Talk about how to deal with unauthorized events
This commit is contained in:
Erik Johnston
parent
b8d5fa724c
commit
1eacc25a18
1 changed files with 17 additions and 0 deletions
|
|
@ -94,3 +94,20 @@ A user may send an event if all the following hold true:
|
||||||
user must have at least that power level. Otherwise, the user must have a
|
user must have at least that power level. Otherwise, the user must have a
|
||||||
power level of at least `events_default` or `state_default`, depending on
|
power level of at least `events_default` or `state_default`, depending on
|
||||||
if the event is a message or state event respectively.
|
if the event is a message or state event respectively.
|
||||||
|
|
||||||
|
|
||||||
|
Unauthorized events
|
||||||
|
-------------------
|
||||||
|
|
||||||
|
An unauthorized event should not be accepted into the event graph, i.e. new
|
||||||
|
events should not reference any unauthorized events. There are situations where
|
||||||
|
this can happen and so it is not considered an error to include an unauthorized
|
||||||
|
event in the event graph. It is an error for events to refer unauthorized
|
||||||
|
events in their `auth_events` section and will in turn be considered
|
||||||
|
unauthorized.
|
||||||
|
|
||||||
|
A server may choose to store only the redacted form of an unauthorized event if
|
||||||
|
it is included in the event graph.
|
||||||
|
|
||||||
|
A server may emit a warning to a remote server if it references an event it
|
||||||
|
considers unauthorized.
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue