use std::{fmt, mem};
use serde::Serialize;
use serde_json::Value as JsonValue;
mod value;
pub use self::value::{CanonicalJsonObject, CanonicalJsonValue};
use crate::{serde::Raw, RoomVersionId};
#[cfg(feature = "canonical-json")]
#[derive(Debug)]
#[allow(clippy::exhaustive_enums)]
pub enum CanonicalJsonError {
IntConvert,
SerDe(serde_json::Error),
}
impl fmt::Display for CanonicalJsonError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
CanonicalJsonError::IntConvert => {
f.write_str("number found is not a valid `js_int::Int`")
}
CanonicalJsonError::SerDe(err) => write!(f, "serde Error: {err}"),
}
}
}
impl std::error::Error for CanonicalJsonError {}
#[cfg(feature = "canonical-json")]
#[derive(Debug)]
#[cfg_attr(not(ruma_unstable_exhaustive_types), non_exhaustive)]
pub enum RedactionError {
#[cfg_attr(not(ruma_unstable_exhaustive_types), non_exhaustive)]
NotOfType {
field: String,
of_type: JsonType,
},
JsonFieldMissingFromObject(String),
}
impl fmt::Display for RedactionError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
RedactionError::NotOfType { field, of_type } => {
write!(f, "Value in {field:?} must be a JSON {of_type:?}")
}
RedactionError::JsonFieldMissingFromObject(field) => {
write!(f, "JSON object must contain the field {field:?}")
}
}
}
}
impl std::error::Error for RedactionError {}
impl RedactionError {
fn not_of_type(target: &str, of_type: JsonType) -> Self {
Self::NotOfType { field: target.to_owned(), of_type }
}
fn field_missing_from_object(target: &str) -> Self {
Self::JsonFieldMissingFromObject(target.to_owned())
}
}
#[derive(Debug)]
#[allow(clippy::exhaustive_enums)]
pub enum JsonType {
Object,
String,
Integer,
Array,
Boolean,
Null,
}
pub fn try_from_json_map(
json: serde_json::Map<String, JsonValue>,
) -> Result<CanonicalJsonObject, CanonicalJsonError> {
json.into_iter().map(|(k, v)| Ok((k, v.try_into()?))).collect()
}
pub fn to_canonical_value<T: Serialize>(
value: T,
) -> Result<CanonicalJsonValue, CanonicalJsonError> {
serde_json::to_value(value).map_err(CanonicalJsonError::SerDe)?.try_into()
}
#[derive(Clone, Debug)]
pub struct RedactedBecause(CanonicalJsonObject);
impl RedactedBecause {
pub fn from_json(obj: CanonicalJsonObject) -> Self {
Self(obj)
}
pub fn from_raw_event(ev: &Raw<impl RedactionEvent>) -> serde_json::Result<Self> {
ev.deserialize_as().map(Self)
}
}
pub trait RedactionEvent {}
pub fn redact(
mut object: CanonicalJsonObject,
version: &RoomVersionId,
redacted_because: Option<RedactedBecause>,
) -> Result<CanonicalJsonObject, RedactionError> {
redact_in_place(&mut object, version, redacted_because)?;
Ok(object)
}
pub fn redact_in_place(
event: &mut CanonicalJsonObject,
version: &RoomVersionId,
redacted_because: Option<RedactedBecause>,
) -> Result<(), RedactionError> {
let allowed_content_keys = match event.get("type") {
Some(CanonicalJsonValue::String(event_type)) => {
allowed_content_keys_for(event_type, version)
}
Some(_) => return Err(RedactionError::not_of_type("type", JsonType::String)),
None => return Err(RedactionError::field_missing_from_object("type")),
};
if let Some(content_value) = event.get_mut("content") {
let content = match content_value {
CanonicalJsonValue::Object(map) => map,
_ => return Err(RedactionError::not_of_type("content", JsonType::Object)),
};
object_retain_keys(content, allowed_content_keys)?;
}
let mut old_event = mem::take(event);
for &key in allowed_event_keys_for(version) {
if let Some(value) = old_event.remove(key) {
event.insert(key.to_owned(), value);
}
}
if let Some(redacted_because) = redacted_because {
let unsigned = CanonicalJsonObject::from_iter([(
"redacted_because".to_owned(),
redacted_because.0.into(),
)]);
event.insert("unsigned".to_owned(), unsigned.into());
}
Ok(())
}
pub fn redact_content_in_place(
object: &mut CanonicalJsonObject,
version: &RoomVersionId,
event_type: impl AsRef<str>,
) -> Result<(), RedactionError> {
object_retain_keys(object, allowed_content_keys_for(event_type.as_ref(), version))
}
fn object_retain_keys(
object: &mut CanonicalJsonObject,
allowed_keys: &AllowedKeys,
) -> Result<(), RedactionError> {
match *allowed_keys {
AllowedKeys::All => {}
AllowedKeys::Some { keys, nested } => {
object_retain_some_keys(object, keys, nested)?;
}
AllowedKeys::None => {
object.clear();
}
}
Ok(())
}
fn object_retain_some_keys(
object: &mut CanonicalJsonObject,
keys: &[&str],
nested: &[(&str, &AllowedKeys)],
) -> Result<(), RedactionError> {
let mut old_object = mem::take(object);
for &(nested_key, nested_allowed_keys) in nested {
if let Some((key, mut nested_object_value)) = old_object.remove_entry(nested_key) {
let nested_object = match &mut nested_object_value {
CanonicalJsonValue::Object(map) => map,
_ => return Err(RedactionError::not_of_type(nested_key, JsonType::Object)),
};
object_retain_keys(nested_object, nested_allowed_keys)?;
if !nested_object.is_empty() {
object.insert(key, nested_object_value);
}
}
}
for &key in keys {
if let Some((key, value)) = old_object.remove_entry(key) {
object.insert(key, value);
}
}
Ok(())
}
fn allowed_event_keys_for(version: &RoomVersionId) -> &'static [&'static str] {
match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7
| RoomVersionId::V8
| RoomVersionId::V9
| RoomVersionId::V10 => &[
"event_id",
"type",
"room_id",
"sender",
"state_key",
"content",
"hashes",
"signatures",
"depth",
"prev_events",
"prev_state",
"auth_events",
"origin",
"origin_server_ts",
"membership",
],
_ => &[
"event_id",
"type",
"room_id",
"sender",
"state_key",
"content",
"hashes",
"signatures",
"depth",
"prev_events",
"auth_events",
"origin_server_ts",
],
}
}
#[derive(Clone, Copy)]
enum AllowedKeys {
All,
Some {
keys: &'static [&'static str],
nested: &'static [(&'static str, &'static AllowedKeys)],
},
None,
}
impl AllowedKeys {
const fn some(keys: &'static [&'static str]) -> Self {
Self::Some { keys, nested: &[] }
}
const fn some_nested(
keys: &'static [&'static str],
nested: &'static [(&'static str, &'static AllowedKeys)],
) -> Self {
Self::Some { keys, nested }
}
}
static ROOM_MEMBER_V1: AllowedKeys = AllowedKeys::some(&["membership"]);
static ROOM_MEMBER_V9: AllowedKeys =
AllowedKeys::some(&["membership", "join_authorised_via_users_server"]);
static ROOM_MEMBER_V11: AllowedKeys = AllowedKeys::some_nested(
&["membership", "join_authorised_via_users_server"],
&[("third_party_invite", &ROOM_MEMBER_THIRD_PARTY_INVITE_V11)],
);
static ROOM_MEMBER_THIRD_PARTY_INVITE_V11: AllowedKeys = AllowedKeys::some(&["signed"]);
static ROOM_CREATE_V1: AllowedKeys = AllowedKeys::some(&["creator"]);
static ROOM_JOIN_RULES_V1: AllowedKeys = AllowedKeys::some(&["join_rule"]);
static ROOM_JOIN_RULES_V8: AllowedKeys = AllowedKeys::some(&["join_rule", "allow"]);
static ROOM_POWER_LEVELS_V1: AllowedKeys = AllowedKeys::some(&[
"ban",
"events",
"events_default",
"kick",
"redact",
"state_default",
"users",
"users_default",
]);
static ROOM_POWER_LEVELS_V11: AllowedKeys = AllowedKeys::some(&[
"ban",
"events",
"events_default",
"invite",
"kick",
"redact",
"state_default",
"users",
"users_default",
]);
static ROOM_ALIASES_V1: AllowedKeys = AllowedKeys::some(&["aliases"]);
#[cfg(feature = "unstable-msc2870")]
static ROOM_SERVER_ACL_MSC2870: AllowedKeys =
AllowedKeys::some(&["allow", "deny", "allow_ip_literals"]);
static ROOM_HISTORY_VISIBILITY_V1: AllowedKeys = AllowedKeys::some(&["history_visibility"]);
static ROOM_REDACTION_V11: AllowedKeys = AllowedKeys::some(&["redacts"]);
fn allowed_content_keys_for(event_type: &str, version: &RoomVersionId) -> &'static AllowedKeys {
match event_type {
"m.room.member" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7
| RoomVersionId::V8 => &ROOM_MEMBER_V1,
RoomVersionId::V9 | RoomVersionId::V10 => &ROOM_MEMBER_V9,
_ => &ROOM_MEMBER_V11,
},
"m.room.create" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7
| RoomVersionId::V8
| RoomVersionId::V9
| RoomVersionId::V10 => &ROOM_CREATE_V1,
_ => &AllowedKeys::All,
},
"m.room.join_rules" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7 => &ROOM_JOIN_RULES_V1,
_ => &ROOM_JOIN_RULES_V8,
},
"m.room.power_levels" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7
| RoomVersionId::V8
| RoomVersionId::V9
| RoomVersionId::V10 => &ROOM_POWER_LEVELS_V1,
_ => &ROOM_POWER_LEVELS_V11,
},
"m.room.aliases" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5 => &ROOM_ALIASES_V1,
_ => &AllowedKeys::None,
},
#[cfg(feature = "unstable-msc2870")]
"m.room.server_acl" if version.as_str() == "org.matrix.msc2870" => &ROOM_SERVER_ACL_MSC2870,
"m.room.history_visibility" => &ROOM_HISTORY_VISIBILITY_V1,
"m.room.redaction" => match version {
RoomVersionId::V1
| RoomVersionId::V2
| RoomVersionId::V3
| RoomVersionId::V4
| RoomVersionId::V5
| RoomVersionId::V6
| RoomVersionId::V7
| RoomVersionId::V8
| RoomVersionId::V9
| RoomVersionId::V10 => &AllowedKeys::None,
_ => &ROOM_REDACTION_V11,
},
_ => &AllowedKeys::None,
}
}
#[cfg(test)]
mod tests {
use std::collections::BTreeMap;
use assert_matches2::assert_matches;
use js_int::int;
use serde_json::{
from_str as from_json_str, json, to_string as to_json_string, to_value as to_json_value,
};
use super::{
redact_in_place, to_canonical_value, try_from_json_map, value::CanonicalJsonValue,
};
use crate::RoomVersionId;
#[test]
fn serialize_canon() {
let json: CanonicalJsonValue = json!({
"a": [1, 2, 3],
"other": { "stuff": "hello" },
"string": "Thing"
})
.try_into()
.unwrap();
let ser = to_json_string(&json).unwrap();
let back = from_json_str::<CanonicalJsonValue>(&ser).unwrap();
assert_eq!(json, back);
}
#[test]
fn check_canonical_sorts_keys() {
let json: CanonicalJsonValue = json!({
"auth": {
"success": true,
"mxid": "@john.doe:example.com",
"profile": {
"display_name": "John Doe",
"three_pids": [
{
"medium": "email",
"address": "john.doe@example.org"
},
{
"medium": "msisdn",
"address": "123456789"
}
]
}
}
})
.try_into()
.unwrap();
assert_eq!(
to_json_string(&json).unwrap(),
r#"{"auth":{"mxid":"@john.doe:example.com","profile":{"display_name":"John Doe","three_pids":[{"address":"john.doe@example.org","medium":"email"},{"address":"123456789","medium":"msisdn"}]},"success":true}}"#
);
}
#[test]
fn serialize_map_to_canonical() {
let mut expected = BTreeMap::new();
expected.insert("foo".into(), CanonicalJsonValue::String("string".into()));
expected.insert(
"bar".into(),
CanonicalJsonValue::Array(vec![
CanonicalJsonValue::Integer(int!(0)),
CanonicalJsonValue::Integer(int!(1)),
CanonicalJsonValue::Integer(int!(2)),
]),
);
let mut map = serde_json::Map::new();
map.insert("foo".into(), json!("string"));
map.insert("bar".into(), json!(vec![0, 1, 2,]));
assert_eq!(try_from_json_map(map).unwrap(), expected);
}
#[test]
fn to_canonical() {
#[derive(Debug, serde::Serialize)]
struct Thing {
foo: String,
bar: Vec<u8>,
}
let t = Thing { foo: "string".into(), bar: vec![0, 1, 2] };
let mut expected = BTreeMap::new();
expected.insert("foo".into(), CanonicalJsonValue::String("string".into()));
expected.insert(
"bar".into(),
CanonicalJsonValue::Array(vec![
CanonicalJsonValue::Integer(int!(0)),
CanonicalJsonValue::Integer(int!(1)),
CanonicalJsonValue::Integer(int!(2)),
]),
);
assert_eq!(to_canonical_value(t).unwrap(), CanonicalJsonValue::Object(expected));
}
#[test]
fn redact_allowed_keys_some() {
let original_event = json!({
"content": {
"ban": 50,
"events": {
"m.room.avatar": 50,
"m.room.canonical_alias": 50,
"m.room.history_visibility": 100,
"m.room.name": 50,
"m.room.power_levels": 100
},
"events_default": 0,
"invite": 0,
"kick": 50,
"redact": 50,
"state_default": 50,
"users": {
"@example:localhost": 100
},
"users_default": 0
},
"event_id": "$15139375512JaHAW:localhost",
"origin_server_ts": 45,
"sender": "@example:localhost",
"room_id": "!room:localhost",
"state_key": "",
"type": "m.room.power_levels",
"unsigned": {
"age": 45
}
});
assert_matches!(
CanonicalJsonValue::try_from(original_event),
Ok(CanonicalJsonValue::Object(mut object))
);
redact_in_place(&mut object, &RoomVersionId::V1, None).unwrap();
let redacted_event = to_json_value(&object).unwrap();
assert_eq!(
redacted_event,
json!({
"content": {
"ban": 50,
"events": {
"m.room.avatar": 50,
"m.room.canonical_alias": 50,
"m.room.history_visibility": 100,
"m.room.name": 50,
"m.room.power_levels": 100
},
"events_default": 0,
"kick": 50,
"redact": 50,
"state_default": 50,
"users": {
"@example:localhost": 100
},
"users_default": 0
},
"event_id": "$15139375512JaHAW:localhost",
"origin_server_ts": 45,
"sender": "@example:localhost",
"room_id": "!room:localhost",
"state_key": "",
"type": "m.room.power_levels",
})
);
}
#[test]
fn redact_allowed_keys_none() {
let original_event = json!({
"content": {
"aliases": ["#somewhere:localhost"]
},
"event_id": "$152037280074GZeOm:localhost",
"origin_server_ts": 1,
"sender": "@example:localhost",
"state_key": "room.com",
"room_id": "!room:room.com",
"type": "m.room.aliases",
"unsigned": {
"age": 1
}
});
assert_matches!(
CanonicalJsonValue::try_from(original_event),
Ok(CanonicalJsonValue::Object(mut object))
);
redact_in_place(&mut object, &RoomVersionId::V10, None).unwrap();
let redacted_event = to_json_value(&object).unwrap();
assert_eq!(
redacted_event,
json!({
"content": {},
"event_id": "$152037280074GZeOm:localhost",
"origin_server_ts": 1,
"sender": "@example:localhost",
"state_key": "room.com",
"room_id": "!room:room.com",
"type": "m.room.aliases",
})
);
}
#[test]
fn redact_allowed_keys_all() {
let original_event = json!({
"content": {
"m.federate": true,
"predecessor": {
"event_id": "$something",
"room_id": "!oldroom:example.org"
},
"room_version": "11",
},
"event_id": "$143273582443PhrSn",
"origin_server_ts": 1_432_735,
"room_id": "!jEsUZKDJdhlrceRyVU:example.org",
"sender": "@example:example.org",
"state_key": "",
"type": "m.room.create",
"unsigned": {
"age": 1234,
},
});
assert_matches!(
CanonicalJsonValue::try_from(original_event),
Ok(CanonicalJsonValue::Object(mut object))
);
redact_in_place(&mut object, &RoomVersionId::V11, None).unwrap();
let redacted_event = to_json_value(&object).unwrap();
assert_eq!(
redacted_event,
json!({
"content": {
"m.federate": true,
"predecessor": {
"event_id": "$something",
"room_id": "!oldroom:example.org"
},
"room_version": "11",
},
"event_id": "$143273582443PhrSn",
"origin_server_ts": 1_432_735,
"room_id": "!jEsUZKDJdhlrceRyVU:example.org",
"sender": "@example:example.org",
"state_key": "",
"type": "m.room.create",
})
);
}
}