Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Prevent suspended users performing room changes

Browse Source 
Prevents kicks, bans, unbans, and alias modification
This commit is contained in:
nexy7574
2025-06-28 22:42:31 +01:00
committed by Ellis Git
parent d0548ec064
commit 90180916eb
3 changed files with 23 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/api/client/alias.rs
+6
View File
@@ -18,6 +18,9 @@ pub(crate) async fn create_alias_route(
body: Ruma<create_alias::v3::Request>,
) -> Result<create_alias::v3::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
services
.rooms
@@ -63,6 +66,9 @@ pub(crate) async fn delete_alias_route(
body: Ruma<delete_alias::v3::Request>,
) -> Result<delete_alias::v3::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
services
.rooms
src/api/client/directory.rs
+3
View File
@@ -128,6 +128,9 @@ pub(crate) async fn set_room_visibility_route(
// Return 404 if the room doesn't exist
return Err!(Request(NotFound("Room not found")));
}
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
if services
.users
src/api/client/membership.rs
+14 -2
View File
@@ -578,6 +578,10 @@ pub(crate) async fn kick_user_route(
State(services): State<crate::State>,
body: Ruma<kick_user::v3::Request>,
) -> Result<kick_user::v3::Response> {
let sender_user = body.sender_user();
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let Ok(event) = services
@@ -613,7 +617,7 @@ pub(crate) async fn kick_user_route(
third_party_invite: None,
..event
}),
body.sender_user(),
sender_user,
&body.room_id,
&state_lock,
)
@@ -637,6 +641,10 @@ pub(crate) async fn ban_user_route(
return Err!(Request(Forbidden("You cannot ban yourself.")));
}
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let current_member_content = services
@@ -679,6 +687,10 @@ pub(crate) async fn unban_user_route(
State(services): State<crate::State>,
body: Ruma<unban_user::v3::Request>,
) -> Result<unban_user::v3::Response> {
let sender_user = body.sender_user();
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let current_member_content = services
@@ -707,7 +719,7 @@ pub(crate) async fn unban_user_route(
is_direct: None,
..current_member_content
}),
body.sender_user(),
sender_user,
&body.room_id,
&state_lock,
)