From d64a56d88b72266abcb746d6c9e9691dbfe48301 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20K=C3=B6sters?= <timo@koesters.xyz>
Date: Tue, 27 Jun 2023 18:48:34 +0200
Subject: [PATCH] Do soft fail check before doing state res to allow leave
 events

---
 src/service/rooms/event_handler/mod.rs | 33 +++++++++++++-------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/src/service/rooms/event_handler/mod.rs b/src/service/rooms/event_handler/mod.rs
index 066cef48..ef5616eb 100644
--- a/src/service/rooms/event_handler/mod.rs
+++ b/src/service/rooms/event_handler/mod.rs
@@ -736,6 +736,23 @@ impl Service {
         }
         info!("Auth check succeeded");
 
+        // Soft fail check before doing state res
+        let auth_events = services().rooms.state.get_auth_events(
+            room_id,
+            &incoming_pdu.kind,
+            &incoming_pdu.sender,
+            incoming_pdu.state_key.as_deref(),
+            &incoming_pdu.content,
+        )?;
+
+        let soft_fail = !state_res::event_auth::auth_check(
+            &room_version,
+            &incoming_pdu,
+            None::<PduEvent>,
+            |k, s| auth_events.get(&(k.clone(), s.to_owned())),
+        )
+        .map_err(|_e| Error::BadRequest(ErrorKind::InvalidParam, "Auth check failed."))?;
+
         // 13. Use state resolution to find new room state
 
         // We start looking at current room state now, so lets lock the room
@@ -822,22 +839,6 @@ impl Service {
         // 14. Check if the event passes auth based on the "current state" of the room, if not soft fail it
         info!("Starting soft fail auth check");
 
-        let auth_events = services().rooms.state.get_auth_events(
-            room_id,
-            &incoming_pdu.kind,
-            &incoming_pdu.sender,
-            incoming_pdu.state_key.as_deref(),
-            &incoming_pdu.content,
-        )?;
-
-        let soft_fail = !state_res::event_auth::auth_check(
-            &room_version,
-            &incoming_pdu,
-            None::<PduEvent>,
-            |k, s| auth_events.get(&(k.clone(), s.to_owned())),
-        )
-        .map_err(|_e| Error::BadRequest(ErrorKind::InvalidParam, "Auth check failed."))?;
-
         if soft_fail {
             services().rooms.timeline.append_incoming_pdu(
                 &incoming_pdu,