check room ACLs on sender user's server for incoming PDUs
`handle_incoming_pdu` Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry
June 🍓🦴
parent
7328ed7509
commit
68fffe8e96
1 changed files with 17 additions and 2 deletions
|
|
@ -24,7 +24,7 @@ use ruma::{
|
||||||
int,
|
int,
|
||||||
serde::Base64,
|
serde::Base64,
|
||||||
state_res::{self, RoomVersion, StateMap},
|
state_res::{self, RoomVersion, StateMap},
|
||||||
uint, CanonicalJsonValue, EventId, MilliSecondsSinceUnixEpoch, RoomId, RoomVersionId, ServerName,
|
uint, CanonicalJsonValue, EventId, MilliSecondsSinceUnixEpoch, OwnedUserId, RoomId, RoomVersionId, ServerName,
|
||||||
};
|
};
|
||||||
use tokio::sync::RwLock;
|
use tokio::sync::RwLock;
|
||||||
use tracing::{debug, error, info, trace, warn};
|
use tracing::{debug, error, info, trace, warn};
|
||||||
|
|
@ -92,9 +92,24 @@ impl Service {
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
// 1.3 Check room ACL
|
// 1.3.1 Check room ACL on origin field/server
|
||||||
services().rooms.event_handler.acl_check(origin, room_id)?;
|
services().rooms.event_handler.acl_check(origin, room_id)?;
|
||||||
|
|
||||||
|
// 1.3.2 Check room ACL on sender's server name
|
||||||
|
let sender: OwnedUserId = serde_json::from_value(
|
||||||
|
value
|
||||||
|
.get("sender")
|
||||||
|
.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "PDU does not have a sender key"))?
|
||||||
|
.clone()
|
||||||
|
.into(),
|
||||||
|
)
|
||||||
|
.map_err(|_| Error::BadRequest(ErrorKind::BadJson, "User ID in sender is invalid"))?;
|
||||||
|
|
||||||
|
services()
|
||||||
|
.rooms
|
||||||
|
.event_handler
|
||||||
|
.acl_check(sender.server_name(), room_id)?;
|
||||||
|
|
||||||
// Fetch create event
|
// Fetch create event
|
||||||
let create_event = services()
|
let create_event = services()
|
||||||
.rooms
|
.rooms
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue