SUMMARY neochat sends a spam of 18 room acl changes when I open the permissions dialog STEPS TO REPRODUCE After some investigation in neochat matrix room, the offending powerlevel events which are being spammed are the following: { "content": { "events": { "im.vector.modular.widgets": 50, "io.element.voice_broadcast_info": 50, "m.call.invite": 50, "m.reaction": 0, "m.room.avatar": 50, "m.room.canonical_alias": 50, "m.room.encryption": 100, "m.room.history_visibility": 100, "m.room.name": 50, "m.room.pinned_events": 50, "m.room.power_levels": 100, "m.room.redaction": 100, "m.room.server_acl": 100, "m.room.tombstone": 100, "m.room.topic": 50, "m.space.child": 50, "org.matrix.msc3401.call": 50, "org.matrix.msc3401.call.member": 50, "users_default": 0 }, "events_default": 50, "users": { "@aranjedeath:explodie.org": 100, "@pineappleexpress:explodie.org": 50 } }, "event_id": "$RSlnH_5zaRzmt4xXZEOPtdK475A7I0J24DcLNyR32Gc", "origin_server_ts": 1722993657348, "sender": "@aranjedeath:explodie.org", "state_key": "", "type": "m.room.power_levels", "unsigned": { "age": 514522, "prev_content": { "events": { "im.vector.modular.widgets": 50, "io.element.voice_broadcast_info": 50, "m.call.invite": 50, "m.reaction": 0, "m.room.avatar": 50, "m.room.canonical_alias": 50, "m.room.encryption": 100, "m.room.history_visibility": 100, "m.room.name": 50, "m.room.pinned_events": 50, "m.room.power_levels": 100, "m.room.redaction": 100, "m.room.server_acl": 100, "m.room.tombstone": 100, "m.room.topic": 50, "m.space.child": 50, "org.matrix.msc3401.call": 50, "org.matrix.msc3401.call.member": 50, "state_default": 0, "users_default": 0 }, "events_default": 50, "users": { "@aranjedeath:explodie.org": 100, "@pineappleexpress:explodie.org": 50 } }, "prev_sender": "@aranjedeath:explodie.org", "replaces_state": "$GkOGlyoWBV_1-esisDnISwKQyWl8VovE9zbqNfY68tY" }, "room_id": "!01POKUwlEwiArQOcav:explodie.org" } Morguldir indicates there are issues with top level keys being inside the events area of this event. OS Info: Neochat 24.05.2 on KDE NEON
One of the powerlevel events is labeled by nheko as "allowed everyone to send "state_default", and looks like: { "content": { "ban": 50, "events": { "im.vector.modular.widgets": 50, "io.element.voice_broadcast_info": 50, "m.call.invite": 50, "m.reaction": 0, "m.room.avatar": 50, "m.room.canonical_alias": 50, "m.room.encryption": 100, "m.room.history_visibility": 100, "m.room.name": 50, "m.room.pinned_events": 50, "m.room.power_levels": 100, "m.room.redaction": 100, "m.room.server_acl": 100, "m.room.tombstone": 100, "m.room.topic": 50, "m.space.child": 50, "org.matrix.msc3401.call": 50, "org.matrix.msc3401.call.member": 50, "state_default": 0, "users_default": 0 }, "events_default": 50, "invite": 50, "kick": 50, "redact": 50, "state_default": 50, "users": { "@aranjedeath:explodie.org": 100, "@pineappleexpress:explodie.org": 50 }, "users_default": 0 }, "event_id": "$-Z9W_TvsXdmLbNGIrg-mlo_Zfs_dK4TMRafm80w27go", "origin_server_ts": 1722995144239, "sender": "@aranjedeath:explodie.org", "state_key": "", "type": "m.room.power_levels", "unsigned": { "age": 362, "prev_sender": "@aranjedeath:explodie.org", "replaces_state": "$gWTAPpDjJx51uganS8JXIyD0-z16omkS-oWHk7_svBQ" } }
So from looking at the code if the content of those rooms power level event didn't contain all of "event_default", "user_default" and "state_default" parameters the model would set it into the events list. What this means is that whoever created that room didn't populate the power level event correctly as they should always be present, but that being said NeoChat need to handle that case
A possibly relevant merge request was started @ https://invent.kde.org/network/neochat/-/merge_requests/1875
Git commit 54be52b855e0f6205fe8d196d7449eb37db72f5f by James Graham. Committed on 05/09/2024 at 13:48. Pushed by nvrwhere into branch 'master'. Fix default permissions settings Make sure that if default permissions or basic permissons are not present in the power level event that they are set properly when changed rather than in the event section. Also define some of the commonly used strings M +60 -35 src/models/permissionsmodel.cpp https://invent.kde.org/network/neochat/-/commit/54be52b855e0f6205fe8d196d7449eb37db72f5f