magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix lockdown_public_room_directory bypass, add appservice exclusion

Browse source 
Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry 2024-10-24 21:38:26 -04:00
parent 30e3e45f9f
commit 9761e2f10c
No known key found for this signature in database
2 changed files with 33 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/api/client/directory.rs
View file

@ -137,7 +137,10 @@ pub(crate) async fn set_room_visibility_route(
match &body.visibility {
room::Visibility::Public => {
if services.globals.config.lockdown_public_room_directory && !services.users.is_admin(sender_user)? {
if services.globals.config.lockdown_public_room_directory
&& !services.users.is_admin(sender_user)?
&& body.appservice_info.is_none()
{
info!(
"Non-admin user {sender_user} tried to publish {0} to the room directory while \
\"lockdown_public_room_directory\" is enabled",