mirror of
https://gitlab.com/famedly/conduit.git
synced 2025-01-15 05:56:27 +03:00
Merge branch 'nyaaori/admin-check' into 'next'
Implement admin check and add config option for allowing room creation See merge request famedly/conduit!211
This commit is contained in:
commit
335027e739
4 changed files with 34 additions and 1 deletions
|
@ -61,6 +61,16 @@ pub async fn create_room_route(
|
||||||
);
|
);
|
||||||
let state_lock = mutex_state.lock().await;
|
let state_lock = mutex_state.lock().await;
|
||||||
|
|
||||||
|
if !db.globals.allow_room_creation()
|
||||||
|
&& !body.from_appservice
|
||||||
|
&& !db.users.is_admin(sender_user, &db.rooms, &db.globals)?
|
||||||
|
{
|
||||||
|
return Err(Error::BadRequest(
|
||||||
|
ErrorKind::Forbidden,
|
||||||
|
"Room creation has been disabled.",
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
let alias: Option<RoomAliasId> =
|
let alias: Option<RoomAliasId> =
|
||||||
body.room_alias_name
|
body.room_alias_name
|
||||||
.as_ref()
|
.as_ref()
|
||||||
|
|
|
@ -61,6 +61,8 @@ pub struct Config {
|
||||||
allow_encryption: bool,
|
allow_encryption: bool,
|
||||||
#[serde(default = "false_fn")]
|
#[serde(default = "false_fn")]
|
||||||
allow_federation: bool,
|
allow_federation: bool,
|
||||||
|
#[serde(default = "true_fn")]
|
||||||
|
allow_room_creation: bool,
|
||||||
#[serde(default = "false_fn")]
|
#[serde(default = "false_fn")]
|
||||||
pub allow_jaeger: bool,
|
pub allow_jaeger: bool,
|
||||||
#[serde(default = "false_fn")]
|
#[serde(default = "false_fn")]
|
||||||
|
|
|
@ -211,6 +211,10 @@ impl Globals {
|
||||||
self.config.allow_federation
|
self.config.allow_federation
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn allow_room_creation(&self) -> bool {
|
||||||
|
self.config.allow_room_creation
|
||||||
|
}
|
||||||
|
|
||||||
pub fn trusted_servers(&self) -> &[Box<ServerName>] {
|
pub fn trusted_servers(&self) -> &[Box<ServerName>] {
|
||||||
&self.config.trusted_servers
|
&self.config.trusted_servers
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,8 @@ use ruma::{
|
||||||
events::{AnyToDeviceEvent, EventType},
|
events::{AnyToDeviceEvent, EventType},
|
||||||
identifiers::MxcUri,
|
identifiers::MxcUri,
|
||||||
serde::Raw,
|
serde::Raw,
|
||||||
DeviceId, DeviceKeyAlgorithm, DeviceKeyId, MilliSecondsSinceUnixEpoch, UInt, UserId,
|
DeviceId, DeviceKeyAlgorithm, DeviceKeyId, MilliSecondsSinceUnixEpoch, RoomAliasId, UInt,
|
||||||
|
UserId,
|
||||||
};
|
};
|
||||||
use std::{collections::BTreeMap, convert::TryFrom, mem, sync::Arc};
|
use std::{collections::BTreeMap, convert::TryFrom, mem, sync::Arc};
|
||||||
use tracing::warn;
|
use tracing::warn;
|
||||||
|
@ -53,6 +54,22 @@ impl Users {
|
||||||
.is_empty())
|
.is_empty())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Check if a user is an admin
|
||||||
|
#[tracing::instrument(skip(self, user_id, rooms, globals))]
|
||||||
|
pub fn is_admin(
|
||||||
|
&self,
|
||||||
|
user_id: &UserId,
|
||||||
|
rooms: &super::rooms::Rooms,
|
||||||
|
globals: &super::globals::Globals,
|
||||||
|
) -> Result<bool> {
|
||||||
|
let admin_room_alias_id =
|
||||||
|
RoomAliasId::try_from(format!("#admins:{}", globals.server_name()))
|
||||||
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid alias."))?;
|
||||||
|
let admin_room_id = rooms.id_from_alias(&admin_room_alias_id)?.unwrap();
|
||||||
|
|
||||||
|
Ok(rooms.is_joined(user_id, &admin_room_id)?)
|
||||||
|
}
|
||||||
|
|
||||||
/// Create a new user account on this homeserver.
|
/// Create a new user account on this homeserver.
|
||||||
#[tracing::instrument(skip(self, user_id, password))]
|
#[tracing::instrument(skip(self, user_id, password))]
|
||||||
pub fn create(&self, user_id: &UserId, password: Option<&str>) -> Result<()> {
|
pub fn create(&self, user_id: &UserId, password: Option<&str>) -> Result<()> {
|
||||||
|
|
Loading…
Reference in a new issue