require sender_user being in the reporting room for /report events

Matrix 1.8 change: https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid Signed-off-by: strawberry <strawberry@puppygock.gay>

require sender_user being in the reporting room for /report events
a85ebdea · 🥺 · 🥺 · efa63081 · a85ebdea · a85ebdea
Commit a85ebdea authored 1 year ago by 🥺 Committed by 🥺 1 year ago
--- a/src/api/client_server/account.rs
+++ b/src/api/client_server/account.rs
@@ -19,7 +19,7 @@

 const RANDOM_USER_ID_LENGTH: usize = 10;

-/// # `GET /_matrix/client/r0/register/available`
+/// # `GET /_matrix/client/v3/register/available`
 ///
 /// Checks if a username is valid and available on this server.
 ///

--- a/src/api/client_server/membership.rs
+++ b/src/api/client_server/membership.rs
@@ -361,7 +361,7 @@ pub async fn unban_user_route(
    Ok(unban_user::v3::Response::new())
 }

-/// # `POST /_matrix/client/r0/rooms/{roomId}/forget`
+/// # `POST /_matrix/client/v3/rooms/{roomId}/forget`
 ///
 /// Forgets about a room.
 ///

--- a/src/api/client_server/report.rs
+++ b/src/api/client_server/report.rs
@@ -5,7 +5,7 @@
    int,
 };

-/// # `POST /_matrix/client/r0/rooms/{roomId}/report/{eventId}`
+/// # `POST /_matrix/client/v3/rooms/{roomId}/report/{eventId}`
 ///
 /// Reports an inappropriate event to homeserver admins
 ///
@@ -24,6 +24,20 @@ pub async fn report_event_route(
        }
    };

+    // check if reporting user is in the reporting room
+    if !services()
+        .rooms
+        .state_cache
+        .room_members(&pdu.room_id)
+        .filter_map(|r| r.ok())
+        .any(|user_id| user_id == *sender_user)
+    {
+        return Err(Error::BadRequest(
+            ErrorKind::NotFound,
+            "You are not in the room you are reporting.",
+        ));
+    }
+
    if let Some(true) = body.score.map(|s| s > int!(0) || s < int!(-100)) {
        return Err(Error::BadRequest(
            ErrorKind::InvalidParam,