From 870307dd1b1ab118acf30e6b18528c01663ae967 Mon Sep 17 00:00:00 2001
From: magiccpp1 <ken.dai@ericsson.com>
Date: Mon, 6 Mar 2017 09:44:16 +0000
Subject: [PATCH 1/3] new configuration:turn_allow_guest, when set to true the 
 guest users are allowed to fetch turn server's info Signed-off-by: Ken Dai
 <ken.dai@ericsson.com>

---
 docs/turn-howto.rst            | 4 ++++
 synapse/config/voip.py         | 1 +
 synapse/rest/client/v1/voip.py | 3 ++-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/docs/turn-howto.rst b/docs/turn-howto.rst
index 04c0100715b3..9f7011c232a1 100644
--- a/docs/turn-howto.rst
+++ b/docs/turn-howto.rst
@@ -83,12 +83,16 @@ Your home server configuration file needs the following extra keys:
     to refresh credentials. The TURN REST API specification recommends
     one day (86400000).
 
+ 4. "turn_allow_guest": If this is set to True, guest users are allowed 
+    to fetch the TURN server information. By default it is set to False. 
+
 As an example, here is the relevant section of the config file for
 matrix.org::
 
     turn_uris: [ "turn:turn.matrix.org:3478?transport=udp", "turn:turn.matrix.org:3478?transport=tcp" ]
     turn_shared_secret: n0t4ctuAllymatr1Xd0TorgSshar3d5ecret4obvIousreAsons
     turn_user_lifetime: 86400000
+    turn_allow_guest: False
 
 Now, restart synapse::
 
diff --git a/synapse/config/voip.py b/synapse/config/voip.py
index eeb693027b47..2846c14e6417 100644
--- a/synapse/config/voip.py
+++ b/synapse/config/voip.py
@@ -23,6 +23,7 @@ def read_config(self, config):
         self.turn_username = config.get("turn_username")
         self.turn_password = config.get("turn_password")
         self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
+        self.turn_allow_guest = self.parse_duration(config["turn_allow_guest"])
 
     def default_config(self, **kwargs):
         return """\
diff --git a/synapse/rest/client/v1/voip.py b/synapse/rest/client/v1/voip.py
index 03141c623c62..2585bdcf8d15 100644
--- a/synapse/rest/client/v1/voip.py
+++ b/synapse/rest/client/v1/voip.py
@@ -28,7 +28,8 @@ class VoipRestServlet(ClientV1RestServlet):
 
     @defer.inlineCallbacks
     def on_GET(self, request):
-        requester = yield self.auth.get_user_by_req(request)
+        allowGuest = self.hs.config.turn_allow_guest
+        requester = yield self.auth.get_user_by_req(request, allowGuest)
 
         turnUris = self.hs.config.turn_uris
         turnSecret = self.hs.config.turn_shared_secret

From 86b329d0739cc219cc14174d583f914133d66128 Mon Sep 17 00:00:00 2001
From: magiccpp1 <ken.dai@ericsson.com>
Date: Mon, 6 Mar 2017 10:12:16 +0000
Subject: [PATCH 2/3] Revert "new configuration:turn_allow_guest, when set to
 true the  guest users are allowed to fetch turn server's info"

This reverts commit 870307dd1b1ab118acf30e6b18528c01663ae967.
---
 docs/turn-howto.rst            | 4 ----
 synapse/config/voip.py         | 1 -
 synapse/rest/client/v1/voip.py | 3 +--
 3 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/docs/turn-howto.rst b/docs/turn-howto.rst
index 9f7011c232a1..04c0100715b3 100644
--- a/docs/turn-howto.rst
+++ b/docs/turn-howto.rst
@@ -83,16 +83,12 @@ Your home server configuration file needs the following extra keys:
     to refresh credentials. The TURN REST API specification recommends
     one day (86400000).
 
- 4. "turn_allow_guest": If this is set to True, guest users are allowed 
-    to fetch the TURN server information. By default it is set to False. 
-
 As an example, here is the relevant section of the config file for
 matrix.org::
 
     turn_uris: [ "turn:turn.matrix.org:3478?transport=udp", "turn:turn.matrix.org:3478?transport=tcp" ]
     turn_shared_secret: n0t4ctuAllymatr1Xd0TorgSshar3d5ecret4obvIousreAsons
     turn_user_lifetime: 86400000
-    turn_allow_guest: False
 
 Now, restart synapse::
 
diff --git a/synapse/config/voip.py b/synapse/config/voip.py
index 2846c14e6417..eeb693027b47 100644
--- a/synapse/config/voip.py
+++ b/synapse/config/voip.py
@@ -23,7 +23,6 @@ def read_config(self, config):
         self.turn_username = config.get("turn_username")
         self.turn_password = config.get("turn_password")
         self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
-        self.turn_allow_guest = self.parse_duration(config["turn_allow_guest"])
 
     def default_config(self, **kwargs):
         return """\
diff --git a/synapse/rest/client/v1/voip.py b/synapse/rest/client/v1/voip.py
index 2585bdcf8d15..03141c623c62 100644
--- a/synapse/rest/client/v1/voip.py
+++ b/synapse/rest/client/v1/voip.py
@@ -28,8 +28,7 @@ class VoipRestServlet(ClientV1RestServlet):
 
     @defer.inlineCallbacks
     def on_GET(self, request):
-        allowGuest = self.hs.config.turn_allow_guest
-        requester = yield self.auth.get_user_by_req(request, allowGuest)
+        requester = yield self.auth.get_user_by_req(request)
 
         turnUris = self.hs.config.turn_uris
         turnSecret = self.hs.config.turn_shared_secret

From edbf998c30e02899090d394efcbb2d511b6ba3bf Mon Sep 17 00:00:00 2001
From: magiccpp1 <ken.dai@ericsson.com>
Date: Mon, 6 Mar 2017 10:22:32 +0000
Subject: [PATCH 3/3] guest users are allowed to fetch turn server's info

Sign-off-by: Ken Dai <ken.dai@ericsson.com>
---
 synapse/rest/client/v1/voip.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/synapse/rest/client/v1/voip.py b/synapse/rest/client/v1/voip.py
index 03141c623c62..1e975617aa1c 100644
--- a/synapse/rest/client/v1/voip.py
+++ b/synapse/rest/client/v1/voip.py
@@ -28,7 +28,7 @@ class VoipRestServlet(ClientV1RestServlet):
 
     @defer.inlineCallbacks
     def on_GET(self, request):
-        requester = yield self.auth.get_user_by_req(request)
+        requester = yield self.auth.get_user_by_req(request, True)
 
         turnUris = self.hs.config.turn_uris
         turnSecret = self.hs.config.turn_shared_secret