Add guest changes to spec: MSC3069 and MSC3419 (#3605)

* Add MSC3069 support

https://github.com/matrix-org/matrix-doc/pull/3069

* Add MSC3419 support

https://github.com/matrix-org/matrix-doc/pull/3419

* Normalize and fix guest access endpoints list

* Changelogs
This commit is contained in:
Travis Ralston 2022-01-04 20:29:40 -07:00 committed by GitHub
parent 00169abcdb
commit 26e0765159
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 45 additions and 20 deletions

View file

@ -0,0 +1 @@
Add `is_guest` to `/account/whoami` as per [MSC3069](https://github.com/matrix-org/matrix-doc/pull/3069).

View file

@ -0,0 +1 @@
Expand guest access to sending any room event and state event as per [MSC3419](https://github.com/matrix-org/matrix-doc/pull/3419).

View file

@ -38,38 +38,43 @@ rather than allowing all homeservers to enforce the rules on each other.
The following API endpoints are allowed to be accessed by guest accounts The following API endpoints are allowed to be accessed by guest accounts
for retrieving events: for retrieving events:
- [GET /rooms/:room\_id/state](#get_matrixclientv3roomsroomidstate) * [GET /rooms/{roomId}/state](#get_matrixclientv3roomsroomidstate)
- [GET /rooms/:room\_id/context/:event\_id](#get_matrixclientv3roomsroomidcontexteventid) * [GET /rooms/{roomId}/context/{eventId}](#get_matrixclientv3roomsroomidcontexteventid)
- [GET /rooms/:room\_id/event/:event\_id](#get_matrixclientv3roomsroomideventeventid) * [GET /rooms/{roomId}/event/{eventId}](#get_matrixclientv3roomsroomideventeventid)
- [GET /rooms/:room\_id/state/:event\_type/:state\_key](#get_matrixclientv3roomsroomidstateeventtypestatekey) * [GET /rooms/{roomId}/state/{eventType}/{stateKey}](#get_matrixclientv3roomsroomidstateeventtypestatekey)
- [GET /rooms/:room\_id/messages](#get_matrixclientv3roomsroomidmessages) * [GET /rooms/{roomId}/messages](#get_matrixclientv3roomsroomidmessages)
- {{% added-in v="1.1" %}} [GET /rooms/:room\_id/members](#get_matrixclientv3roomsroomidmembers) * {{< added-in v="1.1" >}} [GET /rooms/{roomId}/members](#get_matrixclientv3roomsroomidmembers)
- [GET /rooms/:room\_id/initialSync](#get_matrixclientv3roomsroomidinitialsync) * [GET /rooms/{roomId}/initialSync](#get_matrixclientv3roomsroomidinitialsync)
- [GET /sync](#get_matrixclientv3sync) * [GET /sync](#get_matrixclientv3sync)
- [GET /events](#get_matrixclientv3events) as used for room previews. * [GET /events](#get_matrixclientv3events) as used for room previews.
The following API endpoints are allowed to be accessed by guest accounts The following API endpoints are allowed to be accessed by guest accounts
for sending events: for sending events:
- [POST /rooms/:room\_id/join](#post_matrixclientv3roomsroomidjoin) * [POST /rooms/{roomId}/join](#post_matrixclientv3roomsroomidjoin)
- [POST /rooms/:room\_id/leave](#post_matrixclientv3roomsroomidleave) * [POST /rooms/{roomId}/leave](#post_matrixclientv3roomsroomidleave)
- [PUT /rooms/:room\_id/send/m.room.message/:txn\_id](#put_matrixclientv3roomsroomidsendeventtypetxnid) * [PUT /rooms/{roomId}/send/{eventType}/{txnId}](#put_matrixclientv3roomsroomidsendeventtypetxnid)
- [PUT /sendToDevice/{eventType}/{txnId}](#put_matrixclientv3sendtodeviceeventtypetxnid)
* {{< changed-in v="1.2" >}} Guests can now send *any* event type rather than just `m.room.message` events.
* {{< added-in v="1.2" >}} [PUT /rooms/{roomId}/state/{eventType}/{stateKey}](#put_matrixclientv3roomsroomidstateeventtypestatekey)
* [PUT /sendToDevice/{eventType}/{txnId}](#put_matrixclientv3sendtodeviceeventtypetxnid)
The following API endpoints are allowed to be accessed by guest accounts The following API endpoints are allowed to be accessed by guest accounts
for their own account maintenance: for their own account maintenance:
- [PUT /profile/:user\_id/displayname](#put_matrixclientv3profileuseriddisplayname) * [PUT /profile/{userId}/displayname](#put_matrixclientv3profileuseriddisplayname)
- [GET /devices](#get_matrixclientv3devices) * [GET /devices](#get_matrixclientv3devices)
- [GET /devices/{deviceId}](#get_matrixclientv3devicesdeviceid) * [GET /devices/{deviceId}](#get_matrixclientv3devicesdeviceid)
- [PUT /devices/{deviceId}](#put_matrixclientv3devicesdeviceid) * [PUT /devices/{deviceId}](#put_matrixclientv3devicesdeviceid)
* {{< added-in v="1.2" >}} [GET /account/whoami](#get_matrixclientv3accountwhoami)
The following API endpoints are allowed to be accessed by guest accounts The following API endpoints are allowed to be accessed by guest accounts
for end-to-end encryption: for end-to-end encryption:
- [POST /keys/upload](#post_matrixclientv3keysupload) * [POST /keys/upload](#post_matrixclientv3keysupload)
- [POST /keys/query](#post_matrixclientv3keysquery) * [POST /keys/query](#post_matrixclientv3keysquery)
- [POST /keys/claim](#post_matrixclientv3keysclaim) * [POST /keys/claim](#post_matrixclientv3keysclaim)
#### Server behaviour #### Server behaviour
@ -88,3 +93,6 @@ properly enforce the permissions outlined in this section.
Homeservers may want to enable protections such as captchas for guest Homeservers may want to enable protections such as captchas for guest
registration to prevent spam, denial of service, and similar attacks. registration to prevent spam, denial of service, and similar attacks.
Homeservers may want to put stricter rate limits on guest accounts,
particularly for sending state events.

View file

@ -65,6 +65,13 @@ paths:
is associated with the access token (such as in the case is associated with the access token (such as in the case
of application services) then this field can be omitted. of application services) then this field can be omitted.
Otherwise this is required. Otherwise this is required.
is_guest:
x-addedInMatrixVersion: "1.2"
type: boolean
description: |-
When `true`, the user is a [Guest User](#guest-access). When
not present or `false`, the user is presumed to be a non-guest
user.
401: 401:
description: description:
The token is not recognised The token is not recognised

View file

@ -0,0 +1,8 @@
{{ $ver := .Params.v }}
{{ $this := .Params.this }}
{{ if $this }}
<span>**[Changed in this version]**</span>
{{ else }}
<span>**[Changed in `v{{ $ver }}`]**</span>
{{ end }} {{/* Do not leave an empty line at the end of this file otherwise the inline behaviour breaks. */}}