mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-16 18:43:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

HNT-105 invite authz

Browse source
This commit is contained in:
John Terzis 2022-10-21 16:57:20 -07:00 committed by Tak Wai Wong
parent 94061b7b8d
commit 36039c2efc
No known key found for this signature in database
GPG key ID: 222E4AF2AA1F467D
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
clientapi/routing/routing.go
View file

@ -353,6 +353,19 @@ func Setup(
return util.ErrorResponse(err)
}
isAllowedInviter, _ := authorization.IsAllowed(authz.AuthorizationArgs{
RoomId: vars["roomID"],
UserId: device.UserID,
Permission: authz.PermissionInvite,
})
if !isAllowedInviter {
return util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: jsonerror.Forbidden("Inviter not allowed"),
}
}
return SendInvite(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI)
}),
).Methods(http.MethodPost, http.MethodOptions)