allow non-joined users to get aliases of world_readable rooms

`user_can_see_state_events` checks if user is joined, or if room visibility is world_readable Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-24 20:35:21 -04:00 · 2024-03-24 20:35:21 -04:00 · 0863bec098
commit 0863bec098
parent 380b61184d
3 changed files with 14 additions and 6 deletions
--- a/src/api/client_server/directory.rs
+++ b/src/api/client_server/directory.rs
@ -228,8 +228,13 @@ pub(crate) async fn get_public_rooms_filtered_helper(
 							.map(|c: RoomHistoryVisibilityEventContent| {
 								c.history_visibility == HistoryVisibility::WorldReadable
 							})
-							.map_err(|_| Error::bad_database("Invalid room history visibility event in database."))
-					})?,
+                            .map_err(|e| {
+                                error!(
+                                    "Invalid room history visibility event in database for room {}: {e}",
+                                    &room_id
+                                );
+                                Error::bad_database("Invalid room history visibility event in database.")
+                            })})?,
 				guest_can_join: services()
 					.rooms
 					.state_accessor
--- a/src/api/client_server/room.rs
+++ b/src/api/client_server/room.rs
@ -563,12 +563,12 @@ pub async fn get_room_event_route(body: Ruma<get_room_event::v3::Request>) -> Re
 ///
 /// Lists all aliases of the room.
 ///
-/// - Only users joined to the room are allowed to call this TODO: Allow any
-///   user to call it if `history_visibility` is world readable
+/// - Only users joined to the room are allowed to call this, or if
+///   `history_visibility` is world readable in the room
 pub async fn get_room_aliases_route(body: Ruma<aliases::v3::Request>) -> Result<aliases::v3::Response> {
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");

-	if !services().rooms.state_cache.is_joined(sender_user, &body.room_id)? {
+	if !services().rooms.state_accessor.user_can_see_state_events(sender_user, &body.room_id)? {
 		return Err(Error::BadRequest(
 			ErrorKind::Forbidden,
 			"You don't have permission to view this room.",
--- a/src/service/rooms/state_accessor/mod.rs
+++ b/src/service/rooms/state_accessor/mod.rs
@ -194,7 +194,10 @@ impl Service {
 			|s| {
 				serde_json::from_str(s.content.get())
 					.map(|c: RoomHistoryVisibilityEventContent| c.history_visibility)
-					.map_err(|_| Error::bad_database("Invalid history visibility event in database."))
+					.map_err(|e| {
+						error!("Invalid history visibility event in database for room {}: {e}", &room_id);
+						Error::bad_database("Invalid history visibility event in database.")
+					})
 			},
 		)?;