Refactor redaction permission checks

2025-12-18 16:21:24 +01:00 · 2025-07-19 22:26:49 -07:00 · 2025-07-19 22:26:49 -07:00 · aade2e17c2
commit aade2e17c2
parent 61d2ff7183
4 changed files with 83 additions and 102 deletions
--- a/src/service/rooms/event_handler.rs
+++ b/src/service/rooms/event_handler.rs
@ -19,11 +19,8 @@ use ruma::{
        },
    },
    events::{
-        room::{
-            redaction::RoomRedactionEventContent,
-            server_acl::RoomServerAclEventContent,
-        },
-        StateEventType, TimelineEventType,
+        room::server_acl::RoomServerAclEventContent, StateEventType,
+        TimelineEventType,
    },
    int,
    state_res::{self, StateMap},
@ -43,7 +40,7 @@ use super::{
 use crate::{
    service::{globals::SigningKeys, pdu, rooms::state::ExtractVersion},
    services,
-    utils::{debug_slice_truncated, room_version::RoomVersion},
+    utils::debug_slice_truncated,
    Error, PduEvent, Result,
 };

@ -568,7 +565,6 @@ impl Service {
            "Upgrading event to timeline pdu",
        );

-        let room_version = RoomVersion::try_from(room_version_id)?;
        let ruma_room_version = state_res::RoomVersion::new(room_version_id)
            .map_err(|_| {
                Error::UnsupportedRoomVersion(room_version_id.clone())
@ -925,33 +921,10 @@ impl Service {
            Error::BadRequest(ErrorKind::InvalidParam, "Auth check failed.")
        })? || incoming_pdu.kind
            == TimelineEventType::RoomRedaction
-            && if room_version.redaction_event_redacts_in_content {
-                let content =
-                    serde_json::from_str::<RoomRedactionEventContent>(
-                        incoming_pdu.content.get(),
-                    )
-                    .map_err(|_| {
-                        Error::bad_database("Invalid content in redaction pdu.")
-                    })?;
-
-                if let Some(redact_id) = &content.redacts {
-                    !services().rooms.state_accessor.user_can_redact(
-                        redact_id,
-                        &incoming_pdu.sender,
-                        &incoming_pdu.room_id,
-                    )?
-                } else {
-                    false
-                }
-            } else if let Some(redact_id) = &incoming_pdu.redacts {
-                !services().rooms.state_accessor.user_can_redact(
-                    redact_id,
-                    &incoming_pdu.sender,
-                    &incoming_pdu.room_id,
-                )?
-            } else {
-                false
-            };
+            && services()
+                .rooms
+                .state_accessor
+                .redaction_event_allowed(&incoming_pdu)?;

        // 13. Use state resolution to find new room state