spectators: Add comments and assertions on security model.

These tweaks help make reasoning about the spectators security model easier to understand.
2020-10-07 17:26:30 +05:30 · 2020-10-07 17:26:30 +05:30 · dff4ab0daf
parent d1d0e484ea
commit dff4ab0daf
2 changed files with 10 additions and 0 deletions
--- a/zerver/lib/events.py
+++ b/zerver/lib/events.py
@ -577,6 +577,12 @@ def fetch_initial_state_data(
        # abuse.
        state["giphy_api_key"] = settings.GIPHY_API_KEY if settings.GIPHY_API_KEY else ""

+    if user_profile is None:
+        # To ensure we have the correct user state set.
+        assert state["is_admin"] is False
+        assert state["is_owner"] is False
+        assert state["is_guest"] is True
+
    return state


--- a/zerver/views/message_fetch.py
+++ b/zerver/views/message_fetch.py
@ -965,6 +965,10 @@ def get_messages_backend(
        # cases of web-public queries (where we should return the
        # web-public results only) and clients with buggy
        # authentication code (where we should return an auth error).
+        #
+        # GetOldMessagesTest.test_unauthenticated_* tests ensure
+        # that we are not leaking any secure data (private messages and
+        # non web-public-stream messages) via this path.
        if not is_web_public_narrow(narrow):
            raise MissingAuthenticationError()
        assert narrow is not None