From ab0182ace4e7f6b31e23c613ca7f10efc41b90b5 Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Wed, 3 Apr 2024 16:30:25 -0400
Subject: [PATCH] check if user is allowed to invite for
 `join_authorized_via_users_server` in `join_room_by_id_helper`

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/api/client_server/membership.rs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/api/client_server/membership.rs b/src/api/client_server/membership.rs
index dfb3692d..079887b4 100644
--- a/src/api/client_server/membership.rs
+++ b/src/api/client_server/membership.rs
@@ -945,14 +945,19 @@ pub(crate) async fn join_room_by_id_helper(
 							.map(|(u, _)| u.to_owned())
 					})
 					.or_else(|| {
-						// TODO: Check here if user is actually allowed to invite. Currently the auth
-						// check will just fail in this case.
 						services()
 							.rooms
 							.state_cache
 							.room_members(restriction_room_id)
 							.filter_map(Result::ok)
-							.find(|uid| uid.server_name() == services().globals.server_name())
+							.find(|uid| {
+								uid.server_name() == services().globals.server_name()
+									&& services()
+										.rooms
+										.state_accessor
+										.user_can_invite(uid, restriction_room_id)
+										.unwrap_or(false)
+							})
 					});
 				Some(authorized_user)
 			})