Merge branch 'forbidden' into 'master'

fix: Forbidden instead of InvalidParam when joining See merge request famedly/conduit!84
2021-05-22 19:56:46 +00:00 · 2021-05-22 19:56:46 +00:00 · 1ab209736a
commit 1ab209736a
parent 7e4dc65747 fd69ac621c
3 changed files with 18 additions and 11 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,5 +1,8 @@
 image: "rust:latest"
 default:
    tags: [docker]
 cache:
  paths:
    - target
--- a/src/client_server/membership.rs
+++ b/src/client_server/membership.rs
@ -839,7 +839,7 @@ pub async fn invite_helper(
        if !auth_check {
            return Err(Error::BadRequest(
-                ErrorKind::InvalidParam,
+                ErrorKind::Forbidden,
                "Event is not authorized.",
            ));
        }
--- a/src/ruma_wrapper.rs
+++ b/src/ruma_wrapper.rs
@ -59,7 +59,7 @@ where
        let token = request
            .headers()
            .get_one("Authorization")
-            .map(|s| s[7..].to_owned()) // Split off "Bearer "
+            .and_then(|s| s.get(7..)) // Split off "Bearer "
            .or_else(|| request.query_value("access_token").and_then(|r| r.ok()));
        let limit = db.globals.max_request_size();
@ -134,16 +134,20 @@ where
                }
                AuthScheme::ServerSignatures => {
                    // Get origin from header
-                    let x_matrix = match request.headers().get_one("Authorization").map(|s| {
+                    let x_matrix = match request
                        .headers()
                        .get_one("Authorization")
                        .and_then(|s|
                        // Split off "X-Matrix " and parse the rest
-                        s[9..]
+                        s.get(9..))
-                            .split_terminator(',')
+                        .map(|s| {
-                            .map(|field| {
+                            s.split_terminator(',')
-                                let mut splits = field.splitn(2, '=');
+                                .map(|field| {
-                                (splits.next(), splits.next().map(|s| s.trim_matches('"')))
+                                    let mut splits = field.splitn(2, '=');
-                            })
+                                    (splits.next(), splits.next().map(|s| s.trim_matches('"')))
-                            .collect::<BTreeMap<_, _>>()
+                                })
-                    }) {
+                                .collect::<BTreeMap<_, _>>()
                        }) {
                        Some(t) => t,
                        None => {
                            warn!("No Authorization header");