oss/continuwuity
oss/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-09-30 18:42:05 +00:00
Code Wiki Activity

fix: Fix restricted join rules inconsistencies

Browse source
This commit is contained in:
nexy7574 2025-09-20 18:02:15 +01:00 committed by nex
parent 92e9802340
commit c9c79fbea6
2 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/api/client/membership/join.rs
View file

@ -742,6 +742,7 @@ async fn join_room_by_id_helper_local(
.iter() .iter()
.stream() .stream()
.any(|restriction_room_id| { .any(|restriction_room_id| {
trace!("Checking if {sender_user} is joined to {restriction_room_id}");
services services
.rooms .rooms
.state_cache .state_cache
@ -754,6 +755,7 @@ async fn join_room_by_id_helper_local(
.state_cache .state_cache
.local_users_in_room(room_id) .local_users_in_room(room_id)
.filter(|user| { .filter(|user| {
trace!("Checking if {user} can invite {sender_user} to {room_id}");
services.rooms.state_accessor.user_can_invite( services.rooms.state_accessor.user_can_invite(
room_id, room_id,
user, user,
@ -766,6 +768,7 @@ async fn join_room_by_id_helper_local(
.await .await
.map(ToOwned::to_owned) .map(ToOwned::to_owned)
} else { } else {
trace!("No restriction rooms are joined by {sender_user}");
None None
} }
}; };

22
src/core/matrix/state_res/event_auth.rs
View file

@ -727,12 +727,20 @@ where
let user_joined = user_for_join_auth_membership == &MembershipState::Join; let user_joined = user_for_join_auth_membership == &MembershipState::Join;
let okay_power = is_creator(room_version, &creators, create_room, user_for_join_auth) let okay_power = is_creator(room_version, &creators, create_room, user_for_join_auth)
|| auth_user_pl >= invite_level; || auth_user_pl >= invite_level;
trace!(
auth_user_pl=?auth_user_pl,
invite_level=?invite_level,
user_joined=?user_joined,
okay_power=?okay_power,
passing=?(user_joined && okay_power),
"user for join auth is valid check details"
);
user_joined && okay_power user_joined && okay_power
} else { } else {
// No auth user was given // No auth user was given
trace!("No auth user given for join auth");
false false
}; };
let sender_creator = is_creator(room_version, &creators, create_room, sender); let sender_creator = is_creator(room_version, &creators, create_room, sender);
let target_creator = is_creator(room_version, &creators, create_room, target_user); let target_creator = is_creator(room_version, &creators, create_room, target_user);
@ -811,9 +819,7 @@ where
false false
}, },
| JoinRule::KnockRestricted(_) => { | JoinRule::KnockRestricted(_) => {
let valid_join = user_for_join_auth_is_valid if membership_allows_join || user_for_join_auth_is_valid {
|| sender_membership == MembershipState::Join;
if membership_allows_join || valid_join {
true true
} else { } else {
warn!( warn!(
@ -826,16 +832,14 @@ where
} }
}, },
| JoinRule::Restricted(_) => | JoinRule::Restricted(_) =>
if !user_for_join_auth_is_valid if membership_allows_join || user_for_join_auth_is_valid {
&& sender_membership != MembershipState::Join true
{ } else {
warn!( warn!(
"Join rule is a restricted one but no valid authorising user \ "Join rule is a restricted one but no valid authorising user \
was given" was given"
); );
false false
} else {
true
}, },
| JoinRule::Public => true, | JoinRule::Public => true,
| _ => { | _ => {