studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Modernize various sender_user/sender_device lets.

Browse Source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-04-26 23:06:43 +00:00
parent b1998dec9a
commit ea42606b4b
20 changed files with 70 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/api/client/account.rs
View File

@@ -626,7 +626,6 @@ pub(crate) async fn change_password_route(
.sender_user
.as_ref()
.ok_or_else(|| err!(Request(MissingToken("Missing access token."))))?;
let sender_device = body.sender_device();
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow { stages: vec![AuthType::Password] }],
@@ -640,7 +639,7 @@ pub(crate) async fn change_password_route(
| Some(auth) => {
let (worked, uiaainfo) = services
.uiaa
.try_auth(sender_user, sender_device, auth, &uiaainfo)
.try_auth(sender_user, body.sender_device(), auth, &uiaainfo)
.await?;
if !worked {
@@ -654,7 +653,7 @@ pub(crate) async fn change_password_route(
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
services
.uiaa
.create(sender_user, sender_device, &uiaainfo, json);
.create(sender_user, body.sender_device(), &uiaainfo, json);
return Err(Error::Uiaa(uiaainfo));
},
@@ -674,7 +673,7 @@ pub(crate) async fn change_password_route(
services
.users
.all_device_ids(sender_user)
.ready_filter(|id| *id != sender_device)
.ready_filter(|id| *id != body.sender_device())
.for_each(|id| services.users.remove_device(sender_user, id))
.await;
@@ -683,17 +682,17 @@ pub(crate) async fn change_password_route(
.pusher
.get_pushkeys(sender_user)
.map(ToOwned::to_owned)
.broad_filter_map(|pushkey| async move {
.broad_filter_map(async |pushkey| {
services
.pusher
.get_pusher_device(&pushkey)
.await
.ok()
.filter(|pusher_device| pusher_device != sender_device)
.filter(|pusher_device| pusher_device != body.sender_device())
.is_some()
.then_some(pushkey)
})
.for_each(|pushkey| async move {
.for_each(async |pushkey| {
services
.pusher
.delete_pusher(sender_user, &pushkey)
@@ -726,17 +725,13 @@ pub(crate) async fn whoami_route(
State(services): State<crate::State>,
body: Ruma<whoami::v3::Request>,
) -> Result<whoami::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let device_id = body.sender_device.clone();
Ok(whoami::v3::Response {
user_id: sender_user.clone(),
device_id,
is_guest: services.users.is_deactivated(sender_user).await?
&& body.appservice_info.is_none(),
user_id: body.sender_user().to_owned(),
device_id: body.sender_device.clone(),
is_guest: services
.users
.is_deactivated(body.sender_user())
.await? && body.appservice_info.is_none(),
})
}
@@ -763,7 +758,6 @@ pub(crate) async fn deactivate_route(
.sender_user
.as_ref()
.ok_or_else(|| err!(Request(MissingToken("Missing access token."))))?;
let sender_device = body.sender_device();
let mut uiaainfo = UiaaInfo {
flows: vec![AuthFlow { stages: vec![AuthType::Password] }],
@@ -777,7 +771,7 @@ pub(crate) async fn deactivate_route(
| Some(auth) => {
let (worked, uiaainfo) = services
.uiaa
.try_auth(sender_user, sender_device, auth, &uiaainfo)
.try_auth(sender_user, body.sender_device(), auth, &uiaainfo)
.await?;
if !worked {
@@ -790,7 +784,7 @@ pub(crate) async fn deactivate_route(
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
services
.uiaa
.create(sender_user, sender_device, &uiaainfo, json);
.create(sender_user, body.sender_device(), &uiaainfo, json);
return Err(Error::Uiaa(uiaainfo));
},

12
src/api/client/alias.rs
View File

@@ -17,11 +17,7 @@ pub(crate) async fn create_alias_route(
State(services): State<crate::State>,
body: Ruma<create_alias::v3::Request>,
) -> Result<create_alias::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
services
.rooms
.alias
@@ -65,11 +61,7 @@ pub(crate) async fn delete_alias_route(
State(services): State<crate::State>,
body: Ruma<delete_alias::v3::Request>,
) -> Result<delete_alias::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
services
.rooms
.alias

14
src/api/client/device.rs
View File

@@ -21,14 +21,9 @@ pub(crate) async fn get_devices_route(
State(services): State<crate::State>,
body: Ruma<get_devices::v3::Request>,
) -> Result<get_devices::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let devices: Vec<device::Device> = services
.users
.all_devices_metadata(sender_user)
.all_devices_metadata(body.sender_user())
.collect()
.await;
@@ -42,14 +37,9 @@ pub(crate) async fn get_device_route(
State(services): State<crate::State>,
body: Ruma<get_device::v3::Request>,
) -> Result<get_device::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let device = services
.users
.get_device_metadata(sender_user, &body.body.device_id)
.get_device_metadata(body.sender_user(), &body.body.device_id)
.await
.map_err(|_| err!(Request(NotFound("Device not found."))))?;

14
src/api/client/filter.rs
View File

@@ -13,14 +13,9 @@ pub(crate) async fn get_filter_route(
State(services): State<crate::State>,
body: Ruma<get_filter::v3::Request>,
) -> Result<get_filter::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
services
.users
.get_filter(sender_user, &body.filter_id)
.get_filter(body.sender_user(), &body.filter_id)
.await
.map(get_filter::v3::Response::new)
.map_err(|_| err!(Request(NotFound("Filter not found."))))
@@ -33,14 +28,9 @@ pub(crate) async fn create_filter_route(
State(services): State<crate::State>,
body: Ruma<create_filter::v3::Request>,
) -> Result<create_filter::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let filter_id = services
.users
.create_filter(sender_user, &body.filter);
.create_filter(body.sender_user(), &body.filter);
Ok(create_filter::v3::Response::new(filter_id))
}

23
src/api/client/keys.rs
View File

@@ -126,10 +126,7 @@ pub(crate) async fn get_keys_route(
State(services): State<crate::State>,
body: Ruma<get_keys::v3::Request>,
) -> Result<get_keys::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
get_keys_helper(
&services,
@@ -160,14 +157,7 @@ pub(crate) async fn upload_signing_keys_route(
State(services): State<crate::State>,
body: Ruma<upload_signing_keys::v3::Request>,
) -> Result<upload_signing_keys::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_device = body
.sender_device
.as_ref()
.expect("user is authenticated");
let (sender_user, sender_device) = body.sender();
// UIAA
let mut uiaainfo = UiaaInfo {
@@ -212,12 +202,12 @@ pub(crate) async fn upload_signing_keys_route(
}
// Success!
},
| _ => match body.json_body {
| _ => match body.json_body.as_ref() {
| Some(json) => {
uiaainfo.session = Some(utils::random_string(SESSION_ID_LENGTH));
services
.uiaa
.create(sender_user, sender_device, &uiaainfo, &json);
.create(sender_user, sender_device, &uiaainfo, json);
return Err(Error::Uiaa(uiaainfo));
},
@@ -382,10 +372,7 @@ pub(crate) async fn get_key_changes_route(
State(services): State<crate::State>,
body: Ruma<get_key_changes::v3::Request>,
) -> Result<get_key_changes::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut device_list_updates = HashSet::new();

25
src/api/client/media.rs
View File

@@ -51,10 +51,7 @@ pub(crate) async fn create_content_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<create_content::v3::Request>,
) -> Result<create_content::v3::Response> {
let user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let user = body.sender_user();
let filename = body.filename.as_deref();
let content_type = body.content_type.as_deref();
@@ -97,10 +94,7 @@ pub(crate) async fn get_content_thumbnail_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<get_content_thumbnail::v1::Request>,
) -> Result<get_content_thumbnail::v1::Response> {
let user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let user = body.sender_user();
let dim = Dim::from_ruma(body.width, body.height, body.method.clone())?;
let mxc = Mxc {
@@ -137,10 +131,7 @@ pub(crate) async fn get_content_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<get_content::v1::Request>,
) -> Result<get_content::v1::Response> {
let user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let user = body.sender_user();
let mxc = Mxc {
server_name: &body.server_name,
@@ -176,10 +167,7 @@ pub(crate) async fn get_content_as_filename_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<get_content_as_filename::v1::Request>,
) -> Result<get_content_as_filename::v1::Response> {
let user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let user = body.sender_user();
let mxc = Mxc {
server_name: &body.server_name,
@@ -215,10 +203,7 @@ pub(crate) async fn get_media_preview_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<get_media_preview::v1::Request>,
) -> Result<get_media_preview::v1::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let url = &body.url;
let url = Url::parse(&body.url).map_err(|e| {

5
src/api/client/media_legacy.rs
View File

@@ -55,10 +55,7 @@ pub(crate) async fn get_media_preview_legacy_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<get_media_preview::v3::Request>,
) -> Result<get_media_preview::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let url = &body.url;
let url = Url::parse(&body.url).map_err(|e| {

9
src/api/client/membership.rs
View File

@@ -259,14 +259,11 @@ pub(crate) async fn join_room_by_id_or_alias_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<join_room_by_id_or_alias::v3::Request>,
) -> Result<join_room_by_id_or_alias::v3::Response> {
let sender_user = body
.sender_user
.as_deref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let appservice_info = &body.appservice_info;
let body = body.body;
let body = &body.body;
let (servers, room_id) = match OwnedRoomId::try_from(body.room_id_or_alias) {
let (servers, room_id) = match OwnedRoomId::try_from(body.room_id_or_alias.clone()) {
| Ok(room_id) => {
banned_room_check(
&services,

7
src/api/client/openid.rs
View File

@@ -19,12 +19,9 @@ pub(crate) async fn create_openid_token_route(
State(services): State<crate::State>,
body: Ruma<account::request_openid_token::v3::Request>,
) -> Result<account::request_openid_token::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if sender_user != &body.user_id {
if sender_user != body.user_id {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Not allowed to request OpenID tokens on behalf of other users",

10
src/api/client/profile.rs
View File

@@ -35,10 +35,7 @@ pub(crate) async fn set_displayname_route(
State(services): State<crate::State>,
body: Ruma<set_display_name::v3::Request>,
) -> Result<set_display_name::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));
@@ -134,10 +131,7 @@ pub(crate) async fn set_avatar_url_route(
State(services): State<crate::State>,
body: Ruma<set_avatar_url::v3::Request>,
) -> Result<set_avatar_url::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));

48
src/api/client/push.rs
View File

@@ -108,10 +108,7 @@ pub(crate) async fn get_pushrules_global_route(
State(services): State<crate::State>,
body: Ruma<get_pushrules_global_scope::v3::Request>,
) -> Result<get_pushrules_global_scope::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let Some(content_value) = services
.account_data
@@ -246,12 +243,8 @@ pub(crate) async fn set_pushrule_route(
State(services): State<crate::State>,
body: Ruma<set_pushrule::v3::Request>,
) -> Result<set_pushrule::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let body = body.body;
let sender_user = body.sender_user();
let body = &body.body;
let mut account_data: PushRulesEvent = services
.account_data
.get_global(sender_user, GlobalAccountDataEventType::PushRules)
@@ -312,10 +305,7 @@ pub(crate) async fn get_pushrule_actions_route(
State(services): State<crate::State>,
body: Ruma<get_pushrule_actions::v3::Request>,
) -> Result<get_pushrule_actions::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
// remove old deprecated mentions push rules as per MSC4210
#[allow(deprecated)]
@@ -349,10 +339,7 @@ pub(crate) async fn set_pushrule_actions_route(
State(services): State<crate::State>,
body: Ruma<set_pushrule_actions::v3::Request>,
) -> Result<set_pushrule_actions::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut account_data: PushRulesEvent = services
.account_data
@@ -391,10 +378,7 @@ pub(crate) async fn get_pushrule_enabled_route(
State(services): State<crate::State>,
body: Ruma<get_pushrule_enabled::v3::Request>,
) -> Result<get_pushrule_enabled::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
// remove old deprecated mentions push rules as per MSC4210
#[allow(deprecated)]
@@ -428,10 +412,7 @@ pub(crate) async fn set_pushrule_enabled_route(
State(services): State<crate::State>,
body: Ruma<set_pushrule_enabled::v3::Request>,
) -> Result<set_pushrule_enabled::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut account_data: PushRulesEvent = services
.account_data
@@ -470,10 +451,7 @@ pub(crate) async fn delete_pushrule_route(
State(services): State<crate::State>,
body: Ruma<delete_pushrule::v3::Request>,
) -> Result<delete_pushrule::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut account_data: PushRulesEvent = services
.account_data
@@ -521,10 +499,7 @@ pub(crate) async fn get_pushers_route(
State(services): State<crate::State>,
body: Ruma<get_pushers::v3::Request>,
) -> Result<get_pushers::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
Ok(get_pushers::v3::Response {
pushers: services.pusher.get_pushers(sender_user).await,
@@ -540,10 +515,7 @@ pub(crate) async fn set_pushers_route(
State(services): State<crate::State>,
body: Ruma<set_pusher::v3::Request>,
) -> Result<set_pusher::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
services
.pusher

7
src/api/client/redact.rs
View File

@@ -15,11 +15,8 @@ pub(crate) async fn redact_event_route(
State(services): State<crate::State>,
body: Ruma<redact_event::v3::Request>,
) -> Result<redact_event::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let body = body.body;
let sender_user = body.sender_user();
let body = &body.body;
let state_lock = services
.rooms

10
src/api/client/report.rs
View File

@@ -30,10 +30,7 @@ pub(crate) async fn report_room_route(
body: Ruma<report_room::v3::Request>,
) -> Result<report_room::v3::Response> {
// user authentication
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
info!(
"Received room report by user {sender_user} for room {} with reason: \"{}\"",
@@ -91,10 +88,7 @@ pub(crate) async fn report_event_route(
body: Ruma<report_content::v3::Request>,
) -> Result<report_content::v3::Response> {
// user authentication
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
info!(
"Received event report by user {sender_user} for room {} and event ID {}, with reason: \

5
src/api/client/room/aliases.rs
View File

@@ -15,10 +15,7 @@ pub(crate) async fn get_room_aliases_route(
State(services): State<crate::State>,
body: Ruma<aliases::v3::Request>,
) -> Result<aliases::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if !services
.rooms

9
src/api/client/room/create.rs
View File

@@ -58,10 +58,7 @@ pub(crate) async fn create_room_route(
) -> Result<create_room::v3::Response> {
use create_room::v3::RoomPreset;
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if !services.globals.allow_room_creation()
&& body.appservice_info.is_none()
@@ -192,7 +189,7 @@ pub(crate) async fn create_room_route(
let content = match room_version {
| V1 | V2 | V3 | V4 | V5 | V6 | V7 | V8 | V9 | V10 =>
RoomCreateEventContent::new_v1(sender_user.clone()),
RoomCreateEventContent::new_v1(sender_user.to_owned()),
| _ => RoomCreateEventContent::new_v11(),
};
let mut content = serde_json::from_str::<CanonicalJsonObject>(
@@ -260,7 +257,7 @@ pub(crate) async fn create_room_route(
| _ => RoomPreset::PrivateChat, // Room visibility should not be custom
});
let mut users = BTreeMap::from_iter([(sender_user.clone(), int!(100))]);
let mut users = BTreeMap::from_iter([(sender_user.to_owned(), int!(100))]);
if preset == RoomPreset::TrustedPrivateChat {
for invite in &body.invite {

24
src/api/client/session.rs
View File

@@ -324,11 +324,9 @@ pub(crate) async fn login_token_route(
return Err!(Request(Forbidden("Login via an existing session is not enabled")));
}
let sender_user = body.sender_user();
let sender_device = body.sender_device();
// This route SHOULD have UIA
// TODO: How do we make only UIA sessions that have not been used before valid?
let (sender_user, sender_device) = body.sender();
let mut uiaainfo = uiaa::UiaaInfo {
flows: vec![uiaa::AuthFlow { stages: vec![uiaa::AuthType::Password] }],
@@ -392,18 +390,9 @@ pub(crate) async fn logout_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<logout::v3::Request>,
) -> Result<logout::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_device = body
.sender_device
.as_ref()
.expect("user is authenticated");
services
.users
.remove_device(sender_user, sender_device)
.remove_device(body.sender_user(), body.sender_device())
.await;
Ok(logout::v3::Response::new())
@@ -428,18 +417,13 @@ pub(crate) async fn logout_all_route(
InsecureClientIp(client): InsecureClientIp,
body: Ruma<logout_all::v3::Request>,
) -> Result<logout_all::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
services
.users
.all_device_ids(sender_user)
.all_device_ids(body.sender_user())
.for_each(|device_id| {
services
.users
.remove_device(sender_user, device_id)
.remove_device(body.sender_user(), device_id)
})
.await;

5
src/api/client/state.rs
View File

@@ -73,10 +73,7 @@ pub(crate) async fn get_state_events_route(
State(services): State<crate::State>,
body: Ruma<get_state_events::v3::Request>,
) -> Result<get_state_events::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if !services
.rooms

15
src/api/client/tag.rs
View File

@@ -21,10 +21,7 @@ pub(crate) async fn update_tag_route(
State(services): State<crate::State>,
body: Ruma<create_tag::v3::Request>,
) -> Result<create_tag::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut tags_event = services
.account_data
@@ -61,10 +58,7 @@ pub(crate) async fn delete_tag_route(
State(services): State<crate::State>,
body: Ruma<delete_tag::v3::Request>,
) -> Result<delete_tag::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let mut tags_event = services
.account_data
@@ -101,10 +95,7 @@ pub(crate) async fn get_tags_route(
State(services): State<crate::State>,
body: Ruma<get_tags::v3::Request>,
) -> Result<get_tags::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let tags_event = services
.account_data

7
src/api/client/to_device.rs
View File

@@ -21,10 +21,7 @@ pub(crate) async fn send_event_to_device_route(
State(services): State<crate::State>,
body: Ruma<send_event_to_device::v3::Request>,
) -> Result<send_event_to_device::v3::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
let sender_device = body.sender_device.as_deref();
// Check if this is a new transaction id
@@ -50,7 +47,7 @@ pub(crate) async fn send_event_to_device_route(
serde_json::to_writer(
&mut buf,
&federation::transactions::edu::Edu::DirectToDevice(DirectDeviceContent {
sender: sender_user.clone(),
sender: sender_user.to_owned(),
ev_type: body.event_type.clone(),
message_id: count.to_string().into(),
messages,

20
src/api/client/unstable.rs
View File

@@ -69,10 +69,7 @@ pub(crate) async fn delete_timezone_key_route(
State(services): State<crate::State>,
body: Ruma<delete_timezone_key::unstable::Request>,
) -> Result<delete_timezone_key::unstable::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));
@@ -100,10 +97,7 @@ pub(crate) async fn set_timezone_key_route(
State(services): State<crate::State>,
body: Ruma<set_timezone_key::unstable::Request>,
) -> Result<set_timezone_key::unstable::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));
@@ -133,10 +127,7 @@ pub(crate) async fn set_profile_key_route(
State(services): State<crate::State>,
body: Ruma<set_profile_key::unstable::Request>,
) -> Result<set_profile_key::unstable::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));
@@ -229,10 +220,7 @@ pub(crate) async fn delete_profile_key_route(
State(services): State<crate::State>,
body: Ruma<delete_profile_key::unstable::Request>,
) -> Result<delete_profile_key::unstable::Response> {
let sender_user = body
.sender_user
.as_ref()
.expect("user is authenticated");
let sender_user = body.sender_user();
if *sender_user != body.user_id && body.appservice_info.is_none() {
return Err!(Request(Forbidden("You cannot update the profile of another user")));