melody/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-06-30 10:24:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: Prevent suspended users performing room changes

Browse source 
Prevents kicks, bans, unbans, and alias modification
This commit is contained in:
nexy7574 2025-06-28 22:42:31 +01:00 committed by Ellis Git
parent d0548ec064
commit 90180916eb
3 changed files with 23 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/api/client/alias.rs
View file

@ -18,6 +18,9 @@ pub(crate) async fn create_alias_route(
body: Ruma<create_alias::v3::Request>, body: Ruma<create_alias::v3::Request>,
) -> Result<create_alias::v3::Response> { ) -> Result<create_alias::v3::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
services services
.rooms .rooms
@ -63,6 +66,9 @@ pub(crate) async fn delete_alias_route(
body: Ruma<delete_alias::v3::Request>, body: Ruma<delete_alias::v3::Request>,
) -> Result<delete_alias::v3::Response> { ) -> Result<delete_alias::v3::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
services services
.rooms .rooms

3
src/api/client/directory.rs
View file

@ -128,6 +128,9 @@ pub(crate) async fn set_room_visibility_route(
// Return 404 if the room doesn't exist // Return 404 if the room doesn't exist
return Err!(Request(NotFound("Room not found"))); return Err!(Request(NotFound("Room not found")));
} }
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
if services if services
.users .users

16
src/api/client/membership.rs
View file

@ -578,6 +578,10 @@ pub(crate) async fn kick_user_route(
State(services): State<crate::State>, State(services): State<crate::State>,
body: Ruma<kick_user::v3::Request>, body: Ruma<kick_user::v3::Request>,
) -> Result<kick_user::v3::Response> { ) -> Result<kick_user::v3::Response> {
let sender_user = body.sender_user();
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await; let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let Ok(event) = services let Ok(event) = services
@ -613,7 +617,7 @@ pub(crate) async fn kick_user_route(
third_party_invite: None, third_party_invite: None,
..event ..event
}), }),
body.sender_user(), sender_user,
&body.room_id, &body.room_id,
&state_lock, &state_lock,
) )
@ -637,6 +641,10 @@ pub(crate) async fn ban_user_route(
return Err!(Request(Forbidden("You cannot ban yourself."))); return Err!(Request(Forbidden("You cannot ban yourself.")));
} }
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await; let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let current_member_content = services let current_member_content = services
@ -679,6 +687,10 @@ pub(crate) async fn unban_user_route(
State(services): State<crate::State>, State(services): State<crate::State>,
body: Ruma<unban_user::v3::Request>, body: Ruma<unban_user::v3::Request>,
) -> Result<unban_user::v3::Response> { ) -> Result<unban_user::v3::Response> {
let sender_user = body.sender_user();
if services.users.is_suspended(sender_user).await? {
return Err!(Request(UserSuspended("You cannot perform this action while suspended.")));
}
let state_lock = services.rooms.state.mutex.lock(&body.room_id).await; let state_lock = services.rooms.state.mutex.lock(&body.room_id).await;
let current_member_content = services let current_member_content = services
@ -707,7 +719,7 @@ pub(crate) async fn unban_user_route(
is_direct: None, is_direct: None,
..current_member_content ..current_member_content
}), }),
body.sender_user(), sender_user,
&body.room_id, &body.room_id,
&state_lock, &state_lock,
) )