mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-16 18:43:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Review comments

Browse source
This commit is contained in:
Neil Alexander 2022-10-26 12:37:14 +01:00
parent c1518b4e98
commit 63daa2390c
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
clientapi/routing/profile.go
View file

@ -119,6 +119,13 @@ func SetAvatarURL(
return jsonerror.InternalServerError()
}
if !cfg.Matrix.IsLocalServerName(domain) {
return util.JSONResponse{
Code: http.StatusForbidden,
JSON: jsonerror.Forbidden("userID does not belong to a locally configured domain"),
}
}
evTime, err := httputil.ParseTSParam(req)
if err != nil {
return util.JSONResponse{
@ -211,6 +218,13 @@ func SetDisplayName(
return jsonerror.InternalServerError()
}
if !cfg.Matrix.IsLocalServerName(domain) {
return util.JSONResponse{
Code: http.StatusForbidden,
JSON: jsonerror.Forbidden("userID does not belong to a locally configured domain"),
}
}
evTime, err := httputil.ParseTSParam(req)
if err != nil {
return util.JSONResponse{

3
userapi/internal/api.go
View file

@ -548,6 +548,9 @@ func (a *UserInternalAPI) PerformAccountDeactivation(ctx context.Context, req *a
if serverName == "" {
serverName = a.Config.Matrix.ServerName
}
if !a.Config.Matrix.IsLocalServerName(serverName) {
return fmt.Errorf("server name %q not locally configured", serverName)
}
evacuateReq := &rsapi.PerformAdminEvacuateUserRequest{
UserID: fmt.Sprintf("@%s:%s", req.Localpart, serverName),