Remove outdated text saying that state_default defaults to 0 (#1479)

There was substantial confusion around this, but I've done some archaeology.

Basically, this was changed back in r0.5.0 by MSC1304 and matrix-org/synapse#3397. Before that, it was indeed the case that state_default was 0 if there was no m.room.power_levels event, but that was confusing and a source of security holes, so we changed it.

matrix-org/matrix-spec-proposals#1656 changed the spec, but apparently overlooked the text in the description.

Reverts: #1478.
Fixes: #861.
pull/1483/head
Richard van der Hoff 2 years ago committed by GitHub
parent d222fc60d6
commit 91b2f77e0e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -1 +0,0 @@
Further clarify that `state_default` on `m.room.power_levels` is 0 when no power levels event is in the room.

@ -0,0 +1 @@
Remove outdated text saying that `state_default` is 0 if there is no `m.room.power_levels` event in a room.

@ -18,11 +18,10 @@ description: |-
`events_default` for Message Events and `state_default` for State
Events.
If there is no `state_default` in the `m.room.power_levels` event, the
`state_default` is 50. If there is no `events_default` in the
`m.room.power_levels` event, the `events_default` is 0. If the room
contains no `m.room.power_levels` event, *both* the `state_default` and
`events_default` are 0.
If there is no `state_default` in the `m.room.power_levels` event, or
there is no `m.room.power_levels` event, the `state_default` is 50.
If there is no `events_default` in the `m.room.power_levels` event,
or there is no `m.room.power_levels` event, the `events_default` is 0.
The power level required to invite a user to the room, kick a user from the
room, ban a user from the room, or redact an event sent by another user, is
@ -33,15 +32,6 @@ description: |-
**Note:**
As noted above, in the absence of an `m.room.power_levels` event, the
`state_default` is 0, and all users are considered to have power level 0.
That means that **any** member of the room can send an
`m.room.power_levels` event, changing the permissions in the room.
Server implementations should therefore ensure that each room has an
`m.room.power_levels` event as soon as it is created. See also the
documentation of the `/createRoom` API.
The allowed range for power level values is `[-(2**53)+1, (2**53)-1]`,
as required by the [Canonical JSON specification](/appendices/#canonical-json).
@ -75,9 +65,6 @@ properties:
description: |-
The default level required to send state events. Can be overridden
by the `events` key. Defaults to 50 if unspecified.
**Note**: When there is no `m.room.power_levels` event in the room, this defaults
to 0. See description for more information.
type: integer
users:
additionalProperties:
@ -87,9 +74,11 @@ properties:
type: object
users_default:
description: |-
The default power level for every user in the room, unless their
`user_id` is mentioned in the `users` key. Defaults to 0 if
The power level for users in the room whose `user_id` is not mentioned in the `users` key. Defaults to 0 if
unspecified.
**Note**: When there is no `m.room.power_levels` event in the room, the room creator has
a power level of 100, and all other users have a power level of 0.
type: integer
notifications:
properties:

Loading…
Cancel
Save