fix and enable collapsible_if lint
Signed-off-by: June Strawberry <june@vern.cc>
This commit is contained in:
June Strawberry
@@ -50,10 +50,10 @@ pub(super) async fn startup_execute(&self) -> Result {
|
||||
sleep(Duration::from_millis(500)).await;
|
||||
|
||||
for (i, command) in commands.iter().enumerate() {
|
||||
if let Err(e) = self.execute_command(i, command.clone()).await {
|
||||
if !errors {
|
||||
return Err(e);
|
||||
}
|
||||
if let Err(e) = self.execute_command(i, command.clone()).await
|
||||
&& !errors
|
||||
{
|
||||
return Err(e);
|
||||
}
|
||||
|
||||
tokio::task::yield_now().await;
|
||||
@@ -92,10 +92,10 @@ pub(super) async fn signal_execute(&self) -> Result {
|
||||
.admin_execute_errors_ignore;
|
||||
|
||||
for (i, command) in commands.iter().enumerate() {
|
||||
if let Err(e) = self.execute_command(i, command.clone()).await {
|
||||
if !ignore_errors {
|
||||
return Err(e);
|
||||
}
|
||||
if let Err(e) = self.execute_command(i, command.clone()).await
|
||||
&& !ignore_errors
|
||||
{
|
||||
return Err(e);
|
||||
}
|
||||
|
||||
tokio::task::yield_now().await;
|
||||
|
||||
@@ -132,15 +132,14 @@ pub async fn make_user_admin(&self, user_id: &UserId) -> Result {
|
||||
.admin_room_tag
|
||||
.as_str();
|
||||
|
||||
if !room_tag.is_empty() {
|
||||
if let Err(e) = self
|
||||
if !room_tag.is_empty()
|
||||
&& let Err(e) = self
|
||||
.services
|
||||
.account_data
|
||||
.set_room_tag(user_id, &room_id, room_tag.into(), None)
|
||||
.await
|
||||
{
|
||||
error!(?room_id, ?user_id, ?room_tag, "Failed to set tag for admin grant: {e}");
|
||||
}
|
||||
{
|
||||
error!(?room_id, ?user_id, ?room_tag, "Failed to set tag for admin grant: {e}");
|
||||
}
|
||||
|
||||
if self.services.server.config.admin_room_notices {
|
||||
|
||||
@@ -18,10 +18,10 @@ impl NamespaceRegex {
|
||||
return true;
|
||||
}
|
||||
|
||||
if let Some(non_exclusive) = &self.non_exclusive {
|
||||
if non_exclusive.is_match(heystack) {
|
||||
return true;
|
||||
}
|
||||
if let Some(non_exclusive) = &self.non_exclusive
|
||||
&& non_exclusive.is_match(heystack)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
false
|
||||
}
|
||||
@@ -30,10 +30,10 @@ impl NamespaceRegex {
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn is_exclusive_match(&self, heystack: &str) -> bool {
|
||||
if let Some(exclusive) = &self.exclusive {
|
||||
if exclusive.is_match(heystack) {
|
||||
return true;
|
||||
}
|
||||
if let Some(exclusive) = &self.exclusive
|
||||
&& exclusive.is_match(heystack)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
false
|
||||
}
|
||||
|
||||
@@ -124,11 +124,11 @@ where
|
||||
|
||||
#[implement(super::Service)]
|
||||
fn validate_url(&self, url: &Url) -> Result {
|
||||
if let Some(url_host) = url.host_str() {
|
||||
if let Ok(ip) = IPAddress::parse(url_host) {
|
||||
trace!("Checking request URL IP {ip:?}");
|
||||
self.services.resolver.validate_ip(&ip)?;
|
||||
}
|
||||
if let Some(url_host) = url.host_str()
|
||||
&& let Ok(ip) = IPAddress::parse(url_host)
|
||||
{
|
||||
trace!("Checking request URL IP {ip:?}");
|
||||
self.services.resolver.validate_ip(&ip)?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
|
||||
@@ -337,10 +337,10 @@ impl Service {
|
||||
let file_rm = fs::remove_file(&path);
|
||||
let legacy_rm = fs::remove_file(&legacy);
|
||||
let (file_rm, legacy_rm) = tokio::join!(file_rm, legacy_rm);
|
||||
if let Err(e) = legacy_rm {
|
||||
if self.services.server.config.media_compat_file_link {
|
||||
debug_error!(?key, ?legacy, "Failed to remove legacy media symlink: {e}");
|
||||
}
|
||||
if let Err(e) = legacy_rm
|
||||
&& self.services.server.config.media_compat_file_link
|
||||
{
|
||||
debug_error!(?key, ?legacy, "Failed to remove legacy media symlink: {e}");
|
||||
}
|
||||
|
||||
Ok(file_rm?)
|
||||
|
||||
@@ -79,10 +79,10 @@ pub async fn get_url_preview(&self, url: &Url) -> Result<UrlPreviewData> {
|
||||
|
||||
#[implement(Service)]
|
||||
async fn request_url_preview(&self, url: &Url) -> Result<UrlPreviewData> {
|
||||
if let Ok(ip) = IPAddress::parse(url.host_str().expect("URL previously validated")) {
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(Request(Forbidden("Requesting from this address is forbidden")));
|
||||
}
|
||||
if let Ok(ip) = IPAddress::parse(url.host_str().expect("URL previously validated"))
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
return Err!(Request(Forbidden("Requesting from this address is forbidden")));
|
||||
}
|
||||
|
||||
let client = &self.services.client.url_preview;
|
||||
@@ -93,10 +93,10 @@ async fn request_url_preview(&self, url: &Url) -> Result<UrlPreviewData> {
|
||||
if let Some(remote_addr) = response.remote_addr() {
|
||||
debug!(?url, "URL preview response remote address: {:?}", remote_addr);
|
||||
|
||||
if let Ok(ip) = IPAddress::parse(remote_addr.ip().to_string()) {
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(Request(Forbidden("Requesting from this address is forbidden")));
|
||||
}
|
||||
if let Ok(ip) = IPAddress::parse(remote_addr.ip().to_string())
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
return Err!(Request(Forbidden("Requesting from this address is forbidden")));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -96,12 +96,10 @@ pub async fn join(
|
||||
.services
|
||||
.state_accessor
|
||||
.get_member(room_id, sender_user)
|
||||
.await
|
||||
.await && membership.membership == MembershipState::Ban
|
||||
{
|
||||
if membership.membership == MembershipState::Ban {
|
||||
debug_warn!("{sender_user} is banned from {room_id} but attempted to join");
|
||||
return Err!(Request(Forbidden("You are banned from the room.")));
|
||||
}
|
||||
debug_warn!("{sender_user} is banned from {room_id} but attempted to join");
|
||||
return Err!(Request(Forbidden("You are banned from the room.")));
|
||||
}
|
||||
|
||||
let server_in_room = self
|
||||
@@ -249,57 +247,54 @@ pub async fn join_remote(
|
||||
);
|
||||
}
|
||||
|
||||
if join_authorized_via_users_server.is_some() {
|
||||
if let Some(signed_raw) = &response.event {
|
||||
debug_info!(
|
||||
"There is a signed event with join_authorized_via_users_server. This room is \
|
||||
probably using restricted joins. Adding signature to our event"
|
||||
);
|
||||
if join_authorized_via_users_server.is_some()
|
||||
&& let Some(signed_raw) = &response.event
|
||||
{
|
||||
debug_info!(
|
||||
"There is a signed event with join_authorized_via_users_server. This room is \
|
||||
probably using restricted joins. Adding signature to our event"
|
||||
);
|
||||
|
||||
let (signed_event_id, signed_value) =
|
||||
gen_event_id_canonical_json(signed_raw, &room_version_id).map_err(|e| {
|
||||
err!(Request(BadJson(warn!(
|
||||
"Could not convert event to canonical JSON: {e}"
|
||||
))))
|
||||
})?;
|
||||
let (signed_event_id, signed_value) =
|
||||
gen_event_id_canonical_json(signed_raw, &room_version_id).map_err(|e| {
|
||||
err!(Request(BadJson(warn!("Could not convert event to canonical JSON: {e}"))))
|
||||
})?;
|
||||
|
||||
if signed_event_id != event_id {
|
||||
return Err!(Request(BadJson(warn!(
|
||||
%signed_event_id, %event_id,
|
||||
"Server {remote_server} sent event with wrong event ID"
|
||||
))));
|
||||
}
|
||||
if signed_event_id != event_id {
|
||||
return Err!(Request(BadJson(warn!(
|
||||
%signed_event_id, %event_id,
|
||||
"Server {remote_server} sent event with wrong event ID"
|
||||
))));
|
||||
}
|
||||
|
||||
match signed_value["signatures"]
|
||||
.as_object()
|
||||
.ok_or_else(|| {
|
||||
match signed_value["signatures"]
|
||||
.as_object()
|
||||
.ok_or_else(|| {
|
||||
err!(BadServerResponse(warn!(
|
||||
"Server {remote_server} sent invalid signatures type"
|
||||
)))
|
||||
})
|
||||
.and_then(|e| {
|
||||
e.get(remote_server.as_str()).ok_or_else(|| {
|
||||
err!(BadServerResponse(warn!(
|
||||
"Server {remote_server} sent invalid signatures type"
|
||||
"Server {remote_server} did not send its signature for a restricted room"
|
||||
)))
|
||||
})
|
||||
.and_then(|e| {
|
||||
e.get(remote_server.as_str()).ok_or_else(|| {
|
||||
err!(BadServerResponse(warn!(
|
||||
"Server {remote_server} did not send its signature for a restricted \
|
||||
room"
|
||||
)))
|
||||
})
|
||||
}) {
|
||||
| Ok(signature) => {
|
||||
join_event
|
||||
.get_mut("signatures")
|
||||
.expect("we created a valid pdu")
|
||||
.as_object_mut()
|
||||
.expect("we created a valid pdu")
|
||||
.insert(remote_server.as_str().into(), signature.clone());
|
||||
},
|
||||
| Err(e) => {
|
||||
warn!(
|
||||
"Server {remote_server} sent invalid signature in send_join signatures \
|
||||
for event {signed_value:?}: {e:?}",
|
||||
);
|
||||
},
|
||||
}
|
||||
}) {
|
||||
| Ok(signature) => {
|
||||
join_event
|
||||
.get_mut("signatures")
|
||||
.expect("we created a valid pdu")
|
||||
.as_object_mut()
|
||||
.expect("we created a valid pdu")
|
||||
.insert(remote_server.as_str().into(), signature.clone());
|
||||
},
|
||||
| Err(e) => {
|
||||
warn!(
|
||||
"Server {remote_server} sent invalid signature in send_join signatures for \
|
||||
event {signed_value:?}: {e:?}",
|
||||
);
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -83,12 +83,10 @@ pub async fn knock(
|
||||
.services
|
||||
.state_accessor
|
||||
.get_member(room_id, sender_user)
|
||||
.await
|
||||
.await && membership.membership == MembershipState::Ban
|
||||
{
|
||||
if membership.membership == MembershipState::Ban {
|
||||
debug_warn!("{sender_user} is banned from {room_id} but attempted to knock");
|
||||
return Err!(Request(Forbidden("You cannot knock on a room you are banned from.")));
|
||||
}
|
||||
debug_warn!("{sender_user} is banned from {room_id} but attempted to knock");
|
||||
return Err!(Request(Forbidden("You cannot knock on a room you are banned from.")));
|
||||
}
|
||||
|
||||
let server_in_room = self
|
||||
|
||||
@@ -195,10 +195,10 @@ where
|
||||
.body(body);
|
||||
}
|
||||
|
||||
if let Some(session) = session {
|
||||
if let Some(access_token) = session.access_token.clone() {
|
||||
request = request.bearer_auth(access_token);
|
||||
}
|
||||
if let Some(session) = session
|
||||
&& let Some(access_token) = session.access_token.clone()
|
||||
{
|
||||
request = request.bearer_auth(access_token);
|
||||
}
|
||||
|
||||
let response: JsonValue = request
|
||||
|
||||
@@ -129,26 +129,22 @@ pub async fn delete(&self, sess_id: &str) {
|
||||
|
||||
// Check the user_id still points to this sess_id before deleting. If not, the
|
||||
// association was updated to a newer session.
|
||||
if let Some(user_id) = session.user_id.as_deref() {
|
||||
if let Ok(assoc_id) = self.get_sess_id_by_user(user_id).await {
|
||||
if assoc_id == sess_id {
|
||||
self.db.userid_oauthid.remove(user_id);
|
||||
}
|
||||
}
|
||||
if let Some(user_id) = session.user_id.as_deref()
|
||||
&& let Ok(assoc_id) = self.get_sess_id_by_user(user_id).await
|
||||
&& assoc_id == sess_id
|
||||
{
|
||||
self.db.userid_oauthid.remove(user_id);
|
||||
}
|
||||
|
||||
// Check the unique identity still points to this sess_id before deleting. If
|
||||
// not, the association was updated to a newer session.
|
||||
if let Some(idp_id) = session.idp_id.as_ref() {
|
||||
if let Ok(provider) = self.providers.get(idp_id).await {
|
||||
if let Ok(unique_id) = unique_id((&provider, &session)) {
|
||||
if let Ok(assoc_id) = self.get_sess_id_by_unique_id(&unique_id).await {
|
||||
if assoc_id == sess_id {
|
||||
self.db.oauthuniqid_oauthid.remove(&unique_id);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if let Some(idp_id) = session.idp_id.as_ref()
|
||||
&& let Ok(provider) = self.providers.get(idp_id).await
|
||||
&& let Ok(unique_id) = unique_id((&provider, &session))
|
||||
&& let Ok(assoc_id) = self.get_sess_id_by_unique_id(&unique_id).await
|
||||
&& assoc_id == sess_id
|
||||
{
|
||||
self.db.oauthuniqid_oauthid.remove(&unique_id);
|
||||
}
|
||||
|
||||
self.db.oauthid_session.remove(sess_id);
|
||||
@@ -166,14 +162,13 @@ pub async fn put(&self, sess_id: &str, session: &Session) {
|
||||
self.db.userid_oauthid.insert(user_id, sess_id);
|
||||
}
|
||||
|
||||
if let Some(idp_id) = session.idp_id.as_ref() {
|
||||
if let Ok(provider) = self.providers.get(idp_id).await {
|
||||
if let Ok(unique_id) = unique_id((&provider, session)) {
|
||||
self.db
|
||||
.oauthuniqid_oauthid
|
||||
.insert(&unique_id, sess_id);
|
||||
}
|
||||
}
|
||||
if let Some(idp_id) = session.idp_id.as_ref()
|
||||
&& let Ok(provider) = self.providers.get(idp_id).await
|
||||
&& let Ok(unique_id) = unique_id((&provider, session))
|
||||
{
|
||||
self.db
|
||||
.oauthuniqid_oauthid
|
||||
.insert(&unique_id, sess_id);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -68,17 +68,15 @@ pub(crate) async fn append_pdu(&self, pdu_id: RawPduId, pdu: &Pdu) -> Result {
|
||||
|
||||
let (mut push_target, power_levels) = join(push_target, power_levels).boxed().await;
|
||||
|
||||
if *pdu.kind() == TimelineEventType::RoomMember {
|
||||
if let Some(Ok(target_user_id)) = pdu.state_key().map(UserId::parse) {
|
||||
if self
|
||||
.services
|
||||
.users
|
||||
.is_active_local(target_user_id)
|
||||
.await
|
||||
{
|
||||
push_target.insert(target_user_id.to_owned());
|
||||
}
|
||||
}
|
||||
if *pdu.kind() == TimelineEventType::RoomMember
|
||||
&& let Some(Ok(target_user_id)) = pdu.state_key().map(UserId::parse)
|
||||
&& self
|
||||
.services
|
||||
.users
|
||||
.is_active_local(target_user_id)
|
||||
.await
|
||||
{
|
||||
push_target.insert(target_user_id.to_owned());
|
||||
}
|
||||
|
||||
let serialized = pdu.to_format();
|
||||
|
||||
@@ -110,12 +110,11 @@ pub async fn set_pusher(
|
||||
|
||||
if let Ok(ip) =
|
||||
IPAddress::parse(url.host_str().expect("URL previously validated"))
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(Request(InvalidParam(
|
||||
warn!(%url, "HTTP pusher URL is a forbidden remote address")
|
||||
)));
|
||||
}
|
||||
return Err!(Request(InvalidParam(
|
||||
warn!(%url, "HTTP pusher URL is a forbidden remote address")
|
||||
)));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -36,10 +36,10 @@ where
|
||||
let reqwest_request = reqwest::Request::try_from(http_request)?;
|
||||
if let Some(url_host) = reqwest_request.url().host_str() {
|
||||
trace!("Checking request URL for IP");
|
||||
if let Ok(ip) = IPAddress::parse(url_host) {
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(BadServerResponse("Not allowed to send requests to this IP"));
|
||||
}
|
||||
if let Ok(ip) = IPAddress::parse(url_host)
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
return Err!(BadServerResponse("Not allowed to send requests to this IP"));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -55,14 +55,11 @@ where
|
||||
// reqwest::Response -> http::Response conversion
|
||||
|
||||
trace!("Checking response destination's IP");
|
||||
if let Some(remote_addr) = response.remote_addr() {
|
||||
if let Ok(ip) = IPAddress::parse(remote_addr.ip().to_string()) {
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(BadServerResponse(
|
||||
"Not allowed to send requests to this IP"
|
||||
));
|
||||
}
|
||||
}
|
||||
if let Some(remote_addr) = response.remote_addr()
|
||||
&& let Ok(ip) = IPAddress::parse(remote_addr.ip().to_string())
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
return Err!(BadServerResponse("Not allowed to send requests to this IP"));
|
||||
}
|
||||
|
||||
let status = response.status();
|
||||
|
||||
@@ -104,12 +104,12 @@ async fn send_notice<Pdu: Event>(
|
||||
)));
|
||||
}
|
||||
|
||||
if let Ok(ip) = IPAddress::parse(url.host_str().expect("URL previously validated")) {
|
||||
if !self.services.client.valid_cidr_range(&ip) {
|
||||
return Err!(Request(InvalidParam(
|
||||
warn!(%url, "HTTP pusher URL is a forbidden remote address")
|
||||
)));
|
||||
}
|
||||
if let Ok(ip) = IPAddress::parse(url.host_str().expect("URL previously validated"))
|
||||
&& !self.services.client.valid_cidr_range(&ip)
|
||||
{
|
||||
return Err!(Request(InvalidParam(
|
||||
warn!(%url, "HTTP pusher URL is a forbidden remote address")
|
||||
)));
|
||||
}
|
||||
|
||||
// TODO (timo): can pusher/devices have conflicting formats
|
||||
|
||||
@@ -93,11 +93,11 @@ pub async fn witness_retain(&self, senders: Witness, ctx: &Context<'_>) -> Witne
|
||||
continue;
|
||||
}
|
||||
|
||||
if let Status::Seen(seen) = status {
|
||||
if seen == 0 || ctx.token == Some(seen) {
|
||||
senders.insert(sender.into());
|
||||
continue;
|
||||
}
|
||||
if let Status::Seen(seen) = status
|
||||
&& (seen == 0 || ctx.token == Some(seen))
|
||||
{
|
||||
senders.insert(sender.into());
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -500,10 +500,10 @@ fn get_space_child_events<'a>(
|
||||
.await
|
||||
})
|
||||
.ready_filter_map(|(state_key, pdu)| {
|
||||
if let Ok(content) = pdu.get_content::<SpaceChildEventContent>() {
|
||||
if content.via.is_empty() {
|
||||
return None;
|
||||
}
|
||||
if let Ok(content) = pdu.get_content::<SpaceChildEventContent>()
|
||||
&& content.via.is_empty()
|
||||
{
|
||||
return None;
|
||||
}
|
||||
|
||||
if RoomId::parse(&state_key).is_err() {
|
||||
|
||||
@@ -113,34 +113,32 @@ where
|
||||
.services
|
||||
.state
|
||||
.pdu_shortstatehash(pdu.event_id())
|
||||
.await && let Ok(prev_state) = self
|
||||
.services
|
||||
.state_accessor
|
||||
.state_get(shortstatehash, &pdu.kind().to_string().into(), state_key)
|
||||
.await
|
||||
{
|
||||
if let Ok(prev_state) = self
|
||||
.services
|
||||
.state_accessor
|
||||
.state_get(shortstatehash, &pdu.kind().to_string().into(), state_key)
|
||||
.await
|
||||
{
|
||||
unsigned.insert(
|
||||
"prev_content".into(),
|
||||
CanonicalJsonValue::Object(
|
||||
utils::to_canonical_object(prev_state.get_content_as_value())
|
||||
.map_err(|e| {
|
||||
err!(Database(error!(
|
||||
"Failed to convert prev_state to canonical JSON: {e}",
|
||||
)))
|
||||
})?,
|
||||
),
|
||||
);
|
||||
unsigned.insert(
|
||||
"prev_sender".into(),
|
||||
CanonicalJsonValue::String(prev_state.sender().to_string()),
|
||||
);
|
||||
unsigned.insert(
|
||||
"replaces_state".into(),
|
||||
CanonicalJsonValue::String(prev_state.event_id().to_string()),
|
||||
);
|
||||
}
|
||||
unsigned.insert(
|
||||
"prev_content".into(),
|
||||
CanonicalJsonValue::Object(
|
||||
utils::to_canonical_object(prev_state.get_content_as_value()).map_err(
|
||||
|e| {
|
||||
err!(Database(error!(
|
||||
"Failed to convert prev_state to canonical JSON: {e}",
|
||||
)))
|
||||
},
|
||||
)?,
|
||||
),
|
||||
);
|
||||
unsigned.insert(
|
||||
"prev_sender".into(),
|
||||
CanonicalJsonValue::String(prev_state.sender().to_string()),
|
||||
);
|
||||
unsigned.insert(
|
||||
"replaces_state".into(),
|
||||
CanonicalJsonValue::String(prev_state.event_id().to_string()),
|
||||
);
|
||||
}
|
||||
} else {
|
||||
error!("Invalid unsigned type in pdu.");
|
||||
@@ -222,30 +220,28 @@ async fn append_pdu_effects(
|
||||
|
||||
match room_version_id {
|
||||
| V1 | V2 | V3 | V4 | V5 | V6 | V7 | V8 | V9 | V10 => {
|
||||
if let Some(redact_id) = pdu.redacts() {
|
||||
if self
|
||||
if let Some(redact_id) = pdu.redacts()
|
||||
&& self
|
||||
.services
|
||||
.state_accessor
|
||||
.user_can_redact(redact_id, pdu.sender(), pdu.room_id(), false)
|
||||
.await?
|
||||
{
|
||||
self.redact_pdu(redact_id, pdu, shortroomid)
|
||||
.await?;
|
||||
}
|
||||
{
|
||||
self.redact_pdu(redact_id, pdu, shortroomid)
|
||||
.await?;
|
||||
}
|
||||
},
|
||||
| _ => {
|
||||
let content: RoomRedactionEventContent = pdu.get_content()?;
|
||||
if let Some(redact_id) = &content.redacts {
|
||||
if self
|
||||
if let Some(redact_id) = &content.redacts
|
||||
&& self
|
||||
.services
|
||||
.state_accessor
|
||||
.user_can_redact(redact_id, pdu.sender(), pdu.room_id(), false)
|
||||
.await?
|
||||
{
|
||||
self.redact_pdu(redact_id, pdu, shortroomid)
|
||||
.await?;
|
||||
}
|
||||
{
|
||||
self.redact_pdu(redact_id, pdu, shortroomid)
|
||||
.await?;
|
||||
}
|
||||
},
|
||||
}
|
||||
@@ -317,15 +313,14 @@ async fn append_pdu_effects(
|
||||
| _ => {},
|
||||
}
|
||||
|
||||
if let Ok(content) = pdu.get_content::<ExtractRelatesToEventId>() {
|
||||
if let Ok(related_pducount) = self
|
||||
if let Ok(content) = pdu.get_content::<ExtractRelatesToEventId>()
|
||||
&& let Ok(related_pducount) = self
|
||||
.get_pdu_count(&content.relates_to.event_id)
|
||||
.await
|
||||
{
|
||||
self.services
|
||||
.pdu_metadata
|
||||
.add_relation(count, related_pducount);
|
||||
}
|
||||
{
|
||||
self.services
|
||||
.pdu_metadata
|
||||
.add_relation(count, related_pducount);
|
||||
}
|
||||
|
||||
if let Ok(content) = pdu.get_content::<ExtractRelatesTo>() {
|
||||
|
||||
@@ -70,28 +70,26 @@ pub async fn build_and_append_pdu(
|
||||
.await?
|
||||
{
|
||||
| V1 | V2 | V3 | V4 | V5 | V6 | V7 | V8 | V9 | V10 => {
|
||||
if let Some(redact_id) = pdu.redacts() {
|
||||
if !self
|
||||
if let Some(redact_id) = pdu.redacts()
|
||||
&& !self
|
||||
.services
|
||||
.state_accessor
|
||||
.user_can_redact(redact_id, pdu.sender(), pdu.room_id(), false)
|
||||
.await?
|
||||
{
|
||||
return Err!(Request(Forbidden("User cannot redact this event.")));
|
||||
}
|
||||
{
|
||||
return Err!(Request(Forbidden("User cannot redact this event.")));
|
||||
}
|
||||
},
|
||||
| _ => {
|
||||
let content: RoomRedactionEventContent = pdu.get_content()?;
|
||||
if let Some(redact_id) = &content.redacts {
|
||||
if !self
|
||||
if let Some(redact_id) = &content.redacts
|
||||
&& !self
|
||||
.services
|
||||
.state_accessor
|
||||
.user_can_redact(redact_id, pdu.sender(), pdu.room_id(), false)
|
||||
.await?
|
||||
{
|
||||
return Err!(Request(Forbidden("User cannot redact this event.")));
|
||||
}
|
||||
{
|
||||
return Err!(Request(Forbidden("User cannot redact this event.")));
|
||||
}
|
||||
},
|
||||
}
|
||||
@@ -155,14 +153,13 @@ pub async fn build_and_append_pdu(
|
||||
|
||||
// In case we are kicking or banning a user, we need to inform their server of
|
||||
// the change
|
||||
if *pdu.kind() == TimelineEventType::RoomMember {
|
||||
if let Some(state_key_uid) = &pdu
|
||||
if *pdu.kind() == TimelineEventType::RoomMember
|
||||
&& let Some(state_key_uid) = &pdu
|
||||
.state_key
|
||||
.as_ref()
|
||||
.and_then(|state_key| UserId::parse(state_key.as_str()).ok())
|
||||
{
|
||||
servers.insert(state_key_uid.server_name().to_owned());
|
||||
}
|
||||
{
|
||||
servers.insert(state_key_uid.server_name().to_owned());
|
||||
}
|
||||
|
||||
// Remove our server from the server list since it will be added to it by
|
||||
|
||||
@@ -100,18 +100,16 @@ pub async fn create_hash_and_sign_event(
|
||||
.saturating_add(uint!(1));
|
||||
|
||||
let mut unsigned = unsigned.unwrap_or_default();
|
||||
if let Some(state_key) = &state_key {
|
||||
if let Ok(prev_pdu) = self
|
||||
if let Some(state_key) = &state_key
|
||||
&& let Ok(prev_pdu) = self
|
||||
.services
|
||||
.state_accessor
|
||||
.room_state_get(room_id, &event_type.to_string().into(), state_key)
|
||||
.await
|
||||
{
|
||||
unsigned.insert("prev_content".to_owned(), prev_pdu.get_content_as_value());
|
||||
unsigned.insert("prev_sender".to_owned(), serde_json::to_value(prev_pdu.sender())?);
|
||||
unsigned
|
||||
.insert("replaces_state".to_owned(), serde_json::to_value(prev_pdu.event_id())?);
|
||||
}
|
||||
{
|
||||
unsigned.insert("prev_content".to_owned(), prev_pdu.get_content_as_value());
|
||||
unsigned.insert("prev_sender".to_owned(), serde_json::to_value(prev_pdu.sender())?);
|
||||
unsigned.insert("replaces_state".to_owned(), serde_json::to_value(prev_pdu.event_id())?);
|
||||
}
|
||||
|
||||
let unsigned = unsigned
|
||||
|
||||
@@ -31,12 +31,12 @@ pub async fn redact_pdu<Pdu: Event + Send + Sync>(
|
||||
err!(Database(error!(?pdu_id, ?event_id, ?e, "PDU ID points to invalid PDU.")))
|
||||
})?;
|
||||
|
||||
if let Ok(content) = pdu.get_content::<ExtractBody>() {
|
||||
if let Some(body) = content.body {
|
||||
self.services
|
||||
.search
|
||||
.deindex_pdu(shortroomid, &pdu_id, &body);
|
||||
}
|
||||
if let Ok(content) = pdu.get_content::<ExtractBody>()
|
||||
&& let Some(body) = content.body
|
||||
{
|
||||
self.services
|
||||
.search
|
||||
.deindex_pdu(shortroomid, &pdu_id, &body);
|
||||
}
|
||||
|
||||
let room_version_id = self
|
||||
|
||||
@@ -325,15 +325,15 @@ impl Service {
|
||||
}
|
||||
|
||||
// Add EDU's into the transaction
|
||||
if let Destination::Federation(server_name) = dest {
|
||||
if let Ok((select_edus, last_count)) = self.select_edus(server_name).await {
|
||||
debug_assert!(select_edus.len() <= EDU_LIMIT, "exceeded edus limit");
|
||||
let select_edus = select_edus.into_iter().map(SendingEvent::Edu);
|
||||
if let Destination::Federation(server_name) = dest
|
||||
&& let Ok((select_edus, last_count)) = self.select_edus(server_name).await
|
||||
{
|
||||
debug_assert!(select_edus.len() <= EDU_LIMIT, "exceeded edus limit");
|
||||
let select_edus = select_edus.into_iter().map(SendingEvent::Edu);
|
||||
|
||||
events.extend(select_edus);
|
||||
self.db
|
||||
.set_latest_educount(server_name, last_count);
|
||||
}
|
||||
events.extend(select_edus);
|
||||
self.db
|
||||
.set_latest_educount(server_name, last_count);
|
||||
}
|
||||
|
||||
Ok(Some(events))
|
||||
@@ -735,12 +735,11 @@ impl Service {
|
||||
}
|
||||
},
|
||||
| SendingEvent::Edu(edu) =>
|
||||
if appservice.receive_ephemeral {
|
||||
if let Ok(edu) =
|
||||
if appservice.receive_ephemeral
|
||||
&& let Ok(edu) =
|
||||
serde_json::from_slice(edu).and_then(|edu| Raw::new(&edu))
|
||||
{
|
||||
edu_jsons.push(edu);
|
||||
}
|
||||
{
|
||||
edu_jsons.push(edu);
|
||||
},
|
||||
| SendingEvent::Flush => {}, // flush only; no new content
|
||||
}
|
||||
|
||||
@@ -82,31 +82,28 @@ pub async fn get_verify_key(
|
||||
return Ok(result);
|
||||
}
|
||||
|
||||
if notary_first {
|
||||
if let Ok(result) = self
|
||||
if notary_first
|
||||
&& let Ok(result) = self
|
||||
.get_verify_key_from_notaries(origin, key_id)
|
||||
.await
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
|
||||
if !notary_only {
|
||||
if let Ok(result) = self
|
||||
if !notary_only
|
||||
&& let Ok(result) = self
|
||||
.get_verify_key_from_origin(origin, key_id)
|
||||
.await
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
|
||||
if !notary_first {
|
||||
if let Ok(result) = self
|
||||
if !notary_first
|
||||
&& let Ok(result) = self
|
||||
.get_verify_key_from_notaries(origin, key_id)
|
||||
.await
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
{
|
||||
return Ok(result);
|
||||
}
|
||||
|
||||
Err!(BadServerResponse(debug_error!(
|
||||
|
||||
@@ -141,16 +141,16 @@ pub async fn verify_key_exists(&self, origin: &ServerName, key_id: &ServerSignin
|
||||
return false;
|
||||
};
|
||||
|
||||
if let Ok(Some(verify_keys)) = keys.get_field::<KeysMap<'_>>("verify_keys") {
|
||||
if verify_keys.contains_key(key_id) {
|
||||
return true;
|
||||
}
|
||||
if let Ok(Some(verify_keys)) = keys.get_field::<KeysMap<'_>>("verify_keys")
|
||||
&& verify_keys.contains_key(key_id)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
if let Ok(Some(old_verify_keys)) = keys.get_field::<KeysMap<'_>>("old_verify_keys") {
|
||||
if old_verify_keys.contains_key(key_id) {
|
||||
return true;
|
||||
}
|
||||
if let Ok(Some(old_verify_keys)) = keys.get_field::<KeysMap<'_>>("old_verify_keys")
|
||||
&& old_verify_keys.contains_key(key_id)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
false
|
||||
|
||||
@@ -247,10 +247,10 @@ pub fn store(&self, service: &Service, key: &ConnectionKey) {
|
||||
#[tracing::instrument(level = "debug", skip(self))]
|
||||
pub fn update_rooms_prologue(&mut self, retard_since: Option<u64>) {
|
||||
self.rooms.values_mut().for_each(|room| {
|
||||
if let Some(retard_since) = retard_since {
|
||||
if room.roomsince > retard_since {
|
||||
room.roomsince = retard_since;
|
||||
}
|
||||
if let Some(retard_since) = retard_since
|
||||
&& room.roomsince > retard_since
|
||||
{
|
||||
room.roomsince = retard_since;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@@ -117,16 +117,16 @@ pub async fn try_auth(
|
||||
#[cfg(feature = "ldap")]
|
||||
if !password_verified && self.services.server.config.ldap.enable {
|
||||
// Search for user in LDAP to get their DN
|
||||
if let Ok(dns) = self.services.users.search_ldap(&user_id).await {
|
||||
if let Some((user_dn, _is_admin)) = dns.first() {
|
||||
// Try to authenticate with LDAP
|
||||
password_verified = self
|
||||
.services
|
||||
.users
|
||||
.auth_ldap(user_dn, password)
|
||||
.await
|
||||
.is_ok();
|
||||
}
|
||||
if let Ok(dns) = self.services.users.search_ldap(&user_id).await
|
||||
&& let Some((user_dn, _is_admin)) = dns.first()
|
||||
{
|
||||
// Try to authenticate with LDAP
|
||||
password_verified = self
|
||||
.services
|
||||
.users
|
||||
.auth_ldap(user_dn, password)
|
||||
.await
|
||||
.is_ok();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -113,10 +113,10 @@ pub(super) async fn remove_dehydrated_device(
|
||||
return Err!(Request(NotFound("No dehydrated device for this user.")));
|
||||
};
|
||||
|
||||
if let Some(maybe_device_id) = maybe_device_id {
|
||||
if maybe_device_id != device_id {
|
||||
return Err!(Request(NotFound("Not the user's dehydrated device.")));
|
||||
}
|
||||
if let Some(maybe_device_id) = maybe_device_id
|
||||
&& maybe_device_id != device_id
|
||||
{
|
||||
return Err!(Request(NotFound("Not the user's dehydrated device.")));
|
||||
}
|
||||
|
||||
self.db.userid_dehydrateddevice.remove(user_id);
|
||||
|
||||
Reference in New Issue
Block a user