From c67f95ebffd60a9efe222816c742b1522e06578e Mon Sep 17 00:00:00 2001
From: AndSDev <AndSDev@gmail.com>
Date: Wed, 31 Aug 2022 07:10:54 +0000
Subject: [PATCH] feat(db/rooms): disable leaving from admin room for conduit
 user

---
 src/service/rooms/timeline/mod.rs | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/service/rooms/timeline/mod.rs b/src/service/rooms/timeline/mod.rs
index 32781f20..2f56fead 100644
--- a/src/service/rooms/timeline/mod.rs
+++ b/src/service/rooms/timeline/mod.rs
@@ -698,6 +698,26 @@ impl Service {
                     "Encryption is not allowed in the admins room.",
                 ));
             }
+            if pdu.event_type() == &RoomEventType::RoomMember {
+                #[derive(Deserialize)]
+                struct ExtractMembership {
+                    membership: MembershipState,
+                }
+
+                let content = serde_json::from_str::<ExtractMembership>(pdu.content.get())
+                    .map_err(|_| Error::bad_database("Invalid content in pdu."))?;
+
+                if content.membership == MembershipState::Leave {
+                    let server_user = format!("@conduit:{}", services().globals.server_name());
+                    if sender == &server_user {
+                        warn!("Conduit user cannot leave from admins room");
+                        return Err(Error::BadRequest(
+                            ErrorKind::Forbidden,
+                            "Conduit user cannot leave from admins room.",
+                        ));
+                    }
+                }
+            }
         }
 
         // We append to state before appending the pdu, so we don't have a moment in time with the