diff --git a/src/database.rs b/src/database.rs
index 69cf3fc8852e173a3106dd42d8dac3990603764c..4a03f18c4c5f3dc46de653e95397cb3a7c78f6a4 100644
--- a/src/database.rs
+++ b/src/database.rs
@@ -21,8 +21,8 @@
use lru_cache::LruCache;
use ruma::{
events::{
- push_rules::PushRulesEventContent, room::message::RoomMessageEventContent, EventType,
- GlobalAccountDataEvent,
+ push_rules::PushRulesEventContent, room::message::RoomMessageEventContent,
+ GlobalAccountDataEvent, GlobalAccountDataEventType,
},
push::Ruleset,
DeviceId, EventId, RoomId, UserId,
@@ -968,7 +968,7 @@ fn set_emergency_access(db: &Database) -> Result<bool> {
db.account_data.update(
None,
&conduit_user,
- EventType::PushRules,
+ GlobalAccountDataEventType::PushRules.to_string().into(),
&GlobalAccountDataEvent {
content: PushRulesEventContent { global: ruleset },
},
diff --git a/src/pdu.rs b/src/pdu.rs
index aed2575f6c24c9b5aa6239b6024b7b0448c85f30..3b9053364361e13da7488823c13195bd87cbf2c8 100644
--- a/src/pdu.rs
+++ b/src/pdu.rs
@@ -51,7 +51,7 @@ pub fn redact(&mut self, reason: &PduEvent) -> crate::Result<()> {
self.unsigned = None;
let allowed: &[&str] = match self.kind {
- RoomEventType::RoomMember => &["membership"],
+ RoomEventType::RoomMember => &["join_authorised_via_users_server", "membership"],
RoomEventType::RoomCreate => &["creator"],
RoomEventType::RoomJoinRules => &["join_rule"],
RoomEventType::RoomPowerLevels => &[
diff --git a/src/server_server.rs b/src/server_server.rs
index d574c4ee02eb2d270efacebc43690485e6d1f9f3..596a54e209fa5ebfc05e06f5f27287ac1014c1d8 100644
--- a/src/server_server.rs
+++ b/src/server_server.rs
@@ -42,6 +42,7 @@
receipt::{ReceiptEvent, ReceiptEventContent},
room::{
create::RoomCreateEventContent,
+ join_rules::{JoinRule, RoomJoinRulesEventContent},
member::{MembershipState, RoomMemberEventContent},
server_acl::RoomServerAclEventContent,
},
@@ -2590,6 +2591,33 @@ pub async fn create_join_event_template_route(
acl_check(sender_servername, &body.room_id, &db)?;
+ // TODO: Conduit does not implement restricted join rules yet, we always reject
+ let join_rules_event = db
+ .rooms
+ .room_state_get(&body.room_id, &StateEventType::RoomJoinRules, "")?;
+
+ let join_rules_event_content: Option<RoomJoinRulesEventContent> = join_rules_event
+ .as_ref()
+ .map(|join_rules_event| {
+ serde_json::from_str(join_rules_event.content.get()).map_err(|e| {
+ warn!("Invalid join rules event: {}", e);
+ Error::bad_database("Invalid join rules event in db.")
+ })
+ })
+ .transpose()?;
+
+ if let Some(join_rules_event_content) = join_rules_event_content {
+ if matches!(
+ join_rules_event_content.join_rule,
+ JoinRule::Restricted { .. }
+ ) {
+ return Err(Error::BadRequest(
+ ErrorKind::Unknown,
+ "Conduit does not support restricted rooms yet.",
+ ));
+ }
+ }
+
let prev_events: Vec<_> = db
.rooms
.get_pdu_leaves(&body.room_id)?
@@ -2749,6 +2777,33 @@ async fn create_join_event(
acl_check(sender_servername, room_id, db)?;
+ // TODO: Conduit does not implement restricted join rules yet, we always reject
+ let join_rules_event = db
+ .rooms
+ .room_state_get(room_id, &StateEventType::RoomJoinRules, "")?;
+
+ let join_rules_event_content: Option<RoomJoinRulesEventContent> = join_rules_event
+ .as_ref()
+ .map(|join_rules_event| {
+ serde_json::from_str(join_rules_event.content.get()).map_err(|e| {
+ warn!("Invalid join rules event: {}", e);
+ Error::bad_database("Invalid join rules event in db.")
+ })
+ })
+ .transpose()?;
+
+ if let Some(join_rules_event_content) = join_rules_event_content {
+ if matches!(
+ join_rules_event_content.join_rule,
+ JoinRule::Restricted { .. }
+ ) {
+ return Err(Error::BadRequest(
+ ErrorKind::Unknown,
+ "Conduit does not support restricted rooms yet.",
+ ));
+ }
+ }
+
// We need to return the state prior to joining, let's keep a reference to that here
let shortstatehash = db
.rooms