Clarification regarding authorisation rules

The rules for m.room.power_levels power were somewhat unclear regarding the behaviour towards the always present keys, such as kick and ban. Additionally, it is now also clarified that in the users and events dictionary also added and removed keys are taken into consideration.
pull/977/head
Luca Becker 5 years ago committed by GitHub
parent 7b0f5ea77b
commit 15994c61a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -243,14 +243,15 @@ The rules are as follows:
#. If there is no previous ``m.room.power_levels`` event in the room, allow. #. If there is no previous ``m.room.power_levels`` event in the room, allow.
#. For each of the keys ``users_default``, ``events_default``, #. For the keys ``users_default``, ``events_default``,
``state_default``, ``ban``, ``redact``, ``kick``, ``invite``, as well as ``state_default``, ``ban``, ``redact``, ``kick``, ``invite`` check if they were changed.
each entry being changed under the ``events`` or ``users`` keys: For each of the changed keys, as well as
each entry being added, changed or removed under the ``events`` or ``users`` keys:
i. If the current value is higher than the ``sender``'s current power level, i. If the current value is present and higher than the ``sender``'s current power level,
reject. reject.
#. If the new value is higher than the ``sender``'s current power level, #. If the new value is present and higher than the ``sender``'s current power level,
reject. reject.
#. For each entry being changed under the ``users`` key, other than the #. For each entry being changed under the ``users`` key, other than the

Loading…
Cancel
Save