Fall back to checking power levels when sourcing local restricted join users#19321
Merged
MadLittleMods merged 4 commits intoelement-hq:developfrom Jan 12, 2026
Merged
Conversation
… users Signed-off-by: timedout <git@nexy7574.co.uk>
Signed-off-by: timedout <git@nexy7574.co.uk>
| chosen_user = local_creators.pop() # random creator | ||
| user_power_level = CREATOR_POWER_LEVEL | ||
| else: | ||
| if chosen_user is None: |
Contributor
There was a problem hiding this comment.
This kind of change deserves a test of some sort to ensure we don't regress into the future. It's probably easiest to write a Complement test to setup this kind of scenario. Is this something you'd be comfortable with tackling?
Probably something in tests/restricted_rooms_test.go
As an example of running Complement tests for the Synapse project, here is how to run a single test:
COMPLEMENT_DIR=../complement ./scripts-dev/complement.sh ./tests -run TestRestrictedRoomsLocalJoin
(checkout the complement repo as a sibling to the synapse repo)
Contributor
Author
There was a problem hiding this comment.
Sure, I'll give it a shot
Contributor
Author
There was a problem hiding this comment.
Opened matrix-org/complement#836, let me know if I missed a step or anything.
Contributor
There was a problem hiding this comment.
The Complement tests look good 👍. Thank you for creating a PR there as well. We will just wait to merge this PR until the Complement side is close to merge as well ⏩
1 task
MadLittleMods
approved these changes
Dec 30, 2025
| chosen_user = local_creators.pop() # random creator | ||
| user_power_level = CREATOR_POWER_LEVEL | ||
| else: | ||
| if chosen_user is None: |
Contributor
There was a problem hiding this comment.
The fix itself looks good 👍
In terms of the surrounding context, it's weird that we use both get_users_which_can_issue_invite(...) and get_user_which_could_invite(...) as the disparity between them is what's causing the problem in the first place. As a follow-up PR, it would probably be good to settle one direction or the other.
synapse/synapse/handlers/room_member.py
Lines 1308 to 1341 in 7a24faf
Co-authored-by: Eric Eastwood <madlittlemods@gmail.com>
MadLittleMods
pushed a commit
to matrix-org/complement
that referenced
this pull request
Jan 12, 2026
Adds a test to prevent regressions fixed by element-hq/synapse#19321. Reproduce element-hq/synapse#19120
alexlebens
pushed a commit
to alexlebens/infrastructure
that referenced
this pull request
Jan 27, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [element-hq/synapse](https://github.com/element-hq/synapse) | minor | `1.145.0` → `1.146.0` | --- >⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>element-hq/synapse (element-hq/synapse)</summary> ### [`v1.146.0`](https://github.com/element-hq/synapse/releases/tag/v1.146.0) [Compare Source](element-hq/synapse@v1.145.0...v1.146.0rc1) ### Synapse 1.146.0 (2026-01-27) No significant changes since 1.146.0rc1. #### Deprecations and Removals - [MSC2697](matrix-org/matrix-spec-proposals#2697) (Dehydrated devices) has been removed, as the MSC is closed. Developers should migrate to [MSC3814](matrix-org/matrix-spec-proposals#3814). ([#​19346](element-hq/synapse#19346)) - Support for Ubuntu 25.04 (Plucky Puffin) has been dropped. Synapse no longer builds debian packages for Ubuntu 25.04. ### Synapse 1.146.0rc1 (2026-01-20) #### Features - Add a new config option [`enable_local_media_storage`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#enable_local_media_storage) which controls whether media is additionally stored locally when using configured `media_storage_providers`. Setting this to `false` allows off-site media storage without a local cache. Contributed by Patrice Brend'amour [@​dr](https://github.com/dr).allgood. ([#​19204](element-hq/synapse#19204)) - Stabilise support for [MSC4312](matrix-org/matrix-spec-proposals#4312 `m.oauth` User-Interactive Auth stage for resetting cross-signing identity with the OAuth 2.0 API. The old, unstable name (`org.matrix.cross_signing_reset`) is now deprecated and will be removed in a future release. ([#​19273](element-hq/synapse#19273)) - Refactor Grafana dashboard to use `server_name` label (instead of `instance`). ([#​19337](element-hq/synapse#19337)) #### Bugfixes - Fix joining a restricted v12 room locally when no local room creator is present but local users with sufficient power levels are. Contributed by [@​nexy7574](https://github.com/nexy7574). ([#​19321](element-hq/synapse#19321)) - Fixed parallel calls to `/_matrix/media/v1/create` being ratelimited for appservices even if `rate_limited: false` was set in the registration. Contributed by [@​tulir](https://github.com/tulir) @​ Beeper. ([#​19335](element-hq/synapse#19335)) - Fix a bug introduced in 1.61.0 where a user's membership in a room was accidentally ignored when considering access to historical state events in rooms with the "shared" history visibility. Contributed by Lukas Tautz. ([#​19353](element-hq/synapse#19353)) - [MSC4140](matrix-org/matrix-spec-proposals#4140): Store the JSON content of scheduled delayed events as text instead of a byte array. This fixes the inability to schedule a delayed event with non-ASCII characters in its content. ([#​19360](element-hq/synapse#19360)) - Always rollback database transactions when retrying (avoid orphaned connections). ([#​19372](element-hq/synapse#19372)) - Fix `InFlightGauge` typing to allow upgrading to `prometheus_client` 0.24. ([#​19379](element-hq/synapse#19379)) #### Updates to the Docker image - Add [Prometheus HTTP service discovery](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config) endpoint for easy discovery of all workers when using the `docker/Dockerfile-workers` image (see the [*Metrics* section of our Docker testing docs](docker/README-testing.md#metrics)). ([#​19336](element-hq/synapse#19336)) #### Improved Documentation - Remove docs on legacy metric names (no longer in the codebase since 2022-12-06). ([#​19341](element-hq/synapse#19341)) - Clarify how the estimated value of room complexity is calculated internally. ([#​19384](element-hq/synapse#19384)) #### Internal Changes - Add an internal `cancel_task` API to the task scheduler. ([#​19310](element-hq/synapse#19310)) - Tweak docstrings and signatures of `auth_types_for_event` and `get_catchup_room_event_ids`. ([#​19320](element-hq/synapse#19320)) - Replace usage of deprecated `assertEquals` with `assertEqual` in unit test code. ([#​19345](element-hq/synapse#19345)) - Drop support for Ubuntu 25.04 'Plucky Puffin', add support for Ubuntu 25.10 'Questing Quokka'. ([#​19348](element-hq/synapse#19348)) - Revert "Add an Admin API endpoint for listing quarantined media ([#​19268](element-hq/synapse#19268))". ([#​19351](element-hq/synapse#19351)) - Bump `mdbook` from 0.4.17 to 0.5.2 and remove our custom table-of-contents plugin in favour of the new default functionality. ([#​19356](element-hq/synapse#19356)) - Replace deprecated usage of PyGitHub's `GitRelease.title` with `.name` in release script. ([#​19358](element-hq/synapse#19358)) - Update the Element logo in Synapse's README to be an absolute URL, allowing it to render on other sites (such as PyPI). ([#​19368](element-hq/synapse#19368)) - Apply minor tweaks to v1.145.0 changelog. ([#​19376](element-hq/synapse#19376)) - Update Grafana dashboard syntax to use the latest from importing/exporting with Grafana 12.3.1. ([#​19381](element-hq/synapse#19381)) - Warn about skipping reactor metrics when using unknown reactor type. ([#​19383](element-hq/synapse#19383)) - Add support for reactor metrics with the `ProxiedReactor` used in worker Complement tests. ([#​19385](element-hq/synapse#19385)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42OS4yIiwidXBkYXRlZEluVmVyIjoiNDIuNjkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=--> Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/3533 Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net> Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix #19120 by always falling back to checking power levels for local users if a local creator cannot be found in a v12 room.
Complement tests: matrix-org/complement#836
Pull Request Checklist
EventStoretoEventWorkerStore.".code blocks.