oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-08-06 17:40:59 +00:00
Code Wiki Activity

feat(appservice): ensure users/aliases outside of namespaces are not accessed

Browse source
This commit is contained in:
Matthias Ahouansou 2024-04-16 15:53:38 +01:00
parent 53d3f9ae89
commit 3086271139
No known key found for this signature in database
7 changed files with 202 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

36
src/api/client_server/alias.rs
View file

@ -25,6 +25,24 @@ pub async fn create_alias_route(
));
}
if let Some(ref info) = body.appservice_info {
if !info.aliases.is_match(body.room_alias.as_str()) {
return Err(Error::BadRequest(
ErrorKind::Exclusive,
"Room alias is not in namespace.",
));
}
} else if services()
.appservice
.is_exclusive_alias(&body.room_alias)
.await
{
return Err(Error::BadRequest(
ErrorKind::Exclusive,
"Room alias reserved by appservice.",
));
}
if services()
.rooms
.alias
@ -58,6 +76,24 @@ pub async fn delete_alias_route(
));
}
if let Some(ref info) = body.appservice_info {
if !info.aliases.is_match(body.room_alias.as_str()) {
return Err(Error::BadRequest(
ErrorKind::Exclusive,
"Room alias is not in namespace.",
));
}
} else if services()
.appservice
.is_exclusive_alias(&body.room_alias)
.await
{
return Err(Error::BadRequest(
ErrorKind::Exclusive,
"Room alias reserved by appservice.",
));
}
services().rooms.alias.remove_alias(&body.room_alias)?;
// TODO: update alt_aliases?