refactor fed membership endpoints, add missing checks, some cleanup, reduce line width

Signed-off-by: strawberry <strawberry@puppygock.gay>
2025-08-07 15:20:55 +00:00 · 2024-12-07 01:07:01 -05:00 · 2024-12-07 01:07:01 -05:00 · 9d59f777d2
commit 9d59f777d2
parent 61670370ed
12 changed files with 474 additions and 498 deletions
--- a/src/api/server/send_leave.rs
+++ b/src/api/server/send_leave.rs
@ -1,14 +1,14 @@
 #![allow(deprecated)]

 use axum::extract::State;
-use conduit::{err, utils::ReadyExt, Error, Result};
+use conduit::{err, Err, Result};
 use ruma::{
-	api::{client::error::ErrorKind, federation::membership::create_leave_event},
+	api::federation::membership::create_leave_event,
 	events::{
 		room::member::{MembershipState, RoomMemberEventContent},
 		StateEventType,
 	},
-	OwnedUserId, RoomId, ServerName,
+	OwnedRoomId, OwnedUserId, RoomId, ServerName,
 };
 use serde_json::value::RawValue as RawJsonValue;

@ -39,11 +39,9 @@ pub(crate) async fn create_leave_event_v2_route(
 	Ok(create_leave_event::v2::Response::new())
 }

-async fn create_leave_event(
-	services: &Services, origin: &ServerName, room_id: &RoomId, pdu: &RawJsonValue,
-) -> Result<()> {
+async fn create_leave_event(services: &Services, origin: &ServerName, room_id: &RoomId, pdu: &RawJsonValue) -> Result {
 	if !services.rooms.metadata.exists(room_id).await {
-		return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server."));
+		return Err!(Request(NotFound("Room is unknown to this server.")));
 	}

 	// ACL check origin
@ -58,53 +56,62 @@ async fn create_leave_event(
 	let room_version_id = services.rooms.state.get_room_version(room_id).await?;
 	let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, &room_version_id) else {
 		// Event could not be converted to canonical json
-		return Err(Error::BadRequest(
-			ErrorKind::InvalidParam,
-			"Could not convert event to canonical json.",
-		));
+		return Err!(Request(BadJson("Could not convert event to canonical json.")));
 	};

+	let event_room_id: OwnedRoomId = serde_json::from_value(
+		serde_json::to_value(
+			value
+				.get("room_id")
+				.ok_or_else(|| err!(Request(BadJson("Event missing room_id property."))))?,
+		)
+		.expect("CanonicalJson is valid json value"),
+	)
+	.map_err(|e| err!(Request(BadJson(warn!("room_id field is not a valid room ID: {e}")))))?;
+
+	if event_room_id != room_id {
+		return Err!(Request(BadJson("Event room_id does not match request path room ID.")));
+	}
+
 	let content: RoomMemberEventContent = serde_json::from_value(
 		value
 			.get("content")
-			.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event missing content property"))?
+			.ok_or_else(|| err!(Request(BadJson("Event missing content property."))))?
 			.clone()
 			.into(),
 	)
-	.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Event content is empty or invalid"))?;
+	.map_err(|e| err!(Request(BadJson(warn!("Event content is empty or invalid: {e}")))))?;

 	if content.membership != MembershipState::Leave {
-		return Err(Error::BadRequest(
-			ErrorKind::InvalidParam,
-			"Not allowed to send a non-leave membership event to leave endpoint.",
-		));
+		return Err!(Request(BadJson(
+			"Not allowed to send a non-leave membership event to leave endpoint."
+		)));
 	}

 	let event_type: StateEventType = serde_json::from_value(
 		value
 			.get("type")
-			.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event missing type property."))?
+			.ok_or_else(|| err!(Request(BadJson("Event missing type property."))))?
 			.clone()
 			.into(),
 	)
-	.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "Event does not have a valid state event type."))?;
+	.map_err(|e| err!(Request(BadJson(warn!("Event has invalid state event type: {e}")))))?;

 	if event_type != StateEventType::RoomMember {
-		return Err(Error::BadRequest(
-			ErrorKind::InvalidParam,
-			"Not allowed to send non-membership state event to leave endpoint.",
-		));
+		return Err!(Request(BadJson(
+			"Not allowed to send non-membership state event to leave endpoint."
+		)));
 	}

 	// ACL check sender server name
 	let sender: OwnedUserId = serde_json::from_value(
 		value
 			.get("sender")
-			.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event missing sender property."))?
+			.ok_or_else(|| err!(Request(BadJson("Event missing sender property."))))?
 			.clone()
 			.into(),
 	)
-	.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "User ID in sender is invalid."))?;
+	.map_err(|e| err!(Request(BadJson(warn!("sender property is not a valid user ID: {e}")))))?;

 	services
 		.rooms
@ -113,26 +120,20 @@ async fn create_leave_event(
 		.await?;

 	if sender.server_name() != origin {
-		return Err(Error::BadRequest(
-			ErrorKind::InvalidParam,
-			"Not allowed to leave on behalf of another server.",
-		));
+		return Err!(Request(BadJson("Not allowed to leave on behalf of another server/user.")));
 	}

 	let state_key: OwnedUserId = serde_json::from_value(
 		value
 			.get("state_key")
-			.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event missing state_key property."))?
+			.ok_or_else(|| err!(Request(BadJson("Event missing state_key property."))))?
 			.clone()
 			.into(),
 	)
-	.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "state_key is invalid or not a user ID"))?;
+	.map_err(|e| err!(Request(BadJson(warn!("State key is not a valid user ID: {e}")))))?;

 	if state_key != sender {
-		return Err(Error::BadRequest(
-			ErrorKind::InvalidParam,
-			"state_key does not match sender user.",
-		));
+		return Err!(Request(BadJson("State key does not match sender user.")));
 	}

 	let mutex_lock = services
@ -151,11 +152,5 @@ async fn create_leave_event(

 	drop(mutex_lock);

-	let servers = services
-		.rooms
-		.state_cache
-		.room_servers(room_id)
-		.ready_filter(|server| !services.globals.server_is_ours(server));
-
-	services.sending.send_pdu_servers(servers, &pdu_id).await
+	services.sending.send_pdu_room(room_id, &pdu_id).await
 }