Merge commit '731dfff34' into anoa/dinsic_release_1_21_x

* commit '731dfff34': Ensure a group ID is valid before trying to get rooms for it. (#8129)
2020-10-20 15:11:08 +01:00
parent 0c1ddde918 731dfff347
commit 6b4886ec6d
2 changed files with 5 additions and 0 deletions
--- a/changelog.d/8129.bugfix
+++ b/changelog.d/8129.bugfix
@@ -0,0 +1 @@
+Return a proper error code when the rooms of an invalid group are requested.
--- a/synapse/rest/client/v2_alpha/groups.py
+++ b/synapse/rest/client/v2_alpha/groups.py
@@ -16,6 +16,7 @@

 import logging

+from synapse.api.errors import SynapseError
 from synapse.http.servlet import RestServlet, parse_json_object_from_request
 from synapse.types import GroupID

@@ -325,6 +326,9 @@ class GroupRoomServlet(RestServlet):
        requester = await self.auth.get_user_by_req(request, allow_guest=True)
        requester_user_id = requester.user.to_string()

+        if not GroupID.is_valid(group_id):
+            raise SynapseError(400, "%s was not legal group ID" % (group_id,))
+
        result = await self.groups_handler.get_rooms_in_group(
            group_id, requester_user_id
        )
				`@@ -0,0 +1 @@`
				`Return a proper error code when the rooms of an invalid group are requested.`