|
|
|
|
@ -1533,89 +1533,89 @@ pub async fn create_join_event_template_route(
|
|
|
|
|
})
|
|
|
|
|
.transpose()?;
|
|
|
|
|
|
|
|
|
|
let join_authorized_via_users_server =
|
|
|
|
|
if let Some(join_rules_event_content) = join_rules_event_content {
|
|
|
|
|
if services()
|
|
|
|
|
let join_authorized_via_users_server = || async {
|
|
|
|
|
let join_rules_event_content = join_rules_event_content?;
|
|
|
|
|
|
|
|
|
|
if !services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.is_left(&body.user_id, &body.room_id)
|
|
|
|
|
.unwrap_or(true)
|
|
|
|
|
&& !services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.is_left(&body.user_id, &body.room_id)
|
|
|
|
|
.unwrap_or(true)
|
|
|
|
|
|| services()
|
|
|
|
|
.is_knocked(&body.user_id, &body.room_id)
|
|
|
|
|
.unwrap_or(false)
|
|
|
|
|
{
|
|
|
|
|
// If the user has any state other than leave or knock, either:
|
|
|
|
|
// - the auth_check will deny them (ban)
|
|
|
|
|
// - they are able to join via other methods (invite)
|
|
|
|
|
// - they are already in the room (join)
|
|
|
|
|
return None;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let (JoinRule::Restricted(r) | JoinRule::KnockRestricted(r)) =
|
|
|
|
|
join_rules_event_content.join_rule
|
|
|
|
|
else {
|
|
|
|
|
// Room is not restricted
|
|
|
|
|
return None;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if r.allow
|
|
|
|
|
.iter()
|
|
|
|
|
.filter_map(|rule| {
|
|
|
|
|
if let AllowRule::RoomMembership(membership) = rule {
|
|
|
|
|
Some(membership)
|
|
|
|
|
} else {
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
.any(|m| {
|
|
|
|
|
services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.is_knocked(&body.user_id, &body.room_id)
|
|
|
|
|
.is_joined(&body.user_id, &m.room_id)
|
|
|
|
|
.unwrap_or(false)
|
|
|
|
|
})
|
|
|
|
|
{
|
|
|
|
|
let members = services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.room_members(&body.room_id)
|
|
|
|
|
.filter_map(Result::ok)
|
|
|
|
|
.filter(|user| user.server_name() == services().globals.server_name());
|
|
|
|
|
|
|
|
|
|
let mut auth_user = None;
|
|
|
|
|
|
|
|
|
|
for user in members {
|
|
|
|
|
if services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_accessor
|
|
|
|
|
.user_can_invite(&body.room_id, &user, &body.user_id, &state_lock)
|
|
|
|
|
.await
|
|
|
|
|
.unwrap_or(false)
|
|
|
|
|
{
|
|
|
|
|
if let JoinRule::Restricted(r) | JoinRule::KnockRestricted(r) =
|
|
|
|
|
join_rules_event_content.join_rule
|
|
|
|
|
{
|
|
|
|
|
if r.allow
|
|
|
|
|
.iter()
|
|
|
|
|
.filter_map(|rule| {
|
|
|
|
|
if let AllowRule::RoomMembership(membership) = rule {
|
|
|
|
|
Some(membership)
|
|
|
|
|
} else {
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
.any(|m| {
|
|
|
|
|
services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.is_joined(&body.user_id, &m.room_id)
|
|
|
|
|
.unwrap_or(false)
|
|
|
|
|
})
|
|
|
|
|
{
|
|
|
|
|
let members: Vec<_> = services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_cache
|
|
|
|
|
.room_members(&body.room_id)
|
|
|
|
|
.filter_map(Result::ok)
|
|
|
|
|
.filter(|user| user.server_name() == services().globals.server_name())
|
|
|
|
|
.collect();
|
|
|
|
|
|
|
|
|
|
let mut auth_user = None;
|
|
|
|
|
|
|
|
|
|
for user in members {
|
|
|
|
|
if services()
|
|
|
|
|
.rooms
|
|
|
|
|
.state_accessor
|
|
|
|
|
.user_can_invite(&body.room_id, &user, &body.user_id, &state_lock)
|
|
|
|
|
.await
|
|
|
|
|
.unwrap_or(false)
|
|
|
|
|
{
|
|
|
|
|
auth_user = Some(user);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if auth_user.is_some() {
|
|
|
|
|
auth_user
|
|
|
|
|
} else {
|
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
|
ErrorKind::UnableToGrantJoin,
|
|
|
|
|
"No user on this server is able to assist in joining.",
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
|
ErrorKind::UnableToAuthorizeJoin,
|
|
|
|
|
"User is not known to be in any required room.",
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// Room is not restricted
|
|
|
|
|
None
|
|
|
|
|
auth_user = Some(user);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if auth_user.is_some() {
|
|
|
|
|
Ok(auth_user).transpose()
|
|
|
|
|
} else {
|
|
|
|
|
// If the user has any state other than leave or knock, either:
|
|
|
|
|
// - the auth_check will deny them (ban)
|
|
|
|
|
// - they are able to join via other methods (invite)
|
|
|
|
|
// - they are already in the room (join)
|
|
|
|
|
None
|
|
|
|
|
Some(Err(Error::BadRequest(
|
|
|
|
|
ErrorKind::UnableToGrantJoin,
|
|
|
|
|
"No user on this server is able to assist in joining.",
|
|
|
|
|
)))
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
None
|
|
|
|
|
};
|
|
|
|
|
Some(Err(Error::BadRequest(
|
|
|
|
|
ErrorKind::UnableToAuthorizeJoin,
|
|
|
|
|
"User is not known to be in any required room.",
|
|
|
|
|
)))
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let join_authorized_via_users_server = join_authorized_via_users_server().await.transpose()?;
|
|
|
|
|
|
|
|
|
|
let room_version_id = services().rooms.state.get_room_version(&body.room_id)?;
|
|
|
|
|
if !body.ver.contains(&room_version_id) {
|
|
|
|
|
|
Matthias Ahouansou
6 days ago