Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Enhance invite security checks & do away with stripped state

Browse Source
This commit is contained in:
timedout
2025-12-23 19:50:37 +00:00
parent 1237e60aaf
commit 04980b3ee7
7 changed files with 281 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/service/rooms/state/mod.rs
+16 -7
View File
@@ -19,8 +19,7 @@ use futures::{
use ruma::{
EventId, OwnedEventId, OwnedRoomId, RoomId, RoomVersionId, UserId,
events::{
AnyStrippedStateEvent, StateEventType, TimelineEventType,
room::create::RoomCreateEventContent,
AnyStateEvent, StateEventType, TimelineEventType, room::create::RoomCreateEventContent,
},
serde::Raw,
};
@@ -307,12 +306,22 @@ impl Service {
}
}
/// Get a summary of the room state for invites and knock responses.
///
/// This used to return stripped state, but now returns complete events.
///
/// Returns:
///
/// - m.room.create
/// - m.room.join_rules
/// - m.room.canonical_alias
/// - m.room.name
/// - m.room.avatar
/// - m.room.member (of the event sender)
/// - m.room.encryption
/// - m.room.topic
#[tracing::instrument(skip_all, level = "debug")]
pub async fn summary_stripped<'a, E>(
&self,
event: &'a E,
room_id: &RoomId,
) -> Vec<Raw<AnyStrippedStateEvent>>
pub async fn summary<'a, E>(&self, event: &'a E, room_id: &RoomId) -> Vec<Raw<AnyStateEvent>>
where
E: Event + Send + Sync,
&'a E: Event + Send,
src/service/rooms/state_cache/update.rs
+4 -4
View File
@@ -1,13 +1,13 @@
use std::collections::HashSet;
use conduwuit::{Err, Event, Pdu, Result, implement, is_not_empty, utils::ReadyExt, warn};
use conduwuit::{Err, Event, Pdu, Result, implement, is_not_empty, utils::ReadyExt};
use database::{Json, serialize_key};
use futures::StreamExt;
use ruma::{
OwnedServerName, RoomId, UserId,
events::{
AnyStrippedStateEvent, GlobalAccountDataEventType, RoomAccountDataEventType,
StateEventType,
AnyStateEvent, AnyStrippedStateEvent, GlobalAccountDataEventType,
RoomAccountDataEventType, StateEventType,
direct::DirectEvent,
invite_permission_config::FilterLevel,
room::{
@@ -334,7 +334,7 @@ pub async fn mark_as_invited(
user_id: &UserId,
room_id: &RoomId,
sender_user: &UserId,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
last_state: Option<Vec<Raw<AnyStateEvent>>>,
invite_via: Option<Vec<OwnedServerName>>,
) -> Result<()> {
// return an error for blocked invites. ignored invites aren't handled here