mod data; mod remote; use std::sync::Arc; use conduit::{err, Error, Result}; use ruma::{ api::client::error::ErrorKind, events::{ room::power_levels::{RoomPowerLevels, RoomPowerLevelsEventContent}, StateEventType, }, OwnedRoomAliasId, OwnedRoomId, OwnedServerName, RoomAliasId, RoomId, RoomOrAliasId, UserId, }; use self::data::Data; use crate::{admin, appservice, appservice::RegistrationInfo, globals, rooms, sending, server_is_ours, Dep}; pub struct Service { db: Data, services: Services, } struct Services { admin: Dep, appservice: Dep, globals: Dep, sending: Dep, state_accessor: Dep, } impl crate::Service for Service { fn build(args: crate::Args<'_>) -> Result> { Ok(Arc::new(Self { db: Data::new(&args), services: Services { admin: args.depend::("admin"), appservice: args.depend::("appservice"), globals: args.depend::("globals"), sending: args.depend::("sending"), state_accessor: args.depend::("rooms::state_accessor"), }, })) } fn name(&self) -> &str { crate::service::make_name(std::module_path!()) } } impl Service { #[tracing::instrument(skip(self))] pub fn set_alias(&self, alias: &RoomAliasId, room_id: &RoomId, user_id: &UserId) -> Result<()> { if alias == self.services.globals.admin_alias && user_id != self.services.globals.server_user { Err(Error::BadRequest( ErrorKind::forbidden(), "Only the server user can set this alias", )) } else { self.db.set_alias(alias, room_id, user_id) } } #[tracing::instrument(skip(self))] pub async fn remove_alias(&self, alias: &RoomAliasId, user_id: &UserId) -> Result<()> { if self.user_can_remove_alias(alias, user_id).await? { self.db.remove_alias(alias) } else { Err(Error::BadRequest( ErrorKind::forbidden(), "User is not permitted to remove this alias.", )) } } pub async fn resolve(&self, room: &RoomOrAliasId) -> Result { if room.is_room_id() { let room_id: &RoomId = &RoomId::parse(room).expect("valid RoomId"); Ok(room_id.to_owned()) } else { let alias: &RoomAliasId = &RoomAliasId::parse(room).expect("valid RoomAliasId"); Ok(self.resolve_alias(alias, None).await?.0) } } #[tracing::instrument(skip(self), name = "resolve")] pub async fn resolve_alias( &self, room_alias: &RoomAliasId, servers: Option<&Vec>, ) -> Result<(OwnedRoomId, Option>)> { if !server_is_ours(room_alias.server_name()) && (!servers .as_ref() .is_some_and(|servers| servers.contains(&self.services.globals.server_name().to_owned())) || servers.as_ref().is_none()) { return self.remote_resolve(room_alias, servers).await; } let room_id: Option = match self.resolve_local_alias(room_alias)? { Some(r) => Some(r), None => self.resolve_appservice_alias(room_alias).await?, }; room_id.map_or_else( || Err(Error::BadRequest(ErrorKind::NotFound, "Room with alias not found.")), |room_id| Ok((room_id, None)), ) } #[tracing::instrument(skip(self), level = "debug")] pub fn resolve_local_alias(&self, alias: &RoomAliasId) -> Result> { self.db.resolve_local_alias(alias) } #[tracing::instrument(skip(self), level = "debug")] pub fn local_aliases_for_room<'a>( &'a self, room_id: &RoomId, ) -> Box> + 'a + Send> { self.db.local_aliases_for_room(room_id) } #[tracing::instrument(skip(self), level = "debug")] pub fn all_local_aliases<'a>(&'a self) -> Box> + 'a> { self.db.all_local_aliases() } async fn user_can_remove_alias(&self, alias: &RoomAliasId, user_id: &UserId) -> Result { let Some(room_id) = self.resolve_local_alias(alias)? else { return Err(Error::BadRequest(ErrorKind::NotFound, "Alias not found.")); }; let server_user = &self.services.globals.server_user; // The creator of an alias can remove it if self .db .who_created_alias(alias)? .is_some_and(|user| user == user_id) // Server admins can remove any local alias || self.services.admin.user_is_admin(user_id).await? // Always allow the server service account to remove the alias, since there may not be an admin room || server_user == user_id { Ok(true) // Checking whether the user is able to change canonical aliases of the // room } else if let Some(event) = self.services .state_accessor .room_state_get(&room_id, &StateEventType::RoomPowerLevels, "")? { serde_json::from_str(event.content.get()) .map_err(|_| Error::bad_database("Invalid event content for m.room.power_levels")) .map(|content: RoomPowerLevelsEventContent| { RoomPowerLevels::from(content).user_can_send_state(user_id, StateEventType::RoomCanonicalAlias) }) // If there is no power levels event, only the room creator can change // canonical aliases } else if let Some(event) = self.services .state_accessor .room_state_get(&room_id, &StateEventType::RoomCreate, "")? { Ok(event.sender == user_id) } else { Err(Error::bad_database("Room has no m.room.create event")) } } async fn resolve_appservice_alias(&self, room_alias: &RoomAliasId) -> Result> { use ruma::api::appservice::query::query_room_alias; for appservice in self.services.appservice.read().await.values() { if appservice.aliases.is_match(room_alias.as_str()) && matches!( self.services .sending .send_appservice_request( appservice.registration.clone(), query_room_alias::v1::Request { room_alias: room_alias.to_owned(), }, ) .await, Ok(Some(_opt_result)) ) { return Ok(Some( self.resolve_local_alias(room_alias)? .ok_or_else(|| err!(Request(NotFound("Room does not exist."))))?, )); } } Ok(None) } pub async fn appservice_checks( &self, room_alias: &RoomAliasId, appservice_info: &Option, ) -> Result<()> { if !server_is_ours(room_alias.server_name()) { return Err(Error::BadRequest(ErrorKind::InvalidParam, "Alias is from another server.")); } if let Some(ref info) = appservice_info { if !info.aliases.is_match(room_alias.as_str()) { return Err(Error::BadRequest(ErrorKind::Exclusive, "Room alias is not in namespace.")); } } else if self .services .appservice .is_exclusive_alias(room_alias) .await { return Err(Error::BadRequest(ErrorKind::Exclusive, "Room alias reserved by appservice.")); } Ok(()) } }