backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-17 15:51:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(redactions): move checks inside conduit

Browse source 
ruma was already accidentally performing these checks for us, but this shouldn't be the case
This commit is contained in:
Matthias Ahouansou 2024-04-23 21:42:01 +01:00
parent 2d8c551cd5
commit 00d6aeddb6
No known key found for this signature in database
3 changed files with 97 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

35
src/service/rooms/timeline/mod.rs
View file

@ -395,7 +395,14 @@ impl Service {
| RoomVersionId::V9
| RoomVersionId::V10 => {
if let Some(redact_id) = &pdu.redacts {
self.redact_pdu(redact_id, pdu)?;
if services().rooms.state_accessor.user_can_redact(
redact_id,
&pdu.sender,
&pdu.room_id,
false,
)? {
self.redact_pdu(redact_id, pdu)?;
}
}
}
RoomVersionId::V11 => {
@ -405,7 +412,14 @@ impl Service {
Error::bad_database("Invalid content in redaction pdu.")
})?;
if let Some(redact_id) = &content.redacts {
self.redact_pdu(redact_id, pdu)?;
if services().rooms.state_accessor.user_can_redact(
redact_id,
&pdu.sender,
&pdu.room_id,
false,
)? {
self.redact_pdu(redact_id, pdu)?;
}
}
}
_ => unreachable!("Validity of room version already checked"),
@ -885,6 +899,23 @@ impl Service {
}
}
// If redaction event is not authorized, do not append it to the timeline
if let Some(redact_id) = &pdu.redacts {
if pdu.kind == TimelineEventType::RoomRedaction
&& !services().rooms.state_accessor.user_can_redact(
redact_id,
&pdu.sender,
&pdu.room_id,
false,
)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
"User cannot redact this event.",
));
}
};
// We append to state before appending the pdu, so we don't have a moment in time with the
// pdu without it's state. This is okay because append_pdu can't fail.
let statehashid = services().rooms.state.append_to_state(&pdu)?;