Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Behaviour of restricted rooms with no valid conditions is not clear #1891

Open
Kladki opened this issue Jun 27, 2024 · 2 comments · May be fixed by #1903
Open

Behaviour of restricted rooms with no valid conditions is not clear #1891

Kladki opened this issue Jun 27, 2024 · 2 comments · May be fixed by #1903
Labels
clarification An area where the expected behaviour is understood, but the spec could do with being more explicit

Comments

@Kladki
Copy link
Contributor

Kladki commented Jun 27, 2024

Link to problem area:

https://spec.matrix.org/v1.10/client-server-api/#restricted-rooms

Issue:

Currently, the spec states that:

If the room is restricted but no valid conditions are presented then the room is effectively invite only.

The problem here is that there seems to be multiple interpretations of this, those being:

  • Taking this literally, using the exact rules of invite join rule when this is the case
  • Taking this as a figure of speech, as for the most the room should act as if it was invite, since servers shouldn't ever authorize joins

The key difference between these two cases is that with the latter, a join can still be authorized via join_authorised_via_users_server, despite the fact that servers shouldn't be doing this. With the former, such a join wouldn't be authorized.

So which interpretation does the spec intend to abide by?
@Kladki Kladki added the clarification An area where the expected behaviour is understood, but the spec could do with being more explicit label Jun 27, 2024
@Kladki Kladki mentioned this issue Jun 27, 2024
Draft
@clokep
Copy link
Contributor

clokep commented Jun 27, 2024

Taking this as a figure of speech, as for the most the room should act as if it was invite, since servers shouldn't ever authorize joins

It is not literal, it is meant to explain in normal words what happens if you fail to define any conditions.

The key difference between these two cases is that with the latter, a join can still be authorized via join_authorised_via_users_server, despite the fact that servers shouldn't be doing this. With the former, such a join wouldn't be authorized.

I don't think this was really considered, but I think the logic still holds up -- the user in join_authorised_via_users_server could have issued an invite so I don't think there's an "auth leak" of any sort. Shout if I'm wrong though!

@Kladki
Copy link
Contributor Author

Kladki commented Jun 27, 2024

It is not literal, it is meant to explain in normal words what happens if you fail to define any conditions.

As I thought. I will try adjust the wording, since there was some confusion caused by this.

@Kladki Kladki linked a pull request Jul 6, 2024 that will close this issue
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
clarification An area where the expected behaviour is understood, but the spec could do with being more explicit
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

remove confusing description of restricted rooms with no valid conditions Kladki/matrix-spec
2 participants
@clokep @Kladki