dont allow admin room to be made world readable

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-22 02:54:06 -04:00 · 2024-04-22 02:54:06 -04:00 · b8a748815a
commit b8a748815a
parent 9297c642aa
1 changed files with 18 additions and 0 deletions
--- a/src/api/client_server/state.rs
+++ b/src/api/client_server/state.rs
@ -8,6 +8,7 @@ use ruma::{
 	events::{
 		room::{
 			canonical_alias::RoomCanonicalAliasEventContent,
+			history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
 			join_rules::{JoinRule, RoomJoinRulesEventContent},
 		},
 		AnyStateEventContent, StateEventType,
@ -251,6 +252,23 @@ async fn send_state_event_for_key_helper(
 				}
 			}
 		},
+		// admin room is a sensitive room, it should not ever be made world readable
+		StateEventType::RoomHistoryVisibility => {
+			if let Some(admin_room_id) = service::admin::Service::get_admin_room()? {
+				if admin_room_id == room_id {
+					if let Ok(visibility_content) =
+						serde_json::from_str::<RoomHistoryVisibilityEventContent>(json.json().get())
+					{
+						if visibility_content.history_visibility == HistoryVisibility::WorldReadable {
+							return Err(Error::BadRequest(
+								ErrorKind::forbidden(),
+								"Admin room is not allowed to be made world readable (public room history).",
+							));
+						}
+					}
+				}
+			}
+		},
 		// TODO: allow alias if it previously existed
 		StateEventType::RoomCanonicalAlias => {
 			if let Ok(canonical_alias) = serde_json::from_str::<RoomCanonicalAliasEventContent>(json.json().get()) {