fix: Fix restricted join rules inconsistencies

2025-09-30 18:42:05 +00:00 · 2025-09-20 18:02:15 +01:00 · 2025-09-20 18:02:15 +01:00 · c9c79fbea6
commit c9c79fbea6
parent 92e9802340
2 changed files with 16 additions and 9 deletions
--- a/src/api/client/membership/join.rs
+++ b/src/api/client/membership/join.rs
@ -742,6 +742,7 @@ async fn join_room_by_id_helper_local(
 			.iter()
 			.stream()
 			.any(|restriction_room_id| {
+				trace!("Checking if {sender_user} is joined to {restriction_room_id}");
 				services
 					.rooms
 					.state_cache
@ -754,6 +755,7 @@ async fn join_room_by_id_helper_local(
 				.state_cache
 				.local_users_in_room(room_id)
 				.filter(|user| {
+					trace!("Checking if {user} can invite {sender_user} to {room_id}");
 					services.rooms.state_accessor.user_can_invite(
 						room_id,
 						user,
@ -766,6 +768,7 @@ async fn join_room_by_id_helper_local(
 				.await
 				.map(ToOwned::to_owned)
 		} else {
+			trace!("No restriction rooms are joined by {sender_user}");
 			None
 		}
 	};
--- a/src/core/matrix/state_res/event_auth.rs
+++ b/src/core/matrix/state_res/event_auth.rs
@ -727,12 +727,20 @@ where
 		let user_joined = user_for_join_auth_membership == &MembershipState::Join;
 		let okay_power = is_creator(room_version, &creators, create_room, user_for_join_auth)
 			|| auth_user_pl >= invite_level;
+		trace!(
+			auth_user_pl=?auth_user_pl,
+			invite_level=?invite_level,
+			user_joined=?user_joined,
+			okay_power=?okay_power,
+			passing=?(user_joined && okay_power),
+			"user for join auth is valid check details"
+		);
 		user_joined && okay_power
 	} else {
 		// No auth user was given
+		trace!("No auth user given for join auth");
 		false
 	};
-
 	let sender_creator = is_creator(room_version, &creators, create_room, sender);
 	let target_creator = is_creator(room_version, &creators, create_room, target_user);

@ -811,9 +819,7 @@ where
 						false
 					},
 					| JoinRule::KnockRestricted(_) => {
-						let valid_join = user_for_join_auth_is_valid
-							|| sender_membership == MembershipState::Join;
-						if membership_allows_join || valid_join {
+						if membership_allows_join || user_for_join_auth_is_valid {
 							true
 						} else {
 							warn!(
@ -826,16 +832,14 @@ where
 						}
 					},
 					| JoinRule::Restricted(_) =>
-						if !user_for_join_auth_is_valid
-							&& sender_membership != MembershipState::Join
-						{
+						if membership_allows_join || user_for_join_auth_is_valid {
+							true
+						} else {
 							warn!(
 								"Join rule is a restricted one but no valid authorising user \
 								 was given"
 							);
 							false
-						} else {
-							true
 						},
 					| JoinRule::Public => true,
 					| _ => {