?;
return Ok(get_display_name::Response {
displayname: response.displayname,
}
.into());
}
Ok(get_display_name::Response {
displayname: db.users.displayname(&body.user_id)?,
}
.into())
}
/// # `PUT /_matrix/client/r0/profile/{userId}/avatar_url`
///
/// Updates the avatar_url and blurhash.
///
/// - Also makes sure other users receive the update using presence EDUs
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/profile/<_>/avatar_url", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_avatar_url_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_avatar_url::Request<'_>>,
) -> ConduitResult<set_avatar_url::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.users
.set_avatar_url(sender_user, body.avatar_url.clone())?;
db.users.set_blurhash(sender_user, body.blurhash.clone())?;
.set_avatar_url(&sender_user, body.avatar_url.clone())?;
// Send a new membership event and presence update into all joined rooms
let all_joined_rooms: Vec<_> = db
.rooms
.rooms_joined(sender_user)
.filter_map(|r| r.ok())
.map(|room_id| {
Ok::<_, Error>((
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
avatar_url: body.avatar_url.clone(),
..serde_json::from_str(
db.rooms
.room_state_get(
&room_id,
&EventType::RoomMember,
&sender_user.to_string(),
)?
.ok_or_else(|| {
Error::bad_database(
"Tried to send displayname update for user not in the \
room.",
)
})?
.content
.get(),
)
.map_err(|_| Error::bad_database("Database contains invalid PDU."))?
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
room_id,
))
})
.filter_map(|r| r.ok())
.collect();
for (pdu_builder, room_id) in all_joined_rooms {
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
let _ = db
.rooms
.build_and_append_pdu(pdu_builder, sender_user, &room_id, &db, &state_lock);
for room_id in db.rooms.rooms_joined(&sender_user) {
let room_id = room_id?;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: serde_json::to_value(ruma::events::room::member::MemberEventContent {
avatar_url: body.avatar_url.clone(),
..serde_json::from_value::<Raw<_>>(
db.rooms
.room_state_get(
&room_id,
&EventType::RoomMember,
&sender_user.to_string(),
)?
.ok_or_else(|| {
Error::bad_database(
"Tried to send avatar url update for user not in the room.",
)
})?
.1
.content
.clone(),
)
.expect("from_value::<Raw<..>> can never fail")
.deserialize()
.map_err(|_| Error::bad_database("Database contains invalid PDU."))?
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
&sender_user,
&room_id,
&db,
)?;
// Presence update
db.rooms.edus.update_presence(
sender_user,
&sender_user,
&room_id,
ruma::events::presence::PresenceEvent {
content: ruma::events::presence::PresenceEventContent {
avatar_url: db.users.avatar_url(sender_user)?,
avatar_url: db.users.avatar_url(&sender_user)?,
currently_active: None,
displayname: db.users.displayname(sender_user)?,
displayname: db.users.displayname(&sender_user)?,
last_active_ago: Some(
utils::millis_since_unix_epoch()
.try_into()
@ -257,87 +185,35 @@ pub async fn set_avatar_url_route( @@ -257,87 +185,35 @@ pub async fn set_avatar_url_route(
)?;
}
db.flush()?;
db.flush().await?;
Ok(set_avatar_url::Response {}.into())
Ok(set_avatar_url::Response.into())
}
/// # `GET /_matrix/client/r0/profile/{userId}/avatar_url`
///
/// Returns the avatar_url and blurhash of the user.
///
/// - If user is on another server: Fetches avatar_url and blurhash over federation
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/profile/<_>/avatar_url", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_avatar_url_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_avatar_url::Request<'_>>,
) -> ConduitResult<get_avatar_url::Response> {
if body.user_id.server_name() != db.globals.server_name() {
let response = db
.sending
.send_federation_request(
&db.globals,
body.user_id.server_name(),
federation::query::get_profile_information::v1::Request {
user_id: &body.user_id,
field: Some(&ProfileField::AvatarUrl),
},
)
.await?;
return Ok(get_avatar_url::Response {
avatar_url: response.avatar_url,
blurhash: response.blurhash,
}
.into());
}
Ok(get_avatar_url::Response {
avatar_url: db.users.avatar_url(&body.user_id)?,
blurhash: db.users.blurhash(&body.user_id)?,
}
.into())
}
/// # `GET /_matrix/client/r0/profile/{userId}`
///
/// Returns the displayname, avatar_url and blurhash of the user.
///
/// - If user is on another server: Fetches profile over federation
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/profile/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_profile_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_profile::Request<'_>>,
) -> ConduitResult<get_profile::Response> {
if body.user_id.server_name() != db.globals.server_name() {
let response = db
.sending
.send_federation_request(
&db.globals,
body.user_id.server_name(),
federation::query::get_profile_information::v1::Request {
user_id: &body.user_id,
field: None,
},
)
.await?;
return Ok(get_profile::Response {
displayname: response.displayname,
avatar_url: response.avatar_url,
blurhash: response.blurhash,
}
.into());
}
if !db.users.exists(&body.user_id)? {
// Return 404 if this user doesn't exist
return Err(Error::BadRequest(
@ -348,7 +224,6 @@ pub async fn get_profile_route( @@ -348,7 +224,6 @@ pub async fn get_profile_route(
Ok(get_profile::Response {
avatar_url: db.users.avatar_url(&body.user_id)?,
blurhash: db.users.blurhash(&body.user_id)?,
displayname: db.users.displayname(&body.user_id)?,
}
.into())

476
src/client_server/push.rs
Unescape View File

@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::{
api::client::{
error::ErrorKind,
@ -8,30 +9,30 @@ use ruma::{ @@ -8,30 +9,30 @@ use ruma::{
set_pushrule_enabled, RuleKind,
},
},
events::{push_rules::PushRulesEvent, EventType},
push::{ConditionalPushRuleInit, PatternedPushRuleInit, SimplePushRuleInit},
events::{push_rules, EventType},
push::{
ConditionalPushRuleInit, ContentPushRule, OverridePushRule, PatternedPushRuleInit,
RoomPushRule, SenderPushRule, SimplePushRuleInit, UnderridePushRule,
},
};
#[cfg(feature = "conduit_bin")]
use rocket::{delete, get, post, put};
/// # `GET /_matrix/client/r0/pushrules`
///
/// Retrieves the push rules event for this user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/pushrules", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_pushrules_all_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_pushrules_all::Request>,
) -> ConduitResult<get_pushrules_all::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let event: PushRulesEvent = db
let event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -43,23 +44,20 @@ pub async fn get_pushrules_all_route( @@ -43,23 +44,20 @@ pub async fn get_pushrules_all_route(
.into())
}
/// # `GET /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}`
///
/// Retrieves a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/pushrules/<_>/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_pushrule_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_pushrule::Request<'_>>,
) -> ConduitResult<get_pushrule::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let event: PushRulesEvent = db
let event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -69,25 +67,30 @@ pub async fn get_pushrule_route( @@ -69,25 +67,30 @@ pub async fn get_pushrule_route(
let rule = match body.kind {
RuleKind::Override => global
.override_
.get(body.rule_id.as_str())
.map(|rule| rule.clone().into()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.clone().into()),
RuleKind::Underride => global
.underride
.get(body.rule_id.as_str())
.map(|rule| rule.clone().into()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.clone().into()),
RuleKind::Sender => global
.sender
.get(body.rule_id.as_str())
.map(|rule| rule.clone().into()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.clone().into()),
RuleKind::Room => global
.room
.get(body.rule_id.as_str())
.map(|rule| rule.clone().into()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.clone().into()),
RuleKind::Content => global
.content
.get(body.rule_id.as_str())
.map(|rule| rule.clone().into()),
_ => None,
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.clone().into()),
RuleKind::_Custom(_) => None,
};
if let Some(rule) = rule {
@ -100,20 +103,16 @@ pub async fn get_pushrule_route( @@ -100,20 +103,16 @@ pub async fn get_pushrule_route(
}
}
/// # `PUT /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}`
///
/// Creates a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/pushrules/<_>/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_pushrule_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_pushrule::Request<'_>>,
) -> ConduitResult<set_pushrule::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let body = body.body;
if body.scope != "global" {
return Err(Error::BadRequest(
@ -122,9 +121,9 @@ pub async fn set_pushrule_route( @@ -122,9 +121,9 @@ pub async fn set_pushrule_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -133,84 +132,131 @@ pub async fn set_pushrule_route( @@ -133,84 +132,131 @@ pub async fn set_pushrule_route(
let global = &mut event.content.global;
match body.kind {
RuleKind::Override => {
global.override_.replace(
if let Some(rule) = global
.override_
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.override_.remove(&rule);
}
global.override_.insert(OverridePushRule(
ConditionalPushRuleInit {
actions: body.actions,
actions: body.actions.clone(),
default: false,
enabled: true,
rule_id: body.rule_id,
conditions: body.conditions,
rule_id: body.rule_id.clone(),
conditions: body.conditions.clone(),
}
.into(),
);
));
}
RuleKind::Underride => {
global.underride.replace(
if let Some(rule) = global
.underride
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.underride.remove(&rule);
}
global.underride.insert(UnderridePushRule(
ConditionalPushRuleInit {
actions: body.actions,
actions: body.actions.clone(),
default: false,
enabled: true,
rule_id: body.rule_id,
conditions: body.conditions,
rule_id: body.rule_id.clone(),
conditions: body.conditions.clone(),
}
.into(),
);
));
}
RuleKind::Sender => {
global.sender.replace(
if let Some(rule) = global
.sender
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.sender.remove(&rule);
}
global.sender.insert(SenderPushRule(
SimplePushRuleInit {
actions: body.actions,
actions: body.actions.clone(),
default: false,
enabled: true,
rule_id: body.rule_id,
rule_id: body.rule_id.clone(),
}
.into(),
);
));
}
RuleKind::Room => {
global.room.replace(
if let Some(rule) = global
.room
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.room.remove(&rule);
}
global.room.insert(RoomPushRule(
SimplePushRuleInit {
actions: body.actions,
actions: body.actions.clone(),
default: false,
enabled: true,
rule_id: body.rule_id,
rule_id: body.rule_id.clone(),
}
.into(),
);
));
}
RuleKind::Content => {
global.content.replace(
if let Some(rule) = global
.content
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.content.remove(&rule);
}
global.content.insert(ContentPushRule(
PatternedPushRuleInit {
actions: body.actions,
actions: body.actions.clone(),
default: false,
enabled: true,
rule_id: body.rule_id,
pattern: body.pattern.unwrap_or_default(),
rule_id: body.rule_id.clone(),
pattern: body.pattern.clone().unwrap_or_default(),
}
.into(),
);
));
}
_ => {}
RuleKind::_Custom(_) => {}
}
db.account_data
.update(None, sender_user, EventType::PushRules, &event, &db.globals)?;
db.account_data.update(
None,
&sender_user,
EventType::PushRules,
&event,
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(set_pushrule::Response {}.into())
Ok(set_pushrule::Response.into())
}
/// # `GET /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}/actions`
///
/// Gets the actions of a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/pushrules/<_>/<_>/<_>/actions", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_pushrule_actions_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_pushrule_actions::Request<'_>>,
) -> ConduitResult<get_pushrule_actions::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -222,9 +268,9 @@ pub async fn get_pushrule_actions_route( @@ -222,9 +268,9 @@ pub async fn get_pushrule_actions_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -234,28 +280,33 @@ pub async fn get_pushrule_actions_route( @@ -234,28 +280,33 @@ pub async fn get_pushrule_actions_route(
let actions = match body.kind {
RuleKind::Override => global
.override_
.get(body.rule_id.as_str())
.map(|rule| rule.actions.clone()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.actions.clone()),
RuleKind::Underride => global
.underride
.get(body.rule_id.as_str())
.map(|rule| rule.actions.clone()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.actions.clone()),
RuleKind::Sender => global
.sender
.get(body.rule_id.as_str())
.map(|rule| rule.actions.clone()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.actions.clone()),
RuleKind::Room => global
.room
.get(body.rule_id.as_str())
.map(|rule| rule.actions.clone()),
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.actions.clone()),
RuleKind::Content => global
.content
.get(body.rule_id.as_str())
.map(|rule| rule.actions.clone()),
_ => None,
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.map(|rule| rule.0.actions.clone()),
RuleKind::_Custom(_) => None,
};
db.flush()?;
db.flush().await?;
Ok(get_pushrule_actions::Response {
actions: actions.unwrap_or_default(),
@ -263,16 +314,13 @@ pub async fn get_pushrule_actions_route( @@ -263,16 +314,13 @@ pub async fn get_pushrule_actions_route(
.into())
}
/// # `PUT /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}/actions`
///
/// Sets the actions of a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/pushrules/<_>/<_>/<_>/actions", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_pushrule_actions_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_pushrule_actions::Request<'_>>,
) -> ConduitResult<set_pushrule_actions::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -284,9 +332,9 @@ pub async fn set_pushrule_actions_route( @@ -284,9 +332,9 @@ pub async fn set_pushrule_actions_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -295,56 +343,88 @@ pub async fn set_pushrule_actions_route( @@ -295,56 +343,88 @@ pub async fn set_pushrule_actions_route(
let global = &mut event.content.global;
match body.kind {
RuleKind::Override => {
if let Some(mut rule) = global.override_.get(body.rule_id.as_str()).cloned() {
rule.actions = body.actions.clone();
global.override_.replace(rule);
if let Some(mut rule) = global
.override_
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.override_.remove(&rule);
rule.0.actions = body.actions.clone();
global.override_.insert(rule);
}
}
RuleKind::Underride => {
if let Some(mut rule) = global.underride.get(body.rule_id.as_str()).cloned() {
rule.actions = body.actions.clone();
global.underride.replace(rule);
if let Some(mut rule) = global
.underride
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.underride.remove(&rule);
rule.0.actions = body.actions.clone();
global.underride.insert(rule);
}
}
RuleKind::Sender => {
if let Some(mut rule) = global.sender.get(body.rule_id.as_str()).cloned() {
rule.actions = body.actions.clone();
global.sender.replace(rule);
if let Some(mut rule) = global
.sender
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.sender.remove(&rule);
rule.0.actions = body.actions.clone();
global.sender.insert(rule);
}
}
RuleKind::Room => {
if let Some(mut rule) = global.room.get(body.rule_id.as_str()).cloned() {
rule.actions = body.actions.clone();
global.room.replace(rule);
if let Some(mut rule) = global
.room
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.room.remove(&rule);
rule.0.actions = body.actions.clone();
global.room.insert(rule);
}
}
RuleKind::Content => {
if let Some(mut rule) = global.content.get(body.rule_id.as_str()).cloned() {
rule.actions = body.actions.clone();
global.content.replace(rule);
if let Some(mut rule) = global
.content
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.content.remove(&rule);
rule.0.actions = body.actions.clone();
global.content.insert(rule);
}
}
_ => {}
RuleKind::_Custom(_) => {}
};
db.account_data
.update(None, sender_user, EventType::PushRules, &event, &db.globals)?;
db.account_data.update(
None,
&sender_user,
EventType::PushRules,
&event,
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(set_pushrule_actions::Response {}.into())
Ok(set_pushrule_actions::Response.into())
}
/// # `GET /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}/enabled`
///
/// Gets the enabled status of a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/pushrules/<_>/<_>/<_>/enabled", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_pushrule_enabled_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_pushrule_enabled::Request<'_>>,
) -> ConduitResult<get_pushrule_enabled::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -356,9 +436,9 @@ pub async fn get_pushrule_enabled_route( @@ -356,9 +436,9 @@ pub async fn get_pushrule_enabled_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -369,46 +449,43 @@ pub async fn get_pushrule_enabled_route( @@ -369,46 +449,43 @@ pub async fn get_pushrule_enabled_route(
RuleKind::Override => global
.override_
.iter()
.find(|rule| rule.rule_id == body.rule_id)
.map_or(false, |rule| rule.enabled),
.find(|rule| rule.0.rule_id == body.rule_id)
.map_or(false, |rule| rule.0.enabled),
RuleKind::Underride => global
.underride
.iter()
.find(|rule| rule.rule_id == body.rule_id)
.map_or(false, |rule| rule.enabled),
.find(|rule| rule.0.rule_id == body.rule_id)
.map_or(false, |rule| rule.0.enabled),
RuleKind::Sender => global
.sender
.iter()
.find(|rule| rule.rule_id == body.rule_id)
.map_or(false, |rule| rule.enabled),
.find(|rule| rule.0.rule_id == body.rule_id)
.map_or(false, |rule| rule.0.enabled),
RuleKind::Room => global
.room
.iter()
.find(|rule| rule.rule_id == body.rule_id)
.map_or(false, |rule| rule.enabled),
.find(|rule| rule.0.rule_id == body.rule_id)
.map_or(false, |rule| rule.0.enabled),
RuleKind::Content => global
.content
.iter()
.find(|rule| rule.rule_id == body.rule_id)
.map_or(false, |rule| rule.enabled),
_ => false,
.find(|rule| rule.0.rule_id == body.rule_id)
.map_or(false, |rule| rule.0.enabled),
RuleKind::_Custom(_) => false,
};
db.flush()?;
db.flush().await?;
Ok(get_pushrule_enabled::Response { enabled }.into())
}
/// # `PUT /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}/enabled`
///
/// Sets the enabled status of a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/pushrules/<_>/<_>/<_>/enabled", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_pushrule_enabled_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_pushrule_enabled::Request<'_>>,
) -> ConduitResult<set_pushrule_enabled::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -420,9 +497,9 @@ pub async fn set_pushrule_enabled_route( @@ -420,9 +497,9 @@ pub async fn set_pushrule_enabled_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<ruma::events::push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -431,61 +508,88 @@ pub async fn set_pushrule_enabled_route( @@ -431,61 +508,88 @@ pub async fn set_pushrule_enabled_route(
let global = &mut event.content.global;
match body.kind {
RuleKind::Override => {
if let Some(mut rule) = global.override_.get(body.rule_id.as_str()).cloned() {
if let Some(mut rule) = global
.override_
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.override_.remove(&rule);
rule.enabled = body.enabled;
rule.0.enabled = body.enabled;
global.override_.insert(rule);
}
}
RuleKind::Underride => {
if let Some(mut rule) = global.underride.get(body.rule_id.as_str()).cloned() {
if let Some(mut rule) = global
.underride
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.underride.remove(&rule);
rule.enabled = body.enabled;
rule.0.enabled = body.enabled;
global.underride.insert(rule);
}
}
RuleKind::Sender => {
if let Some(mut rule) = global.sender.get(body.rule_id.as_str()).cloned() {
if let Some(mut rule) = global
.sender
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.sender.remove(&rule);
rule.enabled = body.enabled;
rule.0.enabled = body.enabled;
global.sender.insert(rule);
}
}
RuleKind::Room => {
if let Some(mut rule) = global.room.get(body.rule_id.as_str()).cloned() {
if let Some(mut rule) = global
.room
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.room.remove(&rule);
rule.enabled = body.enabled;
rule.0.enabled = body.enabled;
global.room.insert(rule);
}
}
RuleKind::Content => {
if let Some(mut rule) = global.content.get(body.rule_id.as_str()).cloned() {
if let Some(mut rule) = global
.content
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.content.remove(&rule);
rule.enabled = body.enabled;
rule.0.enabled = body.enabled;
global.content.insert(rule);
}
}
_ => {}
RuleKind::_Custom(_) => {}
}
db.account_data
.update(None, sender_user, EventType::PushRules, &event, &db.globals)?;
db.account_data.update(
None,
&sender_user,
EventType::PushRules,
&event,
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(set_pushrule_enabled::Response {}.into())
Ok(set_pushrule_enabled::Response.into())
}
/// # `DELETE /_matrix/client/r0/pushrules/{scope}/{kind}/{ruleId}`
///
/// Deletes a single specified push rule for this user.
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/r0/pushrules/<_>/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_pushrule_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_pushrule::Request<'_>>,
) -> ConduitResult<delete_pushrule::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -497,9 +601,9 @@ pub async fn delete_pushrule_route( @@ -497,9 +601,9 @@ pub async fn delete_pushrule_route(
));
}
let mut event: PushRulesEvent = db
let mut event = db
.account_data
.get(None, sender_user, EventType::PushRules)?
.get::<push_rules::PushRulesEvent>(None, &sender_user, EventType::PushRules)?
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"PushRules event not found.",
@ -508,81 +612,103 @@ pub async fn delete_pushrule_route( @@ -508,81 +612,103 @@ pub async fn delete_pushrule_route(
let global = &mut event.content.global;
match body.kind {
RuleKind::Override => {
if let Some(rule) = global.override_.get(body.rule_id.as_str()).cloned() {
if let Some(rule) = global
.override_
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.override_.remove(&rule);
}
}
RuleKind::Underride => {
if let Some(rule) = global.underride.get(body.rule_id.as_str()).cloned() {
if let Some(rule) = global
.underride
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.underride.remove(&rule);
}
}
RuleKind::Sender => {
if let Some(rule) = global.sender.get(body.rule_id.as_str()).cloned() {
if let Some(rule) = global
.sender
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.sender.remove(&rule);
}
}
RuleKind::Room => {
if let Some(rule) = global.room.get(body.rule_id.as_str()).cloned() {
if let Some(rule) = global
.room
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.room.remove(&rule);
}
}
RuleKind::Content => {
if let Some(rule) = global.content.get(body.rule_id.as_str()).cloned() {
if let Some(rule) = global
.content
.iter()
.find(|rule| rule.0.rule_id == body.rule_id)
.cloned()
{
global.content.remove(&rule);
}
}
_ => {}
RuleKind::_Custom(_) => {}
}
db.account_data
.update(None, sender_user, EventType::PushRules, &event, &db.globals)?;
db.account_data.update(
None,
&sender_user,
EventType::PushRules,
&event,
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(delete_pushrule::Response {}.into())
Ok(delete_pushrule::Response.into())
}
/// # `GET /_matrix/client/r0/pushers`
///
/// Gets all currently active pushers for the sender user.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/pushers", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_pushers_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_pushers::Request>,
) -> ConduitResult<get_pushers::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sender = body.sender_user.as_ref().expect("authenticated endpoint");
Ok(get_pushers::Response {
pushers: db.pusher.get_pushers(sender_user)?,
pushers: db.pusher.get_pusher(sender)?,
}
.into())
}
/// # `POST /_matrix/client/r0/pushers/set`
///
/// Adds a pusher for the sender user.
///
/// - TODO: Handle `append`
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/pushers/set", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_pushers_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_pusher::Request>,
) -> ConduitResult<set_pusher::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sender = body.sender_user.as_ref().expect("authenticated endpoint");
let pusher = body.pusher.clone();
db.pusher.set_pusher(sender_user, pusher)?;
db.pusher.set_pusher(sender, pusher)?;
db.flush()?;
db.flush().await?;
Ok(set_pusher::Response::default().into())
}

94
src/client_server/read_marker.rs
Unescape View File

@ -1,31 +1,26 @@ @@ -1,31 +1,26 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::{
api::client::{
error::ErrorKind,
r0::{read_marker::set_read_marker, receipt::create_receipt},
r0::{
capabilities::get_capabilities, read_marker::set_read_marker, receipt::create_receipt,
},
},
events::{AnyEphemeralRoomEvent, EventType},
receipt::ReceiptType,
MilliSecondsSinceUnixEpoch,
events::{AnyEphemeralRoomEvent, AnyEvent, EventType},
};
use std::collections::BTreeMap;
#[cfg(feature = "conduit_bin")]
use rocket::post;
use std::{collections::BTreeMap, time::SystemTime};
/// # `POST /_matrix/client/r0/rooms/{roomId}/read_markers`
///
/// Sets different types of read markers.
///
/// - Updates fully-read account data event to `fully_read`
/// - If `read_receipt` is set: Update private marker and public read receipt EDU
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/rooms/<_>/read_markers", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn set_read_marker_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<set_read_marker::Request<'_>>,
) -> ConduitResult<set_read_marker::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -34,10 +29,11 @@ pub async fn set_read_marker_route( @@ -34,10 +29,11 @@ pub async fn set_read_marker_route(
content: ruma::events::fully_read::FullyReadEventContent {
event_id: body.fully_read.clone(),
},
room_id: body.room_id.clone(),
};
db.account_data.update(
Some(&body.room_id),
sender_user,
&sender_user,
EventType::FullyRead,
&fully_read_event,
&db.globals,
@ -46,63 +42,61 @@ pub async fn set_read_marker_route( @@ -46,63 +42,61 @@ pub async fn set_read_marker_route(
if let Some(event) = &body.read_receipt {
db.rooms.edus.private_read_set(
&body.room_id,
sender_user,
&sender_user,
db.rooms.get_pdu_count(event)?.ok_or(Error::BadRequest(
ErrorKind::InvalidParam,
"Event does not exist.",
))?,
&db.globals,
)?;
db.rooms
.reset_notification_counts(sender_user, &body.room_id)?;
let mut user_receipts = BTreeMap::new();
user_receipts.insert(
sender_user.clone(),
ruma::events::receipt::Receipt {
ts: Some(MilliSecondsSinceUnixEpoch::now()),
ts: Some(SystemTime::now()),
},
);
let mut receipts = BTreeMap::new();
receipts.insert(ReceiptType::Read, user_receipts);
let mut receipt_content = BTreeMap::new();
receipt_content.insert(event.to_owned(), receipts);
receipt_content.insert(
event.to_owned(),
ruma::events::receipt::Receipts {
read: Some(user_receipts),
},
);
db.rooms.edus.readreceipt_update(
sender_user,
&sender_user,
&body.room_id,
AnyEphemeralRoomEvent::Receipt(ruma::events::receipt::ReceiptEvent {
content: ruma::events::receipt::ReceiptEventContent(receipt_content),
room_id: body.room_id.clone(),
}),
AnyEvent::Ephemeral(AnyEphemeralRoomEvent::Receipt(
ruma::events::receipt::ReceiptEvent {
content: ruma::events::receipt::ReceiptEventContent(receipt_content),
room_id: body.room_id.clone(),
},
)),
&db.globals,
)?;
}
db.flush()?;
db.flush().await?;
Ok(set_read_marker::Response {}.into())
Ok(set_read_marker::Response.into())
}
/// # `POST /_matrix/client/r0/rooms/{roomId}/receipt/{receiptType}/{eventId}`
///
/// Sets private read marker and public read receipt EDU.
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/rooms/<_>/receipt/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn create_receipt_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_receipt::Request<'_>>,
) -> ConduitResult<create_receipt::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.rooms.edus.private_read_set(
&body.room_id,
sender_user,
&sender_user,
db.rooms
.get_pdu_count(&body.event_id)?
.ok_or(Error::BadRequest(
@ -111,33 +105,35 @@ pub async fn create_receipt_route( @@ -111,33 +105,35 @@ pub async fn create_receipt_route(
))?,
&db.globals,
)?;
db.rooms
.reset_notification_counts(sender_user, &body.room_id)?;
let mut user_receipts = BTreeMap::new();
user_receipts.insert(
sender_user.clone(),
ruma::events::receipt::Receipt {
ts: Some(MilliSecondsSinceUnixEpoch::now()),
ts: Some(SystemTime::now()),
},
);
let mut receipts = BTreeMap::new();
receipts.insert(ReceiptType::Read, user_receipts);
let mut receipt_content = BTreeMap::new();
receipt_content.insert(body.event_id.to_owned(), receipts);
receipt_content.insert(
body.event_id.to_owned(),
ruma::events::receipt::Receipts {
read: Some(user_receipts),
},
);
db.rooms.edus.readreceipt_update(
sender_user,
&sender_user,
&body.room_id,
AnyEphemeralRoomEvent::Receipt(ruma::events::receipt::ReceiptEvent {
content: ruma::events::receipt::ReceiptEventContent(receipt_content),
room_id: body.room_id.clone(),
}),
AnyEvent::Ephemeral(AnyEphemeralRoomEvent::Receipt(
ruma::events::receipt::ReceiptEvent {
content: ruma::events::receipt::ReceiptEventContent(receipt_content),
room_id: body.room_id.clone(),
},
)),
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(create_receipt::Response {}.into())
Ok(create_receipt::Response.into())
}

38
src/client_server/redact.rs
Unescape View File

@ -1,63 +1,41 @@ @@ -1,63 +1,41 @@
use std::sync::Arc;
use crate::{database::DatabaseGuard, pdu::PduBuilder, ConduitResult, Ruma};
use super::State;
use crate::{pdu::PduBuilder, ConduitResult, Database, Ruma};
use ruma::{
api::client::r0::redact::redact_event,
events::{room::redaction::RoomRedactionEventContent, EventType},
events::{room::redaction, EventType},
};
#[cfg(feature = "conduit_bin")]
use rocket::put;
use serde_json::value::to_raw_value;
/// # `PUT /_matrix/client/r0/rooms/{roomId}/redact/{eventId}/{txnId}`
///
/// Tries to send a redaction event into the room.
///
/// - TODO: Handle txn id
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/rooms/<_>/redact/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn redact_event_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<redact_event::Request<'_>>,
) -> ConduitResult<redact_event::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let body = body.body;
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(body.room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
let event_id = db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomRedaction,
content: to_raw_value(&RoomRedactionEventContent {
content: serde_json::to_value(redaction::RedactionEventContent {
reason: body.reason.clone(),
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: None,
redacts: Some(body.event_id.into()),
redacts: Some(body.event_id.clone()),
},
sender_user,
&sender_user,
&body.room_id,
&db,
&state_lock,
)?;
drop(state_lock);
db.flush()?;
db.flush().await?;
let event_id = (*event_id).to_owned();
Ok(redact_event::Response { event_id }.into())
}

84
src/client_server/report.rs
Unescape View File

@ -1,84 +0,0 @@ @@ -1,84 +0,0 @@
use crate::{
database::{admin::AdminCommand, DatabaseGuard},
ConduitResult, Error, Ruma,
};
use ruma::{
api::client::{error::ErrorKind, r0::room::report_content},
events::room::message,
int,
};
#[cfg(feature = "conduit_bin")]
use rocket::{http::RawStr, post};
/// # `POST /_matrix/client/r0/rooms/{roomId}/report/{eventId}`
///
/// Reports an inappropriate event to homeserver admins
///
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/rooms/<_>/report/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn report_event_route(
db: DatabaseGuard,
body: Ruma<report_content::Request<'_>>,
) -> ConduitResult<report_content::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let pdu = match db.rooms.get_pdu(&body.event_id)? {
Some(pdu) => pdu,
_ => {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Invalid Event ID",
))
}
};
if body.score > int!(0) || body.score < int!(-100) {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Invalid score, must be within 0 to -100",
));
};
if body.reason.chars().count() > 250 {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Reason too long, should be 250 characters or fewer",
));
};
db.admin.send(AdminCommand::SendMessage(
message::RoomMessageEventContent::text_html(
format!(
"Report received from: {}\n\n\
Event ID: {}\n\
Room ID: {}\n\
Sent By: {}\n\n\
Report Score: {}\n\
Report Reason: {}",
sender_user, pdu.event_id, pdu.room_id, pdu.sender, body.score, body.reason
),
format!(
"<details><summary>Report received from: <a href=\"https://matrix.to/#/{0}\">{0}\
</a></summary><ul><li>Event Info<ul><li>Event ID: <code>{1}</code>\
<a href=\"https://matrix.to/#/{2}/{1}\">🔗</a></li><li>Room ID: <code>{2}</code>\
</li><li>Sent By: <a href=\"https://matrix.to/#/{3}\">{3}</a></li></ul></li><li>\
Report Info<ul><li>Report Score: {4}</li><li>Report Reason: {5}</li></ul></li>\
</ul></details>",
sender_user,
pdu.event_id,
pdu.room_id,
pdu.sender,
body.score,
RawStr::new(&body.reason).html_escape()
),
),
));
db.flush()?;
Ok(report_content::Response {}.into())
}

582
src/client_server/room.rs
Unescape View File

@ -1,353 +1,220 @@ @@ -1,353 +1,220 @@
use crate::{
client_server::invite_helper, database::DatabaseGuard, pdu::PduBuilder, ConduitResult, Error,
Ruma,
};
use super::State;
use crate::{pdu::PduBuilder, ConduitResult, Database, Error, Ruma};
use log::info;
use ruma::{
api::client::{
error::ErrorKind,
r0::room::{self, aliases, create_room, get_room_event, upgrade_room},
r0::room::{self, create_room, get_room_event, upgrade_room},
},
events::{
room::{
canonical_alias::RoomCanonicalAliasEventContent,
create::RoomCreateEventContent,
guest_access::{GuestAccess, RoomGuestAccessEventContent},
history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
join_rules::{JoinRule, RoomJoinRulesEventContent},
member::{MembershipState, RoomMemberEventContent},
name::RoomNameEventContent,
power_levels::RoomPowerLevelsEventContent,
tombstone::RoomTombstoneEventContent,
topic::RoomTopicEventContent,
},
room::{guest_access, history_visibility, join_rules, member, name, topic},
EventType,
},
int,
serde::{CanonicalJsonObject, JsonObject},
serde::Raw,
RoomAliasId, RoomId, RoomVersionId,
};
use serde_json::{json, value::to_raw_value};
use std::{cmp::max, collections::BTreeMap, convert::TryInto, sync::Arc};
use tracing::{info, warn};
use std::{cmp::max, collections::BTreeMap, convert::TryFrom};
#[cfg(feature = "conduit_bin")]
use rocket::{get, post};
/// # `POST /_matrix/client/r0/createRoom`
///
/// Creates a new room.
///
/// - Room ID is randomly generated
/// - Create alias if room_alias_name is set
/// - Send create event
/// - Join sender user
/// - Send power levels event
/// - Send canonical room alias
/// - Send join rules
/// - Send history visibility
/// - Send guest access
/// - Send events listed in initial state
/// - Send events implied by `name` and `topic`
/// - Send invite events
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/createRoom", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn create_room_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_room::Request<'_>>,
) -> ConduitResult<create_room::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let room_id = RoomId::new(db.globals.server_name());
db.rooms.get_or_create_shortroomid(&room_id, &db.globals)?;
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
if !db.globals.allow_room_creation()
&& !body.from_appservice
&& !db.users.is_admin(sender_user, &db.rooms, &db.globals)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"Room creation has been disabled.",
));
}
let alias: Option<Box<RoomAliasId>> =
body.room_alias_name
.as_ref()
.map_or(Ok(None), |localpart| {
// TODO: Check for invalid characters and maximum length
let alias =
RoomAliasId::parse(format!("#{}:{}", localpart, db.globals.server_name()))
.map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Invalid alias.")
})?;
if db.rooms.id_from_alias(&alias)?.is_some() {
Err(Error::BadRequest(
ErrorKind::RoomInUse,
"Room alias already exists.",
))
} else {
Ok(Some(alias))
}
})?;
let room_version = match body.room_version.clone() {
Some(room_version) => {
if room_version == RoomVersionId::V5 || room_version == RoomVersionId::V6 {
room_version
let alias = body
.room_alias_name
.as_ref()
.map_or(Ok(None), |localpart| {
// TODO: Check for invalid characters and maximum length
let alias =
RoomAliasId::try_from(format!("#{}:{}", localpart, db.globals.server_name()))
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid alias."))?;
if db.rooms.id_from_alias(&alias)?.is_some() {
Err(Error::BadRequest(
ErrorKind::RoomInUse,
"Room alias already exists.",
))
} else {
return Err(Error::BadRequest(
ErrorKind::UnsupportedRoomVersion,
"This server does not support that room version.",
));
Ok(Some(alias))
}
}
None => RoomVersionId::V6,
};
let content = match &body.creation_content {
Some(content) => {
let mut content = content
.deserialize_as::<CanonicalJsonObject>()
.expect("Invalid creation content");
content.insert(
"creator".into(),
json!(&sender_user).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::BadJson, "Invalid creation content")
})?,
);
content.insert(
"room_version".into(),
json!(room_version.as_str()).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::BadJson, "Invalid creation content")
})?,
);
content
}
None => {
let mut content = serde_json::from_str::<CanonicalJsonObject>(
to_raw_value(&RoomCreateEventContent::new(sender_user.clone()))
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid creation content"))?
.get(),
)
.unwrap();
content.insert(
"room_version".into(),
json!(room_version.as_str()).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::BadJson, "Invalid creation content")
})?,
);
content
}
};
// Validate creation content
let de_result = serde_json::from_str::<CanonicalJsonObject>(
to_raw_value(&content)
.expect("Invalid creation content")
.get(),
);
})?;
if de_result.is_err() {
return Err(Error::BadRequest(
ErrorKind::BadJson,
"Invalid creation content",
));
}
let mut content = ruma::events::room::create::CreateEventContent::new(sender_user.clone());
content.federate = body.creation_content.federate;
content.predecessor = body.creation_content.predecessor.clone();
content.room_version = RoomVersionId::Version6;
// 1. The room create event
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomCreate,
content: to_raw_value(&content).expect("event is valid, we just created it"),
content: serde_json::to_value(content).expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 2. Let the room creator join
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
membership: MembershipState::Join,
displayname: db.users.displayname(sender_user)?,
avatar_url: db.users.avatar_url(sender_user)?,
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Join,
displayname: db.users.displayname(&sender_user)?,
avatar_url: db.users.avatar_url(&sender_user)?,
is_direct: Some(body.is_direct),
third_party_invite: None,
blurhash: db.users.blurhash(sender_user)?,
reason: None,
join_authorized_via_users_server: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(sender_user.to_string()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 3. Power levels
// Figure out preset. We need it for preset specific events
let preset = body
.preset
.clone()
.unwrap_or_else(|| match &body.visibility {
room::Visibility::Private => create_room::RoomPreset::PrivateChat,
room::Visibility::Public => create_room::RoomPreset::PublicChat,
_ => create_room::RoomPreset::PrivateChat, // Room visibility should not be custom
});
let mut users = BTreeMap::new();
users.insert(sender_user.clone(), int!(100));
if preset == create_room::RoomPreset::TrustedPrivateChat {
for invite_ in &body.invite {
users.insert(invite_.clone(), int!(100));
}
}
let mut power_levels_content = serde_json::to_value(RoomPowerLevelsEventContent {
users,
..Default::default()
})
.expect("event is valid, we just created it");
if let Some(power_level_content_override) = &body.power_level_content_override {
let json: JsonObject = serde_json::from_str(power_level_content_override.json().get())
.map_err(|_| {
Error::BadRequest(ErrorKind::BadJson, "Invalid power_level_content_override.")
})?;
for (key, value) in json {
power_levels_content[key] = value;
}
users.insert(sender_user.clone(), 100.into());
for invite_ in &body.invite {
users.insert(invite_.clone(), 100.into());
}
let power_levels_content = if let Some(power_levels) = &body.power_level_content_override {
serde_json::from_str(power_levels.json().get()).map_err(|_| {
Error::BadRequest(ErrorKind::BadJson, "Invalid power_level_content_override.")
})?
} else {
serde_json::to_value(ruma::events::room::power_levels::PowerLevelsEventContent {
ban: 50.into(),
events: BTreeMap::new(),
events_default: 0.into(),
invite: 50.into(),
kick: 50.into(),
redact: 50.into(),
state_default: 50.into(),
users,
users_default: 0.into(),
notifications: ruma::events::room::power_levels::NotificationPowerLevels {
room: 50.into(),
},
})
.expect("event is valid, we just created it")
};
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomPowerLevels,
content: to_raw_value(&power_levels_content)
.expect("to_raw_value always works on serde_json::Value"),
content: power_levels_content,
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 4. Canonical room alias
if let Some(room_alias_id) = &alias {
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomCanonicalAlias,
content: to_raw_value(&RoomCanonicalAliasEventContent {
alias: Some(room_alias_id.to_owned()),
alt_aliases: vec![],
})
.expect("We checked that alias earlier, it must be fine"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&room_id,
&db,
&state_lock,
)?;
}
// 4. Events set by preset
// 5. Events set by preset
// Figure out preset. We need it for preset specific events
let preset = body
.preset
.clone()
.unwrap_or_else(|| match &body.visibility {
room::Visibility::Private => create_room::RoomPreset::PrivateChat,
room::Visibility::Public => create_room::RoomPreset::PublicChat,
room::Visibility::_Custom(s) => create_room::RoomPreset::_Custom(s.into()),
});
// 5.1 Join Rules
// 4.1 Join Rules
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomJoinRules,
content: to_raw_value(&RoomJoinRulesEventContent::new(match preset {
create_room::RoomPreset::PublicChat => JoinRule::Public,
content: match preset {
create_room::RoomPreset::PublicChat => serde_json::to_value(
join_rules::JoinRulesEventContent::new(join_rules::JoinRule::Public),
)
.expect("event is valid, we just created it"),
// according to spec "invite" is the default
_ => JoinRule::Invite,
}))
.expect("event is valid, we just created it"),
_ => serde_json::to_value(join_rules::JoinRulesEventContent::new(
join_rules::JoinRule::Invite,
))
.expect("event is valid, we just created it"),
},
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 5.2 History Visibility
// 4.2 History Visibility
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomHistoryVisibility,
content: to_raw_value(&RoomHistoryVisibilityEventContent::new(
HistoryVisibility::Shared,
content: serde_json::to_value(history_visibility::HistoryVisibilityEventContent::new(
history_visibility::HistoryVisibility::Shared,
))
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 5.3 Guest Access
// 4.3 Guest Access
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomGuestAccess,
content: to_raw_value(&RoomGuestAccessEventContent::new(match preset {
create_room::RoomPreset::PublicChat => GuestAccess::Forbidden,
_ => GuestAccess::CanJoin,
}))
.expect("event is valid, we just created it"),
content: match preset {
create_room::RoomPreset::PublicChat => {
serde_json::to_value(guest_access::GuestAccessEventContent::new(
guest_access::GuestAccess::Forbidden,
))
.expect("event is valid, we just created it")
}
_ => serde_json::to_value(guest_access::GuestAccessEventContent::new(
guest_access::GuestAccess::CanJoin,
))
.expect("event is valid, we just created it"),
},
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
// 6. Events listed in initial_state
// 5. Events listed in initial_state
for event in &body.initial_state {
let pdu_builder = PduBuilder::from(event.deserialize().map_err(|e| {
warn!("Invalid initial state event: {:?}", e);
Error::BadRequest(ErrorKind::InvalidParam, "Invalid initial state event.")
})?);
let pdu_builder = serde_json::from_str::<PduBuilder>(
&serde_json::to_string(&event).expect("AnyInitialStateEvent::to_string always works"),
)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid initial state event."))?;
// Silently skip encryption events if they are not allowed
if pdu_builder.event_type == EventType::RoomEncryption && !db.globals.allow_encryption() {
@ -355,24 +222,27 @@ pub async fn create_room_route( @@ -355,24 +222,27 @@ pub async fn create_room_route(
}
db.rooms
.build_and_append_pdu(pdu_builder, sender_user, &room_id, &db, &state_lock)?;
.build_and_append_pdu(pdu_builder, &sender_user, &room_id, &db)?;
}
// 7. Events implied by name and topic
// 6. Events implied by name and topic
if let Some(name) = &body.name {
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomName,
content: to_raw_value(&RoomNameEventContent::new(Some(name.clone())))
.expect("event is valid, we just created it"),
content: serde_json::to_value(
name::NameEventContent::new(name.clone()).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Name is invalid.")
})?,
)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
}
@ -380,7 +250,7 @@ pub async fn create_room_route( @@ -380,7 +250,7 @@ pub async fn create_room_route(
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomTopic,
content: to_raw_value(&RoomTopicEventContent {
content: serde_json::to_value(topic::TopicEventContent {
topic: topic.clone(),
})
.expect("event is valid, we just created it"),
@ -388,17 +258,33 @@ pub async fn create_room_route( @@ -388,17 +258,33 @@ pub async fn create_room_route(
state_key: Some("".to_owned()),
redacts: None,
},
sender_user,
&sender_user,
&room_id,
&db,
&state_lock,
)?;
}
// 8. Events implied by invite (and TODO: invite_3pid)
drop(state_lock);
for user_id in &body.invite {
let _ = invite_helper(sender_user, user_id, &room_id, &db, body.is_direct).await;
// 7. Events implied by invite (and TODO: invite_3pid)
for user in &body.invite {
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Invite,
displayname: db.users.displayname(&user)?,
avatar_url: db.users.avatar_url(&user)?,
is_direct: Some(body.is_direct),
third_party_invite: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some(user.to_string()),
redacts: None,
},
&sender_user,
&room_id,
&db,
)?;
}
// Homeserver specific stuff
@ -412,23 +298,18 @@ pub async fn create_room_route( @@ -412,23 +298,18 @@ pub async fn create_room_route(
info!("{} created a room", sender_user);
db.flush()?;
db.flush().await?;
Ok(create_room::Response::new(room_id).into())
}
/// # `GET /_matrix/client/r0/rooms/{roomId}/event/{eventId}`
///
/// Gets a single event.
///
/// - You have to currently be joined to the room (TODO: Respect history visibility)
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/event/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_room_event_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_room_event::Request<'_>>,
) -> ConduitResult<get_room_event::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -450,61 +331,22 @@ pub async fn get_room_event_route( @@ -450,61 +331,22 @@ pub async fn get_room_event_route(
.into())
}
/// # `GET /_matrix/client/r0/rooms/{roomId}/aliases`
///
/// Lists all aliases of the room.
///
/// - Only users joined to the room are allowed to call this TODO: Allow any user to call it if history_visibility is world readable
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/aliases", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_room_aliases_route(
db: DatabaseGuard,
body: Ruma<aliases::Request<'_>>,
) -> ConduitResult<aliases::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if !db.rooms.is_joined(sender_user, &body.room_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"You don't have permission to view this room.",
));
}
Ok(aliases::Response {
aliases: db
.rooms
.room_aliases(&body.room_id)
.filter_map(|a| a.ok())
.collect(),
}
.into())
}
/// # `POST /_matrix/client/r0/rooms/{roomId}/upgrade`
///
/// Upgrades the room.
///
/// - Creates a replacement room
/// - Sends a tombstone event into the current room
/// - Sender user joins the room
/// - Transfers some state events
/// - Moves local aliases
/// - Modifies old room power levels to prevent users from speaking
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/rooms/<_>/upgrade", data = "<body>")
post("/_matrix/client/r0/rooms/<_room_id>/upgrade", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn upgrade_room_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<upgrade_room::Request<'_>>,
_room_id: String,
) -> ConduitResult<upgrade_room::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if !matches!(body.new_version, RoomVersionId::V5 | RoomVersionId::V6) {
if !matches!(
body.new_version,
RoomVersionId::Version5 | RoomVersionId::Version6
) {
return Err(Error::BadRequest(
ErrorKind::UnsupportedRoomVersion,
"This server does not support that room version.",
@ -513,26 +355,14 @@ pub async fn upgrade_room_route( @@ -513,26 +355,14 @@ pub async fn upgrade_room_route(
// Create a replacement room
let replacement_room = RoomId::new(db.globals.server_name());
db.rooms
.get_or_create_shortroomid(&replacement_room, &db.globals)?;
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(body.room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
// Send a m.room.tombstone event to the old room to indicate that it is not intended to be used any further
// Fail if the sender does not have the required permissions
let tombstone_event_id = db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomTombstone,
content: to_raw_value(&RoomTombstoneEventContent {
body: "This room has been replaced".to_owned(),
content: serde_json::to_value(ruma::events::room::tombstone::TombstoneEventContent {
body: "This room has been replaced".to_string(),
replacement_room: replacement_room.clone(),
})
.expect("event is valid, we just created it"),
@ -543,75 +373,38 @@ pub async fn upgrade_room_route( @@ -543,75 +373,38 @@ pub async fn upgrade_room_route(
sender_user,
&body.room_id,
&db,
&state_lock,
)?;
// Change lock to replacement room
drop(state_lock);
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(replacement_room.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
// Get the old room creation event
let mut create_event_content = serde_json::from_str::<CanonicalJsonObject>(
// Get the old room federations status
let federate = serde_json::from_value::<Raw<ruma::events::room::create::CreateEventContent>>(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomCreate, "")?
.ok_or_else(|| Error::bad_database("Found room without m.room.create event."))?
.content
.get(),
.1
.content,
)
.map_err(|_| Error::bad_database("Invalid room event in database."))?;
.expect("Raw::from_value always works")
.deserialize()
.map_err(|_| Error::bad_database("Invalid room event in database."))?
.federate;
// Use the m.room.tombstone event as the predecessor
let predecessor = Some(ruma::events::room::create::PreviousRoom::new(
body.room_id.clone(),
(*tombstone_event_id).to_owned(),
tombstone_event_id,
));
// Send a m.room.create event containing a predecessor field and the applicable room_version
create_event_content.insert(
"creator".into(),
json!(&sender_user)
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Error forming creation event"))?,
);
create_event_content.insert(
"room_version".into(),
json!(&body.new_version)
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Error forming creation event"))?,
);
create_event_content.insert(
"predecessor".into(),
json!(predecessor)
.try_into()
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Error forming creation event"))?,
);
// Validate creation event content
let de_result = serde_json::from_str::<CanonicalJsonObject>(
to_raw_value(&create_event_content)
.expect("Error forming creation event")
.get(),
);
if de_result.is_err() {
return Err(Error::BadRequest(
ErrorKind::BadJson,
"Error forming creation event",
));
}
let mut create_event_content =
ruma::events::room::create::CreateEventContent::new(sender_user.clone());
create_event_content.federate = federate;
create_event_content.room_version = body.new_version.clone();
create_event_content.predecessor = predecessor;
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomCreate,
content: to_raw_value(&create_event_content)
content: serde_json::to_value(create_event_content)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
@ -620,22 +413,18 @@ pub async fn upgrade_room_route( @@ -620,22 +413,18 @@ pub async fn upgrade_room_route(
sender_user,
&replacement_room,
&db,
&state_lock,
)?;
// Join the new room
db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMember,
content: to_raw_value(&RoomMemberEventContent {
membership: MembershipState::Join,
displayname: db.users.displayname(sender_user)?,
avatar_url: db.users.avatar_url(sender_user)?,
content: serde_json::to_value(member::MemberEventContent {
membership: member::MembershipState::Join,
displayname: db.users.displayname(&sender_user)?,
avatar_url: db.users.avatar_url(&sender_user)?,
is_direct: None,
third_party_invite: None,
blurhash: db.users.blurhash(sender_user)?,
reason: None,
join_authorized_via_users_server: None,
})
.expect("event is valid, we just created it"),
unsigned: None,
@ -645,7 +434,6 @@ pub async fn upgrade_room_route( @@ -645,7 +434,6 @@ pub async fn upgrade_room_route(
sender_user,
&replacement_room,
&db,
&state_lock,
)?;
// Recommended transferable state events list from the specs
@ -664,7 +452,7 @@ pub async fn upgrade_room_route( @@ -664,7 +452,7 @@ pub async fn upgrade_room_route(
// Replicate transferable state events to the new room
for event_type in transferable_state_events {
let event_content = match db.rooms.room_state_get(&body.room_id, &event_type, "")? {
Some(v) => v.content.clone(),
Some((_, v)) => v.content.clone(),
None => continue, // Skipping missing events.
};
@ -679,7 +467,6 @@ pub async fn upgrade_room_route( @@ -679,7 +467,6 @@ pub async fn upgrade_room_route(
sender_user,
&replacement_room,
&db,
&state_lock,
)?;
}
@ -690,17 +477,23 @@ pub async fn upgrade_room_route( @@ -690,17 +477,23 @@ pub async fn upgrade_room_route(
}
// Get the old room power levels
let mut power_levels_event_content: RoomPowerLevelsEventContent = serde_json::from_str(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomPowerLevels, "")?
.ok_or_else(|| Error::bad_database("Found room without m.room.create event."))?
.content
.get(),
)
.map_err(|_| Error::bad_database("Invalid room event in database."))?;
let mut power_levels_event_content =
serde_json::from_value::<Raw<ruma::events::room::power_levels::PowerLevelsEventContent>>(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomPowerLevels, "")?
.ok_or_else(|| Error::bad_database("Found room without m.room.create event."))?
.1
.content,
)
.expect("database contains invalid PDU")
.deserialize()
.map_err(|_| Error::bad_database("Invalid room event in database."))?;
// Setting events_default and invite to the greater of 50 and users_default + 1
let new_level = max(int!(50), power_levels_event_content.users_default + int!(1));
let new_level = max(
50.into(),
power_levels_event_content.users_default + 1.into(),
);
power_levels_event_content.events_default = new_level;
power_levels_event_content.invite = new_level;
@ -708,7 +501,7 @@ pub async fn upgrade_room_route( @@ -708,7 +501,7 @@ pub async fn upgrade_room_route(
let _ = db.rooms.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomPowerLevels,
content: to_raw_value(&power_levels_event_content)
content: serde_json::to_value(power_levels_event_content)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: Some("".to_owned()),
@ -717,12 +510,9 @@ pub async fn upgrade_room_route( @@ -717,12 +510,9 @@ pub async fn upgrade_room_route(
sender_user,
&body.room_id,
&db,
&state_lock,
)?;
drop(state_lock);
db.flush()?;
db.flush().await?;
// Return the replacement room id
Ok(upgrade_room::Response { replacement_room }.into())

67
src/client_server/search.rs
Unescape View File

@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::api::client::{error::ErrorKind, r0::search::search_events};
#[cfg(feature = "conduit_bin")]
@ -6,49 +7,29 @@ use rocket::post; @@ -6,49 +7,29 @@ use rocket::post;
use search_events::{EventContextResult, ResultCategories, ResultRoomEvents, SearchResult};
use std::collections::BTreeMap;
/// # `POST /_matrix/client/r0/search`
///
/// Searches rooms for messages.
///
/// - Only works if the user is currently joined to the room (TODO: Respect history visibility)
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/search", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn search_events_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<search_events::Request<'_>>,
) -> ConduitResult<search_events::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let search_criteria = body.search_categories.room_events.as_ref().unwrap();
let filter = search_criteria.filter.clone().unwrap_or_default();
let filter = search_criteria.filter.as_ref().unwrap();
let room_ids = filter.rooms.clone().unwrap_or_else(|| {
db.rooms
.rooms_joined(sender_user)
.filter_map(|r| r.ok())
.collect()
});
let room_id = filter.rooms.as_ref().unwrap().first().unwrap();
let limit = filter.limit.map_or(10, |l| u64::from(l) as usize);
let mut searches = Vec::new();
for room_id in room_ids {
if !db.rooms.is_joined(sender_user, &room_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"You don't have permission to view this room.",
));
}
let search = db
.rooms
.search_pdus(&room_id, &search_criteria.search_term)?;
searches.push(search.0.peekable());
if !db.rooms.is_joined(sender_user, &room_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"You don't have permission to view this room.",
));
}
let skip = match body.next_batch.as_ref().map(|s| s.parse()) {
@ -62,20 +43,12 @@ pub async fn search_events_route( @@ -62,20 +43,12 @@ pub async fn search_events_route(
None => 0, // Default to the start
};
let mut results = Vec::new();
for _ in 0..skip + limit {
if let Some(s) = searches
.iter_mut()
.map(|s| (s.peek().cloned(), s))
.max_by_key(|(peek, _)| peek.clone())
.and_then(|(_, i)| i.next())
{
results.push(s);
}
}
let search = db
.rooms
.search_pdus(&room_id, &search_criteria.search_term)?;
let results: Vec<_> = results
.iter()
let results = search
.0
.map(|result| {
Ok::<_, Error>(SearchResult {
context: EventContextResult {
@ -88,14 +61,14 @@ pub async fn search_events_route( @@ -88,14 +61,14 @@ pub async fn search_events_route(
rank: None,
result: db
.rooms
.get_pdu_from_id(result)?
.get_pdu_from_id(&result)?
.map(|pdu| pdu.to_room_event()),
})
})
.filter_map(|r| r.ok())
.skip(skip)
.take(limit)
.collect();
.collect::<Vec<_>>();
let next_batch = if results.len() < limit as usize {
None
@ -110,11 +83,7 @@ pub async fn search_events_route( @@ -110,11 +83,7 @@ pub async fn search_events_route(
next_batch,
results,
state: BTreeMap::new(), // TODO
highlights: search_criteria
.search_term
.split_terminator(|c: char| !c.is_alphanumeric())
.map(str::to_lowercase)
.collect(),
highlights: search.1,
},
})
.into())

76
src/client_server/session.rs
Unescape View File

@ -1,17 +1,14 @@ @@ -1,17 +1,14 @@
use super::{DEVICE_ID_LENGTH, TOKEN_LENGTH};
use crate::{database::DatabaseGuard, utils, ConduitResult, Error, Ruma};
use super::{State, DEVICE_ID_LENGTH, TOKEN_LENGTH};
use crate::{utils, ConduitResult, Database, Error, Ruma};
use log::info;
use ruma::{
api::client::{
error::ErrorKind,
r0::{
session::{get_login_types, login, logout, logout_all},
uiaa::IncomingUserIdentifier,
},
r0::session::{get_login_types, login, logout, logout_all},
},
UserId,
};
use serde::Deserialize;
use tracing::info;
#[derive(Debug, Deserialize)]
struct Claims {
@ -24,27 +21,21 @@ use rocket::{get, post}; @@ -24,27 +21,21 @@ use rocket::{get, post};
/// # `GET /_matrix/client/r0/login`
///
/// Get the supported login types of this server. One of these should be used as the `type` field
/// Get the homeserver's supported login types. One of these should be used as the `type` field
/// when logging in.
#[cfg_attr(feature = "conduit_bin", get("/_matrix/client/r0/login"))]
#[tracing::instrument]
pub async fn get_login_types_route() -> ConduitResult<get_login_types::Response> {
Ok(
get_login_types::Response::new(vec![get_login_types::LoginType::Password(
Default::default(),
)])
.into(),
)
Ok(get_login_types::Response::new(vec![get_login_types::LoginType::Password]).into())
}
/// # `POST /_matrix/client/r0/login`
///
/// Authenticates the user and returns an access token it can use in subsequent requests.
///
/// - The user needs to authenticate using their password (or if enabled using a json web token)
/// - If `device_id` is known: invalidates old access token of that device
/// - If `device_id` is unknown: creates a new device
/// - Returns access token that is associated with the user and device
/// - The returned access token is associated with the user and device
/// - Old access tokens of that device should be invalidated
/// - If `device_id` is unknown, a new device will be created
///
/// Note: You can use [`GET /_matrix/client/r0/login`](fn.get_supported_versions_route.html) to see
/// supported login types.
@ -54,17 +45,14 @@ pub async fn get_login_types_route() -> ConduitResult<get_login_types::Response> @@ -54,17 +45,14 @@ pub async fn get_login_types_route() -> ConduitResult<get_login_types::Response>
)]
#[tracing::instrument(skip(db, body))]
pub async fn login_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<login::Request<'_>>,
) -> ConduitResult<login::Response> {
// Validate login method
// TODO: Other login methods
let user_id = match &body.login_info {
login::IncomingLoginInfo::Password(login::IncomingPassword {
identifier,
password,
}) => {
let username = if let IncomingUserIdentifier::MatrixId(matrix_id) = identifier {
login::IncomingLoginInfo::Password { password } => {
let username = if let login::IncomingUserInfo::MatrixId(matrix_id) = &body.user {
matrix_id
} else {
return Err(Error::BadRequest(ErrorKind::Forbidden, "Bad login type."));
@ -97,11 +85,11 @@ pub async fn login_route( @@ -97,11 +85,11 @@ pub async fn login_route(
user_id
}
login::IncomingLoginInfo::Token(login::IncomingToken { token }) => {
login::IncomingLoginInfo::Token { token } => {
if let Some(jwt_decoding_key) = db.globals.jwt_decoding_key() {
let token = jsonwebtoken::decode::<Claims>(
token,
jwt_decoding_key,
&token,
&jwt_decoding_key,
&jsonwebtoken::Validation::default(),
)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidUsername, "Token is invalid."))?;
@ -116,12 +104,6 @@ pub async fn login_route( @@ -116,12 +104,6 @@ pub async fn login_route(
));
}
}
_ => {
return Err(Error::BadRequest(
ErrorKind::Unknown,
"Unsupported login type.",
));
}
};
// Generate new device id if the user didn't specify one
@ -153,7 +135,7 @@ pub async fn login_route( @@ -153,7 +135,7 @@ pub async fn login_route(
info!("{} logged in", user_id);
db.flush()?;
db.flush().await?;
Ok(login::Response {
user_id,
@ -169,25 +151,23 @@ pub async fn login_route( @@ -169,25 +151,23 @@ pub async fn login_route(
///
/// Log out the current device.
///
/// - Invalidates access token
/// - Deletes device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets to-device events
/// - Triggers device list updates
/// - Invalidates the access token
/// - Deletes the device and most of it's data (to-device events, last seen, etc.)
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/logout", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn logout_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<logout::Request>,
) -> ConduitResult<logout::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sender_device = body.sender_device.as_ref().expect("user is authenticated");
db.users.remove_device(sender_user, sender_device)?;
db.users.remove_device(&sender_user, sender_device)?;
db.flush()?;
db.flush().await?;
Ok(logout::Response::new().into())
}
@ -197,9 +177,7 @@ pub async fn logout_route( @@ -197,9 +177,7 @@ pub async fn logout_route(
/// Log out all devices of this user.
///
/// - Invalidates all access tokens
/// - Deletes all device metadata (device id, device display name, last seen ip, last seen ts)
/// - Forgets all to-device events
/// - Triggers device list updates
/// - Deletes devices and most of their data (to-device events, last seen, etc.)
///
/// Note: This is equivalent to calling [`GET /_matrix/client/r0/logout`](fn.logout_route.html)
/// from each device of this user.
@ -209,16 +187,18 @@ pub async fn logout_route( @@ -209,16 +187,18 @@ pub async fn logout_route(
)]
#[tracing::instrument(skip(db, body))]
pub async fn logout_all_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<logout_all::Request>,
) -> ConduitResult<logout_all::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
for device_id in db.users.all_device_ids(sender_user).flatten() {
db.users.remove_device(sender_user, &device_id)?;
for device_id in db.users.all_device_ids(sender_user) {
if let Ok(device_id) = device_id {
db.users.remove_device(&sender_user, &device_id)?;
}
}
db.flush()?;
db.flush().await?;
Ok(logout_all::Response::new().into())
}

198
src/client_server/state.rs
Unescape View File

@ -1,115 +1,106 @@ @@ -1,115 +1,106 @@
use std::sync::Arc;
use crate::{
database::DatabaseGuard, pdu::PduBuilder, ConduitResult, Database, Error, Result, Ruma,
};
use super::State;
use crate::{pdu::PduBuilder, ConduitResult, Database, Error, Result, Ruma};
use ruma::{
api::client::{
error::ErrorKind,
r0::state::{get_state_events, get_state_events_for_key, send_state_event},
r0::state::{
get_state_events, get_state_events_for_empty_key, get_state_events_for_key,
send_state_event_for_empty_key, send_state_event_for_key,
},
},
events::{
room::{
canonical_alias::RoomCanonicalAliasEventContent,
history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
},
AnyStateEventContent, EventType,
room::history_visibility::{HistoryVisibility, HistoryVisibilityEventContent},
AnyStateEventContent, EventContent, EventType,
},
serde::Raw,
EventId, RoomId, UserId,
};
#[cfg(feature = "conduit_bin")]
use rocket::{get, put};
/// # `PUT /_matrix/client/r0/rooms/{roomId}/state/{eventType}/{stateKey}`
///
/// Sends a state event into the room.
///
/// - The only requirement for the content is that it has to be valid json
/// - Tries to send the event into the room, auth rules will determine if it is allowed
/// - If event is new canonical_alias: Rejects if alias is incorrect
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/rooms/<_>/state/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn send_state_event_for_key_route(
db: DatabaseGuard,
body: Ruma<send_state_event::Request<'_>>,
) -> ConduitResult<send_state_event::Response> {
db: State<'_, Database>,
body: Ruma<send_state_event_for_key::Request<'_>>,
) -> ConduitResult<send_state_event_for_key::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let content = serde_json::from_str::<serde_json::Value>(
body.json_body
.as_ref()
.ok_or(Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?
.get(),
)
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?;
let event_id = send_state_event_for_key_helper(
&db,
sender_user,
&body.content,
content,
&body.room_id,
EventType::from(&body.event_type),
&body.body.body, // Yes, I hate it too
body.state_key.to_owned(),
Some(body.state_key.to_owned()),
)
.await?;
db.flush()?;
db.flush().await?;
let event_id = (*event_id).to_owned();
Ok(send_state_event::Response { event_id }.into())
Ok(send_state_event_for_key::Response { event_id }.into())
}
/// # `PUT /_matrix/client/r0/rooms/{roomId}/state/{eventType}`
///
/// Sends a state event into the room.
///
/// - The only requirement for the content is that it has to be valid json
/// - Tries to send the event into the room, auth rules will determine if it is allowed
/// - If event is new canonical_alias: Rejects if alias is incorrect
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/rooms/<_>/state/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn send_state_event_for_empty_key_route(
db: DatabaseGuard,
body: Ruma<send_state_event::Request<'_>>,
) -> ConduitResult<send_state_event::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db: State<'_, Database>,
body: Ruma<send_state_event_for_empty_key::Request<'_>>,
) -> ConduitResult<send_state_event_for_empty_key::Response> {
// This just calls send_state_event_for_key_route
let Ruma {
body,
sender_user,
json_body,
..
} = body;
// Forbid m.room.encryption if encryption is disabled
if &body.event_type == "m.room.encryption" && !db.globals.allow_encryption() {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"Encryption has been disabled",
));
}
let json = serde_json::from_str::<serde_json::Value>(
json_body
.as_ref()
.ok_or(Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?
.get(),
)
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Invalid JSON body."))?;
let event_id = send_state_event_for_key_helper(
&db,
sender_user,
sender_user
.as_ref()
.expect("no user for send state empty key rout"),
&body.content,
json,
&body.room_id,
EventType::from(&body.event_type),
&body.body.body,
body.state_key.to_owned(),
Some("".into()),
)
.await?;
db.flush()?;
db.flush().await?;
let event_id = (*event_id).to_owned();
Ok(send_state_event::Response { event_id }.into())
Ok(send_state_event_for_empty_key::Response { event_id }.into())
}
/// # `GET /_matrix/client/r0/rooms/{roomid}/state`
///
/// Get all state events for a room.
///
/// - If not joined: Only works if current room history visibility is world readable
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/state", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_state_events_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_state_events::Request<'_>>,
) -> ConduitResult<get_state_events::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -121,14 +112,14 @@ pub async fn get_state_events_route( @@ -121,14 +112,14 @@ pub async fn get_state_events_route(
&& !matches!(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
.map(|event| {
serde_json::from_str(event.content.get())
.map(|e: RoomHistoryVisibilityEventContent| e.history_visibility)
.map(|(_, event)| {
serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
.map_err(|_| {
Error::bad_database(
"Invalid room history visibility event in database.",
)
})
.map(|e| e.history_visibility)
}),
Some(Ok(HistoryVisibility::WorldReadable))
)
@ -150,18 +141,13 @@ pub async fn get_state_events_route( @@ -150,18 +141,13 @@ pub async fn get_state_events_route(
.into())
}
/// # `GET /_matrix/client/r0/rooms/{roomid}/state/{eventType}/{stateKey}`
///
/// Get single state event of a room.
///
/// - If not joined: Only works if current room history visibility is world readable
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/state/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_state_events_for_key_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_state_events_for_key::Request<'_>>,
) -> ConduitResult<get_state_events_for_key::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -173,14 +159,14 @@ pub async fn get_state_events_for_key_route( @@ -173,14 +159,14 @@ pub async fn get_state_events_for_key_route(
&& !matches!(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
.map(|event| {
serde_json::from_str(event.content.get())
.map(|e: RoomHistoryVisibilityEventContent| e.history_visibility)
.map(|(_, event)| {
serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
.map_err(|_| {
Error::bad_database(
"Invalid room history visibility event in database.",
)
})
.map(|e| e.history_visibility)
}),
Some(Ok(HistoryVisibility::WorldReadable))
)
@ -197,29 +183,25 @@ pub async fn get_state_events_for_key_route( @@ -197,29 +183,25 @@ pub async fn get_state_events_for_key_route(
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"State event not found.",
))?;
))?
.1;
Ok(get_state_events_for_key::Response {
content: serde_json::from_str(event.content.get())
content: serde_json::value::to_raw_value(&event.content)
.map_err(|_| Error::bad_database("Invalid event content in database"))?,
}
.into())
}
/// # `GET /_matrix/client/r0/rooms/{roomid}/state/{eventType}`
///
/// Get single state event of a room.
///
/// - If not joined: Only works if current room history visibility is world readable
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/rooms/<_>/state/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_state_events_for_empty_key_route(
db: DatabaseGuard,
body: Ruma<get_state_events_for_key::Request<'_>>,
) -> ConduitResult<get_state_events_for_key::Response> {
db: State<'_, Database>,
body: Ruma<get_state_events_for_empty_key::Request<'_>>,
) -> ConduitResult<get_state_events_for_empty_key::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
#[allow(clippy::blocks_in_if_conditions)]
@ -229,14 +211,14 @@ pub async fn get_state_events_for_empty_key_route( @@ -229,14 +211,14 @@ pub async fn get_state_events_for_empty_key_route(
&& !matches!(
db.rooms
.room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
.map(|event| {
serde_json::from_str(event.content.get())
.map(|e: RoomHistoryVisibilityEventContent| e.history_visibility)
.map(|(_, event)| {
serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
.map_err(|_| {
Error::bad_database(
"Invalid room history visibility event in database.",
)
})
.map(|e| e.history_visibility)
}),
Some(Ok(HistoryVisibility::WorldReadable))
)
@ -253,33 +235,30 @@ pub async fn get_state_events_for_empty_key_route( @@ -253,33 +235,30 @@ pub async fn get_state_events_for_empty_key_route(
.ok_or(Error::BadRequest(
ErrorKind::NotFound,
"State event not found.",
))?;
))?
.1;
Ok(get_state_events_for_key::Response {
content: serde_json::from_str(event.content.get())
Ok(get_state_events_for_empty_key::Response {
content: serde_json::value::to_raw_value(&event.content)
.map_err(|_| Error::bad_database("Invalid event content in database"))?,
}
.into())
}
async fn send_state_event_for_key_helper(
pub async fn send_state_event_for_key_helper(
db: &Database,
sender: &UserId,
content: &AnyStateEventContent,
json: serde_json::Value,
room_id: &RoomId,
event_type: EventType,
json: &Raw<AnyStateEventContent>,
state_key: String,
) -> Result<Arc<EventId>> {
state_key: Option<String>,
) -> Result<EventId> {
let sender_user = sender;
// TODO: Review this check, error if event is unparsable, use event type, allow alias if it
// previously existed
if let Ok(canonical_alias) =
serde_json::from_str::<RoomCanonicalAliasEventContent>(json.json().get())
{
if let AnyStateEventContent::RoomCanonicalAlias(canonical_alias) = content {
let mut aliases = canonical_alias.alt_aliases.clone();
if let Some(alias) = canonical_alias.alias {
if let Some(alias) = canonical_alias.alias.clone() {
aliases.push(alias);
}
@ -300,28 +279,17 @@ async fn send_state_event_for_key_helper( @@ -300,28 +279,17 @@ async fn send_state_event_for_key_helper(
}
}
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(room_id.to_owned())
.or_default(),
);
let state_lock = mutex_state.lock().await;
let event_id = db.rooms.build_and_append_pdu(
PduBuilder {
event_type,
content: serde_json::from_str(json.json().get()).expect("content is valid json"),
event_type: content.event_type().into(),
content: json,
unsigned: None,
state_key: Some(state_key),
state_key,
redacts: None,
},
sender_user,
room_id,
db,
&state_lock,
&sender_user,
&room_id,
&db,
)?;
Ok(event_id)

896
src/client_server/sync.rs
View File

File diff suppressed because it is too large Load Diff

59
src/client_server/tag.rs
Unescape View File

@ -1,44 +1,37 @@ @@ -1,44 +1,37 @@
use crate::{database::DatabaseGuard, ConduitResult, Ruma};
use super::State;
use crate::{ConduitResult, Database, Ruma};
use ruma::{
api::client::r0::tag::{create_tag, delete_tag, get_tags},
events::{
tag::{TagEvent, TagEventContent},
EventType,
},
events::EventType,
};
use std::collections::BTreeMap;
#[cfg(feature = "conduit_bin")]
use rocket::{delete, get, put};
/// # `PUT /_matrix/client/r0/user/{userId}/rooms/{roomId}/tags/{tag}`
///
/// Adds a tag to the room.
///
/// - Inserts the tag into the tag event of the room account data.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/user/<_>/rooms/<_>/tags/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn update_tag_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_tag::Request<'_>>,
) -> ConduitResult<create_tag::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let mut tags_event = db
.account_data
.get(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| TagEvent {
content: TagEventContent {
.get::<ruma::events::tag::TagEvent>(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| ruma::events::tag::TagEvent {
content: ruma::events::tag::TagEventContent {
tags: BTreeMap::new(),
},
});
tags_event
.content
.tags
.insert(body.tag.clone().into(), body.tag_info.clone());
.insert(body.tag.to_string(), body.tag_info.clone());
db.account_data.update(
Some(&body.room_id),
@ -48,36 +41,31 @@ pub async fn update_tag_route( @@ -48,36 +41,31 @@ pub async fn update_tag_route(
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(create_tag::Response {}.into())
Ok(create_tag::Response.into())
}
/// # `DELETE /_matrix/client/r0/user/{userId}/rooms/{roomId}/tags/{tag}`
///
/// Deletes a tag from the room.
///
/// - Removes the tag from the tag event of the room account data.
#[cfg_attr(
feature = "conduit_bin",
delete("/_matrix/client/r0/user/<_>/rooms/<_>/tags/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn delete_tag_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<delete_tag::Request<'_>>,
) -> ConduitResult<delete_tag::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let mut tags_event = db
.account_data
.get(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| TagEvent {
content: TagEventContent {
.get::<ruma::events::tag::TagEvent>(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| ruma::events::tag::TagEvent {
content: ruma::events::tag::TagEventContent {
tags: BTreeMap::new(),
},
});
tags_event.content.tags.remove(&body.tag.clone().into());
tags_event.content.tags.remove(&body.tag);
db.account_data.update(
Some(&body.room_id),
@ -87,23 +75,18 @@ pub async fn delete_tag_route( @@ -87,23 +75,18 @@ pub async fn delete_tag_route(
&db.globals,
)?;
db.flush()?;
db.flush().await?;
Ok(delete_tag::Response {}.into())
Ok(delete_tag::Response.into())
}
/// # `GET /_matrix/client/r0/user/{userId}/rooms/{roomId}/tags`
///
/// Returns tags on the room.
///
/// - Gets the tag event of the room account data.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/user/<_>/rooms/<_>/tags", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn get_tags_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<get_tags::Request<'_>>,
) -> ConduitResult<get_tags::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@ -111,9 +94,9 @@ pub async fn get_tags_route( @@ -111,9 +94,9 @@ pub async fn get_tags_route(
Ok(get_tags::Response {
tags: db
.account_data
.get(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| TagEvent {
content: TagEventContent {
.get::<ruma::events::tag::TagEvent>(Some(&body.room_id), sender_user, EventType::Tag)?
.unwrap_or_else(|| ruma::events::tag::TagEvent {
content: ruma::events::tag::TagEventContent {
tags: BTreeMap::new(),
},
})

6
src/client_server/thirdparty.rs
Unescape View File

@ -1,20 +1,18 @@ @@ -1,20 +1,18 @@
use crate::ConduitResult;
use ruma::api::client::r0::thirdparty::get_protocols;
use log::warn;
#[cfg(feature = "conduit_bin")]
use rocket::get;
use std::collections::BTreeMap;
/// # `GET /_matrix/client/r0/thirdparty/protocols`
///
/// TODO: Fetches all metadata about protocols supported by the homeserver.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/thirdparty/protocols")
)]
#[tracing::instrument]
pub async fn get_protocols_route() -> ConduitResult<get_protocols::Response> {
// TODO
warn!("TODO: get_protocols_route");
Ok(get_protocols::Response {
protocols: BTreeMap::new(),
}

80
src/client_server/to_device.rs
Unescape View File

@ -1,36 +1,26 @@ @@ -1,36 +1,26 @@
use std::collections::BTreeMap;
use crate::{database::DatabaseGuard, ConduitResult, Error, Ruma};
use ruma::{
api::{
client::{error::ErrorKind, r0::to_device::send_event_to_device},
federation::{self, transactions::edu::DirectDeviceContent},
},
events::EventType,
to_device::DeviceIdOrAllDevices,
use super::State;
use crate::{ConduitResult, Database, Error, Ruma};
use ruma::api::client::{
error::ErrorKind,
r0::to_device::{self, send_event_to_device},
};
#[cfg(feature = "conduit_bin")]
use rocket::put;
/// # `PUT /_matrix/client/r0/sendToDevice/{eventType}/{txnId}`
///
/// Send a to-device event to a set of client devices.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/sendToDevice/<_>/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn send_event_to_device_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<send_event_to_device::Request<'_>>,
) -> ConduitResult<send_event_to_device::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let sender_device = body.sender_device.as_deref();
// TODO: uncomment when https://github.com/vector-im/element-android/issues/3589 is solved
// Check if this is a new transaction id
/*
if db
.transaction_ids
.existing_txnid(sender_user, sender_device, &body.txn_id)?
@ -38,53 +28,31 @@ pub async fn send_event_to_device_route( @@ -38,53 +28,31 @@ pub async fn send_event_to_device_route(
{
return Ok(send_event_to_device::Response.into());
}
*/
for (target_user_id, map) in &body.messages {
for (target_device_id_maybe, event) in map {
if target_user_id.server_name() != db.globals.server_name() {
let mut map = BTreeMap::new();
map.insert(target_device_id_maybe.clone(), event.clone());
let mut messages = BTreeMap::new();
messages.insert(target_user_id.clone(), map);
db.sending.send_reliable_edu(
target_user_id.server_name(),
serde_json::to_vec(&federation::transactions::edu::Edu::DirectToDevice(
DirectDeviceContent {
sender: sender_user.clone(),
ev_type: EventType::from(&body.event_type),
message_id: body.txn_id.clone(),
messages,
},
))
.expect("DirectToDevice EDU can be serialized"),
db.globals.next_count()?,
)?;
continue;
}
match target_device_id_maybe {
DeviceIdOrAllDevices::DeviceId(target_device_id) => db.users.add_to_device_event(
sender_user,
target_user_id,
target_device_id,
&body.event_type,
event.deserialize_as().map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Event is invalid")
})?,
&db.globals,
)?,
to_device::DeviceIdOrAllDevices::DeviceId(target_device_id) => {
db.users.add_to_device_event(
sender_user,
&target_user_id,
&target_device_id,
&body.event_type,
serde_json::from_str(event.get()).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Event is invalid")
})?,
&db.globals,
)?
}
DeviceIdOrAllDevices::AllDevices => {
for target_device_id in db.users.all_device_ids(target_user_id) {
to_device::DeviceIdOrAllDevices::AllDevices => {
for target_device_id in db.users.all_device_ids(&target_user_id) {
db.users.add_to_device_event(
sender_user,
target_user_id,
&target_user_id,
&target_device_id?,
&body.event_type,
event.deserialize_as().map_err(|_| {
serde_json::from_str(event.get()).map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Event is invalid")
})?,
&db.globals,
@ -99,7 +67,7 @@ pub async fn send_event_to_device_route( @@ -99,7 +67,7 @@ pub async fn send_event_to_device_route(
db.transaction_ids
.add_txnid(sender_user, sender_device, &body.txn_id, &[])?;
db.flush()?;
db.flush().await?;
Ok(send_event_to_device::Response {}.into())
Ok(send_event_to_device::Response.into())
}

14
src/client_server/typing.rs
Unescape View File

@ -1,27 +1,25 @@ @@ -1,27 +1,25 @@
use crate::{database::DatabaseGuard, utils, ConduitResult, Ruma};
use super::State;
use crate::{utils, ConduitResult, Database, Ruma};
use create_typing_event::Typing;
use ruma::api::client::r0::typing::create_typing_event;
#[cfg(feature = "conduit_bin")]
use rocket::put;
/// # `PUT /_matrix/client/r0/rooms/{roomId}/typing/{userId}`
///
/// Sets the typing state of the sender user.
#[cfg_attr(
feature = "conduit_bin",
put("/_matrix/client/r0/rooms/<_>/typing/<_>", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub fn create_typing_event_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<create_typing_event::Request<'_>>,
) -> ConduitResult<create_typing_event::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if let Typing::Yes(duration) = body.state {
db.rooms.edus.typing_add(
sender_user,
&sender_user,
&body.room_id,
duration.as_millis() as u64 + utils::millis_since_unix_epoch(),
&db.globals,
@ -29,8 +27,8 @@ pub fn create_typing_event_route( @@ -29,8 +27,8 @@ pub fn create_typing_event_route(
} else {
db.rooms
.edus
.typing_remove(sender_user, &body.room_id, &db.globals)?;
.typing_remove(&sender_user, &body.room_id, &db.globals)?;
}
Ok(create_typing_event::Response {}.into())
Ok(create_typing_event::Response.into())
}

2
src/client_server/unversioned.rs
Unescape View File

@ -10,7 +10,7 @@ use rocket::get; @@ -10,7 +10,7 @@ use rocket::get;
///
/// - Versions take the form MAJOR.MINOR.PATCH
/// - Only the latest PATCH release will be reported for each MAJOR.MINOR value
/// - Unstable features are namespaced and may include version information in their name
/// - Unstable features should be namespaced and may include version information in their name
///
/// Note: Unstable features are used while developing new features. Clients should avoid using
/// unstable features in their stable releases

36
src/client_server/user_directory.rs
Unescape View File

@ -1,21 +1,17 @@ @@ -1,21 +1,17 @@
use crate::{database::DatabaseGuard, ConduitResult, Ruma};
use super::State;
use crate::{ConduitResult, Database, Ruma};
use ruma::api::client::r0::user_directory::search_users;
#[cfg(feature = "conduit_bin")]
use rocket::post;
/// # `POST /_matrix/client/r0/user_directory/search`
///
/// Searches all known users for a match.
///
/// - TODO: Hide users that are not in any public rooms?
#[cfg_attr(
feature = "conduit_bin",
post("/_matrix/client/r0/user_directory/search", data = "<body>")
)]
#[tracing::instrument(skip(db, body))]
pub async fn search_users_route(
db: DatabaseGuard,
db: State<'_, Database>,
body: Ruma<search_users::Request<'_>>,
) -> ConduitResult<search_users::Response> {
let limit = u64::from(body.limit) as usize;
@ -23,6 +19,9 @@ pub async fn search_users_route( @@ -23,6 +19,9 @@ pub async fn search_users_route(
let mut users = db.users.iter().filter_map(|user_id| {
// Filter out buggy users (they should not exist, but you never know...)
let user_id = user_id.ok()?;
if db.users.is_deactivated(&user_id).ok()? {
return None;
}
let user = search_users::User {
user_id: user_id.clone(),
@ -30,22 +29,13 @@ pub async fn search_users_route( @@ -30,22 +29,13 @@ pub async fn search_users_route(
avatar_url: db.users.avatar_url(&user_id).ok()?,
};
let user_id_matches = user
.user_id
.to_string()
.to_lowercase()
.contains(&body.search_term.to_lowercase());
let user_displayname_matches = user
.display_name
.as_ref()
.filter(|name| {
name.to_lowercase()
.contains(&body.search_term.to_lowercase())
})
.is_some();
if !user_id_matches && !user_displayname_matches {
if !user.user_id.to_string().contains(&body.search_term)
&& user
.display_name
.as_ref()
.filter(|name| name.contains(&body.search_term))
.is_none()
{
return None;
}

58
src/client_server/voip.rs
Unescape View File

@ -1,58 +1,18 @@ @@ -1,58 +1,18 @@
use crate::{database::DatabaseGuard, ConduitResult, Ruma};
use hmac::{Hmac, Mac, NewMac};
use crate::ConduitResult;
use ruma::api::client::r0::voip::get_turn_server_info;
use ruma::SecondsSinceUnixEpoch;
use sha1::Sha1;
use std::time::{Duration, SystemTime};
type HmacSha1 = Hmac<Sha1>;
use std::time::Duration;
#[cfg(feature = "conduit_bin")]
use rocket::get;
/// # `GET /_matrix/client/r0/voip/turnServer`
///
/// TODO: Returns information about the recommended turn server.
#[cfg_attr(
feature = "conduit_bin",
get("/_matrix/client/r0/voip/turnServer", data = "<body>")
)]
#[tracing::instrument(skip(body, db))]
pub async fn turn_server_route(
body: Ruma<get_turn_server_info::Request>,
db: DatabaseGuard,
) -> ConduitResult<get_turn_server_info::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let turn_secret = db.globals.turn_secret();
let (username, password) = if !turn_secret.is_empty() {
let expiry = SecondsSinceUnixEpoch::from_system_time(
SystemTime::now() + Duration::from_secs(db.globals.turn_ttl()),
)
.expect("time is valid");
let username: String = format!("{}:{}", expiry.get(), sender_user);
let mut mac = HmacSha1::new_from_slice(turn_secret.as_bytes())
.expect("HMAC can take key of any size");
mac.update(username.as_bytes());
let password: String = base64::encode_config(mac.finalize().into_bytes(), base64::STANDARD);
(username, password)
} else {
(
db.globals.turn_username().clone(),
db.globals.turn_password().clone(),
)
};
#[cfg_attr(feature = "conduit_bin", get("/_matrix/client/r0/voip/turnServer"))]
#[tracing::instrument]
pub async fn turn_server_route() -> ConduitResult<get_turn_server_info::Response> {
Ok(get_turn_server_info::Response {
username,
password,
uris: db.globals.turn_uris().to_vec(),
ttl: Duration::from_secs(db.globals.turn_ttl()),
username: "".to_owned(),
password: "".to_owned(),
uris: Vec::new(),
ttl: Duration::from_secs(60 * 60 * 24),
}
.into())
}

897
src/database.rs
View File

File diff suppressed because it is too large Load Diff

54
src/database/abstraction.rs
Unescape View File

@ -1,54 +0,0 @@ @@ -1,54 +0,0 @@
use super::Config;
use crate::Result;
use std::{future::Future, pin::Pin, sync::Arc};
#[cfg(feature = "sled")]
pub mod sled;
#[cfg(feature = "sqlite")]
pub mod sqlite;
#[cfg(feature = "heed")]
pub mod heed;
pub trait DatabaseEngine: Sized {
fn open(config: &Config) -> Result<Arc<Self>>;
fn open_tree(self: &Arc<Self>, name: &'static str) -> Result<Arc<dyn Tree>>;
fn flush(self: &Arc<Self>) -> Result<()>;
}
pub trait Tree: Send + Sync {
fn get(&self, key: &[u8]) -> Result<Option<Vec<u8>>>;
fn insert(&self, key: &[u8], value: &[u8]) -> Result<()>;
fn insert_batch(&self, iter: &mut dyn Iterator<Item = (Vec<u8>, Vec<u8>)>) -> Result<()>;
fn remove(&self, key: &[u8]) -> Result<()>;
fn iter<'a>(&'a self) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + 'a>;
fn iter_from<'a>(
&'a self,
from: &[u8],
backwards: bool,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + 'a>;
fn increment(&self, key: &[u8]) -> Result<Vec<u8>>;
fn increment_batch(&self, iter: &mut dyn Iterator<Item = Vec<u8>>) -> Result<()>;
fn scan_prefix<'a>(
&'a self,
prefix: Vec<u8>,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + 'a>;
fn watch_prefix<'a>(&'a self, prefix: &[u8]) -> Pin<Box<dyn Future<Output = ()> + Send + 'a>>;
fn clear(&self) -> Result<()> {
for (key, _) in self.iter() {
self.remove(&key)?;
}
Ok(())
}
}

240
src/database/abstraction/heed.rs
Unescape View File

@ -1,240 +0,0 @@ @@ -1,240 +0,0 @@
use super::super::Config;
use crossbeam::channel::{bounded, Sender as ChannelSender};
use threadpool::ThreadPool;
use crate::{Error, Result};
use std::{
collections::HashMap,
future::Future,
pin::Pin,
sync::{Arc, Mutex, RwLock},
};
use tokio::sync::oneshot::Sender;
use super::{DatabaseEngine, Tree};
type TupleOfBytes = (Vec<u8>, Vec<u8>);
pub struct Engine {
env: heed::Env,
iter_pool: Mutex<ThreadPool>,
}
pub struct EngineTree {
engine: Arc<Engine>,
tree: Arc<heed::UntypedDatabase>,
watchers: RwLock<HashMap<Vec<u8>, Vec<Sender<()>>>>,
}
fn convert_error(error: heed::Error) -> Error {
Error::HeedError {
error: error.to_string(),
}
}
impl DatabaseEngine for Engine {
fn open(config: &Config) -> Result<Arc<Self>> {
let mut env_builder = heed::EnvOpenOptions::new();
env_builder.map_size(1024 * 1024 * 1024 * 1024); // 1 Terabyte
env_builder.max_readers(126);
env_builder.max_dbs(128);
unsafe {
env_builder.flag(heed::flags::Flags::MdbWriteMap);
env_builder.flag(heed::flags::Flags::MdbMapAsync);
}
Ok(Arc::new(Engine {
env: env_builder
.open(&config.database_path)
.map_err(convert_error)?,
iter_pool: Mutex::new(ThreadPool::new(10)),
}))
}
fn open_tree(self: &Arc<Self>, name: &'static str) -> Result<Arc<dyn Tree>> {
// Creates the db if it doesn't exist already
Ok(Arc::new(EngineTree {
engine: Arc::clone(self),
tree: Arc::new(
self.env
.create_database(Some(name))
.map_err(convert_error)?,
),
watchers: RwLock::new(HashMap::new()),
}))
}
fn flush(self: &Arc<Self>) -> Result<()> {
self.env.force_sync().map_err(convert_error)?;
Ok(())
}
}
impl EngineTree {
#[tracing::instrument(skip(self, tree, from, backwards))]
fn iter_from_thread(
&self,
tree: Arc<heed::UntypedDatabase>,
from: Vec<u8>,
backwards: bool,
) -> Box<dyn Iterator<Item = TupleOfBytes> + Send + Sync> {
let (s, r) = bounded::<TupleOfBytes>(100);
let engine = Arc::clone(&self.engine);
let lock = self.engine.iter_pool.lock().await;
if lock.active_count() < lock.max_count() {
lock.execute(move || {
iter_from_thread_work(tree, &engine.env.read_txn().unwrap(), from, backwards, &s);
});
} else {
std::thread::spawn(move || {
iter_from_thread_work(tree, &engine.env.read_txn().unwrap(), from, backwards, &s);
});
}
Box::new(r.into_iter())
}
}
#[tracing::instrument(skip(tree, txn, from, backwards))]
fn iter_from_thread_work(
tree: Arc<heed::UntypedDatabase>,
txn: &heed::RoTxn<'_>,
from: Vec<u8>,
backwards: bool,
s: &ChannelSender<(Vec<u8>, Vec<u8>)>,
) {
if backwards {
for (k, v) in tree.rev_range(txn, ..=&*from).unwrap().map(|r| r.unwrap()) {
if s.send((k.to_vec(), v.to_vec())).is_err() {
return;
}
}
} else {
if from.is_empty() {
for (k, v) in tree.iter(txn).unwrap().map(|r| r.unwrap()) {
if s.send((k.to_vec(), v.to_vec())).is_err() {
return;
}
}
} else {
for (k, v) in tree.range(txn, &*from..).unwrap().map(|r| r.unwrap()) {
if s.send((k.to_vec(), v.to_vec())).is_err() {
return;
}
}
}
}
}
impl Tree for EngineTree {
#[tracing::instrument(skip(self, key))]
fn get(&self, key: &[u8]) -> Result<Option<Vec<u8>>> {
let txn = self.engine.env.read_txn().map_err(convert_error)?;
Ok(self
.tree
.get(&txn, &key)
.map_err(convert_error)?
.map(|s| s.to_vec()))
}
#[tracing::instrument(skip(self, key, value))]
fn insert(&self, key: &[u8], value: &[u8]) -> Result<()> {
let mut txn = self.engine.env.write_txn().map_err(convert_error)?;
self.tree
.put(&mut txn, &key, &value)
.map_err(convert_error)?;
txn.commit().map_err(convert_error)?;
let watchers = self.watchers.read().unwrap();
let mut triggered = Vec::new();
for length in 0..=key.len() {
if watchers.contains_key(&key[..length]) {
triggered.push(&key[..length]);
}
}
drop(watchers);
if !triggered.is_empty() {
let mut watchers = self.watchers.write().unwrap();
for prefix in triggered {
if let Some(txs) = watchers.remove(prefix) {
for tx in txs {
let _ = tx.send(());
}
}
}
};
Ok(())
}
#[tracing::instrument(skip(self, key))]
fn remove(&self, key: &[u8]) -> Result<()> {
let mut txn = self.engine.env.write_txn().map_err(convert_error)?;
self.tree.delete(&mut txn, &key).map_err(convert_error)?;
txn.commit().map_err(convert_error)?;
Ok(())
}
#[tracing::instrument(skip(self))]
fn iter<'a>(&'a self) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + Send + 'a> {
self.iter_from(&[], false)
}
#[tracing::instrument(skip(self, from, backwards))]
fn iter_from(
&self,
from: &[u8],
backwards: bool,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + Send> {
self.iter_from_thread(Arc::clone(&self.tree), from.to_vec(), backwards)
}
#[tracing::instrument(skip(self, key))]
fn increment(&self, key: &[u8]) -> Result<Vec<u8>> {
let mut txn = self.engine.env.write_txn().map_err(convert_error)?;
let old = self.tree.get(&txn, &key).map_err(convert_error)?;
let new =
crate::utils::increment(old.as_deref()).expect("utils::increment always returns Some");
self.tree
.put(&mut txn, &key, &&*new)
.map_err(convert_error)?;
txn.commit().map_err(convert_error)?;
Ok(new)
}
#[tracing::instrument(skip(self, prefix))]
fn scan_prefix<'a>(
&'a self,
prefix: Vec<u8>,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + Send + 'a> {
Box::new(
self.iter_from(&prefix, false)
.take_while(move |(key, _)| key.starts_with(&prefix)),
)
}
#[tracing::instrument(skip(self, prefix))]
fn watch_prefix<'a>(&'a self, prefix: &[u8]) -> Pin<Box<dyn Future<Output = ()> + Send + 'a>> {
let (tx, rx) = tokio::sync::oneshot::channel();
self.watchers
.write()
.unwrap()
.entry(prefix.to_vec())
.or_default()
.push(tx);
Box::pin(async move {
// Tx is never destroyed
rx.await.unwrap();
})
}
}

128
src/database/abstraction/sled.rs
Unescape View File

@ -1,128 +0,0 @@ @@ -1,128 +0,0 @@
use super::super::Config;
use crate::{utils, Result};
use std::{future::Future, pin::Pin, sync::Arc};
use tracing::warn;
use super::{DatabaseEngine, Tree};
pub struct Engine(sled::Db);
pub struct SledEngineTree(sled::Tree);
impl DatabaseEngine for Engine {
fn open(config: &Config) -> Result<Arc<Self>> {
Ok(Arc::new(Engine(
sled::Config::default()
.path(&config.database_path)
.cache_capacity((config.db_cache_capacity_mb * 1024.0 * 1024.0) as u64)
.use_compression(true)
.open()?,
)))
}
fn open_tree(self: &Arc<Self>, name: &'static str) -> Result<Arc<dyn Tree>> {
Ok(Arc::new(SledEngineTree(self.0.open_tree(name)?)))
}
fn flush(self: &Arc<Self>) -> Result<()> {
Ok(()) // noop
}
}
impl Tree for SledEngineTree {
fn get(&self, key: &[u8]) -> Result<Option<Vec<u8>>> {
Ok(self.0.get(key)?.map(|v| v.to_vec()))
}
fn insert(&self, key: &[u8], value: &[u8]) -> Result<()> {
self.0.insert(key, value)?;
Ok(())
}
#[tracing::instrument(skip(self, iter))]
fn insert_batch<'a>(&self, iter: &mut dyn Iterator<Item = (Vec<u8>, Vec<u8>)>) -> Result<()> {
for (key, value) in iter {
self.0.insert(key, value)?;
}
Ok(())
}
fn remove(&self, key: &[u8]) -> Result<()> {
self.0.remove(key)?;
Ok(())
}
fn iter<'a>(&'a self) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + 'a> {
Box::new(
self.0
.iter()
.filter_map(|r| {
if let Err(e) = &r {
warn!("Error: {}", e);
}
r.ok()
})
.map(|(k, v)| (k.to_vec().into(), v.to_vec().into())),
)
}
fn iter_from(
&self,
from: &[u8],
backwards: bool,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)>> {
let iter = if backwards {
self.0.range(..=from)
} else {
self.0.range(from..)
};
let iter = iter
.filter_map(|r| {
if let Err(e) = &r {
warn!("Error: {}", e);
}
r.ok()
})
.map(|(k, v)| (k.to_vec().into(), v.to_vec().into()));
if backwards {
Box::new(iter.rev())
} else {
Box::new(iter)
}
}
fn increment(&self, key: &[u8]) -> Result<Vec<u8>> {
Ok(self
.0
.update_and_fetch(key, utils::increment)
.map(|o| o.expect("increment always sets a value").to_vec())?)
}
fn scan_prefix<'a>(
&'a self,
prefix: Vec<u8>,
) -> Box<dyn Iterator<Item = (Vec<u8>, Vec<u8>)> + 'a> {
let iter = self
.0
.scan_prefix(prefix)
.filter_map(|r| {
if let Err(e) = &r {
warn!("Error: {}", e);
}
r.ok()
})
.map(|(k, v)| (k.to_vec().into(), v.to_vec().into()));
Box::new(iter)
}
fn watch_prefix<'a>(&'a self, prefix: &[u8]) -> Pin<Box<dyn Future<Output = ()> + Send + 'a>> {
let prefix = prefix.to_vec();
Box::pin(async move {
self.0.watch_prefix(prefix).await;
})
}
}

392
src/database/abstraction/sqlite.rs
Unescape View File

@ -1,392 +0,0 @@ @@ -1,392 +0,0 @@
use super::{DatabaseEngine, Tree};
use crate::{database::Config, Result};
use parking_lot::{Mutex, MutexGuard, RwLock};
use rusqlite::{Connection, DatabaseName::Main, OptionalExtension};
use std::{
cell::RefCell,
collections::{hash_map, HashMap},
future::Future,
path::{Path, PathBuf},
pin::Pin,
sync::Arc,
};
use thread_local::ThreadLocal;
use tokio::sync::watch;
use tracing::debug;
thread_local! {
static READ_CONNECTION: RefCell<Option<&'static Connection>> = RefCell::new(None);
static READ_CONNECTION_ITERATOR: RefCell<Option<&'static Connection>> = RefCell::new(None);
}
struct PreparedStatementIterator<'a> {
pub iterator: Box<dyn Iterator<Item = TupleOfBytes> + 'a>,
pub statement_ref: NonAliasingBox<rusqlite::Statement<'a>>,
}
impl Iterator for PreparedStatementIterator<'_> {
type Item = TupleOfBytes;
fn next(&mut self) -> Option<Self::Item> {
self.iterator.next()
}
}
struct NonAliasingBox<T>(*mut T);
impl<T> Drop for NonAliasingBox<T> {
fn drop(&mut self) {
unsafe { Box::from_raw(self.0) };
}
}
pub struct Engine {
writer: Mutex<Connection>,
read_conn_tls: ThreadLocal<Connection>,
read_iterator_conn_tls: ThreadLocal<Connection>,
path: PathBuf,
cache_size_per_thread: u32,
}
impl Engine {
fn prepare_conn(path: &Path, cache_size_kb: u32) -> Result<Connection> {
let conn = Connection::open(&path)?;
conn.pragma_update(Some(Main), "page_size", &2048)?;
conn.pragma_update(Some(Main), "journal_mode", &"WAL")?;
conn.pragma_update(Some(Main), "synchronous", &"NORMAL")?;
conn.pragma_update(Some(Main), "cache_size", &(-i64::from(cache_size_kb)))?;
conn.pragma_update(Some(Main), "wal_autocheckpoint", &0)?;
Ok(conn)
}
fn write_lock(&self) -> MutexGuard<'_, Connection> {
self.writer.lock()
}
fn read_lock(&self) -> &Connection {
self.read_conn_tls
.get_or(|| Self::prepare_conn(&self.path, self.cache_size_per_thread).unwrap())
}
fn read_lock_iterator(&self) -> &Connection {
self.read_iterator_conn_tls
.get_or(|| Self::prepare_conn(&self.path, self.cache_size_per_thread).unwrap())
}
pub fn flush_wal(self: &Arc<Self>) -> Result<()> {
self.write_lock()
.pragma_update(Some(Main), "wal_checkpoint", &"RESTART")?;
Ok(())
}
}
impl DatabaseEngine for Engine {
fn open(config: &Config) -> Result<Arc<Self>> {
let path = Path::new(&config.database_path).join("conduit.db");
// calculates cache-size per permanent connection
// 1. convert MB to KiB
// 2. divide by permanent connections + permanent iter connections + write connection
// 3. round down to nearest integer
let cache_size_per_thread: u32 = ((config.db_cache_capacity_mb * 1024.0)
/ ((num_cpus::get().max(1) * 2) + 1) as f64)
as u32;
let writer = Mutex::new(Self::prepare_conn(&path, cache_size_per_thread)?);
let arc = Arc::new(Engine {
writer,
read_conn_tls: ThreadLocal::new(),
read_iterator_conn_tls: ThreadLocal::new(),
path,
cache_size_per_thread,
});
Ok(arc)
}
fn open_tree(self: &Arc<Self>, name: &str) -> Result<Arc<dyn Tree>> {
self.write_lock().execute(&format!("CREATE TABLE IF NOT EXISTS {} ( \"key\" BLOB PRIMARY KEY, \"value\" BLOB NOT NULL )", name), [])?;
Ok(Arc::new(SqliteTable {
engine: Arc::clone(self),
name: name.to_owned(),
watchers: RwLock::new(HashMap::new()),
}))
}
fn flush(self: &Arc<Self>) -> Result<()> {
// we enabled PRAGMA synchronous=normal, so this should not be necessary
Ok(())
}
}
pub struct SqliteTable {
engine: Arc<Engine>,
name: String,
watchers: RwLock<HashMap<Vec<u8>, (watch::Sender<()>, watch::Receiver<()>)>>,
}
type TupleOfBytes = (Vec<u8>, Vec<u8>);
impl SqliteTable {
#[tracing::instrument(skip(self, guard, key))]
fn get_with_guard(&self, guard: &Connection, key: &[u8]) -> Result<Option<Vec<u8>>> {
//dbg!(&self.name);
Ok(guard
.prepare(format!("SELECT value FROM {} WHERE key = ?", self.name).as_str())?
.query_row([key], |row| row.get(0))
.optional()?)
}
#[tracing::instrument(skip(self, guard, key, value))]
fn insert_with_guard(&self, guard: &Connection, key: &[u8], value: &[u8]) -> Result<()> {
//dbg!(&self.name);
guard.execute(
format!(
"INSERT OR REPLACE INTO {} (key, value) VALUES (?, ?)",
self.name
)
.as_str(),
[key, value],
)?;
Ok(())
}
pub fn iter_with_guard<'a>(
&'a self,
guard: &'a Connection,
) -> Box<dyn Iterator<Item = TupleOfBytes> + 'a> {
let statement = Box::leak(Box::new(
guard
.prepare(&format!(
"SELECT key, value FROM {} ORDER BY key ASC",
&self.name
))
.unwrap(),
));
let statement_ref = NonAliasingBox(statement);
//let name = self.name.clone();
let iterator = Box::new(
statement
.query_map([], |row| Ok((row.get_unwrap(0), row.get_unwrap(1))))
.unwrap()
.map(move |r| {
//dbg!(&name);
r.unwrap()
}),
);
Box::new(PreparedStatementIterator {
iterator,
statement_ref,
})
}
}
impl Tree for SqliteTable {
#[tracing::instrument(skip(self, key))]
fn get(&self, key: &[u8]) -> Result<Option<Vec<u8>>> {
self.get_with_guard(self.engine.read_lock(), key)
}
#[tracing::instrument(skip(self, key, value))]
fn insert(&self, key: &[u8], value: &[u8]) -> Result<()> {
let guard = self.engine.write_lock();
self.insert_with_guard(&guard, key, value)?;
drop(guard);
let watchers = self.watchers.read();
let mut triggered = Vec::new();
for length in 0..=key.len() {
if watchers.contains_key(&key[..length]) {
triggered.push(&key[..length]);
}
}
drop(watchers);
if !triggered.is_empty() {
let mut watchers = self.watchers.write();
for prefix in triggered {
if let Some(tx) = watchers.remove(prefix) {
let _ = tx.0.send(());
}
}
};
Ok(())
}
#[tracing::instrument(skip(self, iter))]
fn insert_batch<'a>(&self, iter: &mut dyn Iterator<Item = (Vec<u8>, Vec<u8>)>) -> Result<()> {
let guard = self.engine.write_lock();
guard.execute("BEGIN", [])?;
for (key, value) in iter {
self.insert_with_guard(&guard, &key, &value)?;
}
guard.execute("COMMIT", [])?;
drop(guard);
Ok(())
}
#[tracing::instrument(skip(self, iter))]
fn increment_batch<'a>(&self, iter: &mut dyn Iterator<Item = Vec<u8>>) -> Result<()> {
let guard = self.engine.write_lock();
guard.execute("BEGIN", [])?;
for key in iter {
let old = self.get_with_guard(&guard, &key)?;
let new = crate::utils::increment(old.as_deref())
.expect("utils::increment always returns Some");
self.insert_with_guard(&guard, &key, &new)?;
}
guard.execute("COMMIT", [])?;
drop(guard);
Ok(())
}
#[tracing::instrument(skip(self, key))]
fn remove(&self, key: &[u8]) -> Result<()> {
let guard = self.engine.write_lock();
guard.execute(
format!("DELETE FROM {} WHERE key = ?", self.name).as_str(),
[key],
)?;
Ok(())
}
#[tracing::instrument(skip(self))]
fn iter<'a>(&'a self) -> Box<dyn Iterator<Item = TupleOfBytes> + 'a> {
let guard = self.engine.read_lock_iterator();
self.iter_with_guard(guard)
}
#[tracing::instrument(skip(self, from, backwards))]
fn iter_from<'a>(
&'a self,
from: &[u8],
backwards: bool,
) -> Box<dyn Iterator<Item = TupleOfBytes> + 'a> {
let guard = self.engine.read_lock_iterator();
let from = from.to_vec(); // TODO change interface?
//let name = self.name.clone();
if backwards {
let statement = Box::leak(Box::new(
guard
.prepare(&format!(
"SELECT key, value FROM {} WHERE key <= ? ORDER BY key DESC",
&self.name
))
.unwrap(),
));
let statement_ref = NonAliasingBox(statement);
let iterator = Box::new(
statement
.query_map([from], |row| Ok((row.get_unwrap(0), row.get_unwrap(1))))
.unwrap()
.map(move |r| {
//dbg!(&name);
r.unwrap()
}),
);
Box::new(PreparedStatementIterator {
iterator,
statement_ref,
})
} else {
let statement = Box::leak(Box::new(
guard
.prepare(&format!(
"SELECT key, value FROM {} WHERE key >= ? ORDER BY key ASC",
&self.name
))
.unwrap(),
));
let statement_ref = NonAliasingBox(statement);
let iterator = Box::new(
statement
.query_map([from], |row| Ok((row.get_unwrap(0), row.get_unwrap(1))))
.unwrap()
.map(move |r| {
//dbg!(&name);
r.unwrap()
}),
);
Box::new(PreparedStatementIterator {
iterator,
statement_ref,
})
}
}
#[tracing::instrument(skip(self, key))]
fn increment(&self, key: &[u8]) -> Result<Vec<u8>> {
let guard = self.engine.write_lock();
let old = self.get_with_guard(&guard, key)?;
let new =
crate::utils::increment(old.as_deref()).expect("utils::increment always returns Some");
self.insert_with_guard(&guard, key, &new)?;
Ok(new)
}
#[tracing::instrument(skip(self, prefix))]
fn scan_prefix<'a>(&'a self, prefix: Vec<u8>) -> Box<dyn Iterator<Item = TupleOfBytes> + 'a> {
Box::new(
self.iter_from(&prefix, false)
.take_while(move |(key, _)| key.starts_with(&prefix)),
)
}
#[tracing::instrument(skip(self, prefix))]
fn watch_prefix<'a>(&'a self, prefix: &[u8]) -> Pin<Box<dyn Future<Output = ()> + Send + 'a>> {
let mut rx = match self.watchers.write().entry(prefix.to_vec()) {
hash_map::Entry::Occupied(o) => o.get().1.clone(),
hash_map::Entry::Vacant(v) => {
let (tx, rx) = tokio::sync::watch::channel(());
v.insert((tx, rx.clone()));
rx
}
};
Box::pin(async move {
// Tx is never destroyed
rx.changed().await.unwrap();
})
}
#[tracing::instrument(skip(self))]
fn clear(&self) -> Result<()> {
debug!("clear: running");
self.engine
.write_lock()
.execute(format!("DELETE FROM {}", self.name).as_str(), [])?;
debug!("clear: ran");
Ok(())
}
}

114
src/database/account_data.rs
Unescape View File

@ -1,23 +1,21 @@ @@ -1,23 +1,21 @@
use crate::{utils, Error, Result};
use ruma::{
api::client::error::ErrorKind,
events::{AnyEphemeralRoomEvent, EventType},
events::{AnyEvent as EduEvent, EventType},
serde::Raw,
RoomId, UserId,
};
use serde::{de::DeserializeOwned, Serialize};
use std::{collections::HashMap, convert::TryFrom, sync::Arc};
use super::abstraction::Tree;
use sled::IVec;
use std::{collections::HashMap, convert::TryFrom};
#[derive(Clone)]
pub struct AccountData {
pub(super) roomuserdataid_accountdata: Arc<dyn Tree>, // RoomUserDataId = Room + User + Count + Type
pub(super) roomusertype_roomuserdataid: Arc<dyn Tree>, // RoomUserType = Room + User + Type
pub(super) roomuserdataid_accountdata: sled::Tree, // RoomUserDataId = Room + User + Count + Type
}
impl AccountData {
/// Places one event in the account data of the user and removes the previous entry.
#[tracing::instrument(skip(self, room_id, user_id, event_type, data, globals))]
pub fn update<T: Serialize>(
&self,
room_id: Option<&RoomId>,
@ -32,16 +30,19 @@ impl AccountData { @@ -32,16 +30,19 @@ impl AccountData {
.as_bytes()
.to_vec();
prefix.push(0xff);
prefix.extend_from_slice(user_id.as_bytes());
prefix.extend_from_slice(&user_id.to_string().as_bytes());
prefix.push(0xff);
let mut roomuserdataid = prefix.clone();
roomuserdataid.extend_from_slice(&globals.next_count()?.to_be_bytes());
roomuserdataid.push(0xff);
roomuserdataid.extend_from_slice(event_type.as_bytes());
// Remove old entry
if let Some(previous) = self.find_event(room_id, user_id, &event_type) {
let (old_key, _) = previous?;
self.roomuserdataid_accountdata.remove(old_key)?;
}
let mut key = prefix;
key.extend_from_slice(event_type.as_bytes());
key.extend_from_slice(&globals.next_count()?.to_be_bytes());
key.push(0xff);
key.extend_from_slice(event_type.to_string().as_bytes());
let json = serde_json::to_value(data).expect("all types here can be serialized"); // TODO: maybe add error handling
if json.get("type").is_none() || json.get("content").is_none() {
@ -51,65 +52,35 @@ impl AccountData { @@ -51,65 +52,35 @@ impl AccountData {
));
}
self.roomuserdataid_accountdata.insert(
&roomuserdataid,
&serde_json::to_vec(&json).expect("to_vec always works on json values"),
)?;
let prev = self.roomusertype_roomuserdataid.get(&key)?;
self.roomusertype_roomuserdataid
.insert(&key, &roomuserdataid)?;
// Remove old entry
if let Some(prev) = prev {
self.roomuserdataid_accountdata.remove(&prev)?;
}
self.roomuserdataid_accountdata
.insert(key, &*json.to_string())?;
Ok(())
}
/// Searches the account data for a specific kind.
#[tracing::instrument(skip(self, room_id, user_id, kind))]
pub fn get<T: DeserializeOwned>(
&self,
room_id: Option<&RoomId>,
user_id: &UserId,
kind: EventType,
) -> Result<Option<T>> {
let mut key = room_id
.map(|r| r.to_string())
.unwrap_or_default()
.as_bytes()
.to_vec();
key.push(0xff);
key.extend_from_slice(user_id.as_bytes());
key.push(0xff);
key.extend_from_slice(kind.as_ref().as_bytes());
self.roomusertype_roomuserdataid
.get(&key)?
.and_then(|roomuserdataid| {
self.roomuserdataid_accountdata
.get(&roomuserdataid)
.transpose()
})
.transpose()?
.map(|data| {
serde_json::from_slice(&data)
.map_err(|_| Error::bad_database("could not deserialize"))
self.find_event(room_id, user_id, &kind)
.map(|r| {
let (_, v) = r?;
serde_json::from_slice(&v).map_err(|_| Error::bad_database("could not deserialize"))
})
.transpose()
}
/// Returns all changes to the account data that happened after `since`.
#[tracing::instrument(skip(self, room_id, user_id, since))]
#[tracing::instrument(skip(self))]
pub fn changes_since(
&self,
room_id: Option<&RoomId>,
user_id: &UserId,
since: u64,
) -> Result<HashMap<EventType, Raw<AnyEphemeralRoomEvent>>> {
) -> Result<HashMap<EventType, Raw<EduEvent>>> {
let mut userdata = HashMap::new();
let mut prefix = room_id
@ -118,7 +89,7 @@ impl AccountData { @@ -118,7 +89,7 @@ impl AccountData {
.as_bytes()
.to_vec();
prefix.push(0xff);
prefix.extend_from_slice(user_id.as_bytes());
prefix.extend_from_slice(&user_id.to_string().as_bytes());
prefix.push(0xff);
// Skip the data that's exactly at since, because we sent that last time
@ -127,7 +98,8 @@ impl AccountData { @@ -127,7 +98,8 @@ impl AccountData {
for r in self
.roomuserdataid_accountdata
.iter_from(&first_possible, false)
.range(&*first_possible..)
.filter_map(|r| r.ok())
.take_while(move |(k, _)| k.starts_with(&prefix))
.map(|(k, v)| {
Ok::<_, Error>((
@ -138,7 +110,7 @@ impl AccountData { @@ -138,7 +110,7 @@ impl AccountData {
.map_err(|_| Error::bad_database("RoomUserData ID in db is invalid."))?,
)
.map_err(|_| Error::bad_database("RoomUserData ID in db is invalid."))?,
serde_json::from_slice::<Raw<AnyEphemeralRoomEvent>>(&v).map_err(|_| {
serde_json::from_slice::<Raw<EduEvent>>(&v).map_err(|_| {
Error::bad_database("Database contains invalid account data.")
})?,
))
@ -150,4 +122,38 @@ impl AccountData { @@ -150,4 +122,38 @@ impl AccountData {
Ok(userdata)
}
fn find_event(
&self,
room_id: Option<&RoomId>,
user_id: &UserId,
kind: &EventType,
) -> Option<Result<(IVec, IVec)>> {
let mut prefix = room_id
.map(|r| r.to_string())
.unwrap_or_default()
.as_bytes()
.to_vec();
prefix.push(0xff);
prefix.extend_from_slice(&user_id.to_string().as_bytes());
prefix.push(0xff);
let kind = kind.clone();
self.roomuserdataid_accountdata
.scan_prefix(prefix)
.rev()
.find(move |r| {
r.as_ref()
.map(|(k, _)| {
k.rsplit(|&b| b == 0xff)
.next()
.map(|current_event_type| {
current_event_type == kind.to_string().as_bytes()
})
.unwrap_or(false)
})
.unwrap_or(false)
})
.map(|r| Ok(r?))
}
}

111
src/database/admin.rs
Unescape View File

@ -1,19 +1,17 @@ @@ -1,19 +1,17 @@
use std::{convert::TryInto, sync::Arc};
use std::convert::{TryFrom, TryInto};
use crate::{pdu::PduBuilder, Database};
use crate::pdu::PduBuilder;
use log::warn;
use rocket::futures::{channel::mpsc, stream::StreamExt};
use ruma::{
events::{room::message::RoomMessageEventContent, EventType},
events::{room::message, EventType},
UserId,
};
use serde_json::value::to_raw_value;
use tokio::sync::{MutexGuard, RwLock, RwLockReadGuard};
use tracing::warn;
pub enum AdminCommand {
RegisterAppservice(serde_yaml::Value),
ListAppservices,
SendMessage(RoomMessageEventContent),
SendMessage(message::MessageEventContent),
}
#[derive(Clone)]
@ -24,97 +22,70 @@ pub struct Admin { @@ -24,97 +22,70 @@ pub struct Admin {
impl Admin {
pub fn start_handler(
&self,
db: Arc<RwLock<Database>>,
db: super::Database,
mut receiver: mpsc::UnboundedReceiver<AdminCommand>,
) {
tokio::spawn(async move {
// TODO: Use futures when we have long admin commands
//let mut futures = FuturesUnordered::new();
let guard = db.read().await;
let conduit_user = UserId::parse(format!("@conduit:{}", guard.globals.server_name()))
let conduit_user = UserId::try_from(format!("@conduit:{}", db.globals.server_name()))
.expect("@conduit:server_name is valid");
let conduit_room = guard
let conduit_room = db
.rooms
.id_from_alias(
format!("#admins:{}", guard.globals.server_name())
.as_str()
&format!("#admins:{}", db.globals.server_name())
.try_into()
.expect("#admins:server_name is a valid room alias"),
)
.unwrap();
let conduit_room = match conduit_room {
None => {
warn!("Conduit instance does not have an #admins room. Logging to that room will not work. Restart Conduit after creating a user to fix this.");
return;
}
Some(r) => r,
};
drop(guard);
if conduit_room.is_none() {
warn!("Conduit instance does not have an #admins room. Logging to that room will not work. Restart Conduit after creating a user to fix this.");
}
let send_message = |message: RoomMessageEventContent,
guard: RwLockReadGuard<'_, Database>,
mutex_lock: &MutexGuard<'_, ()>| {
guard
.rooms
.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMessage,
content: to_raw_value(&message)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: None,
redacts: None,
},
&conduit_user,
&conduit_room,
&guard,
mutex_lock,
)
.unwrap();
let send_message = |message: message::MessageEventContent| {
if let Some(conduit_room) = &conduit_room {
db.rooms
.build_and_append_pdu(
PduBuilder {
event_type: EventType::RoomMessage,
content: serde_json::to_value(message)
.expect("event is valid, we just created it"),
unsigned: None,
state_key: None,
redacts: None,
},
&conduit_user,
&conduit_room,
&db,
)
.unwrap();
}
};
loop {
tokio::select! {
Some(event) = receiver.next() => {
let guard = db.read().await;
let mutex_state = Arc::clone(
guard.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(conduit_room.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
match event {
AdminCommand::RegisterAppservice(yaml) => {
guard.appservice.register_appservice(yaml).unwrap(); // TODO handle error
db.appservice.register_appservice(yaml).unwrap(); // TODO handle error
}
AdminCommand::ListAppservices => {
if let Ok(appservices) = guard.appservice.iter_ids().map(|ids| ids.collect::<Vec<_>>()) {
let count = appservices.len();
let output = format!(
"Appservices ({}): {}",
count,
appservices.into_iter().filter_map(|r| r.ok()).collect::<Vec<_>>().join(", ")
);
send_message(RoomMessageEventContent::text_plain(output), guard, &state_lock);
} else {
send_message(RoomMessageEventContent::text_plain("Failed to get appservices."), guard, &state_lock);
}
let appservices = db.appservice.iter_ids().collect::<Vec<_>>();
let count = appservices.len();
let output = format!(
"Appservices ({}): {}",
count,
appservices.into_iter().filter_map(|r| r.ok()).collect::<Vec<_>>().join(", ")
);
send_message(message::MessageEventContent::text_plain(output));
}
AdminCommand::SendMessage(message) => {
send_message(message, guard, &state_lock);
send_message(message);
}
}
drop(state_lock);
}
}
}
@ -122,6 +93,6 @@ impl Admin { @@ -122,6 +93,6 @@ impl Admin {
}
pub fn send(&self, command: AdminCommand) {
self.sender.unbounded_send(command).unwrap();
self.sender.unbounded_send(command).unwrap()
}
}

54
src/database/appservice.rs
Unescape View File

@ -4,21 +4,18 @@ use std::{ @@ -4,21 +4,18 @@ use std::{
sync::{Arc, RwLock},
};
use super::abstraction::Tree;
#[derive(Clone)]
pub struct Appservice {
pub(super) cached_registrations: Arc<RwLock<HashMap<String, serde_yaml::Value>>>,
pub(super) id_appserviceregistrations: Arc<dyn Tree>,
pub(super) id_appserviceregistrations: sled::Tree,
}
impl Appservice {
pub fn register_appservice(&self, yaml: serde_yaml::Value) -> Result<()> {
// TODO: Rumaify
let id = yaml.get("id").unwrap().as_str().unwrap();
self.id_appserviceregistrations.insert(
id.as_bytes(),
serde_yaml::to_string(&yaml).unwrap().as_bytes(),
)?;
self.id_appserviceregistrations
.insert(id, serde_yaml::to_string(&yaml).unwrap().as_bytes())?;
self.cached_registrations
.write()
.unwrap()
@ -34,38 +31,39 @@ impl Appservice { @@ -34,38 +31,39 @@ impl Appservice {
.get(id)
.map_or_else(
|| {
self.id_appserviceregistrations
.get(id.as_bytes())?
Ok(self
.id_appserviceregistrations
.get(id)?
.map(|bytes| {
serde_yaml::from_slice(&bytes).map_err(|_| {
Ok::<_, Error>(serde_yaml::from_slice(&bytes).map_err(|_| {
Error::bad_database(
"Invalid registration bytes in id_appserviceregistrations.",
)
})
})?)
})
.transpose()
.transpose()?)
},
|r| Ok(Some(r.clone())),
)
}
pub fn iter_ids(&self) -> Result<impl Iterator<Item = Result<String>> + '_> {
Ok(self.id_appserviceregistrations.iter().map(|(id, _)| {
utils::string_from_bytes(&id)
.map_err(|_| Error::bad_database("Invalid id bytes in id_appserviceregistrations."))
}))
pub fn iter_ids(&self) -> impl Iterator<Item = Result<String>> {
self.id_appserviceregistrations.iter().keys().map(|id| {
Ok(utils::string_from_bytes(&id?).map_err(|_| {
Error::bad_database("Invalid id bytes in id_appserviceregistrations.")
})?)
})
}
pub fn all(&self) -> Result<Vec<(String, serde_yaml::Value)>> {
self.iter_ids()?
.filter_map(|id| id.ok())
.map(move |id| {
Ok((
id.clone(),
self.get_registration(&id)?
.expect("iter_ids only returns appservices that exist"),
))
})
.collect()
pub fn iter_all<'a>(
&'a self,
) -> impl Iterator<Item = Result<(String, serde_yaml::Value)>> + 'a {
self.iter_ids().filter_map(|id| id.ok()).map(move |id| {
Ok((
id.clone(),
self.get_registration(&id)?
.expect("iter_ids only returns appservices that exist"),
))
})
}
}

303
src/database/globals.rs
Unescape View File

@ -1,101 +1,44 @@ @@ -1,101 +1,44 @@
use crate::{database::Config, server_server::FedDest, utils, ConduitResult, Error, Result};
use crate::{database::Config, utils, Error, Result};
use log::error;
use ruma::{
api::{
client::r0::sync::sync_events,
federation::discovery::{ServerSigningKeys, VerifyKey},
},
DeviceId, EventId, MilliSecondsSinceUnixEpoch, RoomId, ServerName, ServerSigningKeyId, UserId,
api::federation::discovery::{ServerSigningKeys, VerifyKey},
ServerName, ServerSigningKeyId,
};
use std::{
collections::{BTreeMap, HashMap},
fs,
future::Future,
net::IpAddr,
path::PathBuf,
sync::{Arc, Mutex, RwLock},
time::{Duration, Instant},
sync::{Arc, RwLock},
time::Duration,
};
use tokio::sync::{broadcast, watch::Receiver, Mutex as TokioMutex, Semaphore};
use tracing::error;
use trust_dns_resolver::TokioAsyncResolver;
use super::abstraction::Tree;
pub const COUNTER: &str = "c";
pub const COUNTER: &[u8] = b"c";
type WellKnownMap = HashMap<Box<ServerName>, (FedDest, String)>;
type TlsNameMap = HashMap<String, (Vec<IpAddr>, u16)>;
type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries
type SyncHandle = (
Option<String>, // since
Receiver<Option<ConduitResult<sync_events::Response>>>, // rx
);
pub type DestinationCache = Arc<RwLock<HashMap<Box<ServerName>, (String, Option<String>)>>>;
type WellKnownMap = HashMap<Box<ServerName>, (String, Option<String>)>;
#[derive(Clone)]
pub struct Globals {
pub actual_destination_cache: Arc<RwLock<WellKnownMap>>, // actual_destination, host
pub tls_name_override: Arc<RwLock<TlsNameMap>>,
pub(super) globals: Arc<dyn Tree>,
pub(super) globals: sled::Tree,
config: Config,
keypair: Arc<ruma::signatures::Ed25519KeyPair>,
reqwest_client: reqwest::Client,
dns_resolver: TokioAsyncResolver,
jwt_decoding_key: Option<jsonwebtoken::DecodingKey<'static>>,
pub(super) server_signingkeys: Arc<dyn Tree>,
pub bad_event_ratelimiter: Arc<RwLock<HashMap<Box<EventId>, RateLimitState>>>,
pub bad_signature_ratelimiter: Arc<RwLock<HashMap<Vec<String>, RateLimitState>>>,
pub servername_ratelimiter: Arc<RwLock<HashMap<Box<ServerName>, Arc<Semaphore>>>>,
pub sync_receivers: RwLock<HashMap<(Box<UserId>, Box<DeviceId>), SyncHandle>>,
pub roomid_mutex_insert: RwLock<HashMap<Box<RoomId>, Arc<Mutex<()>>>>,
pub roomid_mutex_state: RwLock<HashMap<Box<RoomId>, Arc<TokioMutex<()>>>>,
pub roomid_mutex_federation: RwLock<HashMap<Box<RoomId>, Arc<TokioMutex<()>>>>, // this lock will be held longer
pub rotate: RotationHandler,
}
/// Handles "rotation" of long-polling requests. "Rotation" in this context is similar to "rotation" of log files and the like.
///
/// This is utilized to have sync workers return early and release read locks on the database.
pub struct RotationHandler(broadcast::Sender<()>, broadcast::Receiver<()>);
impl RotationHandler {
pub fn new() -> Self {
let (s, r) = broadcast::channel(1);
Self(s, r)
}
pub fn watch(&self) -> impl Future<Output = ()> {
let mut r = self.0.subscribe();
async move {
let _ = r.recv().await;
}
}
pub fn fire(&self) {
let _ = self.0.send(());
}
}
impl Default for RotationHandler {
fn default() -> Self {
Self::new()
}
pub(super) servertimeout_signingkey: sled::Tree, // ServerName + Timeout Timestamp -> algorithm:key + pubkey
}
impl Globals {
pub fn load(
globals: Arc<dyn Tree>,
server_signingkeys: Arc<dyn Tree>,
globals: sled::Tree,
servertimeout_signingkey: sled::Tree,
config: Config,
) -> Result<Self> {
let keypair_bytes = globals.get(b"keypair")?.map_or_else(
|| {
let keypair = utils::generate_keypair();
globals.insert(b"keypair", &keypair)?;
Ok::<_, Error>(keypair)
},
|s| Ok(s.to_vec()),
)?;
let bytes = &*globals
.update_and_fetch("keypair", utils::generate_keypair)?
.expect("utils::generate_keypair always returns Some");
let mut parts = keypair_bytes.splitn(2, |&b| b == 0xff);
let mut parts = bytes.splitn(2, |&b| b == 0xff);
let keypair = utils::string_from_bytes(
// 1. version
@ -112,7 +55,7 @@ impl Globals { @@ -112,7 +55,7 @@ impl Globals {
.map(|key| (version, key))
})
.and_then(|(version, key)| {
ruma::signatures::Ed25519KeyPair::from_der(key, version)
ruma::signatures::Ed25519KeyPair::new(&key, version)
.map_err(|_| Error::bad_database("Private or public keys are invalid."))
});
@ -120,42 +63,35 @@ impl Globals { @@ -120,42 +63,35 @@ impl Globals {
Ok(k) => k,
Err(e) => {
error!("Keypair invalid. Deleting...");
globals.remove(b"keypair")?;
globals.remove("keypair")?;
return Err(e);
}
};
let tls_name_override = Arc::new(RwLock::new(TlsNameMap::new()));
let reqwest_client = reqwest::Client::builder()
.connect_timeout(Duration::from_secs(30))
.timeout(Duration::from_secs(60 * 3))
.pool_max_idle_per_host(1)
.build()
.unwrap();
let jwt_decoding_key = config
.jwt_secret
.as_ref()
.map(|secret| jsonwebtoken::DecodingKey::from_secret(secret.as_bytes()).into_static());
let s = Self {
Ok(Self {
globals,
config,
keypair: Arc::new(keypair),
reqwest_client,
dns_resolver: TokioAsyncResolver::tokio_from_system_conf().map_err(|_| {
Error::bad_config("Failed to set up trust dns resolver with system config.")
})?,
actual_destination_cache: Arc::new(RwLock::new(WellKnownMap::new())),
tls_name_override,
server_signingkeys,
actual_destination_cache: Arc::new(RwLock::new(HashMap::new())),
servertimeout_signingkey,
jwt_decoding_key,
bad_event_ratelimiter: Arc::new(RwLock::new(HashMap::new())),
bad_signature_ratelimiter: Arc::new(RwLock::new(HashMap::new())),
servername_ratelimiter: Arc::new(RwLock::new(HashMap::new())),
roomid_mutex_state: RwLock::new(HashMap::new()),
roomid_mutex_insert: RwLock::new(HashMap::new()),
roomid_mutex_federation: RwLock::new(HashMap::new()),
sync_receivers: RwLock::new(HashMap::new()),
rotate: RotationHandler::new(),
};
fs::create_dir_all(s.get_media_folder())?;
Ok(s)
})
}
/// Returns this server's keypair.
@ -164,29 +100,24 @@ impl Globals { @@ -164,29 +100,24 @@ impl Globals {
}
/// Returns a reqwest client which can be used to send requests.
pub fn reqwest_client(&self) -> Result<reqwest::ClientBuilder> {
let mut reqwest_client_builder = reqwest::Client::builder()
.connect_timeout(Duration::from_secs(30))
.timeout(Duration::from_secs(60 * 3))
.pool_max_idle_per_host(1);
if let Some(proxy) = self.config.proxy.to_proxy()? {
reqwest_client_builder = reqwest_client_builder.proxy(proxy);
}
Ok(reqwest_client_builder)
pub fn reqwest_client(&self) -> &reqwest::Client {
&self.reqwest_client
}
#[tracing::instrument(skip(self))]
pub fn next_count(&self) -> Result<u64> {
utils::u64_from_bytes(&self.globals.increment(COUNTER)?)
.map_err(|_| Error::bad_database("Count has invalid bytes."))
Ok(utils::u64_from_bytes(
&self
.globals
.update_and_fetch(COUNTER, utils::increment)?
.expect("utils::increment will always put in a value"),
)
.map_err(|_| Error::bad_database("Count has invalid bytes."))?)
}
#[tracing::instrument(skip(self))]
pub fn current_count(&self) -> Result<u64> {
self.globals.get(COUNTER)?.map_or(Ok(0_u64), |bytes| {
utils::u64_from_bytes(&bytes)
.map_err(|_| Error::bad_database("Count has invalid bytes."))
Ok(utils::u64_from_bytes(&bytes)
.map_err(|_| Error::bad_database("Count has invalid bytes."))?)
})
}
@ -210,10 +141,6 @@ impl Globals { @@ -210,10 +141,6 @@ impl Globals {
self.config.allow_federation
}
pub fn allow_room_creation(&self) -> bool {
self.config.allow_room_creation
}
pub fn trusted_servers(&self) -> &[Box<ServerName>] {
&self.config.trusted_servers
}
@ -226,117 +153,63 @@ impl Globals { @@ -226,117 +153,63 @@ impl Globals {
self.jwt_decoding_key.as_ref()
}
pub fn turn_password(&self) -> &String {
&self.config.turn_password
}
pub fn turn_ttl(&self) -> u64 {
self.config.turn_ttl
}
pub fn turn_uris(&self) -> &[String] {
&self.config.turn_uris
}
pub fn turn_username(&self) -> &String {
&self.config.turn_username
}
pub fn turn_secret(&self) -> &String {
&self.config.turn_secret
}
/// TODO: the key valid until timestamp is only honored in room version > 4
/// Remove the outdated keys and insert the new ones.
///
/// This doesn't actually check that the keys provided are newer than the old set.
pub fn add_signing_key(
&self,
origin: &ServerName,
new_keys: ServerSigningKeys,
) -> Result<BTreeMap<Box<ServerSigningKeyId>, VerifyKey>> {
// Not atomic, but this is not critical
let signingkeys = self.server_signingkeys.get(origin.as_bytes())?;
let mut keys = signingkeys
.and_then(|keys| serde_json::from_slice(&keys).ok())
.unwrap_or_else(|| {
// Just insert "now", it doesn't matter
ServerSigningKeys::new(origin.to_owned(), MilliSecondsSinceUnixEpoch::now())
});
let ServerSigningKeys {
verify_keys,
old_verify_keys,
..
} = new_keys;
keys.verify_keys.extend(verify_keys.into_iter());
keys.old_verify_keys.extend(old_verify_keys.into_iter());
self.server_signingkeys.insert(
origin.as_bytes(),
&serde_json::to_vec(&keys).expect("serversigningkeys can be serialized"),
pub fn add_signing_key(&self, origin: &ServerName, keys: &ServerSigningKeys) -> Result<()> {
let mut key1 = origin.as_bytes().to_vec();
key1.push(0xff);
let mut key2 = key1.clone();
let ts = keys
.valid_until_ts
.duration_since(std::time::UNIX_EPOCH)
.expect("time is valid")
.as_millis() as u64;
key1.extend_from_slice(&ts.to_be_bytes());
key2.extend_from_slice(&(ts + 1).to_be_bytes());
self.servertimeout_signingkey.insert(
key1,
serde_json::to_vec(&keys.verify_keys).expect("ServerSigningKeys are a valid string"),
)?;
let mut tree = keys.verify_keys;
tree.extend(
keys.old_verify_keys
.into_iter()
.map(|old| (old.0, VerifyKey::new(old.1.key))),
);
self.servertimeout_signingkey.insert(
key2,
serde_json::to_vec(&keys.old_verify_keys)
.expect("ServerSigningKeys are a valid string"),
)?;
Ok(tree)
Ok(())
}
/// This returns an empty `Ok(BTreeMap<..>)` when there are no keys found for the server.
pub fn signing_keys_for(
&self,
origin: &ServerName,
) -> Result<BTreeMap<Box<ServerSigningKeyId>, VerifyKey>> {
let signingkeys = self
.server_signingkeys
.get(origin.as_bytes())?
.and_then(|bytes| serde_json::from_slice(&bytes).ok())
.map(|keys: ServerSigningKeys| {
let mut tree = keys.verify_keys;
tree.extend(
keys.old_verify_keys
.into_iter()
.map(|old| (old.0, VerifyKey::new(old.1.key))),
);
tree
})
.unwrap_or_else(BTreeMap::new);
Ok(signingkeys)
}
pub fn database_version(&self) -> Result<u64> {
self.globals.get(b"version")?.map_or(Ok(0), |version| {
utils::u64_from_bytes(&version)
.map_err(|_| Error::bad_database("Database version id is invalid."))
})
}
pub fn bump_database_version(&self, new_version: u64) -> Result<()> {
self.globals
.insert(b"version", &new_version.to_be_bytes())?;
Ok(())
}
pub fn get_media_folder(&self) -> PathBuf {
let mut r = PathBuf::new();
r.push(self.config.database_path.clone());
r.push("media");
r
}
pub fn get_media_file(&self, key: &[u8]) -> PathBuf {
let mut r = PathBuf::new();
r.push(self.config.database_path.clone());
r.push("media");
r.push(base64::encode_config(key, base64::URL_SAFE_NO_PAD));
r
) -> Result<BTreeMap<ServerSigningKeyId, VerifyKey>> {
let mut response = BTreeMap::new();
let now = crate::utils::millis_since_unix_epoch();
for item in self.servertimeout_signingkey.scan_prefix(origin.as_bytes()) {
let (k, bytes) = item?;
let valid_until = k
.splitn(2, |&b| b == 0xff)
.nth(1)
.map(crate::utils::u64_from_bytes)
.ok_or_else(|| Error::bad_database("Invalid signing keys."))?
.map_err(|_| Error::bad_database("Invalid signing key valid until bytes"))?;
// If these keys are still valid use em!
if valid_until > now {
let btree: BTreeMap<_, _> = serde_json::from_slice(&bytes)
.map_err(|_| Error::bad_database("Invalid BTreeMap<> of signing keys"))?;
response.extend(btree);
}
}
Ok(response)
}
}

224
src/database/key_backups.rs
Unescape View File

@ -6,14 +6,13 @@ use ruma::{ @@ -6,14 +6,13 @@ use ruma::{
},
RoomId, UserId,
};
use std::{collections::BTreeMap, sync::Arc};
use super::abstraction::Tree;
use std::{collections::BTreeMap, convert::TryFrom};
#[derive(Clone)]
pub struct KeyBackups {
pub(super) backupid_algorithm: Arc<dyn Tree>, // BackupId = UserId + Version(Count)
pub(super) backupid_etag: Arc<dyn Tree>, // BackupId = UserId + Version(Count)
pub(super) backupkeyid_backup: Arc<dyn Tree>, // BackupKeyId = UserId + Version + RoomId + SessionId
pub(super) backupid_algorithm: sled::Tree, // BackupId = UserId + Version(Count)
pub(super) backupid_etag: sled::Tree, // BackupId = UserId + Version(Count)
pub(super) backupkeyid_backup: sled::Tree, // BackupKeyId = UserId + Version + RoomId + SessionId
}
impl KeyBackups {
@ -25,13 +24,14 @@ impl KeyBackups { @@ -25,13 +24,14 @@ impl KeyBackups {
) -> Result<String> {
let version = globals.next_count()?.to_string();
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
self.backupid_algorithm.insert(
&key,
&serde_json::to_vec(backup_metadata).expect("BackupAlgorithm::to_vec always works"),
&*serde_json::to_string(backup_metadata)
.expect("BackupAlgorithm::to_string always works"),
)?;
self.backupid_etag
.insert(&key, &globals.next_count()?.to_be_bytes())?;
@ -39,17 +39,22 @@ impl KeyBackups { @@ -39,17 +39,22 @@ impl KeyBackups {
}
pub fn delete_backup(&self, user_id: &UserId, version: &str) -> Result<()> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
self.backupid_algorithm.remove(&key)?;
self.backupid_etag.remove(&key)?;
key.push(0xff);
for (outdated_key, _) in self.backupkeyid_backup.scan_prefix(key) {
self.backupkeyid_backup.remove(&outdated_key)?;
for outdated_key in self
.backupkeyid_backup
.scan_prefix(&key)
.keys()
.filter_map(|r| r.ok())
{
self.backupkeyid_backup.remove(outdated_key)?;
}
Ok(())
@ -62,9 +67,9 @@ impl KeyBackups { @@ -62,9 +67,9 @@ impl KeyBackups {
backup_metadata: &BackupAlgorithm,
globals: &super::globals::Globals,
) -> Result<String> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
if self.backupid_algorithm.get(&key)?.is_none() {
return Err(Error::BadRequest(
@ -75,47 +80,22 @@ impl KeyBackups { @@ -75,47 +80,22 @@ impl KeyBackups {
self.backupid_algorithm.insert(
&key,
serde_json::to_string(backup_metadata)
.expect("BackupAlgorithm::to_string always works")
.as_bytes(),
&*serde_json::to_string(backup_metadata)
.expect("BackupAlgorithm::to_string always works"),
)?;
self.backupid_etag
.insert(&key, &globals.next_count()?.to_be_bytes())?;
Ok(version.to_owned())
}
pub fn get_latest_backup_version(&self, user_id: &UserId) -> Result<Option<String>> {
let mut prefix = user_id.as_bytes().to_vec();
prefix.push(0xff);
let mut last_possible_key = prefix.clone();
last_possible_key.extend_from_slice(&u64::MAX.to_be_bytes());
self.backupid_algorithm
.iter_from(&last_possible_key, true)
.take_while(move |(k, _)| k.starts_with(&prefix))
.next()
.map(|(key, _)| {
utils::string_from_bytes(
key.rsplit(|&b| b == 0xff)
.next()
.expect("rsplit always returns an element"),
)
.map_err(|_| Error::bad_database("backupid_algorithm key is invalid."))
})
.transpose()
Ok(version.to_string())
}
pub fn get_latest_backup(&self, user_id: &UserId) -> Result<Option<(String, BackupAlgorithm)>> {
let mut prefix = user_id.as_bytes().to_vec();
let mut prefix = user_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let mut last_possible_key = prefix.clone();
last_possible_key.extend_from_slice(&u64::MAX.to_be_bytes());
self.backupid_algorithm
.iter_from(&last_possible_key, true)
.take_while(move |(k, _)| k.starts_with(&prefix))
.next()
.map(|(key, value)| {
.scan_prefix(&prefix)
.last()
.map_or(Ok(None), |r| {
let (key, value) = r?;
let version = utils::string_from_bytes(
key.rsplit(|&b| b == 0xff)
.next()
@ -123,27 +103,24 @@ impl KeyBackups { @@ -123,27 +103,24 @@ impl KeyBackups {
)
.map_err(|_| Error::bad_database("backupid_algorithm key is invalid."))?;
Ok((
Ok(Some((
version,
serde_json::from_slice(&value).map_err(|_| {
Error::bad_database("Algorithm in backupid_algorithm is invalid.")
})?,
))
)))
})
.transpose()
}
pub fn get_backup(&self, user_id: &UserId, version: &str) -> Result<Option<BackupAlgorithm>> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
self.backupid_algorithm
.get(&key)?
.map_or(Ok(None), |bytes| {
serde_json::from_slice(&bytes)
.map_err(|_| Error::bad_database("Algorithm in backupid_algorithm is invalid."))
})
self.backupid_algorithm.get(key)?.map_or(Ok(None), |bytes| {
Ok(serde_json::from_slice(&bytes)
.map_err(|_| Error::bad_database("Algorithm in backupid_algorithm is invalid."))?)
})
}
pub fn add_key(
@ -155,7 +132,7 @@ impl KeyBackups { @@ -155,7 +132,7 @@ impl KeyBackups {
key_data: &KeyBackupData,
globals: &super::globals::Globals,
) -> Result<()> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
@ -170,30 +147,30 @@ impl KeyBackups { @@ -170,30 +147,30 @@ impl KeyBackups {
.insert(&key, &globals.next_count()?.to_be_bytes())?;
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());
key.extend_from_slice(room_id.to_string().as_bytes());
key.push(0xff);
key.extend_from_slice(session_id.as_bytes());
self.backupkeyid_backup.insert(
&key,
&serde_json::to_vec(&key_data).expect("KeyBackupData::to_vec always works"),
&*serde_json::to_string(&key_data).expect("KeyBackupData::to_string always works"),
)?;
Ok(())
}
pub fn count_keys(&self, user_id: &UserId, version: &str) -> Result<usize> {
let mut prefix = user_id.as_bytes().to_vec();
let mut prefix = user_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
prefix.extend_from_slice(version.as_bytes());
Ok(self.backupkeyid_backup.scan_prefix(prefix).count())
Ok(self.backupkeyid_backup.scan_prefix(&prefix).count())
}
pub fn get_etag(&self, user_id: &UserId, version: &str) -> Result<String> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
Ok(utils::u64_from_bytes(
&self
@ -209,45 +186,41 @@ impl KeyBackups { @@ -209,45 +186,41 @@ impl KeyBackups {
&self,
user_id: &UserId,
version: &str,
) -> Result<BTreeMap<Box<RoomId>, RoomKeyBackup>> {
let mut prefix = user_id.as_bytes().to_vec();
) -> Result<BTreeMap<RoomId, RoomKeyBackup>> {
let mut prefix = user_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
prefix.extend_from_slice(version.as_bytes());
prefix.push(0xff);
let mut rooms = BTreeMap::<Box<RoomId>, RoomKeyBackup>::new();
let mut rooms = BTreeMap::<RoomId, RoomKeyBackup>::new();
for result in self
.backupkeyid_backup
.scan_prefix(prefix)
.map(|(key, value)| {
let mut parts = key.rsplit(|&b| b == 0xff);
for result in self.backupkeyid_backup.scan_prefix(&prefix).map(|r| {
let (key, value) = r?;
let mut parts = key.rsplit(|&b| b == 0xff);
let session_id =
utils::string_from_bytes(parts.next().ok_or_else(|| {
Error::bad_database("backupkeyid_backup key is invalid.")
})?)
.map_err(|_| {
Error::bad_database("backupkeyid_backup session_id is invalid.")
})?;
let session_id = utils::string_from_bytes(
&parts
.next()
.ok_or_else(|| Error::bad_database("backupkeyid_backup key is invalid."))?,
)
.map_err(|_| Error::bad_database("backupkeyid_backup session_id is invalid."))?;
let room_id = RoomId::parse(
utils::string_from_bytes(parts.next().ok_or_else(|| {
Error::bad_database("backupkeyid_backup key is invalid.")
})?)
.map_err(|_| Error::bad_database("backupkeyid_backup room_id is invalid."))?,
let room_id = RoomId::try_from(
utils::string_from_bytes(
&parts
.next()
.ok_or_else(|| Error::bad_database("backupkeyid_backup key is invalid."))?,
)
.map_err(|_| {
Error::bad_database("backupkeyid_backup room_id is invalid room id.")
})?;
.map_err(|_| Error::bad_database("backupkeyid_backup room_id is invalid."))?,
)
.map_err(|_| Error::bad_database("backupkeyid_backup room_id is invalid room id."))?;
let key_data = serde_json::from_slice(&value).map_err(|_| {
Error::bad_database("KeyBackupData in backupkeyid_backup is invalid.")
})?;
let key_data = serde_json::from_slice(&value).map_err(|_| {
Error::bad_database("KeyBackupData in backupkeyid_backup is invalid.")
})?;
Ok::<_, Error>((room_id, session_id, key_data))
})
{
Ok::<_, Error>((room_id, session_id, key_data))
}) {
let (room_id, session_id, key_data) = result?;
rooms
.entry(room_id)
@ -266,22 +239,22 @@ impl KeyBackups { @@ -266,22 +239,22 @@ impl KeyBackups {
user_id: &UserId,
version: &str,
room_id: &RoomId,
) -> Result<BTreeMap<String, KeyBackupData>> {
let mut prefix = user_id.as_bytes().to_vec();
) -> BTreeMap<String, KeyBackupData> {
let mut prefix = user_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
prefix.extend_from_slice(version.as_bytes());
prefix.push(0xff);
prefix.extend_from_slice(room_id.as_bytes());
prefix.push(0xff);
Ok(self
.backupkeyid_backup
.scan_prefix(prefix)
.map(|(key, value)| {
self.backupkeyid_backup
.scan_prefix(&prefix)
.map(|r| {
let (key, value) = r?;
let mut parts = key.rsplit(|&b| b == 0xff);
let session_id =
utils::string_from_bytes(parts.next().ok_or_else(|| {
utils::string_from_bytes(&parts.next().ok_or_else(|| {
Error::bad_database("backupkeyid_backup key is invalid.")
})?)
.map_err(|_| {
@ -295,7 +268,7 @@ impl KeyBackups { @@ -295,7 +268,7 @@ impl KeyBackups {
Ok::<_, Error>((session_id, key_data))
})
.filter_map(|r| r.ok())
.collect())
.collect()
}
pub fn get_session(
@ -305,7 +278,7 @@ impl KeyBackups { @@ -305,7 +278,7 @@ impl KeyBackups {
room_id: &RoomId,
session_id: &str,
) -> Result<Option<KeyBackupData>> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.push(0xff);
@ -324,13 +297,18 @@ impl KeyBackups { @@ -324,13 +297,18 @@ impl KeyBackups {
}
pub fn delete_all_keys(&self, user_id: &UserId, version: &str) -> Result<()> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
key.push(0xff);
for (outdated_key, _) in self.backupkeyid_backup.scan_prefix(key) {
self.backupkeyid_backup.remove(&outdated_key)?;
for outdated_key in self
.backupkeyid_backup
.scan_prefix(&key)
.keys()
.filter_map(|r| r.ok())
{
self.backupkeyid_backup.remove(outdated_key)?;
}
Ok(())
@ -342,15 +320,20 @@ impl KeyBackups { @@ -342,15 +320,20 @@ impl KeyBackups {
version: &str,
room_id: &RoomId,
) -> Result<()> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());
key.extend_from_slice(&room_id.as_bytes());
key.push(0xff);
for (outdated_key, _) in self.backupkeyid_backup.scan_prefix(key) {
self.backupkeyid_backup.remove(&outdated_key)?;
for outdated_key in self
.backupkeyid_backup
.scan_prefix(&key)
.keys()
.filter_map(|r| r.ok())
{
self.backupkeyid_backup.remove(outdated_key)?;
}
Ok(())
@ -363,16 +346,21 @@ impl KeyBackups { @@ -363,16 +346,21 @@ impl KeyBackups {
room_id: &RoomId,
session_id: &str,
) -> Result<()> {
let mut key = user_id.as_bytes().to_vec();
let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(version.as_bytes());
key.extend_from_slice(&version.as_bytes());
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());
key.extend_from_slice(&room_id.as_bytes());
key.push(0xff);
key.extend_from_slice(session_id.as_bytes());
key.extend_from_slice(&session_id.as_bytes());
for (outdated_key, _) in self.backupkeyid_backup.scan_prefix(key) {
self.backupkeyid_backup.remove(&outdated_key)?;
for outdated_key in self
.backupkeyid_backup
.scan_prefix(&key)
.keys()
.filter_map(|r| r.ok())
{
self.backupkeyid_backup.remove(outdated_key)?;
}
Ok(())

156
src/database/media.rs
Unescape View File

@ -1,31 +1,25 @@ @@ -1,31 +1,25 @@
use crate::database::globals::Globals;
use image::{imageops::FilterType, GenericImageView};
use super::abstraction::Tree;
use crate::{utils, Error, Result};
use std::{mem, sync::Arc};
use tokio::{
fs::File,
io::{AsyncReadExt, AsyncWriteExt},
};
use std::mem;
pub struct FileMeta {
pub content_disposition: Option<String>,
pub filename: Option<String>,
pub content_type: Option<String>,
pub file: Vec<u8>,
}
#[derive(Clone)]
pub struct Media {
pub(super) mediaid_file: Arc<dyn Tree>, // MediaId = MXC + WidthHeight + ContentDisposition + ContentType
pub(super) mediaid_file: sled::Tree, // MediaId = MXC + WidthHeight + Filename + ContentType
}
impl Media {
/// Uploads a file.
pub async fn create(
/// Uploads or replaces a file.
pub fn create(
&self,
mxc: String,
globals: &Globals,
content_disposition: &Option<&str>,
filename: &Option<&str>,
content_type: &Option<&str>,
file: &[u8],
) -> Result<()> {
@ -34,12 +28,7 @@ impl Media { @@ -34,12 +28,7 @@ impl Media {
key.extend_from_slice(&0_u32.to_be_bytes()); // Width = 0 if it's not a thumbnail
key.extend_from_slice(&0_u32.to_be_bytes()); // Height = 0 if it's not a thumbnail
key.push(0xff);
key.extend_from_slice(
content_disposition
.as_ref()
.map(|f| f.as_bytes())
.unwrap_or_default(),
);
key.extend_from_slice(filename.as_ref().map(|f| f.as_bytes()).unwrap_or_default());
key.push(0xff);
key.extend_from_slice(
content_type
@ -48,21 +37,16 @@ impl Media { @@ -48,21 +37,16 @@ impl Media {
.unwrap_or_default(),
);
let path = globals.get_media_file(&key);
let mut f = File::create(path).await?;
f.write_all(file).await?;
self.mediaid_file.insert(key, file)?;
self.mediaid_file.insert(&key, &[])?;
Ok(())
}
/// Uploads or replaces a file thumbnail.
#[allow(clippy::too_many_arguments)]
pub async fn upload_thumbnail(
pub fn upload_thumbnail(
&self,
mxc: String,
globals: &Globals,
content_disposition: &Option<String>,
filename: &Option<String>,
content_type: &Option<String>,
width: u32,
height: u32,
@ -73,12 +57,7 @@ impl Media { @@ -73,12 +57,7 @@ impl Media {
key.extend_from_slice(&width.to_be_bytes());
key.extend_from_slice(&height.to_be_bytes());
key.push(0xff);
key.extend_from_slice(
content_disposition
.as_ref()
.map(|f| f.as_bytes())
.unwrap_or_default(),
);
key.extend_from_slice(filename.as_ref().map(|f| f.as_bytes()).unwrap_or_default());
key.push(0xff);
key.extend_from_slice(
content_type
@ -87,59 +66,48 @@ impl Media { @@ -87,59 +66,48 @@ impl Media {
.unwrap_or_default(),
);
let path = globals.get_media_file(&key);
let mut f = File::create(path).await?;
f.write_all(file).await?;
self.mediaid_file.insert(&key, &[])?;
self.mediaid_file.insert(key, file)?;
Ok(())
}
/// Downloads a file.
pub async fn get(&self, globals: &Globals, mxc: &str) -> Result<Option<FileMeta>> {
pub fn get(&self, mxc: &str) -> Result<Option<FileMeta>> {
let mut prefix = mxc.as_bytes().to_vec();
prefix.push(0xff);
prefix.extend_from_slice(&0_u32.to_be_bytes()); // Width = 0 if it's not a thumbnail
prefix.extend_from_slice(&0_u32.to_be_bytes()); // Height = 0 if it's not a thumbnail
prefix.push(0xff);
let first = self.mediaid_file.scan_prefix(prefix).next();
if let Some((key, _)) = first {
let path = globals.get_media_file(&key);
let mut file = Vec::new();
File::open(path).await?.read_to_end(&mut file).await?;
if let Some(r) = self.mediaid_file.scan_prefix(&prefix).next() {
let (key, file) = r?;
let mut parts = key.rsplit(|&b| b == 0xff);
let content_type = parts
.next()
.map(|bytes| {
utils::string_from_bytes(bytes).map_err(|_| {
Ok::<_, Error>(utils::string_from_bytes(bytes).map_err(|_| {
Error::bad_database("Content type in mediaid_file is invalid unicode.")
})
})?)
})
.transpose()?;
let content_disposition_bytes = parts
let filename_bytes = parts
.next()
.ok_or_else(|| Error::bad_database("Media ID in db is invalid."))?;
let content_disposition = if content_disposition_bytes.is_empty() {
let filename = if filename_bytes.is_empty() {
None
} else {
Some(
utils::string_from_bytes(content_disposition_bytes).map_err(|_| {
Error::bad_database(
"Content Disposition in mediaid_file is invalid unicode.",
)
})?,
)
Some(utils::string_from_bytes(filename_bytes).map_err(|_| {
Error::bad_database("Filename in mediaid_file is invalid unicode.")
})?)
};
Ok(Some(FileMeta {
content_disposition,
filename,
content_type,
file,
file: file.to_vec(),
}))
} else {
Ok(None)
@ -169,13 +137,7 @@ impl Media { @@ -169,13 +137,7 @@ impl Media {
/// - Server creates the thumbnail and sends it to the user
///
/// For width,height <= 96 the server uses another thumbnailing algorithm which crops the image afterwards.
pub async fn get_thumbnail(
&self,
mxc: String,
globals: &Globals,
width: u32,
height: u32,
) -> Result<Option<FileMeta>> {
pub fn get_thumbnail(&self, mxc: String, width: u32, height: u32) -> Result<Option<FileMeta>> {
let (width, height, crop) = self
.thumbnail_properties(width, height)
.unwrap_or((0, 0, false)); // 0, 0 because that's the original file
@ -193,74 +155,63 @@ impl Media { @@ -193,74 +155,63 @@ impl Media {
original_prefix.extend_from_slice(&0_u32.to_be_bytes()); // Height = 0 if it's not a thumbnail
original_prefix.push(0xff);
let first_thumbnailprefix = self.mediaid_file.scan_prefix(thumbnail_prefix).next();
let first_originalprefix = self.mediaid_file.scan_prefix(original_prefix).next();
if let Some((key, _)) = first_thumbnailprefix {
if let Some(r) = self.mediaid_file.scan_prefix(&thumbnail_prefix).next() {
// Using saved thumbnail
let path = globals.get_media_file(&key);
let mut file = Vec::new();
File::open(path).await?.read_to_end(&mut file).await?;
let (key, file) = r?;
let mut parts = key.rsplit(|&b| b == 0xff);
let content_type = parts
.next()
.map(|bytes| {
utils::string_from_bytes(bytes).map_err(|_| {
Ok::<_, Error>(utils::string_from_bytes(bytes).map_err(|_| {
Error::bad_database("Content type in mediaid_file is invalid unicode.")
})
})?)
})
.transpose()?;
let content_disposition_bytes = parts
let filename_bytes = parts
.next()
.ok_or_else(|| Error::bad_database("Media ID in db is invalid."))?;
let content_disposition = if content_disposition_bytes.is_empty() {
let filename = if filename_bytes.is_empty() {
None
} else {
Some(
utils::string_from_bytes(content_disposition_bytes).map_err(|_| {
Error::bad_database("Content Disposition in db is invalid.")
})?,
utils::string_from_bytes(filename_bytes)
.map_err(|_| Error::bad_database("Filename in db is invalid."))?,
)
};
Ok(Some(FileMeta {
content_disposition,
filename,
content_type,
file: file.to_vec(),
}))
} else if let Some((key, _)) = first_originalprefix {
} else if let Some(r) = self.mediaid_file.scan_prefix(&original_prefix).next() {
// Generate a thumbnail
let path = globals.get_media_file(&key);
let mut file = Vec::new();
File::open(path).await?.read_to_end(&mut file).await?;
let (key, file) = r?;
let mut parts = key.rsplit(|&b| b == 0xff);
let content_type = parts
.next()
.map(|bytes| {
utils::string_from_bytes(bytes).map_err(|_| {
Ok::<_, Error>(utils::string_from_bytes(bytes).map_err(|_| {
Error::bad_database("Content type in mediaid_file is invalid unicode.")
})
})?)
})
.transpose()?;
let content_disposition_bytes = parts
let filename_bytes = parts
.next()
.ok_or_else(|| Error::bad_database("Media ID in db is invalid."))?;
let content_disposition = if content_disposition_bytes.is_empty() {
let filename = if filename_bytes.is_empty() {
None
} else {
Some(
utils::string_from_bytes(content_disposition_bytes).map_err(|_| {
Error::bad_database(
"Content Disposition in mediaid_file is invalid unicode.",
)
})?,
)
Some(utils::string_from_bytes(filename_bytes).map_err(|_| {
Error::bad_database("Filename in mediaid_file is invalid unicode.")
})?)
};
if let Ok(image) = image::load_from_memory(&file) {
@ -268,24 +219,23 @@ impl Media { @@ -268,24 +219,23 @@ impl Media {
let original_height = image.height();
if width > original_width || height > original_height {
return Ok(Some(FileMeta {
content_disposition,
filename,
content_type,
file: file.to_vec(),
}));
}
let thumbnail = if crop {
image.resize_to_fill(width, height, FilterType::CatmullRom)
image.resize_to_fill(width, height, FilterType::Triangle)
} else {
let (exact_width, exact_height) = {
// Copied from image::dynimage::resize_dimensions
let ratio = u64::from(original_width) * u64::from(height);
let nratio = u64::from(width) * u64::from(original_height);
let use_width = nratio <= ratio;
let use_width = nratio > ratio;
let intermediate = if use_width {
u64::from(original_height) * u64::from(width)
/ u64::from(original_width)
u64::from(original_height) * u64::from(width) / u64::from(width)
} else {
u64::from(original_width) * u64::from(height)
/ u64::from(original_height)
@ -332,21 +282,17 @@ impl Media { @@ -332,21 +282,17 @@ impl Media {
widthheight,
);
let path = globals.get_media_file(&thumbnail_key);
let mut f = File::create(path).await?;
f.write_all(&thumbnail_bytes).await?;
self.mediaid_file.insert(&thumbnail_key, &[])?;
self.mediaid_file.insert(thumbnail_key, &*thumbnail_bytes)?;
Ok(Some(FileMeta {
content_disposition,
filename,
content_type,
file: thumbnail_bytes.to_vec(),
}))
} else {
// Couldn't parse file to generate thumbnail, send original
Ok(Some(FileMeta {
content_disposition,
filename,
content_type,
file: file.to_vec(),
}))

146
src/database/proxy.rs
Unescape View File

@ -1,146 +0,0 @@ @@ -1,146 +0,0 @@
use reqwest::{Proxy, Url};
use serde::Deserialize;
use crate::Result;
/// ## Examples:
/// - No proxy (default):
/// ```toml
/// proxy ="none"
/// ```
/// - Global proxy
/// ```toml
/// [proxy]
/// global = { url = "socks5h://localhost:9050" }
/// ```
/// - Proxy some domains
/// ```toml
/// [proxy]
/// [[proxy.by_domain]]
/// url = "socks5h://localhost:9050"
/// include = ["*.onion", "matrix.myspecial.onion"]
/// exclude = ["*.myspecial.onion"]
/// ```
/// ## Include vs. Exclude
/// If include is an empty list, it is assumed to be `["*"]`.
///
/// If a domain matches both the exclude and include list, the proxy will only be used if it was
/// included because of a more specific rule than it was excluded. In the above example, the proxy
/// would be used for `ordinary.onion`, `matrix.myspecial.onion`, but not `hello.myspecial.onion`.
#[derive(Clone, Debug, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum ProxyConfig {
None,
Global {
#[serde(deserialize_with = "crate::utils::deserialize_from_str")]
url: Url,
},
ByDomain(Vec<PartialProxyConfig>),
}
impl ProxyConfig {
pub fn to_proxy(&self) -> Result<Option<Proxy>> {
Ok(match self.clone() {
ProxyConfig::None => None,
ProxyConfig::Global { url } => Some(Proxy::all(url)?),
ProxyConfig::ByDomain(proxies) => Some(Proxy::custom(move |url| {
proxies.iter().find_map(|proxy| proxy.for_url(url)).cloned() // first matching proxy
})),
})
}
}
impl Default for ProxyConfig {
fn default() -> Self {
ProxyConfig::None
}
}
#[derive(Clone, Debug, Deserialize)]
pub struct PartialProxyConfig {
#[serde(deserialize_with = "crate::utils::deserialize_from_str")]
url: Url,
#[serde(default)]
include: Vec<WildCardedDomain>,
#[serde(default)]
exclude: Vec<WildCardedDomain>,
}
impl PartialProxyConfig {
pub fn for_url(&self, url: &Url) -> Option<&Url> {
let domain = url.domain()?;
let mut included_because = None; // most specific reason it was included
let mut excluded_because = None; // most specific reason it was excluded
if self.include.is_empty() {
// treat empty include list as `*`
included_because = Some(&WildCardedDomain::WildCard)
}
for wc_domain in &self.include {
if wc_domain.matches(domain) {
match included_because {
Some(prev) if !wc_domain.more_specific_than(prev) => (),
_ => included_because = Some(wc_domain),
}
}
}
for wc_domain in &self.exclude {
if wc_domain.matches(domain) {
match excluded_because {
Some(prev) if !wc_domain.more_specific_than(prev) => (),
_ => excluded_because = Some(wc_domain),
}
}
}
match (included_because, excluded_because) {
(Some(a), Some(b)) if a.more_specific_than(b) => Some(&self.url), // included for a more specific reason than excluded
(Some(_), None) => Some(&self.url),
_ => None,
}
}
}
/// A domain name, that optionally allows a * as its first subdomain.
#[derive(Clone, Debug)]
pub enum WildCardedDomain {
WildCard,
WildCarded(String),
Exact(String),
}
impl WildCardedDomain {
pub fn matches(&self, domain: &str) -> bool {
match self {
WildCardedDomain::WildCard => true,
WildCardedDomain::WildCarded(d) => domain.ends_with(d),
WildCardedDomain::Exact(d) => domain == d,
}
}
pub fn more_specific_than(&self, other: &Self) -> bool {
match (self, other) {
(WildCardedDomain::WildCard, WildCardedDomain::WildCard) => false,
(_, WildCardedDomain::WildCard) => true,
(WildCardedDomain::Exact(a), WildCardedDomain::WildCarded(_)) => other.matches(a),
(WildCardedDomain::WildCarded(a), WildCardedDomain::WildCarded(b)) => {
a != b && a.ends_with(b)
}
_ => false,
}
}
}
impl std::str::FromStr for WildCardedDomain {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> Result<Self, Self::Err> {
// maybe do some domain validation?
Ok(if s.starts_with("*.") {
WildCardedDomain::WildCarded(s[1..].to_owned())
} else if s == "*" {
WildCardedDomain::WildCarded("".to_owned())
} else {
WildCardedDomain::Exact(s.to_owned())
})
}
}
impl<'de> Deserialize<'de> for WildCardedDomain {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: serde::de::Deserializer<'de>,
{
crate::utils::deserialize_from_str(deserializer)
}
}

622
src/database/pusher.rs
Unescape View File

@ -1,36 +1,42 @@ @@ -1,36 +1,42 @@
use crate::{Database, Error, PduEvent, Result};
use bytes::BytesMut;
use log::{error, info, warn};
use ruma::{
api::{
client::r0::push::{get_pushers, set_pusher, PusherKind},
client::r0::push::{Pusher, PusherKind},
push_gateway::send_event_notification::{
self,
v1::{Device, Notification, NotificationCounts, NotificationPriority},
},
IncomingResponse, OutgoingRequest, SendAccessToken,
OutgoingRequest,
},
events::{
room::{name::RoomNameEventContent, power_levels::RoomPowerLevelsEventContent},
AnySyncRoomEvent, EventType,
events::room::{
member::{MemberEventContent, MembershipState},
message::{MessageEventContent, MessageType, TextMessageEventContent},
power_levels::PowerLevelsEventContent,
},
push::{Action, PushConditionRoomCtx, PushFormat, Ruleset, Tweak},
serde::Raw,
uint, RoomId, UInt, UserId,
events::EventType,
push::{Action, PushCondition, PushFormat, Ruleset, Tweak},
uint, UInt, UserId,
};
use tracing::{error, info, warn};
use std::{convert::TryFrom, fmt::Debug, mem, sync::Arc};
use super::abstraction::Tree;
use std::{convert::TryFrom, fmt::Debug, time::Duration};
#[derive(Debug, Clone)]
pub struct PushData {
/// UserId + pushkey -> Pusher
pub(super) senderkey_pusher: Arc<dyn Tree>,
pub(super) senderkey_pusher: sled::Tree,
}
impl PushData {
#[tracing::instrument(skip(self, sender, pusher))]
pub fn set_pusher(&self, sender: &UserId, pusher: set_pusher::Pusher) -> Result<()> {
pub fn new(db: &sled::Db) -> Result<Self> {
Ok(Self {
senderkey_pusher: db.open_tree("senderkey_pusher")?,
})
}
pub fn set_pusher(&self, sender: &UserId, pusher: Pusher) -> Result<()> {
println!("CCCCCCCCCCCCCCCCCCCCCc");
dbg!(&pusher);
let mut key = sender.as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(pusher.pushkey.as_bytes());
@ -39,57 +45,37 @@ impl PushData { @@ -39,57 +45,37 @@ impl PushData {
if pusher.kind.is_none() {
return self
.senderkey_pusher
.remove(&key)
.remove(key)
.map(|_| ())
.map_err(Into::into);
}
self.senderkey_pusher.insert(
&key,
&serde_json::to_vec(&pusher).expect("Pusher is valid JSON value"),
dbg!(key),
&*serde_json::to_string(&pusher).expect("Pusher is valid JSON string"),
)?;
Ok(())
}
#[tracing::instrument(skip(self, senderkey))]
pub fn get_pusher(&self, senderkey: &[u8]) -> Result<Option<get_pushers::Pusher>> {
self.senderkey_pusher
.get(senderkey)?
.map(|push| {
serde_json::from_slice(&*push)
.map_err(|_| Error::bad_database("Invalid Pusher in db."))
})
.transpose()
}
#[tracing::instrument(skip(self, sender))]
pub fn get_pushers(&self, sender: &UserId) -> Result<Vec<get_pushers::Pusher>> {
pub fn get_pusher(&self, sender: &UserId) -> Result<Vec<Pusher>> {
let mut prefix = sender.as_bytes().to_vec();
prefix.push(0xff);
self.senderkey_pusher
.scan_prefix(prefix)
.map(|(_, push)| {
serde_json::from_slice(&*push)
.map_err(|_| Error::bad_database("Invalid Pusher in db."))
.scan_prefix(dbg!(prefix))
.values()
.map(|push| {
println!("DDDDDDDDDDDDDDDDDDDDDDDDDD");
let push =
dbg!(push).map_err(|_| Error::bad_database("Invalid push bytes in db."))?;
Ok(serde_json::from_slice(&*push)
.map_err(|_| Error::bad_database("Invalid Pusher in db."))?)
})
.collect()
}
#[tracing::instrument(skip(self, sender))]
pub fn get_pusher_senderkeys<'a>(
&'a self,
sender: &UserId,
) -> impl Iterator<Item = Vec<u8>> + 'a {
let mut prefix = sender.as_bytes().to_vec();
prefix.push(0xff);
self.senderkey_pusher.scan_prefix(prefix).map(|(k, _)| k)
}
}
#[tracing::instrument(skip(globals, destination, request))]
pub async fn send_request<T: OutgoingRequest>(
globals: &crate::database::globals::Globals,
destination: &str,
@ -101,12 +87,11 @@ where @@ -101,12 +87,11 @@ where
let destination = destination.replace("/_matrix/push/v1/notify", "");
let http_request = request
.try_into_http_request::<BytesMut>(&destination, SendAccessToken::IfRequired(""))
.try_into_http_request(&destination, Some(""))
.map_err(|e| {
warn!("Failed to find destination {}: {}", destination, e);
Error::BadServerResponse("Invalid destination")
})?
.map(|body| body.freeze());
})?;
let reqwest_request = reqwest::Request::try_from(http_request)
.expect("all http requests are valid reqwest requests");
@ -115,30 +100,35 @@ where @@ -115,30 +100,35 @@ where
//*reqwest_request.timeout_mut() = Some(Duration::from_secs(5));
let url = reqwest_request.url().clone();
let response = globals
.reqwest_client()?
.build()?
.execute(reqwest_request)
let reqwest_response = globals
.reqwest_client()
.execute(dbg!(reqwest_request))
.await;
match response {
Ok(mut response) => {
// reqwest::Response -> http::Response conversion
let status = response.status();
let mut http_response_builder = http::Response::builder()
.status(status)
.version(response.version());
mem::swap(
response.headers_mut(),
http_response_builder
.headers_mut()
.expect("http::response::Builder is usable"),
);
// Because reqwest::Response -> http::Response is complicated:
match reqwest_response {
Ok(mut reqwest_response) => {
let status = reqwest_response.status();
let mut http_response = http::Response::builder().status(status);
let headers = http_response.headers_mut().unwrap();
for (k, v) in reqwest_response.headers_mut().drain() {
if let Some(key) = k {
headers.insert(key, v);
}
}
let status = reqwest_response.status();
let body = response.bytes().await.unwrap_or_else(|e| {
warn!("server error {}", e);
Vec::new().into()
}); // TODO: handle timeout
let body = reqwest_response
.bytes()
.await
.unwrap_or_else(|e| {
warn!("server error {}", e);
Vec::new().into()
}) // TODO: handle timeout
.into_iter()
.collect::<Vec<_>>();
if status != 200 {
info!(
@ -150,8 +140,8 @@ where @@ -150,8 +140,8 @@ where
);
}
let response = T::IncomingResponse::try_from_http_response(
http_response_builder
let response = T::IncomingResponse::try_from(
http_response
.body(body)
.expect("reqwest body is valid http body"),
);
@ -167,182 +157,390 @@ where @@ -167,182 +157,390 @@ where
}
}
#[tracing::instrument(skip(user, unread, pusher, ruleset, pdu, db))]
pub async fn send_push_notice(
user: &UserId,
unread: UInt,
pusher: &get_pushers::Pusher,
pushers: &[Pusher],
ruleset: Ruleset,
pdu: &PduEvent,
db: &Database,
) -> Result<()> {
let mut notify = None;
let mut tweaks = Vec::new();
let power_levels: RoomPowerLevelsEventContent = db
.rooms
.room_state_get(&pdu.room_id, &EventType::RoomPowerLevels, "")?
.map(|ev| {
serde_json::from_str(ev.content.get())
.map_err(|_| Error::bad_database("invalid m.room.power_levels event"))
})
.transpose()?
.unwrap_or_default();
for action in get_actions(
user,
&ruleset,
&power_levels,
&pdu.to_sync_room_event(),
&pdu.room_id,
db,
)? {
let n = match action {
Action::DontNotify => false,
// TODO: Implement proper support for coalesce
Action::Notify | Action::Coalesce => true,
Action::SetTweak(tweak) => {
tweaks.push(tweak.clone());
continue;
}
};
if notify.is_some() {
return Err(Error::bad_database(
r#"Malformed pushrule contains more than one of these actions: ["dont_notify", "notify", "coalesce"]"#,
));
if let Some(msgtype) = pdu.content.get("msgtype").and_then(|b| b.as_str()) {
if msgtype == "m.notice" {
return Ok(());
}
notify = Some(n);
}
if notify == Some(true) {
send_notice(unread, pusher, tweaks, pdu, db).await?;
for rule in ruleset.into_iter() {
// TODO: can actions contain contradictory Actions
if rule
.actions
.iter()
.any(|act| matches!(act, ruma::push::Action::DontNotify))
|| !rule.enabled
{
continue;
}
match dbg!(rule.rule_id.as_str()) {
".m.rule.master" => {}
".m.rule.suppress_notices" => {
if pdu.kind == EventType::RoomMessage
&& pdu
.content
.get("msgtype")
.map_or(false, |ty| ty == "m.notice")
{
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.invite_for_me" => {
if let EventType::RoomMember = &pdu.kind {
if pdu.state_key.as_deref() == Some(user.as_str())
&& serde_json::from_value::<MemberEventContent>(pdu.content.clone())
.map_err(|_| Error::bad_database("PDU contained bad message content"))?
.membership
== MembershipState::Invite
{
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str())
.await?;
break;
}
}
}
".m.rule.member_event" => {
if let EventType::RoomMember = &pdu.kind {
// TODO use this?
let _member = serde_json::from_value::<MemberEventContent>(pdu.content.clone())
.map_err(|_| Error::bad_database("PDU contained bad message content"))?;
if let Some(conditions) = rule.conditions {
if conditions.iter().any(|cond| match cond {
PushCondition::EventMatch { key, pattern } => {
let mut json =
serde_json::to_value(pdu).expect("PDU is valid JSON");
for key in key.split('.') {
json = json[key].clone();
}
// TODO: this is baddddd
json.to_string().contains(pattern)
}
_ => false,
}) {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str())
.await?;
break;
}
}
}
}
".m.rule.contains_display_name" => {
if let EventType::RoomMessage = &pdu.kind {
let msg_content =
serde_json::from_value::<MessageEventContent>(pdu.content.clone())
.map_err(|_| {
Error::bad_database("PDU contained bad message content")
})?;
if let MessageType::Text(TextMessageEventContent { body, .. }) =
&msg_content.msgtype
{
if body.contains(user.localpart()) {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str())
.await?;
break;
}
}
}
}
".m.rule.tombstone" => {
if pdu.kind == EventType::RoomTombstone && pdu.state_key.as_deref() == Some("") {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.roomnotif" => {
if let EventType::RoomMessage = &pdu.kind {
let msg_content =
serde_json::from_value::<MessageEventContent>(pdu.content.clone())
.map_err(|_| {
Error::bad_database("PDU contained bad message content")
})?;
if let MessageType::Text(TextMessageEventContent { body, .. }) =
&msg_content.msgtype
{
let power_level_cmp = |pl: PowerLevelsEventContent| {
&pl.notifications.room
<= pl.users.get(&pdu.sender).unwrap_or(&ruma::int!(0))
};
let deserialize = |pl: PduEvent| {
serde_json::from_value::<PowerLevelsEventContent>(pl.content).ok()
};
if body.contains("@room")
&& db
.rooms
.room_state_get(&pdu.room_id, &EventType::RoomPowerLevels, "")?
.map(|(_, pl)| pl)
.map(deserialize)
.flatten()
.map_or(false, power_level_cmp)
{
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str())
.await?;
break;
}
}
}
}
".m.rule.contains_user_name" => {
if let EventType::RoomMessage = &pdu.kind {
let msg_content =
serde_json::from_value::<MessageEventContent>(pdu.content.clone())
.map_err(|_| {
Error::bad_database("PDU contained bad message content")
})?;
if let MessageType::Text(TextMessageEventContent { body, .. }) =
&msg_content.msgtype
{
if body.contains(user.localpart()) {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str())
.await?;
break;
}
}
}
}
".m.rule.call" => {
if pdu.kind == EventType::CallInvite {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.encrypted_room_one_to_one" => {
if db.rooms.room_members(&pdu.room_id).count() == 2
&& pdu.kind == EventType::RoomEncrypted
{
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.room_one_to_one" => {
if db.rooms.room_members(&pdu.room_id).count() == 2
&& pdu.kind == EventType::RoomMessage
{
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.message" => {
if pdu.kind == EventType::RoomMessage {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
".m.rule.encrypted" => {
if pdu.kind == EventType::RoomEncrypted {
let tweaks = rule
.actions
.iter()
.filter_map(|a| match a {
Action::SetTweak(tweak) => Some(tweak.clone()),
_ => None,
})
.collect::<Vec<_>>();
send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?;
break;
}
}
_ => {}
}
}
// Else the event triggered no actions
Ok(())
}
#[tracing::instrument(skip(user, ruleset, pdu, db))]
pub fn get_actions<'a>(
user: &UserId,
ruleset: &'a Ruleset,
power_levels: &RoomPowerLevelsEventContent,
pdu: &Raw<AnySyncRoomEvent>,
room_id: &RoomId,
db: &Database,
) -> Result<&'a [Action]> {
let ctx = PushConditionRoomCtx {
room_id: room_id.to_owned(),
member_count: 10_u32.into(), // TODO: get member count efficiently
user_display_name: db
.users
.displayname(user)?
.unwrap_or_else(|| user.localpart().to_owned()),
users_power_levels: power_levels.users.clone(),
default_power_level: power_levels.users_default,
notification_power_levels: power_levels.notifications.clone(),
};
Ok(ruleset.get_actions(pdu, &ctx))
}
#[tracing::instrument(skip(unread, pusher, tweaks, event, db))]
async fn send_notice(
unread: UInt,
pusher: &get_pushers::Pusher,
pushers: &[Pusher],
tweaks: Vec<Tweak>,
event: &PduEvent,
db: &Database,
name: &str,
) -> Result<()> {
// TODO: email
if pusher.kind == PusherKind::Email {
return Ok(());
}
println!("BBBBBBBBBBBBBBBr");
let (http, _emails): (Vec<&Pusher>, _) = dbg!(pushers)
.iter()
.partition(|pusher| pusher.kind == Some(PusherKind::Http));
// TODO:
// Two problems with this
// 1. if "event_id_only" is the only format kind it seems we should never add more info
// 2. can pusher/devices have conflicting formats
let event_id_only = pusher.data.format == Some(PushFormat::EventIdOnly);
let url = if let Some(url) = &pusher.data.url {
url
} else {
error!("Http Pusher must have URL specified.");
return Ok(());
};
let mut device = Device::new(pusher.app_id.clone(), pusher.pushkey.clone());
let mut data_minus_url = pusher.data.clone();
// The url must be stripped off according to spec
data_minus_url.url = None;
device.data = data_minus_url;
// Tweaks are only added if the format is NOT event_id_only
if !event_id_only {
device.tweaks = tweaks.clone();
}
let d = &[device];
let mut notifi = Notification::new(d);
notifi.prio = NotificationPriority::Low;
notifi.event_id = Some(&event.event_id);
notifi.room_id = Some(&event.room_id);
// TODO: missed calls
notifi.counts = NotificationCounts::new(unread, uint!(0));
for pusher in dbg!(http) {
let event_id_only = pusher.data.format == Some(PushFormat::EventIdOnly);
let url = if let Some(url) = pusher.data.url.as_ref() {
url
} else {
error!("Http Pusher must have URL specified.");
continue;
};
if event.kind == EventType::RoomEncrypted
|| tweaks
.iter()
.any(|t| matches!(t, Tweak::Highlight(true) | Tweak::Sound(_)))
{
notifi.prio = NotificationPriority::High
}
let mut device = Device::new(pusher.app_id.clone(), pusher.pushkey.clone());
let mut data_minus_url = pusher.data.clone();
// The url must be stripped off according to spec
data_minus_url.url = None;
device.data = Some(data_minus_url);
if event_id_only {
send_request(
&db.globals,
url,
send_event_notification::v1::Request::new(notifi),
)
.await?;
} else {
notifi.sender = Some(&event.sender);
notifi.event_type = Some(&event.kind);
let content = serde_json::value::to_raw_value(&event.content).ok();
notifi.content = content.as_deref();
if event.kind == EventType::RoomMember {
notifi.user_is_target = event.state_key.as_deref() == Some(event.sender.as_str());
// Tweaks are only added if the format is NOT event_id_only
if !event_id_only {
device.tweaks = tweaks.clone();
}
let user_name = db.users.displayname(&event.sender)?;
notifi.sender_display_name = user_name.as_deref();
let d = &[device];
let mut notifi = Notification::new(d);
let room_name = if let Some(room_name_pdu) =
db.rooms
.room_state_get(&event.room_id, &EventType::RoomName, "")?
notifi.prio = NotificationPriority::Low;
notifi.event_id = Some(&event.event_id);
notifi.room_id = Some(&event.room_id);
// TODO: missed calls
notifi.counts = NotificationCounts::new(unread, uint!(0));
if event.kind == EventType::RoomEncrypted
|| tweaks
.iter()
.any(|t| matches!(t, Tweak::Highlight(true) | Tweak::Sound(_)))
{
serde_json::from_str::<RoomNameEventContent>(room_name_pdu.content.get())
.map_err(|_| Error::bad_database("Invalid room name event in database."))?
.name
notifi.prio = NotificationPriority::High
}
if event_id_only {
error!("SEND PUSH NOTICE `{}`", name);
send_request(
&db.globals,
&url,
send_event_notification::v1::Request::new(notifi),
)
.await?;
} else {
None
};
notifi.sender = Some(&event.sender);
notifi.event_type = Some(&event.kind);
notifi.content = serde_json::value::to_raw_value(&event.content).ok();
notifi.room_name = room_name.as_deref();
if event.kind == EventType::RoomMember {
notifi.user_is_target = event.state_key.as_deref() == Some(event.sender.as_str());
}
send_request(
&db.globals,
url,
send_event_notification::v1::Request::new(notifi),
)
.await?;
let user_name = db.users.displayname(&event.sender)?;
notifi.sender_display_name = user_name.as_deref();
let room_name = db
.rooms
.room_state_get(&event.room_id, &EventType::RoomName, "")?
.map(|(_, pdu)| match pdu.content.get("name") {
Some(serde_json::Value::String(s)) => Some(s.to_string()),
_ => None,
})
.flatten();
notifi.room_name = room_name.as_deref();
error!("SEND PUSH NOTICE Full `{}`", name);
send_request(
&db.globals,
&url,
send_event_notification::v1::Request::new(notifi),
)
.await?;
}
}
// TODO: email
// for email in emails {}
Ok(())
}

3363
src/database/rooms.rs
View File

File diff suppressed because it is too large Load Diff

310
src/database/rooms/edus.rs
Unescape View File

@ -1,29 +1,28 @@ @@ -1,29 +1,28 @@
use crate::{database::abstraction::Tree, utils, Error, Result};
use crate::{utils, Error, Result};
use ruma::{
events::{
presence::{PresenceEvent, PresenceEventContent},
AnyEphemeralRoomEvent, SyncEphemeralRoomEvent,
AnyEvent as EduEvent, SyncEphemeralRoomEvent,
},
presence::PresenceState,
serde::Raw,
signatures::CanonicalJsonObject,
RoomId, UInt, UserId,
};
use std::{
collections::{HashMap, HashSet},
convert::TryInto,
collections::HashMap,
convert::{TryFrom, TryInto},
mem,
sync::Arc,
};
#[derive(Clone)]
pub struct RoomEdus {
pub(in super::super) readreceiptid_readreceipt: Arc<dyn Tree>, // ReadReceiptId = RoomId + Count + UserId
pub(in super::super) roomuserid_privateread: Arc<dyn Tree>, // RoomUserId = Room + User, PrivateRead = Count
pub(in super::super) roomuserid_lastprivatereadupdate: Arc<dyn Tree>, // LastPrivateReadUpdate = Count
pub(in super::super) typingid_userid: Arc<dyn Tree>, // TypingId = RoomId + TimeoutTime + Count
pub(in super::super) roomid_lasttypingupdate: Arc<dyn Tree>, // LastRoomTypingUpdate = Count
pub(in super::super) presenceid_presence: Arc<dyn Tree>, // PresenceId = RoomId + Count + UserId
pub(in super::super) userid_lastpresenceupdate: Arc<dyn Tree>, // LastPresenceUpdate = Count
pub(in super::super) readreceiptid_readreceipt: sled::Tree, // ReadReceiptId = RoomId + Count + UserId
pub(in super::super) roomuserid_privateread: sled::Tree, // RoomUserId = Room + User, PrivateRead = Count
pub(in super::super) roomuserid_lastprivatereadupdate: sled::Tree, // LastPrivateReadUpdate = Count
pub(in super::super) typingid_userid: sled::Tree, // TypingId = RoomId + TimeoutTime + Count
pub(in super::super) roomid_lasttypingupdate: sled::Tree, // LastRoomTypingUpdate = Count
pub(in super::super) presenceid_presence: sled::Tree, // PresenceId = RoomId + Count + UserId
pub(in super::super) userid_lastpresenceupdate: sled::Tree, // LastPresenceUpdate = Count
}
impl RoomEdus {
@ -32,39 +31,39 @@ impl RoomEdus { @@ -32,39 +31,39 @@ impl RoomEdus {
&self,
user_id: &UserId,
room_id: &RoomId,
event: AnyEphemeralRoomEvent,
event: EduEvent,
globals: &super::super::globals::Globals,
) -> Result<()> {
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let mut last_possible_key = prefix.clone();
last_possible_key.extend_from_slice(&u64::MAX.to_be_bytes());
// Remove old entry
if let Some((old, _)) = self
if let Some(old) = self
.readreceiptid_readreceipt
.iter_from(&last_possible_key, true)
.take_while(|(key, _)| key.starts_with(&prefix))
.find(|(key, _)| {
.scan_prefix(&prefix)
.keys()
.rev()
.filter_map(|r| r.ok())
.take_while(|key| key.starts_with(&prefix))
.find(|key| {
key.rsplit(|&b| b == 0xff)
.next()
.expect("rsplit always returns an element")
== user_id.as_bytes()
== user_id.to_string().as_bytes()
})
{
// This is the old room_latest
self.readreceiptid_readreceipt.remove(&old)?;
self.readreceiptid_readreceipt.remove(old)?;
}
let mut room_latest_id = prefix;
room_latest_id.extend_from_slice(&globals.next_count()?.to_be_bytes());
room_latest_id.push(0xff);
room_latest_id.extend_from_slice(user_id.as_bytes());
room_latest_id.extend_from_slice(&user_id.to_string().as_bytes());
self.readreceiptid_readreceipt.insert(
&room_latest_id,
&serde_json::to_vec(&event).expect("EduEvent::to_string always works"),
room_latest_id,
&*serde_json::to_string(&event).expect("EduEvent::to_string always works"),
)?;
Ok(())
@ -72,56 +71,30 @@ impl RoomEdus { @@ -72,56 +71,30 @@ impl RoomEdus {
/// Returns an iterator over the most recent read_receipts in a room that happened after the event with id `since`.
#[tracing::instrument(skip(self))]
pub fn readreceipts_since<'a>(
&'a self,
pub fn readreceipts_since(
&self,
room_id: &RoomId,
since: u64,
) -> impl Iterator<
Item = Result<(
Box<UserId>,
u64,
Raw<ruma::events::AnySyncEphemeralRoomEvent>,
)>,
> + 'a {
let mut prefix = room_id.as_bytes().to_vec();
) -> Result<impl Iterator<Item = Result<Raw<ruma::events::AnySyncEphemeralRoomEvent>>>> {
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let prefix2 = prefix.clone();
let mut first_possible_edu = prefix.clone();
first_possible_edu.extend_from_slice(&(since + 1).to_be_bytes()); // +1 so we don't send the event at since
self.readreceiptid_readreceipt
.iter_from(&first_possible_edu, false)
.take_while(move |(k, _)| k.starts_with(&prefix2))
.map(move |(k, v)| {
let count =
utils::u64_from_bytes(&k[prefix.len()..prefix.len() + mem::size_of::<u64>()])
.map_err(|_| Error::bad_database("Invalid readreceiptid count in db."))?;
let user_id = UserId::parse(
utils::string_from_bytes(&k[prefix.len() + mem::size_of::<u64>() + 1..])
.map_err(|_| {
Error::bad_database("Invalid readreceiptid userid bytes in db.")
})?,
)
.map_err(|_| Error::bad_database("Invalid readreceiptid userid in db."))?;
let mut json = serde_json::from_slice::<CanonicalJsonObject>(&v).map_err(|_| {
Error::bad_database("Read receipt in roomlatestid_roomlatest is invalid json.")
})?;
json.remove("room_id");
Ok((
user_id,
count,
Raw::from_json(
serde_json::value::to_raw_value(&json).expect("json is valid raw value"),
),
))
})
Ok(self
.readreceiptid_readreceipt
.range(&*first_possible_edu..)
.filter_map(|r| r.ok())
.take_while(move |(k, _)| k.starts_with(&prefix))
.map(|(_, v)| {
Ok(serde_json::from_slice(&v).map_err(|_| {
Error::bad_database("Read receipt in roomlatestid_roomlatest is invalid.")
})?)
}))
}
/// Sets a private read marker at `count`.
#[tracing::instrument(skip(self, globals))]
pub fn private_read_set(
&self,
room_id: &RoomId,
@ -129,9 +102,9 @@ impl RoomEdus { @@ -129,9 +102,9 @@ impl RoomEdus {
count: u64,
globals: &super::super::globals::Globals,
) -> Result<()> {
let mut key = room_id.as_bytes().to_vec();
let mut key = room_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(user_id.as_bytes());
key.extend_from_slice(&user_id.to_string().as_bytes());
self.roomuserid_privateread
.insert(&key, &count.to_be_bytes())?;
@ -145,34 +118,31 @@ impl RoomEdus { @@ -145,34 +118,31 @@ impl RoomEdus {
/// Returns the private read marker.
#[tracing::instrument(skip(self))]
pub fn private_read_get(&self, room_id: &RoomId, user_id: &UserId) -> Result<Option<u64>> {
let mut key = room_id.as_bytes().to_vec();
let mut key = room_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(user_id.as_bytes());
key.extend_from_slice(&user_id.to_string().as_bytes());
self.roomuserid_privateread
.get(&key)?
.map_or(Ok(None), |v| {
Ok(Some(utils::u64_from_bytes(&v).map_err(|_| {
Error::bad_database("Invalid private read marker bytes")
})?))
})
self.roomuserid_privateread.get(key)?.map_or(Ok(None), |v| {
Ok(Some(utils::u64_from_bytes(&v).map_err(|_| {
Error::bad_database("Invalid private read marker bytes")
})?))
})
}
/// Returns the count of the last typing update in this room.
pub fn last_privateread_update(&self, user_id: &UserId, room_id: &RoomId) -> Result<u64> {
let mut key = room_id.as_bytes().to_vec();
let mut key = room_id.to_string().as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(user_id.as_bytes());
key.extend_from_slice(&user_id.to_string().as_bytes());
Ok(self
.roomuserid_lastprivatereadupdate
.get(&key)?
.map(|bytes| {
utils::u64_from_bytes(&bytes).map_err(|_| {
.map_or(Ok::<_, Error>(None), |bytes| {
Ok(Some(utils::u64_from_bytes(&bytes).map_err(|_| {
Error::bad_database("Count in roomuserid_lastprivatereadupdate is invalid.")
})
})
.transpose()?
})?))
})?
.unwrap_or(0))
}
@ -185,7 +155,7 @@ impl RoomEdus { @@ -185,7 +155,7 @@ impl RoomEdus {
timeout: u64,
globals: &super::super::globals::Globals,
) -> Result<()> {
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let count = globals.next_count()?.to_be_bytes();
@ -196,10 +166,10 @@ impl RoomEdus { @@ -196,10 +166,10 @@ impl RoomEdus {
room_typing_id.extend_from_slice(&count);
self.typingid_userid
.insert(&room_typing_id, &*user_id.as_bytes())?;
.insert(&room_typing_id, &*user_id.to_string().as_bytes())?;
self.roomid_lasttypingupdate
.insert(room_id.as_bytes(), &count)?;
.insert(&room_id.to_string().as_bytes(), &count)?;
Ok(())
}
@ -211,7 +181,7 @@ impl RoomEdus { @@ -211,7 +181,7 @@ impl RoomEdus {
room_id: &RoomId,
globals: &super::super::globals::Globals,
) -> Result<()> {
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let user_id = user_id.to_string();
@ -221,16 +191,19 @@ impl RoomEdus { @@ -221,16 +191,19 @@ impl RoomEdus {
// Maybe there are multiple ones from calling roomtyping_add multiple times
for outdated_edu in self
.typingid_userid
.scan_prefix(prefix)
.filter(|(_, v)| &**v == user_id.as_bytes())
.scan_prefix(&prefix)
.filter_map(|r| r.ok())
.filter(|(_, v)| v == user_id.as_bytes())
{
self.typingid_userid.remove(&outdated_edu.0)?;
self.typingid_userid.remove(outdated_edu.0)?;
found_outdated = true;
}
if found_outdated {
self.roomid_lasttypingupdate
.insert(room_id.as_bytes(), &globals.next_count()?.to_be_bytes())?;
self.roomid_lasttypingupdate.insert(
&room_id.to_string().as_bytes(),
&globals.next_count()?.to_be_bytes(),
)?;
}
Ok(())
@ -242,7 +215,7 @@ impl RoomEdus { @@ -242,7 +215,7 @@ impl RoomEdus {
room_id: &RoomId,
globals: &super::super::globals::Globals,
) -> Result<()> {
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let current_timestamp = utils::millis_since_unix_epoch();
@ -252,8 +225,10 @@ impl RoomEdus { @@ -252,8 +225,10 @@ impl RoomEdus {
// Find all outdated edus before inserting a new one
for outdated_edu in self
.typingid_userid
.scan_prefix(prefix)
.map(|(key, _)| {
.scan_prefix(&prefix)
.keys()
.map(|key| {
let key = key?;
Ok::<_, Error>((
key.clone(),
utils::u64_from_bytes(
@ -268,13 +243,15 @@ impl RoomEdus { @@ -268,13 +243,15 @@ impl RoomEdus {
.take_while(|&(_, timestamp)| timestamp < current_timestamp)
{
// This is an outdated edu (time > timestamp)
self.typingid_userid.remove(&outdated_edu.0)?;
self.typingid_userid.remove(outdated_edu.0)?;
found_outdated = true;
}
if found_outdated {
self.roomid_lasttypingupdate
.insert(room_id.as_bytes(), &globals.next_count()?.to_be_bytes())?;
self.roomid_lasttypingupdate.insert(
&room_id.to_string().as_bytes(),
&globals.next_count()?.to_be_bytes(),
)?;
}
Ok(())
@ -291,13 +268,12 @@ impl RoomEdus { @@ -291,13 +268,12 @@ impl RoomEdus {
Ok(self
.roomid_lasttypingupdate
.get(room_id.as_bytes())?
.map(|bytes| {
utils::u64_from_bytes(&bytes).map_err(|_| {
.get(&room_id.to_string().as_bytes())?
.map_or(Ok::<_, Error>(None), |bytes| {
Ok(Some(utils::u64_from_bytes(&bytes).map_err(|_| {
Error::bad_database("Count in roomid_lastroomactiveupdate is invalid.")
})
})
.transpose()?
})?))
})?
.unwrap_or(0))
}
@ -305,24 +281,29 @@ impl RoomEdus { @@ -305,24 +281,29 @@ impl RoomEdus {
&self,
room_id: &RoomId,
) -> Result<SyncEphemeralRoomEvent<ruma::events::typing::TypingEventContent>> {
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let mut user_ids = HashSet::new();
for (_, user_id) in self.typingid_userid.scan_prefix(prefix) {
let user_id = UserId::parse(utils::string_from_bytes(&user_id).map_err(|_| {
Error::bad_database("User ID in typingid_userid is invalid unicode.")
})?)
.map_err(|_| Error::bad_database("User ID in typingid_userid is invalid."))?;
let mut user_ids = Vec::new();
user_ids.insert(user_id);
for user_id in self
.typingid_userid
.scan_prefix(prefix)
.values()
.map(|user_id| {
Ok::<_, Error>(
UserId::try_from(utils::string_from_bytes(&user_id?).map_err(|_| {
Error::bad_database("User ID in typingid_userid is invalid unicode.")
})?)
.map_err(|_| Error::bad_database("User ID in typingid_userid is invalid."))?,
)
})
{
user_ids.push(user_id?);
}
Ok(SyncEphemeralRoomEvent {
content: ruma::events::typing::TypingEventContent {
user_ids: user_ids.into_iter().collect(),
},
content: ruma::events::typing::TypingEventContent { user_ids },
})
}
@ -334,26 +315,26 @@ impl RoomEdus { @@ -334,26 +315,26 @@ impl RoomEdus {
&self,
user_id: &UserId,
room_id: &RoomId,
presence: PresenceEvent,
presence: ruma::events::presence::PresenceEvent,
globals: &super::super::globals::Globals,
) -> Result<()> {
// TODO: Remove old entry? Or maybe just wipe completely from time to time?
let count = globals.next_count()?.to_be_bytes();
let mut presence_id = room_id.as_bytes().to_vec();
let mut presence_id = room_id.to_string().as_bytes().to_vec();
presence_id.push(0xff);
presence_id.extend_from_slice(&count);
presence_id.push(0xff);
presence_id.extend_from_slice(presence.sender.as_bytes());
presence_id.extend_from_slice(&presence.sender.to_string().as_bytes());
self.presenceid_presence.insert(
&presence_id,
&serde_json::to_vec(&presence).expect("PresenceEvent can be serialized"),
presence_id,
&*serde_json::to_string(&presence).expect("PresenceEvent can be serialized"),
)?;
self.userid_lastpresenceupdate.insert(
user_id.as_bytes(),
&user_id.to_string().as_bytes(),
&utils::millis_since_unix_epoch().to_be_bytes(),
)?;
@ -364,7 +345,7 @@ impl RoomEdus { @@ -364,7 +345,7 @@ impl RoomEdus {
#[tracing::instrument(skip(self))]
pub fn ping_presence(&self, user_id: &UserId) -> Result<()> {
self.userid_lastpresenceupdate.insert(
user_id.as_bytes(),
&user_id.to_string().as_bytes(),
&utils::millis_since_unix_epoch().to_be_bytes(),
)?;
@ -374,7 +355,7 @@ impl RoomEdus { @@ -374,7 +355,7 @@ impl RoomEdus {
/// Returns the timestamp of the last presence update of this user in millis since the unix epoch.
pub fn last_presence_update(&self, user_id: &UserId) -> Result<Option<u64>> {
self.userid_lastpresenceupdate
.get(user_id.as_bytes())?
.get(&user_id.to_string().as_bytes())?
.map(|bytes| {
utils::u64_from_bytes(&bytes).map_err(|_| {
Error::bad_database("Invalid timestamp in userid_lastpresenceupdate.")
@ -383,49 +364,8 @@ impl RoomEdus { @@ -383,49 +364,8 @@ impl RoomEdus {
.transpose()
}
pub fn get_last_presence_event(
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<PresenceEvent>> {
let last_update = match self.last_presence_update(user_id)? {
Some(last) => last,
None => return Ok(None),
};
let mut presence_id = room_id.as_bytes().to_vec();
presence_id.push(0xff);
presence_id.extend_from_slice(&last_update.to_be_bytes());
presence_id.push(0xff);
presence_id.extend_from_slice(user_id.as_bytes());
self.presenceid_presence
.get(&presence_id)?
.map(|value| {
let mut presence: PresenceEvent = serde_json::from_slice(&value)
.map_err(|_| Error::bad_database("Invalid presence event in db."))?;
let current_timestamp: UInt = utils::millis_since_unix_epoch()
.try_into()
.expect("time is valid");
if presence.content.presence == PresenceState::Online {
// Don't set last_active_ago when the user is online
presence.content.last_active_ago = None;
} else {
// Convert from timestamp to duration
presence.content.last_active_ago = presence
.content
.last_active_ago
.map(|timestamp| current_timestamp - timestamp);
}
Ok(presence)
})
.transpose()
}
/// Sets all users to offline who have been quiet for too long.
fn _presence_maintain(
pub fn presence_maintain(
&self,
rooms: &super::Rooms,
globals: &super::super::globals::Globals,
@ -435,6 +375,7 @@ impl RoomEdus { @@ -435,6 +375,7 @@ impl RoomEdus {
for (user_id_bytes, last_timestamp) in self
.userid_lastpresenceupdate
.iter()
.filter_map(|r| r.ok())
.filter_map(|(k, bytes)| {
Some((
k,
@ -445,27 +386,27 @@ impl RoomEdus { @@ -445,27 +386,27 @@ impl RoomEdus {
.ok()?,
))
})
.take_while(|(_, timestamp)| current_timestamp.saturating_sub(*timestamp) > 5 * 60_000)
.take_while(|(_, timestamp)| current_timestamp - timestamp > 5 * 60_000)
// 5 Minutes
{
// Send new presence events to set the user offline
let count = globals.next_count()?.to_be_bytes();
let user_id: Box<_> = utils::string_from_bytes(&user_id_bytes)
let user_id = utils::string_from_bytes(&user_id_bytes)
.map_err(|_| {
Error::bad_database("Invalid UserId bytes in userid_lastpresenceupdate.")
})?
.try_into()
.map_err(|_| Error::bad_database("Invalid UserId in userid_lastpresenceupdate."))?;
for room_id in rooms.rooms_joined(&user_id).filter_map(|r| r.ok()) {
let mut presence_id = room_id.as_bytes().to_vec();
let mut presence_id = room_id.to_string().as_bytes().to_vec();
presence_id.push(0xff);
presence_id.extend_from_slice(&count);
presence_id.push(0xff);
presence_id.extend_from_slice(&user_id_bytes);
self.presenceid_presence.insert(
&presence_id,
&serde_json::to_vec(&PresenceEvent {
presence_id,
&*serde_json::to_string(&PresenceEvent {
content: PresenceEventContent {
avatar_url: None,
currently_active: None,
@ -476,14 +417,14 @@ impl RoomEdus { @@ -476,14 +417,14 @@ impl RoomEdus {
presence: PresenceState::Offline,
status_msg: None,
},
sender: user_id.to_owned(),
sender: user_id.clone(),
})
.expect("PresenceEvent can be serialized"),
)?;
}
self.userid_lastpresenceupdate.insert(
user_id.as_bytes(),
&user_id.to_string().as_bytes(),
&utils::millis_since_unix_epoch().to_be_bytes(),
)?;
}
@ -492,17 +433,17 @@ impl RoomEdus { @@ -492,17 +433,17 @@ impl RoomEdus {
}
/// Returns an iterator over the most recent presence updates that happened after the event with id `since`.
#[tracing::instrument(skip(self, since, _rooms, _globals))]
#[tracing::instrument(skip(self, globals, rooms))]
pub fn presence_since(
&self,
room_id: &RoomId,
since: u64,
_rooms: &super::Rooms,
_globals: &super::super::globals::Globals,
) -> Result<HashMap<Box<UserId>, PresenceEvent>> {
//self.presence_maintain(rooms, globals)?;
rooms: &super::Rooms,
globals: &super::super::globals::Globals,
) -> Result<HashMap<UserId, PresenceEvent>> {
self.presence_maintain(rooms, globals)?;
let mut prefix = room_id.as_bytes().to_vec();
let mut prefix = room_id.to_string().as_bytes().to_vec();
prefix.push(0xff);
let mut first_possible_edu = prefix.clone();
@ -511,10 +452,11 @@ impl RoomEdus { @@ -511,10 +452,11 @@ impl RoomEdus {
for (key, value) in self
.presenceid_presence
.iter_from(&*first_possible_edu, false)
.range(&*first_possible_edu..)
.filter_map(|r| r.ok())
.take_while(|(key, _)| key.starts_with(&prefix))
{
let user_id = UserId::parse(
let user_id = UserId::try_from(
utils::string_from_bytes(
key.rsplit(|&b| b == 0xff)
.next()
@ -524,7 +466,7 @@ impl RoomEdus { @@ -524,7 +466,7 @@ impl RoomEdus {
)
.map_err(|_| Error::bad_database("Invalid UserId in presenceid_presence."))?;
let mut presence: PresenceEvent = serde_json::from_slice(&value)
let mut presence = serde_json::from_slice::<PresenceEvent>(&value)
.map_err(|_| Error::bad_database("Invalid presence event in db."))?;
let current_timestamp: UInt = utils::millis_since_unix_epoch()

977
src/database/sending.rs
View File

File diff suppressed because it is too large Load Diff

14
src/database/transaction_ids.rs
Unescape View File

@ -1,12 +1,10 @@ @@ -1,12 +1,10 @@
use std::sync::Arc;
use crate::Result;
use ruma::{DeviceId, UserId};
use sled::IVec;
use super::abstraction::Tree;
#[derive(Clone)]
pub struct TransactionIds {
pub(super) userdevicetxnid_response: Arc<dyn Tree>, // Response can be empty (/sendToDevice) or the event id (/send)
pub(super) userdevicetxnid_response: sled::Tree, // Response can be empty (/sendToDevice) or the event id (/send)
}
impl TransactionIds {
@ -23,7 +21,7 @@ impl TransactionIds { @@ -23,7 +21,7 @@ impl TransactionIds {
key.push(0xff);
key.extend_from_slice(txn_id.as_bytes());
self.userdevicetxnid_response.insert(&key, data)?;
self.userdevicetxnid_response.insert(key, data)?;
Ok(())
}
@ -33,7 +31,7 @@ impl TransactionIds { @@ -33,7 +31,7 @@ impl TransactionIds {
user_id: &UserId,
device_id: Option<&DeviceId>,
txn_id: &str,
) -> Result<Option<Vec<u8>>> {
) -> Result<Option<IVec>> {
let mut key = user_id.as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(device_id.map(|d| d.as_bytes()).unwrap_or_default());
@ -41,6 +39,6 @@ impl TransactionIds { @@ -41,6 +39,6 @@ impl TransactionIds {
key.extend_from_slice(txn_id.as_bytes());
// If there's no entry, this is a new transaction
self.userdevicetxnid_response.get(&key)
Ok(self.userdevicetxnid_response.get(key)?)
}
}

285
src/database/uiaa.rs
Unescape View File

@ -1,24 +1,15 @@ @@ -1,24 +1,15 @@
use std::sync::Arc;
use crate::{client_server::SESSION_ID_LENGTH, utils, Error, Result};
use crate::{Error, Result};
use ruma::{
api::client::{
error::ErrorKind,
r0::uiaa::{
AuthType, IncomingAuthData, IncomingPassword, IncomingUserIdentifier::MatrixId,
UiaaInfo,
},
r0::uiaa::{IncomingAuthData, UiaaInfo},
},
signatures::CanonicalJsonValue,
DeviceId, UserId,
};
use tracing::error;
use super::abstraction::Tree;
#[derive(Clone)]
pub struct Uiaa {
pub(super) userdevicesessionid_uiaainfo: Arc<dyn Tree>, // User-interactive authentication
pub(super) userdevicesessionid_uiaarequest: Arc<dyn Tree>, // UiaaRequest = canonical json value
pub(super) userdeviceid_uiaainfo: sled::Tree, // User-interactive authentication
}
impl Uiaa {
@ -28,20 +19,8 @@ impl Uiaa { @@ -28,20 +19,8 @@ impl Uiaa {
user_id: &UserId,
device_id: &DeviceId,
uiaainfo: &UiaaInfo,
json_body: &CanonicalJsonValue,
) -> Result<()> {
self.set_uiaa_request(
user_id,
device_id,
uiaainfo.session.as_ref().expect("session should be set"), // TODO: better session error handling (why is it optional in ruma?)
json_body,
)?;
self.update_uiaa_session(
user_id,
device_id,
uiaainfo.session.as_ref().expect("session should be set"),
Some(uiaainfo),
)
self.update_uiaa_session(user_id, device_id, Some(uiaainfo))
}
pub fn try_auth(
@ -53,159 +32,133 @@ impl Uiaa { @@ -53,159 +32,133 @@ impl Uiaa {
users: &super::users::Users,
globals: &super::globals::Globals,
) -> Result<(bool, UiaaInfo)> {
let mut uiaainfo = auth
.session()
.map(|session| self.get_uiaa_session(user_id, device_id, session))
.unwrap_or_else(|| Ok(uiaainfo.clone()))?;
if uiaainfo.session.is_none() {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
}
if let IncomingAuthData::DirectRequest {
kind,
session,
auth_parameters,
} = &auth
{
let mut uiaainfo = session
.as_ref()
.map(|session| {
Ok::<_, Error>(self.get_uiaa_session(&user_id, &device_id, session)?)
})
.unwrap_or_else(|| Ok(uiaainfo.clone()))?;
match auth {
// Find out what the user completed
IncomingAuthData::Password(IncomingPassword {
identifier,
password,
..
}) => {
let username = match identifier {
MatrixId(username) => username,
_ => {
match &**kind {
"m.login.password" => {
let identifier = auth_parameters.get("identifier").ok_or(Error::BadRequest(
ErrorKind::MissingParam,
"m.login.password needs identifier.",
))?;
let identifier_type = identifier.get("type").ok_or(Error::BadRequest(
ErrorKind::MissingParam,
"Identifier needs a type.",
))?;
if identifier_type != "m.id.user" {
return Err(Error::BadRequest(
ErrorKind::Unrecognized,
"Identifier type not recognized.",
))
));
}
};
let user_id =
UserId::parse_with_server_name(username.clone(), globals.server_name())
let username = identifier
.get("user")
.ok_or(Error::BadRequest(
ErrorKind::MissingParam,
"Identifier needs user field.",
))?
.as_str()
.ok_or(Error::BadRequest(
ErrorKind::BadJson,
"User is not a string.",
))?;
let user_id = UserId::parse_with_server_name(username, globals.server_name())
.map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "User ID is invalid.")
})?;
// Check if password is correct
if let Some(hash) = users.password_hash(&user_id)? {
let hash_matches =
argon2::verify_encoded(&hash, password.as_bytes()).unwrap_or(false);
if !hash_matches {
uiaainfo.auth_error = Some(ruma::api::client::error::ErrorBody {
kind: ErrorKind::Forbidden,
message: "Invalid username or password.".to_owned(),
});
return Ok((false, uiaainfo));
Error::BadRequest(ErrorKind::InvalidParam, "User ID is invalid.")
})?;
let password = auth_parameters
.get("password")
.ok_or(Error::BadRequest(
ErrorKind::MissingParam,
"Password is missing.",
))?
.as_str()
.ok_or(Error::BadRequest(
ErrorKind::BadJson,
"Password is not a string.",
))?;
// Check if password is correct
if let Some(hash) = users.password_hash(&user_id)? {
let hash_matches =
argon2::verify_encoded(&hash, password.as_bytes()).unwrap_or(false);
if !hash_matches {
uiaainfo.auth_error = Some(ruma::api::client::error::ErrorBody {
kind: ErrorKind::Forbidden,
message: "Invalid username or password.".to_owned(),
});
return Ok((false, uiaainfo));
}
}
}
// Password was correct! Let's add it to `completed`
uiaainfo.completed.push(AuthType::Password);
}
IncomingAuthData::Dummy(_) => {
uiaainfo.completed.push(AuthType::Dummy);
// Password was correct! Let's add it to `completed`
uiaainfo.completed.push("m.login.password".to_owned());
}
"m.login.dummy" => {
uiaainfo.completed.push("m.login.dummy".to_owned());
}
k => panic!("type not supported: {}", k),
}
k => error!("type not supported: {:?}", k),
}
// Check if a flow now succeeds
let mut completed = false;
'flows: for flow in &mut uiaainfo.flows {
for stage in &flow.stages {
if !uiaainfo.completed.contains(stage) {
continue 'flows;
// Check if a flow now succeeds
let mut completed = false;
'flows: for flow in &mut uiaainfo.flows {
for stage in &flow.stages {
if !uiaainfo.completed.contains(stage) {
continue 'flows;
}
}
// We didn't break, so this flow succeeded!
completed = true;
}
// We didn't break, so this flow succeeded!
completed = true;
}
if !completed {
self.update_uiaa_session(
user_id,
device_id,
uiaainfo.session.as_ref().expect("session is always set"),
Some(&uiaainfo),
)?;
return Ok((false, uiaainfo));
}
// UIAA was successful! Remove this session and return true
self.update_uiaa_session(
user_id,
device_id,
uiaainfo.session.as_ref().expect("session is always set"),
None,
)?;
Ok((true, uiaainfo))
}
fn set_uiaa_request(
&self,
user_id: &UserId,
device_id: &DeviceId,
session: &str,
request: &CanonicalJsonValue,
) -> Result<()> {
let mut userdevicesessionid = user_id.as_bytes().to_vec();
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(device_id.as_bytes());
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes());
self.userdevicesessionid_uiaarequest.insert(
&userdevicesessionid,
&serde_json::to_vec(request).expect("json value to vec always works"),
)?;
Ok(())
}
if !completed {
self.update_uiaa_session(user_id, device_id, Some(&uiaainfo))?;
return Ok((false, uiaainfo));
}
pub fn get_uiaa_request(
&self,
user_id: &UserId,
device_id: &DeviceId,
session: &str,
) -> Result<Option<CanonicalJsonValue>> {
let mut userdevicesessionid = user_id.as_bytes().to_vec();
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(device_id.as_bytes());
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes());
self.userdevicesessionid_uiaarequest
.get(&userdevicesessionid)?
.map(|bytes| {
serde_json::from_str::<CanonicalJsonValue>(
&utils::string_from_bytes(&bytes)
.map_err(|_| Error::bad_database("Invalid uiaa request bytes in db."))?,
)
.map_err(|_| Error::bad_database("Invalid uiaa request in db."))
})
.transpose()
// UIAA was successful! Remove this session and return true
self.update_uiaa_session(user_id, device_id, None)?;
Ok((true, uiaainfo))
} else {
panic!("FallbackAcknowledgement is not supported yet");
}
}
fn update_uiaa_session(
&self,
user_id: &UserId,
device_id: &DeviceId,
session: &str,
uiaainfo: Option<&UiaaInfo>,
) -> Result<()> {
let mut userdevicesessionid = user_id.as_bytes().to_vec();
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(device_id.as_bytes());
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes());
let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes());
if let Some(uiaainfo) = uiaainfo {
self.userdevicesessionid_uiaainfo.insert(
&userdevicesessionid,
&serde_json::to_vec(&uiaainfo).expect("UiaaInfo::to_vec always works"),
self.userdeviceid_uiaainfo.insert(
&userdeviceid,
&*serde_json::to_string(&uiaainfo).expect("UiaaInfo::to_string always works"),
)?;
} else {
self.userdevicesessionid_uiaainfo
.remove(&userdevicesessionid)?;
self.userdeviceid_uiaainfo.remove(&userdeviceid)?;
}
Ok(())
@ -217,21 +170,33 @@ impl Uiaa { @@ -217,21 +170,33 @@ impl Uiaa {
device_id: &DeviceId,
session: &str,
) -> Result<UiaaInfo> {
let mut userdevicesessionid = user_id.as_bytes().to_vec();
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(device_id.as_bytes());
userdevicesessionid.push(0xff);
userdevicesessionid.extend_from_slice(session.as_bytes());
let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes());
serde_json::from_slice(
let uiaainfo = serde_json::from_slice::<UiaaInfo>(
&self
.userdevicesessionid_uiaainfo
.get(&userdevicesessionid)?
.userdeviceid_uiaainfo
.get(&userdeviceid)?
.ok_or(Error::BadRequest(
ErrorKind::Forbidden,
"UIAA session does not exist.",
))?,
)
.map_err(|_| Error::bad_database("UiaaInfo in userdeviceid_uiaainfo is invalid."))
.map_err(|_| Error::bad_database("UiaaInfo in userdeviceid_uiaainfo is invalid."))?;
if uiaainfo
.session
.as_ref()
.filter(|&s| s == session)
.is_none()
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"UIAA session token invalid.",
));
}
Ok(uiaainfo)
}
}

549
src/database/users.rs
View File

File diff suppressed because it is too large Load Diff

131
src/error.rs
Unescape View File

@ -1,12 +1,17 @@ @@ -1,12 +1,17 @@
use std::{
collections::HashMap,
sync::RwLock,
time::{Duration, Instant},
};
use log::error;
use ruma::{
api::client::{
error::{Error as RumaError, ErrorKind},
r0::uiaa::UiaaInfo,
},
ServerName,
api::client::{error::ErrorKind, r0::uiaa::UiaaInfo},
events::room::message,
};
use thiserror::Error;
use tracing::warn;
use crate::{database::admin::AdminCommand, Database};
#[cfg(feature = "conduit_bin")]
use {
@ -16,29 +21,18 @@ use { @@ -16,29 +21,18 @@ use {
response::{self, Responder},
Request,
},
ruma::api::client::r0::uiaa::UiaaResponse,
tracing::error,
ruma::api::client::{error::Error as RumaError, r0::uiaa::UiaaResponse},
};
pub type Result<T, E = Error> = std::result::Result<T, E>;
pub type Result<T> = std::result::Result<T, Error>;
#[derive(Error, Debug)]
pub enum Error {
#[cfg(feature = "sled")]
#[error("There was a problem with the connection to the sled database.")]
#[error("There was a problem with the connection to the database.")]
SledError {
#[from]
source: sled::Error,
},
#[cfg(feature = "sqlite")]
#[error("There was a problem with the connection to the sqlite database: {source}")]
SqliteError {
#[from]
source: rusqlite::Error,
},
#[cfg(feature = "heed")]
#[error("There was a problem with the connection to the heed database: {error}")]
HeedError { error: String },
#[error("Could not generate an image.")]
ImageError {
#[from]
@ -50,13 +44,6 @@ pub enum Error { @@ -50,13 +44,6 @@ pub enum Error {
source: reqwest::Error,
},
#[error("{0}")]
FederationError(Box<ServerName>, RumaError),
#[error("Could not do this io: {source}")]
IoError {
#[from]
source: std::io::Error,
},
#[error("{0}")]
BadServerResponse(&'static str),
#[error("{0}")]
BadConfig(&'static str),
@ -65,6 +52,7 @@ pub enum Error { @@ -65,6 +52,7 @@ pub enum Error {
BadDatabase(&'static str),
#[error("uiaa")]
Uiaa(UiaaInfo),
#[error("{0}: {1}")]
BadRequest(ErrorKind, &'static str),
#[error("{0}")]
@ -83,16 +71,14 @@ impl Error { @@ -83,16 +71,14 @@ impl Error {
}
}
impl Error {
pub fn to_response(&self) -> RumaResponse<UiaaResponse> {
if let Self::Uiaa(uiaainfo) = self {
return RumaResponse(UiaaResponse::AuthResponse(uiaainfo.clone()));
}
if let Self::FederationError(origin, error) = self {
let mut error = error.clone();
error.message = format!("Answer from {}: {}", origin, error.message);
return RumaResponse(UiaaResponse::MatrixError(error));
#[cfg(feature = "conduit_bin")]
impl<'r, 'o> Responder<'r, 'o> for Error
where
'o: 'r,
{
fn respond_to(self, r: &'r Request<'_>) -> response::Result<'o> {
if let Self::Uiaa(uiaainfo) = &self {
return RumaResponse::from(UiaaResponse::AuthResponse(uiaainfo.clone())).respond_to(r);
}
let message = format!("{}", self);
@ -117,22 +103,71 @@ impl Error { @@ -117,22 +103,71 @@ impl Error {
_ => (Unknown, StatusCode::INTERNAL_SERVER_ERROR),
};
warn!("{}: {}", status_code, message);
RumaResponse(UiaaResponse::MatrixError(RumaError {
RumaResponse::from(RumaError {
kind,
message,
status_code,
}))
})
.respond_to(r)
}
}
#[cfg(feature = "conduit_bin")]
impl<'r, 'o> Responder<'r, 'o> for Error
where
'o: 'r,
{
fn respond_to(self, r: &'r Request<'_>) -> response::Result<'o> {
self.to_response().respond_to(r)
pub struct ConduitLogger {
pub db: Database,
pub last_logs: RwLock<HashMap<String, Instant>>,
}
impl log::Log for ConduitLogger {
fn enabled(&self, _metadata: &log::Metadata<'_>) -> bool {
true
}
fn log(&self, record: &log::Record<'_>) {
let output = format!("{} - {}", record.level(), record.args());
let match_mod_path =
|path: &str| path.starts_with("conduit::") || path.starts_with("state");
if self.enabled(record.metadata())
&& (record.module_path().map_or(false, match_mod_path)
|| record
.module_path()
.map_or(true, |path| !path.starts_with("rocket::")) // Rockets logs are annoying
&& record.metadata().level() <= log::Level::Warn)
{
let first_line = output
.lines()
.next()
.expect("lines always returns one item");
eprintln!("{}", output);
let mute_duration = match record.metadata().level() {
log::Level::Error => Duration::from_secs(60 * 5), // 5 minutes
log::Level::Warn => Duration::from_secs(60 * 60 * 24), // A day
_ => Duration::from_secs(60 * 60 * 24 * 7), // A week
};
if self
.last_logs
.read()
.unwrap()
.get(first_line)
.map_or(false, |i| i.elapsed() < mute_duration)
// Don't post this log again for some time
{
return;
}
if let Ok(mut_last_logs) = &mut self.last_logs.try_write() {
mut_last_logs.insert(first_line.to_owned(), Instant::now());
}
self.db.admin.send(AdminCommand::SendMessage(
message::MessageEventContent::notice_plain(output),
));
}
}
fn flush(&self) {}
}

14
src/lib.rs
Unescape View File

@ -1,25 +1,17 @@ @@ -1,25 +1,17 @@
#![warn(
rust_2018_idioms,
unused_qualifications,
clippy::cloned_instead_of_copied,
clippy::str_to_string
)]
#![allow(clippy::suspicious_else_formatting)]
#![deny(clippy::dbg_macro)]
pub mod appservice_server;
pub mod client_server;
mod database;
mod error;
mod pdu;
mod push_rules;
mod ruma_wrapper;
pub mod server_server;
mod utils;
pub use database::{Config, Database};
pub use database::Database;
pub use error::{Error, Result};
pub use pdu::PduEvent;
pub use rocket::Config as RocketConfig;
pub use rocket::Config;
pub use ruma_wrapper::{ConduitResult, Ruma, RumaResponse};
use std::ops::Deref;

203
src/main.rs
Unescape View File

@ -1,11 +1,4 @@ @@ -1,11 +1,4 @@
#![warn(
rust_2018_idioms,
unused_qualifications,
clippy::cloned_instead_of_copied,
clippy::str_to_string
)]
#![allow(clippy::suspicious_else_formatting)]
#![deny(clippy::dbg_macro)]
#![warn(rust_2018_idioms)]
pub mod appservice_server;
pub mod client_server;
@ -14,34 +7,51 @@ pub mod server_server; @@ -14,34 +7,51 @@ pub mod server_server;
mod database;
mod error;
mod pdu;
mod push_rules;
mod ruma_wrapper;
mod utils;
use std::sync::Arc;
use database::Config;
pub use database::Database;
pub use error::{Error, Result};
use opentelemetry::trace::{FutureExt, Tracer};
pub use pdu::PduEvent;
pub use rocket::State;
use ruma::api::client::error::ErrorKind;
pub use ruma_wrapper::{ConduitResult, Ruma, RumaResponse};
use log::LevelFilter;
use rocket::{
catch, catchers,
fairing::AdHoc,
figment::{
providers::{Env, Format, Toml},
Figment,
},
routes, Request,
};
use tokio::sync::RwLock;
use tracing_subscriber::{prelude::*, EnvFilter};
use tracing::span;
use tracing_subscriber::{prelude::*, Registry};
fn setup_rocket() -> (rocket::Rocket, Config) {
// Force log level off, so we can use our own logger
std::env::set_var("CONDUIT_LOG_LEVEL", "off");
let config =
Figment::from(rocket::Config::release_default())
.merge(
Toml::file(Env::var("CONDUIT_CONFIG").expect(
"The CONDUIT_CONFIG env var needs to be set. Example: /etc/conduit.toml",
))
.nested(),
)
.merge(Env::prefixed("CONDUIT_").global());
fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket<rocket::Build> {
rocket::custom(config)
.manage(data)
let parsed_config = config
.extract::<Config>()
.expect("It looks like your config is invalid. Please take a look at the error");
let parsed_config2 = parsed_config.clone();
let rocket = rocket::custom(config)
.mount(
"/",
routes![
@ -55,7 +65,6 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket< @@ -55,7 +65,6 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket<
client_server::logout_all_route,
client_server::change_password_route,
client_server::deactivate_route,
client_server::third_party_route,
client_server::get_capabilities_route,
client_server::get_pushrules_all_route,
client_server::set_pushrule_route,
@ -66,20 +75,16 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket< @@ -66,20 +75,16 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket<
client_server::set_pushrule_actions_route,
client_server::delete_pushrule_route,
client_server::get_room_event_route,
client_server::get_room_aliases_route,
client_server::get_filter_route,
client_server::create_filter_route,
client_server::set_global_account_data_route,
client_server::set_room_account_data_route,
client_server::get_global_account_data_route,
client_server::get_room_account_data_route,
client_server::set_displayname_route,
client_server::get_displayname_route,
client_server::set_avatar_url_route,
client_server::get_avatar_url_route,
client_server::get_profile_route,
client_server::set_presence_route,
client_server::get_presence_route,
client_server::upload_keys_route,
client_server::get_keys_route,
client_server::claim_keys_route,
@ -101,7 +106,6 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket< @@ -101,7 +106,6 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket<
client_server::create_typing_event_route,
client_server::create_room_route,
client_server::redact_event_route,
client_server::report_event_route,
client_server::create_alias_route,
client_server::delete_alias_route,
client_server::get_alias_route,
@ -160,119 +164,53 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket< @@ -160,119 +164,53 @@ fn setup_rocket(config: Figment, data: Arc<RwLock<Database>>) -> rocket::Rocket<
server_server::get_public_rooms_route,
server_server::get_public_rooms_filtered_route,
server_server::send_transaction_message_route,
server_server::get_event_route,
server_server::get_missing_events_route,
server_server::get_event_authorization_route,
server_server::get_room_state_route,
server_server::get_room_state_ids_route,
server_server::create_join_event_template_route,
server_server::create_join_event_v1_route,
server_server::create_join_event_v2_route,
server_server::create_invite_route,
server_server::get_devices_route,
server_server::get_room_information_route,
server_server::get_profile_information_route,
server_server::get_keys_route,
server_server::claim_keys_route,
],
)
.register(
"/",
catchers![
not_found_catcher,
forbidden_catcher,
unknown_token_catcher,
missing_token_catcher,
bad_json_catcher
],
)
.register(catchers![
not_found_catcher,
forbidden_catcher,
unknown_token_catcher,
missing_token_catcher,
bad_json_catcher
])
.attach(AdHoc::on_attach("Config", |rocket| async {
let data = Database::load_or_create(parsed_config2)
.await
.expect("config is valid");
data.sending.start_handler(&data);
Ok(rocket.manage(data))
}));
(rocket, parsed_config)
}
#[rocket::main]
async fn main() {
// Force log level off, so we can use our own logger
std::env::set_var("CONDUIT_LOG_LEVEL", "off");
let raw_config =
Figment::from(default_config())
.merge(
Toml::file(Env::var("CONDUIT_CONFIG").expect(
"The CONDUIT_CONFIG env var needs to be set. Example: /etc/conduit.toml",
))
.nested(),
)
.merge(Env::prefixed("CONDUIT_").global());
std::env::set_var("RUST_LOG", "warn");
let config = match raw_config.extract::<Config>() {
Ok(s) => s,
Err(e) => {
eprintln!("It looks like your config is invalid. The following error occured while parsing it: {}", e);
std::process::exit(1);
}
};
let start = async {
config.warn_deprecated();
let db = match Database::load_or_create(&config).await {
Ok(db) => db,
Err(e) => {
eprintln!(
"The database couldn't be loaded or created. The following error occured: {}",
e
);
std::process::exit(1);
}
};
let rocket = setup_rocket(raw_config, Arc::clone(&db))
.ignite()
.await
.unwrap();
Database::start_on_shutdown_tasks(db, rocket.shutdown()).await;
rocket.launch().await.unwrap();
};
let (rocket, config) = setup_rocket();
if config.allow_jaeger {
opentelemetry::global::set_text_map_propagator(opentelemetry_jaeger::Propagator::new());
let tracer = opentelemetry_jaeger::new_pipeline()
.install_batch(opentelemetry::runtime::Tokio)
let (tracer, _uninstall) = opentelemetry_jaeger::new_pipeline()
.with_service_name("conduit")
.install()
.unwrap();
let telemetry = tracing_opentelemetry::layer().with_tracer(tracer);
Registry::default().with(telemetry).try_init().unwrap();
let span = tracer.start("conduit");
start.with_current_context().await;
drop(span);
let root = span!(tracing::Level::INFO, "app_start", work_units = 2);
let _enter = root.enter();
println!("exporting");
opentelemetry::global::shutdown_tracer_provider();
rocket.launch().await.unwrap();
} else {
std::env::set_var("RUST_LOG", &config.log);
pretty_env_logger::init();
let registry = tracing_subscriber::Registry::default();
if config.tracing_flame {
let (flame_layer, _guard) =
tracing_flame::FlameLayer::with_file("./tracing.folded").unwrap();
let flame_layer = flame_layer.with_empty_samples(false);
let root = span!(tracing::Level::INFO, "app_start", work_units = 2);
let _enter = root.enter();
let filter_layer = EnvFilter::new("trace,h2=off");
let subscriber = registry.with(filter_layer).with(flame_layer);
tracing::subscriber::set_global_default(subscriber).unwrap();
start.await;
} else {
let fmt_layer = tracing_subscriber::fmt::Layer::new();
let filter_layer = EnvFilter::try_from_default_env()
.or_else(|_| EnvFilter::try_new("info"))
.unwrap();
let subscriber = registry.with(filter_layer).with(fmt_layer);
tracing::subscriber::set_global_default(subscriber).unwrap();
start.await;
}
rocket.launch().await.unwrap();
}
}
@ -303,30 +241,3 @@ fn missing_token_catcher() -> Result<()> { @@ -303,30 +241,3 @@ fn missing_token_catcher() -> Result<()> {
fn bad_json_catcher() -> Result<()> {
Err(Error::BadRequest(ErrorKind::BadJson, "Bad json."))
}
fn default_config() -> rocket::Config {
let mut config = rocket::Config::release_default();
{
let mut shutdown = &mut config.shutdown;
#[cfg(unix)]
{
use rocket::config::Sig;
shutdown.signals.insert(Sig::Term);
shutdown.signals.insert(Sig::Int);
}
// Once shutdown is triggered, this is the amount of seconds before rocket
// will forcefully start shutting down connections, this gives enough time to /sync
// requests and the like (which havent gotten the memo, somehow) to still complete gracefully.
shutdown.grace = 35;
// After the grace period, rocket starts shutting down connections, and waits at least this
// many seconds before forcefully shutting all of them down.
shutdown.mercy = 10;
}
config
}

208
src/pdu.rs
Unescape View File

@ -1,55 +1,42 @@ @@ -1,55 +1,42 @@
use crate::Error;
use ruma::{
events::{
room::member::RoomMemberEventContent, AnyEphemeralRoomEvent, AnyInitialStateEvent,
AnyRoomEvent, AnyStateEvent, AnyStrippedStateEvent, AnySyncRoomEvent, AnySyncStateEvent,
EventType, StateEvent,
pdu::EventHash, room::member::MemberEventContent, AnyEvent, AnyRoomEvent, AnyStateEvent,
AnyStrippedStateEvent, AnySyncRoomEvent, AnySyncStateEvent, EventType, StateEvent,
},
serde::{CanonicalJsonObject, CanonicalJsonValue, Raw},
state_res, EventId, MilliSecondsSinceUnixEpoch, RoomId, RoomVersionId, UInt, UserId,
serde::{to_canonical_value, CanonicalJsonObject, CanonicalJsonValue, Raw},
EventId, RoomId, RoomVersionId, ServerName, ServerSigningKeyId, UInt, UserId,
};
use serde::{Deserialize, Serialize};
use serde_json::{
json,
value::{to_raw_value, RawValue as RawJsonValue},
};
use std::{cmp::Ordering, collections::BTreeMap, convert::TryInto, sync::Arc};
use tracing::warn;
/// Content hashes of a PDU.
#[derive(Clone, Debug, Deserialize, Serialize)]
pub struct EventHash {
/// The SHA-256 hash.
pub sha256: String,
}
use serde_json::json;
use std::{cmp::Ordering, collections::BTreeMap, convert::TryFrom, time::UNIX_EPOCH};
#[derive(Clone, Deserialize, Serialize, Debug)]
pub struct PduEvent {
pub event_id: Arc<EventId>,
pub room_id: Box<RoomId>,
pub sender: Box<UserId>,
pub event_id: EventId,
pub room_id: RoomId,
pub sender: UserId,
pub origin_server_ts: UInt,
#[serde(rename = "type")]
pub kind: EventType,
pub content: Box<RawJsonValue>,
pub content: serde_json::Value,
#[serde(skip_serializing_if = "Option::is_none")]
pub state_key: Option<String>,
pub prev_events: Vec<Arc<EventId>>,
pub prev_events: Vec<EventId>,
pub depth: UInt,
pub auth_events: Vec<Arc<EventId>>,
pub auth_events: Vec<EventId>,
#[serde(skip_serializing_if = "Option::is_none")]
pub redacts: Option<Arc<EventId>>,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub unsigned: Option<Box<RawJsonValue>>,
pub redacts: Option<EventId>,
#[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
pub unsigned: BTreeMap<String, serde_json::Value>,
pub hashes: EventHash,
#[serde(default, skip_serializing_if = "Option::is_none")]
pub signatures: Option<Box<RawJsonValue>>, // BTreeMap<Box<ServerName>, BTreeMap<ServerSigningKeyId, String>>
pub signatures: BTreeMap<Box<ServerName>, BTreeMap<ServerSigningKeyId, String>>,
}
impl PduEvent {
#[tracing::instrument(skip(self))]
pub fn redact(&mut self, reason: &PduEvent) -> crate::Result<()> {
self.unsigned = None;
self.unsigned.clear();
let allowed: &[&str] = match self.kind {
EventType::RoomMember => &["membership"],
@ -69,9 +56,10 @@ impl PduEvent { @@ -69,9 +56,10 @@ impl PduEvent {
_ => &[],
};
let mut old_content: BTreeMap<String, serde_json::Value> =
serde_json::from_str(self.content.get())
.map_err(|_| Error::bad_database("PDU in db has invalid content."))?;
let old_content = self
.content
.as_object_mut()
.ok_or_else(|| Error::bad_database("PDU in db has invalid content."))?;
let mut new_content = serde_json::Map::new();
@ -81,23 +69,14 @@ impl PduEvent { @@ -81,23 +69,14 @@ impl PduEvent {
}
}
self.unsigned = Some(to_raw_value(&json!({
"redacted_because": serde_json::to_value(reason).expect("to_value(PduEvent) always works")
})).expect("to string always works"));
self.content = to_raw_value(&new_content).expect("to string always works");
Ok(())
}
self.unsigned.insert(
"redacted_because".to_owned(),
serde_json::to_string(reason)
.expect("PduEvent::to_string always works")
.into(),
);
pub fn remove_transaction_id(&mut self) -> crate::Result<()> {
if let Some(unsigned) = &self.unsigned {
let mut unsigned: BTreeMap<String, Box<RawJsonValue>> =
serde_json::from_str(unsigned.get())
.map_err(|_| Error::bad_database("Invalid unsigned in pdu event"))?;
unsigned.remove("transaction_id");
self.unsigned = Some(to_raw_value(&unsigned).expect("unsigned is valid"));
}
self.content = new_content.into();
Ok(())
}
@ -125,7 +104,7 @@ impl PduEvent { @@ -125,7 +104,7 @@ impl PduEvent {
/// This only works for events that are also AnyRoomEvents.
#[tracing::instrument(skip(self))]
pub fn to_any_event(&self) -> Raw<AnyEphemeralRoomEvent> {
pub fn to_any_event(&self) -> Raw<AnyEvent> {
let mut json = json!({
"content": self.content,
"type": self.kind,
@ -186,17 +165,22 @@ impl PduEvent { @@ -186,17 +165,22 @@ impl PduEvent {
#[tracing::instrument(skip(self))]
pub fn to_sync_state_event(&self) -> Raw<AnySyncStateEvent> {
let json = json!({
"content": self.content,
"type": self.kind,
"event_id": self.event_id,
"sender": self.sender,
"origin_server_ts": self.origin_server_ts,
"unsigned": self.unsigned,
"state_key": self.state_key,
});
let json = format!(
r#"{{"content":{},"type":"{}","event_id":"{}","sender":"{}","origin_server_ts":{},"unsigned":{},"state_key":"{}"}}"#,
self.content,
self.kind,
self.event_id,
self.sender,
self.origin_server_ts,
serde_json::to_string(&self.unsigned).expect("Map::to_string always works"),
self.state_key
.as_ref()
.expect("state events have state keys")
);
serde_json::from_value(json).expect("Raw::from_value always works")
Raw::from_json(
serde_json::value::RawValue::from_string(json).expect("our string is valid json"),
)
}
#[tracing::instrument(skip(self))]
@ -212,7 +196,7 @@ impl PduEvent { @@ -212,7 +196,7 @@ impl PduEvent {
}
#[tracing::instrument(skip(self))]
pub fn to_member_event(&self) -> Raw<StateEvent<RoomMemberEventContent>> {
pub fn to_member_event(&self) -> Raw<StateEvent<MemberEventContent>> {
let json = json!({
"content": self.content,
"type": self.kind,
@ -232,11 +216,8 @@ impl PduEvent { @@ -232,11 +216,8 @@ impl PduEvent {
#[tracing::instrument]
pub fn convert_to_outgoing_federation_event(
mut pdu_json: CanonicalJsonObject,
) -> Box<RawJsonValue> {
if let Some(unsigned) = pdu_json
.get_mut("unsigned")
.and_then(|val| val.as_object_mut())
{
) -> Raw<ruma::events::pdu::Pdu> {
if let Some(CanonicalJsonValue::Object(unsigned)) = pdu_json.get_mut("unsigned") {
unsigned.remove("transaction_id");
}
@ -249,7 +230,10 @@ impl PduEvent { @@ -249,7 +230,10 @@ impl PduEvent {
// )
// .expect("Raw::from_value always works")
to_raw_value(&pdu_json).expect("CanonicalJson is valid serde_json::Value")
serde_json::from_value::<Raw<_>>(
serde_json::to_value(pdu_json).expect("CanonicalJson is valid serde_json::Value"),
)
.expect("Raw::from_value always works")
}
pub fn from_id_val(
@ -257,8 +241,8 @@ impl PduEvent { @@ -257,8 +241,8 @@ impl PduEvent {
mut json: CanonicalJsonObject,
) -> Result<Self, serde_json::Error> {
json.insert(
"event_id".to_owned(),
CanonicalJsonValue::String(event_id.as_str().to_owned()),
"event_id".to_string(),
to_canonical_value(event_id).expect("event_id is a valid Value"),
);
serde_json::from_value(serde_json::to_value(json).expect("valid JSON"))
@ -266,9 +250,7 @@ impl PduEvent { @@ -266,9 +250,7 @@ impl PduEvent {
}
impl state_res::Event for PduEvent {
type Id = Arc<EventId>;
fn event_id(&self) -> &Self::Id {
fn event_id(&self) -> &EventId {
&self.event_id
}
@ -279,34 +261,41 @@ impl state_res::Event for PduEvent { @@ -279,34 +261,41 @@ impl state_res::Event for PduEvent {
fn sender(&self) -> &UserId {
&self.sender
}
fn event_type(&self) -> &EventType {
&self.kind
fn kind(&self) -> EventType {
self.kind.clone()
}
fn content(&self) -> &RawJsonValue {
&self.content
fn content(&self) -> serde_json::Value {
self.content.clone()
}
fn origin_server_ts(&self) -> MilliSecondsSinceUnixEpoch {
MilliSecondsSinceUnixEpoch(self.origin_server_ts)
fn origin_server_ts(&self) -> std::time::SystemTime {
UNIX_EPOCH + std::time::Duration::from_millis(self.origin_server_ts.into())
}
fn state_key(&self) -> Option<&str> {
self.state_key.as_deref()
fn state_key(&self) -> Option<String> {
self.state_key.clone()
}
fn prev_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + '_> {
Box::new(self.prev_events.iter())
fn prev_events(&self) -> Vec<EventId> {
self.prev_events.to_vec()
}
fn auth_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + '_> {
Box::new(self.auth_events.iter())
fn depth(&self) -> &UInt {
&self.depth
}
fn redacts(&self) -> Option<&Self::Id> {
fn auth_events(&self) -> Vec<EventId> {
self.auth_events.to_vec()
}
fn redacts(&self) -> Option<&EventId> {
self.redacts.as_ref()
}
fn hashes(&self) -> &EventHash {
&self.hashes
}
fn signatures(&self) -> BTreeMap<Box<ServerName>, BTreeMap<ruma::ServerSigningKeyId, String>> {
self.signatures.clone()
}
fn unsigned(&self) -> &BTreeMap<String, serde_json::Value> {
&self.unsigned
}
}
// These impl's allow us to dedup state snapshots when resolving state
@ -332,23 +321,18 @@ impl Ord for PduEvent { @@ -332,23 +321,18 @@ impl Ord for PduEvent {
///
/// Returns a tuple of the new `EventId` and the PDU as a `BTreeMap<String, CanonicalJsonValue>`.
pub(crate) fn gen_event_id_canonical_json(
pdu: &RawJsonValue,
) -> crate::Result<(Box<EventId>, CanonicalJsonObject)> {
let value = serde_json::from_str(pdu.get()).map_err(|e| {
warn!("Error parsing incoming event {:?}: {:?}", pdu, e);
Error::BadServerResponse("Invalid PDU in server response")
})?;
let event_id = format!(
pdu: &Raw<ruma::events::pdu::Pdu>,
) -> (EventId, CanonicalJsonObject) {
let value = serde_json::from_str(pdu.json().get()).expect("A Raw<...> is always valid JSON");
let event_id = EventId::try_from(&*format!(
"${}",
// Anything higher than version3 behaves the same
ruma::signatures::reference_hash(&value, &RoomVersionId::V6)
ruma::signatures::reference_hash(&value, &RoomVersionId::Version6)
.expect("ruma can calculate reference hashes")
)
.try_into()
))
.expect("ruma's reference hashes are valid event ids");
Ok((event_id, value))
(event_id, value)
}
/// Build the start of a PDU in order to add it to the `Database`.
@ -356,22 +340,8 @@ pub(crate) fn gen_event_id_canonical_json( @@ -356,22 +340,8 @@ pub(crate) fn gen_event_id_canonical_json(
pub struct PduBuilder {
#[serde(rename = "type")]
pub event_type: EventType,
pub content: Box<RawJsonValue>,
pub content: serde_json::Value,
pub unsigned: Option<BTreeMap<String, serde_json::Value>>,
pub state_key: Option<String>,
pub redacts: Option<Arc<EventId>>,
}
/// Direct conversion prevents loss of the empty `state_key` that ruma requires.
impl From<AnyInitialStateEvent> for PduBuilder {
fn from(event: AnyInitialStateEvent) -> Self {
Self {
event_type: EventType::from(event.event_type()),
content: to_raw_value(&event.content())
.expect("AnyStateEventContent came from JSON and can thus turn back into JSON."),
unsigned: None,
state_key: Some(event.state_key().to_owned()),
redacts: None,
}
}
pub redacts: Option<EventId>,
}

256
src/push_rules.rs
Unescape View File

@ -0,0 +1,256 @@ @@ -0,0 +1,256 @@
use ruma::{
push::{
Action, ConditionalPushRule, ConditionalPushRuleInit, ContentPushRule, OverridePushRule,
PatternedPushRule, PatternedPushRuleInit, PushCondition, RoomMemberCountIs, Ruleset, Tweak,
UnderridePushRule,
},
UserId,
};
pub fn default_pushrules(user_id: &UserId) -> Ruleset {
let mut rules = Ruleset::default();
rules.add(ContentPushRule(contains_user_name_rule(&user_id)));
for rule in vec![
master_rule(),
suppress_notices_rule(),
invite_for_me_rule(),
member_event_rule(),
contains_display_name_rule(),
tombstone_rule(),
roomnotif_rule(),
] {
rules.add(OverridePushRule(rule));
}
for rule in vec![
call_rule(),
encrypted_room_one_to_one_rule(),
room_one_to_one_rule(),
message_rule(),
encrypted_rule(),
] {
rules.add(UnderridePushRule(rule));
}
rules
}
pub fn master_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::DontNotify],
default: true,
enabled: false,
rule_id: ".m.rule.master".to_owned(),
conditions: vec![],
}
.into()
}
pub fn suppress_notices_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::DontNotify],
default: true,
enabled: true,
rule_id: ".m.rule.suppress_notices".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "content.msgtype".to_owned(),
pattern: "m.notice".to_owned(),
}],
}
.into()
}
pub fn invite_for_me_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("default".to_owned())),
Action::SetTweak(Tweak::Highlight(false)),
],
default: true,
enabled: true,
rule_id: ".m.rule.invite_for_me".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "content.membership".to_owned(),
pattern: "m.invite".to_owned(),
}],
}
.into()
}
pub fn member_event_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::DontNotify],
default: true,
enabled: true,
rule_id: ".m.rule.member_event".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "content.membership".to_owned(),
pattern: "type".to_owned(),
}],
}
.into()
}
pub fn contains_display_name_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("default".to_owned())),
Action::SetTweak(Tweak::Highlight(true)),
],
default: true,
enabled: true,
rule_id: ".m.rule.contains_display_name".to_owned(),
conditions: vec![PushCondition::ContainsDisplayName],
}
.into()
}
pub fn tombstone_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::Notify, Action::SetTweak(Tweak::Highlight(true))],
default: true,
enabled: true,
rule_id: ".m.rule.tombstone".to_owned(),
conditions: vec![
PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.room.tombstone".to_owned(),
},
PushCondition::EventMatch {
key: "state_key".to_owned(),
pattern: "".to_owned(),
},
],
}
.into()
}
pub fn roomnotif_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::Notify, Action::SetTweak(Tweak::Highlight(true))],
default: true,
enabled: true,
rule_id: ".m.rule.roomnotif".to_owned(),
conditions: vec![
PushCondition::EventMatch {
key: "content.body".to_owned(),
pattern: "@room".to_owned(),
},
PushCondition::SenderNotificationPermission {
key: "room".to_owned(),
},
],
}
.into()
}
pub fn contains_user_name_rule(user_id: &UserId) -> PatternedPushRule {
PatternedPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("default".to_owned())),
Action::SetTweak(Tweak::Highlight(true)),
],
default: true,
enabled: true,
rule_id: ".m.rule.contains_user_name".to_owned(),
pattern: user_id.localpart().to_owned(),
}
.into()
}
pub fn call_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("ring".to_owned())),
Action::SetTweak(Tweak::Highlight(false)),
],
default: true,
enabled: true,
rule_id: ".m.rule.call".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.call.invite".to_owned(),
}],
}
.into()
}
pub fn encrypted_room_one_to_one_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("default".to_owned())),
Action::SetTweak(Tweak::Highlight(false)),
],
default: true,
enabled: true,
rule_id: ".m.rule.encrypted_room_one_to_one".to_owned(),
conditions: vec![
PushCondition::RoomMemberCount {
is: RoomMemberCountIs::from(2_u32.into()..),
},
PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.room.encrypted".to_owned(),
},
],
}
.into()
}
pub fn room_one_to_one_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![
Action::Notify,
Action::SetTweak(Tweak::Sound("default".to_owned())),
Action::SetTweak(Tweak::Highlight(false)),
],
default: true,
enabled: true,
rule_id: ".m.rule.room_one_to_one".to_owned(),
conditions: vec![
PushCondition::RoomMemberCount {
is: RoomMemberCountIs::from(2_u32.into()..),
},
PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.room.message".to_owned(),
},
],
}
.into()
}
pub fn message_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::Notify, Action::SetTweak(Tweak::Highlight(false))],
default: true,
enabled: true,
rule_id: ".m.rule.message".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.room.message".to_owned(),
}],
}
.into()
}
pub fn encrypted_rule() -> ConditionalPushRule {
ConditionalPushRuleInit {
actions: vec![Action::Notify, Action::SetTweak(Tweak::Highlight(false))],
default: true,
enabled: true,
rule_id: ".m.rule.encrypted".to_owned(),
conditions: vec![PushCondition::EventMatch {
key: "type".to_owned(),
pattern: "m.room.encrypted".to_owned(),
}],
}
.into()
}

493
src/ruma_wrapper.rs
Unescape View File

@ -1,339 +1,173 @@ @@ -1,339 +1,173 @@
use crate::{database::DatabaseGuard, Error};
use crate::Error;
use ruma::{
api::{client::r0::uiaa::UiaaResponse, OutgoingResponse},
api::{AuthScheme, IncomingRequest, OutgoingRequest},
identifiers::{DeviceId, UserId},
signatures::CanonicalJsonValue,
Outgoing, ServerName,
Outgoing,
};
use std::{
convert::{TryFrom, TryInto},
ops::Deref,
};
use std::ops::Deref;
#[cfg(feature = "conduit_bin")]
use {
crate::server_server,
crate::utils,
log::{debug, warn},
rocket::{
data::{self, ByteUnit, Data, FromData},
data::{
ByteUnit, Data, FromDataFuture, FromTransformedData, Transform, TransformFuture,
Transformed,
},
http::Status,
outcome::Outcome::*,
response::{self, Responder},
tokio::io::AsyncReadExt,
Request,
Request, State,
},
ruma::api::{AuthScheme, IncomingRequest},
std::collections::BTreeMap,
std::io::Cursor,
tracing::{debug, warn},
};
/// This struct converts rocket requests into ruma structs by converting them into http requests
/// first.
pub struct Ruma<T: Outgoing> {
pub struct Ruma<T: Outgoing + OutgoingRequest> {
pub body: T::Incoming,
pub sender_user: Option<Box<UserId>>,
pub sender_user: Option<UserId>,
pub sender_device: Option<Box<DeviceId>>,
pub sender_servername: Option<Box<ServerName>>,
// This is None when body is not a valid string
pub json_body: Option<CanonicalJsonValue>,
pub json_body: Option<Box<serde_json::value::RawValue>>, // This is None when body is not a valid string
pub from_appservice: bool,
}
#[cfg(feature = "conduit_bin")]
#[rocket::async_trait]
impl<'a, T: Outgoing> FromData<'a> for Ruma<T>
impl<'a, T: Outgoing + OutgoingRequest> FromTransformedData<'a> for Ruma<T>
where
T::Incoming: IncomingRequest,
{
type Error = ();
type Owned = Data;
type Borrowed = Self::Owned;
fn transform<'r>(
_req: &'r Request<'_>,
data: Data,
) -> TransformFuture<'r, Self::Owned, Self::Error> {
Box::pin(async move { Transform::Owned(Success(data)) })
}
#[tracing::instrument(skip(request, data))]
async fn from_data(
fn from_data(
request: &'a Request<'_>,
data: Data<'a>,
) -> data::Outcome<'a, Self, Self::Error> {
let metadata = T::Incoming::METADATA;
let db = request
.guard::<DatabaseGuard>()
.await
.expect("database was loaded");
// Get token from header or query value
let token = request
.headers()
.get_one("Authorization")
.and_then(|s| s.get(7..)) // Split off "Bearer "
.or_else(|| request.query_value("access_token").and_then(|r| r.ok()));
let limit = db.globals.max_request_size();
let mut handle = data.open(ByteUnit::Byte(limit.into()));
let mut body = Vec::new();
if handle.read_to_end(&mut body).await.is_err() {
// Client disconnected
// Missing Token
return Failure((Status::new(582), ()));
}
let mut json_body = serde_json::from_slice::<CanonicalJsonValue>(&body).ok();
let (sender_user, sender_device, sender_servername, from_appservice) = if let Some((
_id,
registration,
)) = db
.appservice
.all()
.unwrap()
.iter()
.find(|(_id, registration)| {
registration
.get("as_token")
.and_then(|as_token| as_token.as_str())
.map_or(false, |as_token| token == Some(as_token))
}) {
match metadata.authentication {
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
let user_id = request.query_value::<String>("user_id").map_or_else(
|| {
UserId::parse_with_server_name(
registration
.get("sender_localpart")
outcome: Transformed<'a, Self>,
) -> FromDataFuture<'a, Self, Self::Error> {
Box::pin(async move {
let data = rocket::try_outcome!(outcome.owned());
let db = request
.guard::<State<'_, crate::Database>>()
.await
.expect("database was loaded");
// Get token from header or query value
let token = request
.headers()
.get_one("Authorization")
.map(|s| s[7..].to_owned()) // Split off "Bearer "
.or_else(|| request.get_query_value("access_token").and_then(|r| r.ok()));
let (sender_user, sender_device, from_appservice) = if let Some((_id, registration)) =
db.appservice
.iter_all()
.filter_map(|r| r.ok())
.find(|(_id, registration)| {
registration
.get("as_token")
.and_then(|as_token| as_token.as_str())
.map_or(false, |as_token| token.as_deref() == Some(as_token))
}) {
match T::METADATA.authentication {
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
let user_id = request.get_query_value::<String>("user_id").map_or_else(
|| {
UserId::parse_with_server_name(
registration
.get("sender_localpart")
.unwrap()
.as_str()
.unwrap(),
db.globals.server_name(),
)
.unwrap()
},
|string| {
UserId::try_from(string.expect("parsing to string always works"))
.unwrap()
.as_str()
.unwrap(),
db.globals.server_name(),
)
.unwrap()
},
|string| {
UserId::parse(string.expect("parsing to string always works")).unwrap()
},
);
if !db.users.exists(&user_id).unwrap() {
// Forbidden
return Failure((Status::new(580), ()));
}
// TODO: Check if appservice is allowed to be that user
(Some(user_id), None, None, true)
}
AuthScheme::ServerSignatures => (None, None, None, true),
AuthScheme::None => (None, None, None, true),
}
} else {
match metadata.authentication {
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
if let Some(token) = token {
match db.users.find_from_token(token).unwrap() {
// Unknown Token
None => return Failure((Status::new(581), ())),
Some((user_id, device_id)) => (
Some(user_id),
Some(Box::<DeviceId>::from(device_id)),
None,
false,
),
}
} else {
// Missing Token
return Failure((Status::new(582), ()));
}
}
AuthScheme::ServerSignatures => {
// Get origin from header
let x_matrix = match request
.headers()
.get_one("Authorization")
.and_then(|s| s.get(9..)) // Split off "X-Matrix " and parse the rest
.map(|s| {
s.split_terminator(',')
.map(|field| {
let mut splits = field.splitn(2, '=');
(splits.next(), splits.next().map(|s| s.trim_matches('"')))
})
.collect::<BTreeMap<_, _>>()
}) {
Some(t) => t,
None => {
warn!("No Authorization header");
// Forbidden
return Failure((Status::new(580), ()));
}
};
let origin_str = match x_matrix.get(&Some("origin")) {
Some(Some(o)) => *o,
_ => {
warn!("Invalid X-Matrix header origin field: {:?}", x_matrix);
},
);
if !db.users.exists(&user_id).unwrap() {
// Forbidden
return Failure((Status::new(580), ()));
return Failure((Status::raw(580), ()));
}
};
let origin = match ServerName::parse(origin_str) {
Ok(s) => s,
_ => {
warn!(
"Invalid server name in X-Matrix header origin field: {:?}",
x_matrix
);
// Forbidden
return Failure((Status::new(580), ()));
}
};
let key = match x_matrix.get(&Some("key")) {
Some(Some(k)) => *k,
_ => {
warn!("Invalid X-Matrix header key field: {:?}", x_matrix);
// Forbidden
return Failure((Status::new(580), ()));
}
};
let sig = match x_matrix.get(&Some("sig")) {
Some(Some(s)) => *s,
_ => {
warn!("Invalid X-Matrix header sig field: {:?}", x_matrix);
// Forbidden
return Failure((Status::new(580), ()));
}
};
let mut request_map = BTreeMap::<String, CanonicalJsonValue>::new();
if let Some(json_body) = &json_body {
request_map.insert("content".to_owned(), json_body.clone());
};
request_map.insert(
"method".to_owned(),
CanonicalJsonValue::String(request.method().to_string()),
);
request_map.insert(
"uri".to_owned(),
CanonicalJsonValue::String(request.uri().to_string()),
);
request_map.insert(
"origin".to_owned(),
CanonicalJsonValue::String(origin.as_str().to_owned()),
);
request_map.insert(
"destination".to_owned(),
CanonicalJsonValue::String(db.globals.server_name().as_str().to_owned()),
);
let mut origin_signatures = BTreeMap::new();
origin_signatures
.insert(key.to_owned(), CanonicalJsonValue::String(sig.to_owned()));
let mut signatures = BTreeMap::new();
signatures.insert(
origin.as_str().to_owned(),
CanonicalJsonValue::Object(origin_signatures),
);
request_map.insert(
"signatures".to_owned(),
CanonicalJsonValue::Object(signatures),
);
let keys =
match server_server::fetch_signing_keys(&db, &origin, vec![key.to_owned()])
.await
{
Ok(b) => b,
Err(e) => {
warn!("Failed to fetch signing keys: {}", e);
// Forbidden
return Failure((Status::new(580), ()));
}
};
let mut pub_key_map = BTreeMap::new();
pub_key_map.insert(origin.as_str().to_owned(), keys);
match ruma::signatures::verify_json(&pub_key_map, &request_map) {
Ok(()) => (None, None, Some(origin), false),
Err(e) => {
warn!(
"Failed to verify json request from {}: {}\n{:?}",
origin, e, request_map
);
if request.uri().to_string().contains('@') {
warn!("Request uri contained '@' character. Make sure your reverse proxy gives Conduit the raw uri (apache: use nocanon)");
// TODO: Check if appservice is allowed to be that user
(Some(user_id), None, true)
}
AuthScheme::ServerSignatures => (None, None, true),
AuthScheme::None => (None, None, true),
}
} else {
match T::METADATA.authentication {
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
if let Some(token) = token {
match db.users.find_from_token(&token).unwrap() {
// Unknown Token
None => return Failure((Status::raw(581), ())),
Some((user_id, device_id)) => {
(Some(user_id), Some(device_id.into()), false)
}
}
// Forbidden
return Failure((Status::new(580), ()));
} else {
// Missing Token
return Failure((Status::raw(582), ()));
}
}
AuthScheme::ServerSignatures => (None, None, false),
AuthScheme::None => (None, None, false),
}
AuthScheme::None => (None, None, None, false),
}
};
};
let mut http_request = http::Request::builder()
.uri(request.uri().to_string())
.method(&*request.method().to_string());
for header in request.headers().iter() {
http_request = http_request.header(header.name.as_str(), &*header.value);
}
if let Some(json_body) = json_body.as_mut().and_then(|val| val.as_object_mut()) {
let user_id = sender_user.clone().unwrap_or_else(|| {
UserId::parse_with_server_name("", db.globals.server_name())
.expect("we know this is valid")
});
let mut http_request = http::Request::builder()
.uri(request.uri().to_string())
.method(&*request.method().to_string());
for header in request.headers().iter() {
http_request = http_request.header(header.name.as_str(), &*header.value);
}
if let Some(CanonicalJsonValue::Object(initial_request)) = json_body
.get("auth")
.and_then(|auth| auth.as_object())
.and_then(|auth| auth.get("session"))
.and_then(|session| session.as_str())
.and_then(|session| {
db.uiaa
.get_uiaa_request(
&user_id,
&sender_device.clone().unwrap_or_else(|| "".into()),
session,
)
let limit = db.globals.max_request_size();
let mut handle = data.open(ByteUnit::Byte(limit.into()));
let mut body = Vec::new();
handle.read_to_end(&mut body).await.unwrap();
let http_request = http_request.body(body.clone()).unwrap();
debug!("{:?}", http_request);
match <T::Incoming as IncomingRequest>::try_from_http_request(http_request) {
Ok(t) => Success(Ruma {
body: t,
sender_user,
sender_device,
// TODO: Can we avoid parsing it again? (We only need this for append_pdu)
json_body: utils::string_from_bytes(&body)
.ok()
.flatten()
})
{
for (key, value) in initial_request {
json_body.entry(key).or_insert(value);
.and_then(|s| serde_json::value::RawValue::from_string(s).ok()),
from_appservice,
}),
Err(e) => {
warn!("{:?}", e);
Failure((Status::raw(583), ()))
}
}
body = serde_json::to_vec(json_body).expect("value to bytes can't fail");
}
let http_request = http_request.body(&*body).unwrap();
debug!("{:?}", http_request);
match <T::Incoming as IncomingRequest>::try_from_http_request(http_request) {
Ok(t) => Success(Ruma {
body: t,
sender_user,
sender_device,
sender_servername,
from_appservice,
json_body,
}),
Err(e) => {
warn!("{:?}", e);
// Bad Json
Failure((Status::new(583), ()))
}
}
})
}
}
impl<T: Outgoing> Deref for Ruma<T> {
impl<T: Outgoing + OutgoingRequest> Deref for Ruma<T> {
type Target = T::Incoming;
fn deref(&self) -> &Self::Target {
@ -342,62 +176,53 @@ impl<T: Outgoing> Deref for Ruma<T> { @@ -342,62 +176,53 @@ impl<T: Outgoing> Deref for Ruma<T> {
}
/// This struct converts ruma responses into rocket http responses.
pub type ConduitResult<T> = Result<RumaResponse<T>, Error>;
pub fn response<T: OutgoingResponse>(response: RumaResponse<T>) -> response::Result<'static> {
let http_response = response
.0
.try_into_http_response::<Vec<u8>>()
.map_err(|_| Status::InternalServerError)?;
let mut response = rocket::response::Response::build();
pub type ConduitResult<T> = std::result::Result<RumaResponse<T>, Error>;
let status = http_response.status();
response.status(Status::new(status.as_u16()));
pub struct RumaResponse<T: TryInto<http::Response<Vec<u8>>>>(pub T);
for header in http_response.headers() {
response.raw_header(header.0.to_string(), header.1.to_str().unwrap().to_owned());
}
let http_body = http_response.into_body();
response.sized_body(http_body.len(), Cursor::new(http_body));
response.raw_header("Access-Control-Allow-Origin", "*");
response.raw_header(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS",
);
response.raw_header(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, Authorization",
);
response.raw_header("Access-Control-Max-Age", "86400");
response.ok()
}
#[derive(Clone)]
pub struct RumaResponse<T>(pub T);
impl<T> From<T> for RumaResponse<T> {
impl<T: TryInto<http::Response<Vec<u8>>>> From<T> for RumaResponse<T> {
fn from(t: T) -> Self {
Self(t)
}
}
impl From<Error> for RumaResponse<UiaaResponse> {
fn from(t: Error) -> Self {
t.to_response()
}
}
#[cfg(feature = "conduit_bin")]
impl<'r, 'o, T> Responder<'r, 'o> for RumaResponse<T>
where
T: Send + TryInto<http::Response<Vec<u8>>>,
T::Error: Send,
'o: 'r,
T: OutgoingResponse,
{
fn respond_to(self, _: &'r Request<'_>) -> response::Result<'o> {
response(self)
let http_response: Result<http::Response<_>, _> = self.0.try_into();
match http_response {
Ok(http_response) => {
let mut response = rocket::response::Response::build();
let status = http_response.status();
response.raw_status(status.into(), "");
for header in http_response.headers() {
response
.raw_header(header.0.to_string(), header.1.to_str().unwrap().to_owned());
}
let http_body = http_response.into_body();
response.sized_body(http_body.len(), Cursor::new(http_body));
response.raw_header("Access-Control-Allow-Origin", "*");
response.raw_header(
"Access-Control-Allow-Methods",
"GET, POST, PUT, DELETE, OPTIONS",
);
response.raw_header(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, Authorization",
);
response.ok()
}
Err(_) => Err(Status::InternalServerError),
}
}
}

3968
src/server_server.rs
View File

File diff suppressed because it is too large Load Diff

85
src/utils.rs
Unescape View File

@ -2,14 +2,13 @@ use argon2::{Config, Variant}; @@ -2,14 +2,13 @@ use argon2::{Config, Variant};
use cmp::Ordering;
use rand::prelude::*;
use ruma::serde::{try_from_json_map, CanonicalJsonError, CanonicalJsonObject};
use sled::IVec;
use std::{
cmp,
convert::TryInto,
str::FromStr,
time::{SystemTime, UNIX_EPOCH},
};
#[tracing::instrument]
pub fn millis_since_unix_epoch() -> u64 {
SystemTime::now()
.duration_since(UNIX_EPOCH)
@ -29,30 +28,29 @@ pub fn increment(old: Option<&[u8]>) -> Option<Vec<u8>> { @@ -29,30 +28,29 @@ pub fn increment(old: Option<&[u8]>) -> Option<Vec<u8>> {
Some(number.to_be_bytes().to_vec())
}
pub fn generate_keypair() -> Vec<u8> {
let mut value = random_string(8).as_bytes().to_vec();
value.push(0xff);
value.extend_from_slice(
&ruma::signatures::Ed25519KeyPair::generate()
.expect("Ed25519KeyPair generation always works (?)"),
);
value
pub fn generate_keypair(old: Option<&[u8]>) -> Option<Vec<u8>> {
Some(old.map(|s| s.to_vec()).unwrap_or_else(|| {
let mut value = random_string(8).as_bytes().to_vec();
value.push(0xff);
value.extend_from_slice(
&ruma::signatures::Ed25519KeyPair::generate()
.expect("Ed25519KeyPair generation always works (?)"),
);
value
}))
}
/// Parses the bytes into an u64.
#[tracing::instrument(skip(bytes))]
pub fn u64_from_bytes(bytes: &[u8]) -> Result<u64, std::array::TryFromSliceError> {
let array: [u8; 8] = bytes.try_into()?;
Ok(u64::from_be_bytes(array))
}
/// Parses the bytes into a string.
#[tracing::instrument(skip(bytes))]
pub fn string_from_bytes(bytes: &[u8]) -> Result<String, std::string::FromUtf8Error> {
String::from_utf8(bytes.to_vec())
}
#[tracing::instrument(skip(length))]
pub fn random_string(length: usize) -> String {
thread_rng()
.sample_iter(&rand::distributions::Alphanumeric)
@ -62,7 +60,6 @@ pub fn random_string(length: usize) -> String { @@ -62,7 +60,6 @@ pub fn random_string(length: usize) -> String {
}
/// Calculate a new hash for the given password
#[tracing::instrument(skip(password))]
pub fn calculate_hash(password: &str) -> Result<String, argon2::Error> {
let hashing_config = Config {
variant: Variant::Argon2id,
@ -73,35 +70,36 @@ pub fn calculate_hash(password: &str) -> Result<String, argon2::Error> { @@ -73,35 +70,36 @@ pub fn calculate_hash(password: &str) -> Result<String, argon2::Error> {
argon2::hash_encoded(password.as_bytes(), salt.as_bytes(), &hashing_config)
}
#[tracing::instrument(skip(iterators, check_order))]
pub fn common_elements(
mut iterators: impl Iterator<Item = impl Iterator<Item = Vec<u8>>>,
check_order: impl Fn(&[u8], &[u8]) -> Ordering,
) -> Option<impl Iterator<Item = Vec<u8>>> {
mut iterators: impl Iterator<Item = impl Iterator<Item = IVec>>,
check_order: impl Fn(&IVec, &IVec) -> Ordering,
) -> Option<impl Iterator<Item = IVec>> {
let first_iterator = iterators.next()?;
let mut other_iterators = iterators.map(|i| i.peekable()).collect::<Vec<_>>();
Some(first_iterator.filter(move |target| {
other_iterators.iter_mut().all(|it| {
while let Some(element) = it.peek() {
match check_order(element, target) {
Ordering::Greater => return false, // We went too far
Ordering::Equal => return true, // Element is in both iters
Ordering::Less => {
// Keep searching
it.next();
other_iterators
.iter_mut()
.map(|it| {
while let Some(element) = it.peek() {
match check_order(element, target) {
Ordering::Greater => return false, // We went too far
Ordering::Equal => return true, // Element is in both iters
Ordering::Less => {
// Keep searching
it.next();
}
}
}
}
false
})
false
})
.all(|b| b)
}))
}
/// Fallible conversion from any value that implements `Serialize` to a `CanonicalJsonObject`.
///
/// `value` must serialize to an `serde_json::Value::Object`.
#[tracing::instrument(skip(value))]
pub fn to_canonical_object<T: serde::Serialize>(
value: T,
) -> Result<CanonicalJsonObject, CanonicalJsonError> {
@ -114,30 +112,3 @@ pub fn to_canonical_object<T: serde::Serialize>( @@ -114,30 +112,3 @@ pub fn to_canonical_object<T: serde::Serialize>(
))),
}
}
#[tracing::instrument(skip(deserializer))]
pub fn deserialize_from_str<
'de,
D: serde::de::Deserializer<'de>,
T: FromStr<Err = E>,
E: std::fmt::Display,
>(
deserializer: D,
) -> Result<T, D::Error> {
struct Visitor<T: FromStr<Err = E>, E>(std::marker::PhantomData<T>);
impl<'de, T: FromStr<Err = Err>, Err: std::fmt::Display> serde::de::Visitor<'de>
for Visitor<T, Err>
{
type Value = T;
fn expecting(&self, formatter: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(formatter, "a parsable string")
}
fn visit_str<E>(self, v: &str) -> Result<Self::Value, E>
where
E: serde::de::Error,
{
v.parse().map_err(serde::de::Error::custom)
}
}
deserializer.deserialize_str(Visitor(std::marker::PhantomData))
}

25
tests/Complement.Dockerfile
Unescape View File

@ -1,4 +1,3 @@ @@ -1,4 +1,3 @@
# For use in our CI only. This requires a build artifact created by a previous run pipline stage to be placed in cached_target/release/conduit
FROM valkum/docker-rust-ci:latest as builder
WORKDIR /workdir
@ -10,9 +9,7 @@ ARG SCCACHE_ENDPOINT @@ -10,9 +9,7 @@ ARG SCCACHE_ENDPOINT
ARG SCCACHE_S3_USE_SSL
COPY . .
RUN mkdir -p target/release
RUN test -e cached_target/release/conduit && cp cached_target/release/conduit target/release/conduit || cargo build --release
RUN test -e cached_target/release/conduit || cargo build --release
FROM valkum/docker-rust-ci:latest
WORKDIR /workdir
@ -20,30 +17,24 @@ WORKDIR /workdir @@ -20,30 +17,24 @@ WORKDIR /workdir
RUN curl -OL "https://github.com/caddyserver/caddy/releases/download/v2.2.1/caddy_2.2.1_linux_amd64.tar.gz"
RUN tar xzf caddy_2.2.1_linux_amd64.tar.gz
COPY cached_target/release/conduit /workdir/conduit
RUN chmod +x /workdir/conduit
RUN chmod +x /workdir/caddy
COPY --from=builder /workdir/target/debug/conduit /workdir/conduit
COPY conduit-example.toml conduit.toml
COPY Rocket-example.toml Rocket.toml
ENV SERVER_NAME=localhost
ENV ROCKET_LOG=normal
ENV CONDUIT_CONFIG=/workdir/conduit.toml
RUN sed -i "s/port = 6167/port = 8008/g" conduit.toml
RUN echo "allow_federation = true" >> conduit.toml
RUN echo "allow_encryption = true" >> conduit.toml
RUN echo "allow_registration = true" >> conduit.toml
RUN echo "log = \"info,rocket=info,_=off,sled=off\"" >> conduit.toml
RUN sed -i "s/address = \"127.0.0.1\"/address = \"0.0.0.0\"/g" conduit.toml
RUN sed -i "s/port = 14004/port = 8008/g" Rocket.toml
RUN echo "federation_enabled = true" >> Rocket.toml
# Enabled Caddy auto cert generation for complement provided CA.
RUN echo '{"logging":{"logs":{"default":{"level":"WARN"}}}, "apps":{"http":{"https_port":8448,"servers":{"srv0":{"listen":[":8448"],"routes":[{"match":[{"host":["your.server.name"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"127.0.0.1:8008"}]}]}]}],"terminal":true}],"tls_connection_policies": [{"match": {"sni": ["your.server.name"]}}]}}},"pki": {"certificate_authorities": {"local": {"name": "Complement CA","root": {"certificate": "/ca/ca.crt","private_key": "/ca/ca.key"},"intermediate": {"certificate": "/ca/ca.crt","private_key": "/ca/ca.key"}}}},"tls":{"automation":{"policies":[{"subjects":["your.server.name"],"issuer":{"module":"internal"},"on_demand":true},{"issuer":{"module":"internal", "ca": "local"}}]}}}}' > caddy.json
RUN echo '{"apps":{"http":{"https_port":8448,"servers":{"srv0":{"listen":[":8448"],"routes":[{"match":[{"host":["your.server.name"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"localhost:8008"}]}]}]}],"terminal":true}],"tls_connection_policies": [{"match": {"sni": ["your.server.name"]}}]}}},"pki": {"certificate_authorities": {"local": {"name": "Complement CA","root": {"certificate": "/ca/ca.crt","private_key": "/ca/ca.key"},"intermediate": {"certificate": "/ca/ca.crt","private_key": "/ca/ca.key"}}}},"tls":{"automation":{"policies":[{"subjects":["your.server.name"],"issuer":{"module":"internal"},"on_demand":true},{"issuer":{"module":"internal", "ca": "local"}}]}}}}' > caddy.json
EXPOSE 8008 8448
CMD ([ -z "${COMPLEMENT_CA}" ] && echo "Error: Need Complement PKI support" && true) || \
sed -i "s/#server_name = \"your.server.name\"/server_name = \"${SERVER_NAME}\"/g" conduit.toml && \
sed -i "s/server_name = \"your.server.name\"/server_name = \"${SERVER_NAME}\"/g" Rocket.toml && \
sed -i "s/your.server.name/${SERVER_NAME}/g" caddy.json && \
/workdir/caddy start --config caddy.json > /dev/null && \
/workdir/conduit

385
tests/sytest/sytest-whitelist
Unescape View File

@ -1,335 +1,71 @@ @@ -1,335 +1,71 @@
/event/ does not allow access to events before the user joined
/event/ on joined room works
/event/ on non world readable room does not work
/joined_members return joined members
/joined_rooms returns only joined rooms
/whois
3pid invite join valid signature but revoked keys are rejected
3pid invite join valid signature but unreachable ID server are rejected
3pid invite join with wrong but valid signature are rejected
A change to displayname should appear in incremental /sync
A full_state incremental update returns all state
A full_state incremental update returns only recent timeline
A message sent after an initial sync appears in the timeline of an incremental sync.
A next_batch token can be used in the v1 messages API
A pair of events which redact each other should be ignored
A pair of servers can establish a join in a v2 room
A prev_batch token can be used in the v1 messages API
AS can create a user
AS can create a user with an underscore
AS can create a user with inhibit_login
AS can set avatar for ghosted users
AS can set displayname for ghosted users
AS can't set displayname for random users
AS cannot create users outside its own namespace
AS user (not ghost) can join room without registering
AS user (not ghost) can join room without registering, with user_id query param
After changing password, a different session no longer works by default
After changing password, can log in with new password
After changing password, can't log in with old password
After changing password, different sessions can optionally be kept
After changing password, existing session still works
After deactivating account, can't log in with an email
After deactivating account, can't log in with password
Alias creators can delete alias with no ops
Alias creators can delete canonical alias with no ops
Alternative server names do not cause a routing loop
An event which redacts an event in a different room should be ignored
An event which redacts itself should be ignored
Asking for a remote rooms list, but supplying the local server's name, returns the local rooms list
Backfill checks the events requested belong to the room
Backfill works correctly with history visibility set to joined
Backfilled events whose prev_events are in a different room do not allow cross-room back-pagination
Banned servers cannot /event_auth
Banned servers cannot /invite
Banned servers cannot /make_join
Banned servers cannot /make_leave
Banned servers cannot /send_join
Banned servers cannot /send_leave
Banned servers cannot backfill
Banned servers cannot get missing events
Banned servers cannot get room state
Banned servers cannot get room state ids
Banned servers cannot send events
Banned user is kicked and may not rejoin until unbanned
Both GET and PUT work
Can /sync newly created room
Can add account data
Can add account data to room
Can add tag
Can claim one time key using POST
Can claim remote one time key using POST
Can create filter
Can deactivate account
Can delete canonical alias
Can download file 'ascii'
Can download file 'name with spaces'
Can download file 'name;with;semicolons'
Can download filter
Can download specifying a different ASCII file name
Can download specifying a different Unicode file name
Can download with Unicode file name locally
Can download with Unicode file name over federation
Can download without a file name locally
Can download without a file name over federation
Can forget room you've been kicked from
Can get 'm.room.name' state for a departed room (SPEC-216)
Can get account data without syncing
Can get remote public room list
Can get room account data without syncing
Can get rooms/{roomId}/members
Can get rooms/{roomId}/members for a departed room (SPEC-216)
Can get rooms/{roomId}/state for a departed room (SPEC-216)
Can invite users to invite-only rooms
Can list tags for a room
Can logout all devices
Can logout current device
Can paginate public room list
Can pass a JSON filter as a query parameter
Can query device keys using POST
Can query remote device keys using POST
Can query specific device keys using POST
Can re-join room if re-invited
Can read configuration endpoint
Can receive redactions from regular users over federation in room version 1
Can receive redactions from regular users over federation in room version 2
Can receive redactions from regular users over federation in room version 3
Can receive redactions from regular users over federation in room version 4
Can receive redactions from regular users over federation in room version 5
Can receive redactions from regular users over federation in room version 6
Can recv a device message using /sync
Can recv a device message using /sync
Can recv device messages over federation
Can recv device messages until they are acknowledged
Can recv device messages until they are acknowledged
Can reject invites over federation for rooms with version 1
Can reject invites over federation for rooms with version 2
Can reject invites over federation for rooms with version 3
Can reject invites over federation for rooms with version 4
Can reject invites over federation for rooms with version 5
Can reject invites over federation for rooms with version 6
Can remove tag
Can search public room list
Can send a message directly to a device using PUT /sendToDevice
Can send a message directly to a device using PUT /sendToDevice
Can send a to-device message to two users which both receive it using /sync
Can send image in room message
Can send messages with a wildcard device id
Can send messages with a wildcard device id
Can send messages with a wildcard device id to two devices
Can send messages with a wildcard device id to two devices
Can sync
Can sync a joined room
Can sync a room with a message with a transaction id
Can sync a room with a single message
Can upload device keys
Can upload with ASCII file name
Can upload with Unicode file name
Can upload without a file name
Can't deactivate account with wrong password
Can't forget room you're still in
Changes to state are included in an gapped incremental sync
Changes to state are included in an incremental sync
Changing the actions of an unknown default rule fails with 404
Changing the actions of an unknown rule fails with 404
Checking local federation server
Creators can delete alias
Current state appears in timeline in private history
Current state appears in timeline in private history with many messages before
DELETE /device/{deviceId}
DELETE /device/{deviceId} requires UI auth user to match device owner
DELETE /device/{deviceId} with no body gives a 401
Deleted tags appear in an incremental v2 /sync
Deleting a non-existent alias should return a 404
Device list doesn't change if remote server is down
Device messages over federation wake up /sync
Device messages wake up /sync
Device messages wake up /sync
Device messages with the same txn_id are deduplicated
Device messages with the same txn_id are deduplicated
Enabling an unknown default rule fails with 404
Event size limits
Event with an invalid signature in the send_join response should not cause room join to fail
Events come down the correct room
Events whose auth_events are in the wrong room do not mess up the room state
Existing members see new members' join events
Federation key API allows unsigned requests for keys
Federation key API can act as a notary server via a GET request
Federation key API can act as a notary server via a POST request
Federation rejects inbound events where the prev_events cannot be found
Fetching eventstream a second time doesn't yield the message again
Forgetting room does not show up in v2 /sync
Full state sync includes joined rooms
GET /capabilities is present and well formed for registered user
GET /device/{deviceId}
GET /device/{deviceId} gives a 404 for unknown devices
GET /devices
GET /directory/room/:room_alias yields room ID
GET /events initially
GET /events with negative 'limit'
GET /events with non-numeric 'limit'
GET /events with non-numeric 'timeout'
GET /initialSync initially
GET /joined_rooms lists newly-created room
GET /login yields a set of flows
GET /media/r0/download can fetch the value again
GET /profile/:user_id/avatar_url publicly accessible
GET /profile/:user_id/displayname publicly accessible
GET /publicRooms includes avatar URLs
GET /publicRooms lists newly-created room
GET /publicRooms lists rooms
GET /r0/capabilities is not public
GET /register yields a set of flows
GET /rooms/:room_id/joined_members fetches my membership
GET /rooms/:room_id/messages returns a message
GET /rooms/:room_id/state fetches entire room state
GET /rooms/:room_id/state/m.room.member/:user_id fetches my membership
GET /rooms/:room_id/state/m.room.member/:user_id?format=event fetches my membership event
GET /rooms/:room_id/state/m.room.name gets name
GET /rooms/:room_id/state/m.room.power_levels can fetch levels
GET /rooms/:room_id/state/m.room.power_levels fetches powerlevels
GET /rooms/:room_id/state/m.room.topic gets topic
Get left notifs for other users in sync and /keys/changes when user leaves
Getting messages going forward is limited for a departed room (SPEC-216)
Getting push rules doesn't corrupt the cache SYN-390
Getting state IDs checks the events requested belong to the room
Getting state checks the events requested belong to the room
Ghost user must register before joining room
Guest non-joined user cannot call /events on default room
Guest non-joined user cannot call /events on invited room
Guest non-joined user cannot call /events on joined room
Guest non-joined user cannot call /events on shared room
Guest non-joined users can get individual state for world_readable rooms
Guest non-joined users can get individual state for world_readable rooms after leaving
Guest non-joined users can get state for world_readable rooms
Guest non-joined users cannot room initalSync for non-world_readable rooms
Guest non-joined users cannot send messages to guest_access rooms if not joined
Guest user can set display names
Guest user cannot call /events globally
Guest user cannot upgrade other users
Guest users can accept invites to private rooms over federation
Guest users can join guest_access rooms
Guest users can send messages to guest_access rooms if joined
If a device list update goes missing, the server resyncs on the next one
If remote user leaves room we no longer receive device updates
If remote user leaves room, changes device and rejoins we see update in /keys/changes
If remote user leaves room, changes device and rejoins we see update in sync
Inbound /make_join rejects attempts to join rooms where all users have left
Inbound /v1/make_join rejects remote attempts to join local users to rooms
Inbound /v1/send_join rejects incorrectly-signed joins
Inbound /v1/send_join rejects joins from other servers
Inbound /v1/send_leave rejects leaves from other servers
Inbound federation accepts a second soft-failed event
Inbound federation accepts attempts to join v2 rooms from servers with support
Inbound federation can backfill events
Inbound federation can get public room list
Inbound federation can get state for a room
Inbound federation can get state_ids for a room
Inbound federation can query profile data
Inbound federation can query room alias directory
Inbound federation can receive events
Inbound federation can receive invites via v1 API
Inbound federation can receive invites via v2 API
Inbound federation can receive redacted events
Inbound federation can receive v1 /send_join
Inbound federation can receive v2 /send_join
Inbound federation can return events
Inbound federation can return missing events for invite visibility
Inbound federation can return missing events for world_readable visibility
Inbound federation correctly soft fails events
Inbound federation of state requires event_id as a mandatory paramater
Inbound federation of state_ids requires event_id as a mandatory paramater
Inbound federation rejects attempts to join v1 rooms from servers without v1 support
Inbound federation rejects attempts to join v2 rooms from servers lacking version support
Inbound federation rejects attempts to join v2 rooms from servers only supporting v1
Inbound federation rejects invite rejections which include invalid JSON for room version 6
Inbound federation rejects invites which include invalid JSON for room version 6
Inbound federation rejects receipts from wrong remote
Inbound federation rejects remote attempts to join local users to rooms
Inbound federation rejects remote attempts to kick local users to rooms
Inbound federation rejects typing notifications from wrong remote
Inbound: send_join rejects invalid JSON for room version 6
Invalid JSON floats
Invalid JSON integers
Invalid JSON special values
Invited user can reject invite
Invited user can reject invite over federation
Invited user can reject invite over federation for empty room
Invited user can reject invite over federation several times
Invited user can see room metadata
Inviting an AS-hosted user asks the AS server
Lazy loading parameters in the filter are strictly boolean
Left rooms appear in the leave section of full state sync
Local delete device changes appear in v2 /sync
Local device key changes appear in /keys/changes
Local device key changes appear in v2 /sync
Local device key changes get to remote servers
Local new device changes appear in v2 /sync
Local non-members don't see posted message events
Local room members can get room messages
Local room members see posted message events
Local update device changes appear in v2 /sync
Local users can peek by room alias
Local users can peek into world_readable rooms by room ID
Message history can be paginated
Message history can be paginated over federation
Name/topic keys are correct
New account data appears in incremental v2 /sync
New read receipts appear in incremental v2 /sync
New room members see their own join event
New users appear in /keys/changes
Newly banned rooms appear in the leave section of incremental sync
Newly joined room is included in an incremental sync
Newly joined room is included in an incremental sync after invite
Newly left rooms appear in the leave section of gapped sync
Newly left rooms appear in the leave section of incremental sync
Newly updated tags appear in an incremental v2 /sync
Non-numeric ports in server names are rejected
Outbound federation can backfill events
Outbound federation can query profile data
Outbound federation can query room alias directory
Outbound federation can query v1 /send_join
Outbound federation can query v2 /send_join
Outbound federation can request missing events
Outbound federation can send events
Outbound federation can send invites via v1 API
Outbound federation can send invites via v2 API
Outbound federation can send room-join requests
Outbound federation correctly handles unsupported room versions
Outbound federation passes make_join failures through to the client
Outbound federation rejects backfill containing invalid JSON for events in room version 6
Outbound federation rejects m.room.create events with an unknown room version
Outbound federation rejects send_join responses with no m.room.create event
Outbound federation sends receipts
Outbound federation will ignore a missing event with bad JSON for room version 6
POST /createRoom creates a room with the given version
POST /createRoom ignores attempts to set the room version via creation_content
POST /createRoom makes a private room
POST /createRoom makes a private room with invites
POST /createRoom makes a public room
POST /createRoom makes a room with a name
POST /createRoom makes a room with a topic
POST /createRoom rejects attempts to create rooms with numeric versions
POST /createRoom rejects attempts to create rooms with unknown versions
POST /createRoom with creation content
POST /join/:room_alias can join a room
POST /join/:room_alias can join a room with custom content
POST /join/:room_id can join a room
POST /join/:room_id can join a room with custom content
POST /login as non-existing user is rejected
POST /login can log in as a user
POST /login can log in as a user with just the local part of the id
POST /login returns the same device_id as that in the request
POST /login wrong password is rejected
POST /media/r0/upload can create an upload
POST /redact disallows redaction of event in different room
POST /register allows registration of usernames with '-'
POST /register allows registration of usernames with '.'
POST /register allows registration of usernames with '/'
POST /register allows registration of usernames with '3'
POST /register allows registration of usernames with '='
POST /register allows registration of usernames with '_'
POST /register allows registration of usernames with 'q'
POST /register can create a user
POST /register downcases capitals in usernames
POST /register rejects registration of usernames with '!'
@ -352,162 +88,41 @@ POST /rooms/:room_id/ban can ban a user @@ -352,162 +88,41 @@ POST /rooms/:room_id/ban can ban a user
POST /rooms/:room_id/invite can send an invite
POST /rooms/:room_id/join can join a room
POST /rooms/:room_id/leave can leave a room
POST /rooms/:room_id/read_markers can create read marker
POST /rooms/:room_id/receipt can create receipts
POST /rooms/:room_id/redact/:event_id as original message sender redacts message
POST /rooms/:room_id/redact/:event_id as power user redacts message
POST /rooms/:room_id/redact/:event_id as random user does not redact message
POST /rooms/:room_id/send/:event_type sends a message
POST /rooms/:room_id/state/m.room.name sets name
POST /rooms/:room_id/state/m.room.topic sets topic
POST /rooms/:room_id/upgrade can upgrade a room version
POST rejects invalid utf-8 in JSON
POSTed media can be thumbnailed
PUT /device/{deviceId} gives a 404 for unknown devices
PUT /device/{deviceId} updates device fields
PUT /directory/room/:room_alias creates alias
PUT /profile/:user_id/avatar_url sets my avatar
PUT /profile/:user_id/displayname sets my name
PUT /rooms/:room_id/send/:event_type/:txn_id deduplicates the same txn id
PUT /rooms/:room_id/send/:event_type/:txn_id sends a message
PUT /rooms/:room_id/state/m.room.power_levels can set levels
PUT /rooms/:room_id/typing/:user_id sets typing notification
PUT power_levels should not explode if the old power levels were empty
Peeked rooms only turn up in the sync for the device who peeked them
Previously left rooms don't appear in the leave section of sync
Push rules come down in an initial /sync
Read markers appear in incremental v2 /sync
Read markers appear in initial v2 /sync
Read markers can be updated
Read receipts appear in initial v2 /sync
Real non-joined user cannot call /events on default room
Real non-joined user cannot call /events on invited room
Real non-joined user cannot call /events on joined room
Real non-joined user cannot call /events on shared room
Real non-joined users can get individual state for world_readable rooms
Real non-joined users can get individual state for world_readable rooms after leaving
Real non-joined users can get state for world_readable rooms
Real non-joined users cannot room initalSync for non-world_readable rooms
Real non-joined users cannot send messages to guest_access rooms if not joined
Receipts must be m.read
Redaction of a redaction redacts the redaction reason
Regular users can add and delete aliases in the default room configuration
Regular users can add and delete aliases when m.room.aliases is restricted
Regular users cannot create room aliases within the AS namespace
Regular users cannot register within the AS namespace
Remote media can be thumbnailed
Remote room alias queries can handle Unicode
Remote room members also see posted message events
Remote room members can get room messages
Remote user can backfill in a room with version 1
Remote user can backfill in a room with version 2
Remote user can backfill in a room with version 3
Remote user can backfill in a room with version 4
Remote user can backfill in a room with version 5
Remote user can backfill in a room with version 6
Remote users can join room by alias
Remote users may not join unfederated rooms
Request to logout with invalid an access token is rejected
Request to logout without an access token is rejected
Room aliases can contain Unicode
Room creation reports m.room.create to myself
Room creation reports m.room.member to myself
Room members can join a room with an overridden displayname
Room members can override their displayname on a room-specific basis
Room state at a rejected message event is the same as its predecessor
Room state at a rejected state event is the same as its predecessor
Rooms a user is invited to appear in an incremental sync
Rooms a user is invited to appear in an initial sync
Rooms can be created with an initial invite list (SYN-205)
Server correctly handles incoming m.device_list_update
Server correctly handles transactions that break edu limits
Server correctly resyncs when client query keys and there is no remote cache
Server correctly resyncs when server leaves and rejoins a room
Server rejects invalid JSON in a version 6 room
Setting room topic reports m.room.topic to myself
Should not be able to take over the room by pretending there is no PL event
Should reject keys claiming to belong to a different user
State from remote users is included in the state in the initial sync
State from remote users is included in the timeline in an incremental sync
State is included in the timeline in the initial sync
Sync can be polled for updates
Sync is woken up for leaves
Syncing a new room with a large timeline limit isn't limited
Tags appear in an initial v2 /sync
Trying to get push rules with unknown rule_id fails with 404
Typing can be explicitly stopped
Typing events appear in gapped sync
Typing events appear in incremental sync
Typing events appear in initial sync
Typing notification sent to local room members
Typing notifications also sent to remote room members
Typing notifications don't leak
Uninvited users cannot join the room
Unprivileged users can set m.room.topic if it only needs level 0
User appears in user directory
User can create and send/receive messages in a room with version 1
User can create and send/receive messages in a room with version 2
User can create and send/receive messages in a room with version 3
User can create and send/receive messages in a room with version 4
User can create and send/receive messages in a room with version 5
User can create and send/receive messages in a room with version 6
User can invite local user to room with version 1
User can invite local user to room with version 2
User can invite local user to room with version 3
User can invite local user to room with version 4
User can invite local user to room with version 5
User can invite local user to room with version 6
User can invite remote user to room with version 1
User can invite remote user to room with version 2
User can invite remote user to room with version 3
User can invite remote user to room with version 4
User can invite remote user to room with version 5
User can invite remote user to room with version 6
User directory correctly update on display name change
User in dir while user still shares private rooms
User in shared private room does appear in user directory
User is offline if they set_presence=offline in their sync
User signups are forbidden from starting with '_'
Users can't delete other's aliases
Users cannot invite a user that is already in the room
Users cannot invite themselves to a room
Users cannot kick users from a room they are not in
Users cannot kick users who have already left a room
Users cannot set ban powerlevel higher than their own
Users cannot set kick powerlevel higher than their own
Users cannot set notifications powerlevel higher than their own
Users cannot set redact powerlevel higher than their own
Users receive device_list updates for their own devices
Users with sufficient power-level can delete other's aliases
Version responds 200 OK with valid structure
We can't peek into rooms with invited history_visibility
We can't peek into rooms with joined history_visibility
We can't peek into rooms with shared history_visibility
We don't send redundant membership state across incremental syncs by default
We should see our own leave event when rejecting an invite, even if history_visibility is restricted (riot-web/3462)
We should see our own leave event, even if history_visibility is restricted (SYN-662)
Wildcard device messages over federation wake up /sync
Wildcard device messages wake up /sync
Wildcard device messages wake up /sync
avatar_url updates affect room member events
displayname updates affect room member events
local user can join room with version 1
local user can join room with version 2
local user can join room with version 3
local user can join room with version 4
local user can join room with version 5
local user can join room with version 6
m.room.history_visibility == "joined" allows/forbids appropriately for Guest users
m.room.history_visibility == "joined" allows/forbids appropriately for Real users
m.room.history_visibility == "world_readable" allows/forbids appropriately for Guest users
m.room.history_visibility == "world_readable" allows/forbids appropriately for Real users
query for user with no keys returns empty key dict
remote user can join room with version 1
remote user can join room with version 2
remote user can join room with version 3
remote user can join room with version 4
remote user can join room with version 5
remote user can join room with version 6
setting 'm.room.name' respects room powerlevel
setting 'm.room.power_levels' respects room powerlevel
Federation publicRoom Name/topic keys are correct

15
tests/test-config.toml
Unescape View File

@ -1,15 +0,0 @@ @@ -1,15 +0,0 @@
[global]
# Server runs in same container as tests do, so localhost is fine
server_name = "localhost"
# With a bit of luck /tmp is a RAM disk, so that the file system does not become the bottleneck while testing
database_path = "/tmp"
# All the other settings are left at their defaults:
port = 6167
max_request_size = 20_000_000
allow_registration = true
trusted_servers = ["matrix.org"]
address = "127.0.0.1"
proxy = "none"
Write Preview
Loading…
Cancel
Save