From ddcf43f1b8fa5491f0e94240715361108c118627 Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Wed, 3 Apr 2024 15:59:03 -0400
Subject: [PATCH] replace `ErrorKind::Forbidden` with `forbidden()`
 non-exhaustive constructor

https://github.com/ruma/ruma/commit/917584e0cae4ae8642625f234f22f049bc159fee

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/api/client_server/account.rs       |  4 ++--
 src/api/client_server/context.rs       |  2 +-
 src/api/client_server/directory.rs     |  2 +-
 src/api/client_server/media.rs         | 10 +++++-----
 src/api/client_server/membership.rs    | 18 +++++++++---------
 src/api/client_server/message.rs       |  4 ++--
 src/api/client_server/presence.rs      |  4 ++--
 src/api/client_server/room.rs          |  6 +++---
 src/api/client_server/search.rs        |  6 +++---
 src/api/client_server/session.rs       |  8 ++++----
 src/api/client_server/state.rs         | 14 +++++++-------
 src/api/client_server/typing.rs        |  2 +-
 src/api/ruma_wrapper/axum.rs           | 10 +++++-----
 src/api/server_server.rs               | 22 +++++++++++-----------
 src/database/key_value/uiaa.rs         |  2 +-
 src/service/rooms/auth_chain/mod.rs    |  2 +-
 src/service/rooms/event_handler/mod.rs |  6 +++---
 src/service/rooms/spaces/mod.rs        |  6 +++---
 src/service/rooms/timeline/mod.rs      | 12 ++++++------
 src/service/uiaa/mod.rs                |  4 ++--
 src/utils/error.rs                     |  4 +++-
 21 files changed, 75 insertions(+), 73 deletions(-)

diff --git a/src/api/client_server/account.rs b/src/api/client_server/account.rs
index 54f3117c..80ab2450 100644
--- a/src/api/client_server/account.rs
+++ b/src/api/client_server/account.rs
@@ -89,7 +89,7 @@ pub async fn register_route(body: Ruma<register::v3::Request>) -> Result<registe
 			 {:?}",
 			body.username
 		);
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Registration has been disabled."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Registration has been disabled."));
 	}
 
 	if body.body.login_type == Some(LoginType::ApplicationService) && !body.from_appservice {
@@ -121,7 +121,7 @@ pub async fn register_route(body: Ruma<register::v3::Request>) -> Result<registe
 			 registration. Guest's initial device name: {:?}",
 			body.initial_device_display_name
 		);
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Registration temporarily disabled."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Registration temporarily disabled."));
 	}
 
 	let user_id = match (&body.username, is_guest) {
diff --git a/src/api/client_server/context.rs b/src/api/client_server/context.rs
index f39f009b..f7f68a9e 100644
--- a/src/api/client_server/context.rs
+++ b/src/api/client_server/context.rs
@@ -48,7 +48,7 @@ pub async fn get_context_route(body: Ruma<get_context::v3::Request>) -> Result<g
 		.user_can_see_event(sender_user, &room_id, &body.event_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this event.",
 		));
 	}
diff --git a/src/api/client_server/directory.rs b/src/api/client_server/directory.rs
index ee257d26..33ee3e63 100644
--- a/src/api/client_server/directory.rs
+++ b/src/api/client_server/directory.rs
@@ -110,7 +110,7 @@ pub async fn set_room_visibility_route(
 				);
 
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"Publishing rooms to the room directory is not allowed",
 				));
 			}
diff --git a/src/api/client_server/media.rs b/src/api/client_server/media.rs
index 3c410c82..e3bfcf4f 100644
--- a/src/api/client_server/media.rs
+++ b/src/api/client_server/media.rs
@@ -56,7 +56,7 @@ pub async fn get_media_preview_route(
 ) -> Result<get_media_preview::v3::Response> {
 	let url = &body.url;
 	if !url_preview_allowed(url) {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "URL is not allowed to be previewed"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "URL is not allowed to be previewed"));
 	}
 
 	match get_url_preview(url).await {
@@ -100,7 +100,7 @@ pub async fn get_media_preview_v1_route(
 ) -> Result<RumaResponse<get_media_preview::v3::Response>> {
 	let url = &body.url;
 	if !url_preview_allowed(url) {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "URL is not allowed to be previewed"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "URL is not allowed to be previewed"));
 	}
 
 	match get_url_preview(url).await {
@@ -748,7 +748,7 @@ async fn request_url_preview(url: &str) -> Result<UrlPreviewData> {
 		for cidr in cidr_ranges {
 			if cidr.includes(&ip) {
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"Requesting from this address is forbidden",
 				));
 			}
@@ -770,7 +770,7 @@ async fn request_url_preview(url: &str) -> Result<UrlPreviewData> {
 			for cidr in cidr_ranges {
 				if cidr.includes(&ip) {
 					return Err(Error::BadRequest(
-						ErrorKind::Forbidden,
+						ErrorKind::forbidden(),
 						"Requesting from this address is forbidden",
 					));
 				}
@@ -783,7 +783,7 @@ async fn request_url_preview(url: &str) -> Result<UrlPreviewData> {
 		.map_or(false, |a| url_request_allowed(&a.ip()))
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"Requesting from this address is forbidden",
 		));
 	}
diff --git a/src/api/client_server/membership.rs b/src/api/client_server/membership.rs
index a6eb043d..dfb3692d 100644
--- a/src/api/client_server/membership.rs
+++ b/src/api/client_server/membership.rs
@@ -51,7 +51,7 @@ pub async fn join_room_by_id_route(body: Ruma<join_room_by_id::v3::Request>) ->
 
 	if services().rooms.metadata.is_banned(&body.room_id)? && !services().users.is_admin(sender_user)? {
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"This room is banned on this homeserver.",
 		));
 	}
@@ -108,7 +108,7 @@ pub async fn join_room_by_id_or_alias_route(
 		Ok(room_id) => {
 			if services().rooms.metadata.is_banned(&room_id)? && !services().users.is_admin(sender_user)? {
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"This room is banned on this homeserver.",
 				));
 			}
@@ -144,7 +144,7 @@ pub async fn join_room_by_id_or_alias_route(
 
 			if services().rooms.metadata.is_banned(&response.room_id)? && !services().users.is_admin(sender_user)? {
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"This room is banned on this homeserver.",
 				));
 			}
@@ -192,7 +192,7 @@ pub async fn invite_user_route(body: Ruma<invite_user::v3::Request>) -> Result<i
 			&body.room_id
 		);
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"Invites are not allowed on this server.",
 		));
 	}
@@ -203,7 +203,7 @@ pub async fn invite_user_route(body: Ruma<invite_user::v3::Request>) -> Result<i
 			&sender_user, &body.room_id
 		);
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"This room is banned on this homeserver.",
 		));
 	}
@@ -455,7 +455,7 @@ pub async fn get_member_events_route(
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this room.",
 		));
 	}
@@ -488,7 +488,7 @@ pub async fn joined_members_route(body: Ruma<joined_members::v3::Request>) -> Re
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this room.",
 		));
 	}
@@ -1276,7 +1276,7 @@ pub(crate) async fn invite_helper(
 	if !services().users.is_admin(user_id)? && services().globals.block_non_admin_invites() {
 		info!("User {sender_user} is not an admin and attempted to send an invite to room {room_id}");
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"Invites are not allowed on this server.",
 		));
 	}
@@ -1399,7 +1399,7 @@ pub(crate) async fn invite_helper(
 		.is_joined(sender_user, room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this room.",
 		));
 	}
diff --git a/src/api/client_server/message.rs b/src/api/client_server/message.rs
index 9e02b621..34bb74fc 100644
--- a/src/api/client_server/message.rs
+++ b/src/api/client_server/message.rs
@@ -45,14 +45,14 @@ pub async fn send_message_event_route(
 
 	// Forbid m.room.encrypted if encryption is disabled
 	if MessageLikeEventType::RoomEncrypted == body.event_type && !services().globals.allow_encryption() {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Encryption has been disabled"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Encryption has been disabled"));
 	}
 
 	if body.event_type == MessageLikeEventType::CallInvite
 		&& services().rooms.directory.is_public_room(&body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"Room call invites are not allowed in public rooms",
 		));
 	}
diff --git a/src/api/client_server/presence.rs b/src/api/client_server/presence.rs
index eb47cdc4..41939294 100644
--- a/src/api/client_server/presence.rs
+++ b/src/api/client_server/presence.rs
@@ -12,7 +12,7 @@ use crate::{services, Error, Result, Ruma};
 /// Sets the presence state of the sender user.
 pub async fn set_presence_route(body: Ruma<set_presence::v3::Request>) -> Result<set_presence::v3::Response> {
 	if !services().globals.allow_local_presence() {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Presence is disabled on this server"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Presence is disabled on this server"));
 	}
 
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");
@@ -39,7 +39,7 @@ pub async fn set_presence_route(body: Ruma<set_presence::v3::Request>) -> Result
 /// - Only works if you share a room with the user
 pub async fn get_presence_route(body: Ruma<get_presence::v3::Request>) -> Result<get_presence::v3::Response> {
 	if !services().globals.allow_local_presence() {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Presence is disabled on this server"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Presence is disabled on this server"));
 	}
 
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");
diff --git a/src/api/client_server/room.rs b/src/api/client_server/room.rs
index a7c9e15c..0def1fbd 100644
--- a/src/api/client_server/room.rs
+++ b/src/api/client_server/room.rs
@@ -51,7 +51,7 @@ pub async fn create_room_route(body: Ruma<create_room::v3::Request>) -> Result<c
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");
 
 	if !services().globals.allow_room_creation() && !&body.from_appservice && !services().users.is_admin(sender_user)? {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Room creation has been disabled."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Room creation has been disabled."));
 	}
 
 	let room_id: OwnedRoomId;
@@ -597,7 +597,7 @@ pub async fn get_room_event_route(body: Ruma<get_room_event::v3::Request>) -> Re
 		.user_can_see_event(sender_user, &event.room_id, &body.event_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this event.",
 		));
 	}
@@ -625,7 +625,7 @@ pub async fn get_room_aliases_route(body: Ruma<aliases::v3::Request>) -> Result<
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view this room.",
 		));
 	}
diff --git a/src/api/client_server/search.rs b/src/api/client_server/search.rs
index e96a1712..c93038ea 100644
--- a/src/api/client_server/search.rs
+++ b/src/api/client_server/search.rs
@@ -51,7 +51,7 @@ pub async fn search_events_route(body: Ruma<search_events::v3::Request>) -> Resu
 				.is_joined(sender_user, room_id)?
 			{
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"You don't have permission to view this room.",
 				));
 			}
@@ -76,7 +76,7 @@ pub async fn search_events_route(body: Ruma<search_events::v3::Request>) -> Resu
 				room_states.insert(room_id.clone(), room_state);
 			} else {
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"You don't have permission to view this room.",
 				));
 			}
@@ -92,7 +92,7 @@ pub async fn search_events_route(body: Ruma<search_events::v3::Request>) -> Resu
 			.is_joined(sender_user, room_id)?
 		{
 			return Err(Error::BadRequest(
-				ErrorKind::Forbidden,
+				ErrorKind::forbidden(),
 				"You don't have permission to view this room.",
 			));
 		}
diff --git a/src/api/client_server/session.rs b/src/api/client_server/session.rs
index 86ab4bbc..9ac7f918 100644
--- a/src/api/client_server/session.rs
+++ b/src/api/client_server/session.rs
@@ -79,7 +79,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
 				user_id.to_lowercase()
 			} else {
 				warn!("Bad login type: {:?}", &body.login_info);
-				return Err(Error::BadRequest(ErrorKind::Forbidden, "Bad login type."));
+				return Err(Error::BadRequest(ErrorKind::forbidden(), "Bad login type."));
 			};
 
 			let user_id = UserId::parse_with_server_name(username, services().globals.server_name()).map_err(|e| {
@@ -90,7 +90,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
 			let hash = services()
 				.users
 				.password_hash(&user_id)?
-				.ok_or(Error::BadRequest(ErrorKind::Forbidden, "Wrong username or password."))?;
+				.ok_or(Error::BadRequest(ErrorKind::forbidden(), "Wrong username or password."))?;
 
 			if hash.is_empty() {
 				return Err(Error::BadRequest(ErrorKind::UserDeactivated, "The user has been deactivated"));
@@ -108,7 +108,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
 				.is_ok();
 
 			if !hash_matches {
-				return Err(Error::BadRequest(ErrorKind::Forbidden, "Wrong username or password."));
+				return Err(Error::BadRequest(ErrorKind::forbidden(), "Wrong username or password."));
 			}
 
 			user_id
@@ -158,7 +158,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
 				);
 				user_id.to_lowercase()
 			} else {
-				return Err(Error::BadRequest(ErrorKind::Forbidden, "Bad login type."));
+				return Err(Error::BadRequest(ErrorKind::forbidden(), "Bad login type."));
 			};
 
 			UserId::parse_with_server_name(username, services().globals.server_name()).map_err(|e| {
diff --git a/src/api/client_server/state.rs b/src/api/client_server/state.rs
index d653c729..b3ac66b2 100644
--- a/src/api/client_server/state.rs
+++ b/src/api/client_server/state.rs
@@ -41,7 +41,7 @@ pub async fn send_state_event_for_key_route(
 				if let Ok(join_rule) = serde_json::from_str::<RoomJoinRulesEventContent>(body.body.body.json().get()) {
 					if join_rule.join_rule == JoinRule::Public {
 						return Err(Error::BadRequest(
-							ErrorKind::Forbidden,
+							ErrorKind::forbidden(),
 							"Admin room is not allowed to be public.",
 						));
 					}
@@ -80,7 +80,7 @@ pub async fn send_state_event_for_empty_key_route(
 
 	// Forbid m.room.encryption if encryption is disabled
 	if body.event_type == StateEventType::RoomEncryption && !services().globals.allow_encryption() {
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Encryption has been disabled"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Encryption has been disabled"));
 	}
 
 	if body.event_type == StateEventType::RoomJoinRules {
@@ -89,7 +89,7 @@ pub async fn send_state_event_for_empty_key_route(
 				if let Ok(join_rule) = serde_json::from_str::<RoomJoinRulesEventContent>(body.body.body.json().get()) {
 					if join_rule.join_rule == JoinRule::Public {
 						return Err(Error::BadRequest(
-							ErrorKind::Forbidden,
+							ErrorKind::forbidden(),
 							"Admin room is not allowed to be public.",
 						));
 					}
@@ -131,7 +131,7 @@ pub async fn get_state_events_route(
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view the room state.",
 		));
 	}
@@ -167,7 +167,7 @@ pub async fn get_state_events_for_key_route(
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view the room state.",
 		));
 	}
@@ -222,7 +222,7 @@ pub async fn get_state_events_for_empty_key_route(
 		.user_can_see_state_events(sender_user, &body.room_id)?
 	{
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"You don't have permission to view the room state.",
 		));
 	}
@@ -285,7 +285,7 @@ async fn send_state_event_for_key_helper(
 					.is_none()
 			{
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"You are only allowed to send canonical_alias events when its aliases already exist",
 				));
 			}
diff --git a/src/api/client_server/typing.rs b/src/api/client_server/typing.rs
index ee310ad8..6dfdd97c 100644
--- a/src/api/client_server/typing.rs
+++ b/src/api/client_server/typing.rs
@@ -17,7 +17,7 @@ pub async fn create_typing_event_route(
 		.state_cache
 		.is_joined(sender_user, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "You are not in this room."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "You are not in this room."));
 	}
 
 	if let Typing::Yes(duration) = body.state {
diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs
index ddd14332..d221a0fa 100644
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@@ -102,7 +102,7 @@ where
 						debug!("User ID: {:?}", user_id);
 
 						if !services().users.exists(&user_id)? {
-							return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
+							return Err(Error::BadRequest(ErrorKind::forbidden(), "User does not exist."));
 						}
 
 						// TODO: Check if appservice is allowed to be that user
@@ -192,7 +192,7 @@ where
 									_ => "Unknown header-related error",
 								};
 
-								Error::BadRequest(ErrorKind::Forbidden, msg)
+								Error::BadRequest(ErrorKind::forbidden(), msg)
 							})?;
 
 						let origin_signatures =
@@ -207,7 +207,7 @@ where
 
 						if let Some(destination) = x_matrix.destination.as_ref() {
 							if destination != &server_destination {
-								return Err(Error::BadRequest(ErrorKind::Forbidden, "Invalid authorization."));
+								return Err(Error::BadRequest(ErrorKind::forbidden(), "Invalid authorization."));
 							}
 						}
 
@@ -236,7 +236,7 @@ where
 							Ok(b) => b,
 							Err(e) => {
 								warn!("Failed to fetch signing keys: {}", e);
-								return Err(Error::BadRequest(ErrorKind::Forbidden, "Failed to fetch signing keys."));
+								return Err(Error::BadRequest(ErrorKind::forbidden(), "Failed to fetch signing keys."));
 							},
 						};
 
@@ -258,7 +258,7 @@ where
 								}
 
 								return Err(Error::BadRequest(
-									ErrorKind::Forbidden,
+									ErrorKind::forbidden(),
 									"Failed to verify X-Matrix signatures.",
 								));
 							},
diff --git a/src/api/server_server.rs b/src/api/server_server.rs
index f87ef0a8..881f0990 100644
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@@ -149,7 +149,7 @@ pub async fn get_public_rooms_filtered_route(
 		.globals
 		.allow_public_room_directory_over_federation()
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Room directory is not public"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Room directory is not public"));
 	}
 
 	let response = client_server::get_public_rooms_filtered_helper(
@@ -179,7 +179,7 @@ pub async fn get_public_rooms_route(
 		.globals
 		.allow_public_room_directory_over_federation()
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Room directory is not public"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Room directory is not public"));
 	}
 
 	let response = client_server::get_public_rooms_filtered_helper(
@@ -541,7 +541,7 @@ pub async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Result<get_e
 		.state_cache
 		.server_in_room(sender_servername, room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room"));
 	}
 
 	if !services()
@@ -549,7 +549,7 @@ pub async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Result<get_e
 		.state_accessor
 		.server_can_see_event(sender_servername, room_id, &body.event_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not allowed to see event."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not allowed to see event."));
 	}
 
 	Ok(get_event::v1::Response {
@@ -576,7 +576,7 @@ pub async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) -> Result
 		.state_cache
 		.server_in_room(sender_servername, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
 	}
 
 	services()
@@ -639,7 +639,7 @@ pub async fn get_missing_events_route(
 		.state_cache
 		.server_in_room(sender_servername, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room"));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room"));
 	}
 
 	services()
@@ -722,7 +722,7 @@ pub async fn get_event_authorization_route(
 		.state_cache
 		.server_in_room(sender_servername, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
 	}
 
 	services()
@@ -775,7 +775,7 @@ pub async fn get_room_state_route(body: Ruma<get_room_state::v1::Request>) -> Re
 		.state_cache
 		.server_in_room(sender_servername, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
 	}
 
 	services()
@@ -844,7 +844,7 @@ pub async fn get_room_state_ids_route(
 		.state_cache
 		.server_in_room(sender_servername, &body.room_id)?
 	{
-		return Err(Error::BadRequest(ErrorKind::Forbidden, "Server is not in room."));
+		return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
 	}
 
 	services()
@@ -1270,7 +1270,7 @@ pub async fn create_invite_route(body: Ruma<create_invite::v2::Request>) -> Resu
 			&sender_servername, &body.room_id
 		);
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"This room is banned on this homeserver.",
 		));
 	}
@@ -1282,7 +1282,7 @@ pub async fn create_invite_route(body: Ruma<create_invite::v2::Request>) -> Resu
 			&sender_servername, &body.room_id
 		);
 		return Err(Error::BadRequest(
-			ErrorKind::Forbidden,
+			ErrorKind::forbidden(),
 			"This server does not allow room invites.",
 		));
 	}
diff --git a/src/database/key_value/uiaa.rs b/src/database/key_value/uiaa.rs
index c8b7611e..a8047656 100644
--- a/src/database/key_value/uiaa.rs
+++ b/src/database/key_value/uiaa.rs
@@ -61,7 +61,7 @@ impl service::uiaa::Data for KeyValueDatabase {
 			&self
 				.userdevicesessionid_uiaainfo
 				.get(&userdevicesessionid)?
-				.ok_or(Error::BadRequest(ErrorKind::Forbidden, "UIAA session does not exist."))?,
+				.ok_or(Error::BadRequest(ErrorKind::forbidden(), "UIAA session does not exist."))?,
 		)
 		.map_err(|_| Error::bad_database("UiaaInfo in userdeviceid_uiaainfo is invalid."))
 	}
diff --git a/src/service/rooms/auth_chain/mod.rs b/src/service/rooms/auth_chain/mod.rs
index 2225b7a4..4c178352 100644
--- a/src/service/rooms/auth_chain/mod.rs
+++ b/src/service/rooms/auth_chain/mod.rs
@@ -131,7 +131,7 @@ impl Service {
 			match services().rooms.timeline.get_pdu(&event_id) {
 				Ok(Some(pdu)) => {
 					if pdu.room_id != room_id {
-						return Err(Error::BadRequest(ErrorKind::Forbidden, "Evil event in db"));
+						return Err(Error::BadRequest(ErrorKind::forbidden(), "Evil event in db"));
 					}
 					for auth_event in &pdu.auth_events {
 						let sauthevent = services()
diff --git a/src/service/rooms/event_handler/mod.rs b/src/service/rooms/event_handler/mod.rs
index 1a172cf1..d83c82b9 100644
--- a/src/service/rooms/event_handler/mod.rs
+++ b/src/service/rooms/event_handler/mod.rs
@@ -94,7 +94,7 @@ impl Service {
 				 event ID {event_id}"
 			);
 			return Err(Error::BadRequest(
-				ErrorKind::Forbidden,
+				ErrorKind::forbidden(),
 				"Federation of this room is currently disabled on this server.",
 			));
 		}
@@ -163,7 +163,7 @@ impl Service {
 					 event ID {event_id}"
 				);
 				return Err(Error::BadRequest(
-					ErrorKind::Forbidden,
+					ErrorKind::forbidden(),
 					"Federation of this room is currently disabled on this server.",
 				));
 			}
@@ -1645,7 +1645,7 @@ impl Service {
 			Ok(())
 		} else {
 			info!("Server {} was denied by room ACL in {}", server_name, room_id);
-			Err(Error::BadRequest(ErrorKind::Forbidden, "Server was denied by room ACL"))
+			Err(Error::BadRequest(ErrorKind::forbidden(), "Server was denied by room ACL"))
 		}
 	}
 
diff --git a/src/service/rooms/spaces/mod.rs b/src/service/rooms/spaces/mod.rs
index 6488a4d2..cda17e9b 100644
--- a/src/service/rooms/spaces/mod.rs
+++ b/src/service/rooms/spaces/mod.rs
@@ -549,7 +549,7 @@ impl Service {
 		if !is_accessable_child(current_room, &join_rule.clone().into(), identifier, &allowed_room_ids)? {
 			debug!("User is not allowed to see room {room_id}");
 			// This error will be caught later
-			return Err(Error::BadRequest(ErrorKind::Forbidden, "User is not allowed to see the room"));
+			return Err(Error::BadRequest(ErrorKind::forbidden(), "User is not allowed to see the room"));
 		}
 
 		let join_rule = join_rule.into();
@@ -698,9 +698,9 @@ impl Service {
 				})
 			},
 			Some(SummaryAccessibility::Inaccessible) => {
-				Err(Error::BadRequest(ErrorKind::Forbidden, "The requested room is inaccessible"))
+				Err(Error::BadRequest(ErrorKind::forbidden(), "The requested room is inaccessible"))
 			},
-			None => Err(Error::BadRequest(ErrorKind::Forbidden, "The requested room was not found")),
+			None => Err(Error::BadRequest(ErrorKind::forbidden(), "The requested room was not found")),
 		}
 	}
 }
diff --git a/src/service/rooms/timeline/mod.rs b/src/service/rooms/timeline/mod.rs
index 8912aab6..4e9d543e 100644
--- a/src/service/rooms/timeline/mod.rs
+++ b/src/service/rooms/timeline/mod.rs
@@ -755,7 +755,7 @@ impl Service {
 		})?;
 
 		if !auth_check {
-			return Err(Error::BadRequest(ErrorKind::Forbidden, "Event is not authorized."));
+			return Err(Error::BadRequest(ErrorKind::forbidden(), "Event is not authorized."));
 		}
 
 		// Hash and sign
@@ -835,7 +835,7 @@ impl Service {
 					TimelineEventType::RoomEncryption => {
 						warn!("Encryption is not allowed in the admins room");
 						return Err(Error::BadRequest(
-							ErrorKind::Forbidden,
+							ErrorKind::forbidden(),
 							"Encryption is not allowed in the admins room.",
 						));
 					},
@@ -858,7 +858,7 @@ impl Service {
 							if target == server_user {
 								warn!("Conduit user cannot leave from admins room");
 								return Err(Error::BadRequest(
-									ErrorKind::Forbidden,
+									ErrorKind::forbidden(),
 									"Conduit user cannot leave from admins room.",
 								));
 							}
@@ -874,7 +874,7 @@ impl Service {
 							if count < 2 {
 								warn!("Last admin cannot leave from admins room");
 								return Err(Error::BadRequest(
-									ErrorKind::Forbidden,
+									ErrorKind::forbidden(),
 									"Last admin cannot leave from admins room.",
 								));
 							}
@@ -884,7 +884,7 @@ impl Service {
 							if target == server_user {
 								warn!("Conduit user cannot be banned in admins room");
 								return Err(Error::BadRequest(
-									ErrorKind::Forbidden,
+									ErrorKind::forbidden(),
 									"Conduit user cannot be banned in admins room.",
 								));
 							}
@@ -900,7 +900,7 @@ impl Service {
 							if count < 2 {
 								warn!("Last admin cannot be banned in admins room");
 								return Err(Error::BadRequest(
-									ErrorKind::Forbidden,
+									ErrorKind::forbidden(),
 									"Last admin cannot be banned in admins room.",
 								));
 							}
diff --git a/src/service/uiaa/mod.rs b/src/service/uiaa/mod.rs
index a2296d55..695aa963 100644
--- a/src/service/uiaa/mod.rs
+++ b/src/service/uiaa/mod.rs
@@ -76,7 +76,7 @@ impl Service {
 
 					if !hash_matches {
 						uiaainfo.auth_error = Some(ruma::api::client::error::StandardErrorBody {
-							kind: ErrorKind::Forbidden,
+							kind: ErrorKind::forbidden(),
 							message: "Invalid username or password.".to_owned(),
 						});
 						return Ok((false, uiaainfo));
@@ -91,7 +91,7 @@ impl Service {
 					uiaainfo.completed.push(AuthType::RegistrationToken);
 				} else {
 					uiaainfo.auth_error = Some(ruma::api::client::error::StandardErrorBody {
-						kind: ErrorKind::Forbidden,
+						kind: ErrorKind::forbidden(),
 						message: "Invalid registration token.".to_owned(),
 					});
 					return Ok((false, uiaainfo));
diff --git a/src/utils/error.rs b/src/utils/error.rs
index c6397da4..5820d085 100644
--- a/src/utils/error.rs
+++ b/src/utils/error.rs
@@ -116,7 +116,9 @@ impl Error {
 					WrongRoomKeysVersion {
 						..
 					}
-					| Forbidden
+					| Forbidden {
+						..
+					}
 					| GuestAccessForbidden
 					| ThreepidAuthFailed
 					| UserDeactivated