refactor(redactions): move checks inside conduit

ruma was already accidentally performing these checks for us, but this shouldn't be the case
2024-04-23 21:42:01 +01:00 · 2024-04-23 21:42:01 +01:00 · 00d6aeddb6
commit 00d6aeddb6
parent 2d8c551cd5
3 changed files with 97 additions and 4 deletions
--- a/src/service/rooms/state_accessor/mod.rs
+++ b/src/service/rooms/state_accessor/mod.rs
@ -13,9 +13,11 @@ use ruma::{
            history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
            member::{MembershipState, RoomMemberEventContent},
            name::RoomNameEventContent,
+            power_levels::{RoomPowerLevels, RoomPowerLevelsEventContent},
        },
        StateEventType,
    },
+    state_res::Event,
    EventId, JsOption, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
 };
 use serde_json::value::to_raw_value;
@ -351,4 +353,53 @@ impl Service {
                    .map_err(|_| Error::bad_database("Invalid room member event in database."))
            })
    }
+
+    /// Checks if a given user can redact a given event
+    ///
+    /// If federation is true, it allows redaction events from any user of the same server as the original event sender
+    pub fn user_can_redact(
+        &self,
+        redacts: &EventId,
+        sender: &UserId,
+        room_id: &RoomId,
+        federation: bool,
+    ) -> Result<bool> {
+        self.room_state_get(room_id, &StateEventType::RoomPowerLevels, "")?
+            .map(|e| {
+                serde_json::from_str(e.content.get())
+                    .map(|c: RoomPowerLevelsEventContent| c.into())
+                    .map(|e: RoomPowerLevels| {
+                        e.user_can_redact_event_of_other(sender)
+                            || e.user_can_redact_own_event(sender)
+                                && if let Ok(Some(pdu)) = services().rooms.timeline.get_pdu(redacts)
+                                {
+                                    if federation {
+                                        pdu.sender().server_name() == sender.server_name()
+                                    } else {
+                                        pdu.sender == sender
+                                    }
+                                } else {
+                                    false
+                                }
+                    })
+                    .map_err(|_| {
+                        Error::bad_database("Invalid m.room.power_levels event in database")
+                    })
+            })
+            // Falling back on m.room.create to judge power levels
+            .unwrap_or_else(|| {
+                if let Some(pdu) = self.room_state_get(room_id, &StateEventType::RoomCreate, "")? {
+                    Ok(pdu.sender == sender
+                        || if let Ok(Some(pdu)) = services().rooms.timeline.get_pdu(redacts) {
+                            pdu.sender == sender
+                        } else {
+                            false
+                        })
+                } else {
+                    Err(Error::bad_database(
+                        "No m.room.power_levels or m.room.create events in database for room",
+                    ))
+                }
+            })
+    }
 }