Implement local redaction blocking

src/api/client/redact.rs

@@ -2,7 +2,7 @@ use axum::extract::State;
 use ruma::{
 	api::client::redact::redact_event, events::room::redaction::RoomRedactionEventContent,
 };
-use tuwunel_core::{Result, matrix::pdu::PduBuilder};
+use tuwunel_core::{Err, Result, matrix::pdu::PduBuilder, warn};
 
 use crate::Ruma;
 
@@ -18,6 +18,17 @@ pub(crate) async fn redact_event_route(
 	let sender_user = body.sender_user();
 	let body = &body.body;
 
+	if services.config.disable_local_redactions
+		&& !services.admin.user_is_admin(sender_user).await
+	{
+		warn!(
+			%sender_user,
+			event_id = %body.event_id,
+			"Local redactions are disabled, non-admin user attempted to redact an event"
+		);
+		return Err!(Request(Forbidden("Redactions are disabled on this server.")));
+	}
+
 	let state_lock = services.state.mutex.lock(&body.room_id).await;
 
 	let event_id = services