From a3d62ed0d9e0581b770d63acbdd35f83d02f6e3f Mon Sep 17 00:00:00 2001
From: nexy7574 <git@nexy7574.co.uk>
Date: Sat, 19 Jul 2025 21:09:23 +0100
Subject: [PATCH] feat(policy-server): Prevent local events that fail the
 policy check

---
 src/service/rooms/timeline/create.rs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/service/rooms/timeline/create.rs b/src/service/rooms/timeline/create.rs
index 20ccaf56..6301d785 100644
--- a/src/service/rooms/timeline/create.rs
+++ b/src/service/rooms/timeline/create.rs
@@ -165,6 +165,17 @@ pub async fn create_hash_and_sign_event(
 		return Err!(Request(Forbidden("Event is not authorized.")));
 	}
 
+	// Check with the policy server
+	if self
+		.services
+		.event_handler
+		.policyserv_check(&pdu, room_id)
+		.await
+		.is_err()
+	{
+		return Err!(Request(Forbidden(debug_warn!("Policy server marked this event as spam"))));
+	}
+
 	// Hash and sign
 	let mut pdu_json = utils::to_canonical_object(&pdu).map_err(|e| {
 		err!(Request(BadJson(warn!("Failed to convert PDU to canonical JSON: {e}"))))