only sign /send_join events if restricted join via room version and join_authorised_via_users_server
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz> Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry
parent
75731671d1
commit
339a1fc4e8
1 changed files with 30 additions and 15 deletions
|
|
@ -8,9 +8,10 @@ use ruma::{
|
||||||
room::member::{MembershipState, RoomMemberEventContent},
|
room::member::{MembershipState, RoomMemberEventContent},
|
||||||
StateEventType,
|
StateEventType,
|
||||||
},
|
},
|
||||||
CanonicalJsonValue, OwnedServerName, OwnedUserId, RoomId, ServerName,
|
CanonicalJsonValue, OwnedServerName, OwnedUserId, RoomId, RoomVersionId, ServerName,
|
||||||
};
|
};
|
||||||
use serde_json::value::{to_raw_value, RawValue as RawJsonValue};
|
use serde_json::value::{to_raw_value, RawValue as RawJsonValue};
|
||||||
|
use service::user_is_local;
|
||||||
use tokio::sync::RwLock;
|
use tokio::sync::RwLock;
|
||||||
use tracing::warn;
|
use tracing::warn;
|
||||||
|
|
||||||
|
|
@ -121,6 +122,19 @@ async fn create_join_event(
|
||||||
));
|
));
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if content
|
||||||
|
.join_authorized_via_users_server
|
||||||
|
.is_some_and(|user| user_is_local(&user))
|
||||||
|
&& !matches!(
|
||||||
|
room_version_id,
|
||||||
|
RoomVersionId::V1
|
||||||
|
| RoomVersionId::V2
|
||||||
|
| RoomVersionId::V3
|
||||||
|
| RoomVersionId::V4
|
||||||
|
| RoomVersionId::V5
|
||||||
|
| RoomVersionId::V6
|
||||||
|
| RoomVersionId::V7
|
||||||
|
) {
|
||||||
ruma::signatures::hash_and_sign_event(
|
ruma::signatures::hash_and_sign_event(
|
||||||
services().globals.server_name().as_str(),
|
services().globals.server_name().as_str(),
|
||||||
services().globals.keypair(),
|
services().globals.keypair(),
|
||||||
|
|
@ -128,6 +142,13 @@ async fn create_join_event(
|
||||||
&room_version_id,
|
&room_version_id,
|
||||||
)
|
)
|
||||||
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Failed to sign event."))?;
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Failed to sign event."))?;
|
||||||
|
}
|
||||||
|
|
||||||
|
services()
|
||||||
|
.rooms
|
||||||
|
.event_handler
|
||||||
|
.fetch_required_signing_keys([&value], &pub_key_map)
|
||||||
|
.await?;
|
||||||
|
|
||||||
let origin: OwnedServerName = serde_json::from_value(
|
let origin: OwnedServerName = serde_json::from_value(
|
||||||
serde_json::to_value(
|
serde_json::to_value(
|
||||||
|
|
@ -139,12 +160,6 @@ async fn create_join_event(
|
||||||
)
|
)
|
||||||
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "origin is not a server name."))?;
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "origin is not a server name."))?;
|
||||||
|
|
||||||
services()
|
|
||||||
.rooms
|
|
||||||
.event_handler
|
|
||||||
.fetch_required_signing_keys([&value], &pub_key_map)
|
|
||||||
.await?;
|
|
||||||
|
|
||||||
let mutex_lock = services()
|
let mutex_lock = services()
|
||||||
.globals
|
.globals
|
||||||
.roomid_mutex_federation
|
.roomid_mutex_federation
|
||||||
|
|
@ -183,7 +198,7 @@ async fn create_join_event(
|
||||||
.collect(),
|
.collect(),
|
||||||
// Event field is required if the room version supports restricted join rules.
|
// Event field is required if the room version supports restricted join rules.
|
||||||
event: Some(
|
event: Some(
|
||||||
to_raw_value(&CanonicalJsonValue::Object(value.clone()))
|
to_raw_value(&CanonicalJsonValue::Object(value))
|
||||||
.expect("To raw json should not fail since only change was adding signature"),
|
.expect("To raw json should not fail since only change was adding signature"),
|
||||||
),
|
),
|
||||||
})
|
})
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue