Merge pull request 'Allow unjoined users to read state of world readable rooms' (#230) from allow-reading-state into master

Reviewed-on: https://git.koesters.xyz/timo/conduit/pulls/230

README.md

@@ -2,7 +2,7 @@
 ### A Matrix homeserver written in Rust
 
 [![Liberapay](https://img.shields.io/liberapay/receives/timokoesters?logo=liberapay)](https://liberapay.com/timokoesters)
-[![Matrix](https://img.shields.io/matrix/conduit:koesters.xyz?server_fqdn=matrix.koesters.xyz&logo=matrix)](https://matrix.to/#/#conduit:koesters.xyz)
+[![Matrix](https://img.shields.io/matrix/conduit:conduit.rs?server_fqdn=conduit.koesters.xyz)](https://matrix.to/#/#conduit:matrix.org)
 
 #### What is the goal?
 

src/client_server/state.rs

@@ -8,7 +8,11 @@ use ruma::{
             send_state_event_for_empty_key, send_state_event_for_key,
         },
     },
-    events::{AnyStateEventContent, EventContent},
+    events::{
+        room::history_visibility::HistoryVisibility,
+        room::history_visibility::HistoryVisibilityEventContent, AnyStateEventContent,
+        EventContent, EventType,
+    },
     EventId, RoomId, UserId,
 };
 
@@ -97,11 +101,28 @@ pub fn get_state_events_route(
 ) -> ConduitResult<get_state_events::Response> {
     let sender_id = body.sender_id.as_ref().expect("user is authenticated");
 
+    // Users not in the room should not be able to access the state unless history_visibility is
+    // WorldReadable
     if !db.rooms.is_joined(sender_id, &body.room_id)? {
-        return Err(Error::BadRequest(
+        if !matches!(
-            ErrorKind::Forbidden,
+            db.rooms
-            "You don't have permission to view the room state.",
+                .room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
-        ));
+                .map(|event| {
+                    serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
+                        .map_err(|_| {
+                            Error::bad_database(
+                                "Invalid room history visibility event in database.",
+                            )
+                        })
+                        .map(|e| e.history_visibility)
+                }),
+            Some(Ok(HistoryVisibility::WorldReadable))
+        ) {
+            return Err(Error::BadRequest(
+                ErrorKind::Forbidden,
+                "You don't have permission to view the room state.",
+            ));
+        }
     }
 
     Ok(get_state_events::Response {
@@ -125,11 +146,28 @@ pub fn get_state_events_for_key_route(
 ) -> ConduitResult<get_state_events_for_key::Response> {
     let sender_id = body.sender_id.as_ref().expect("user is authenticated");
 
+    // Users not in the room should not be able to access the state unless history_visibility is
+    // WorldReadable
     if !db.rooms.is_joined(sender_id, &body.room_id)? {
-        return Err(Error::BadRequest(
+        if !matches!(
-            ErrorKind::Forbidden,
+            db.rooms
-            "You don't have permission to view the room state.",
+                .room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
-        ));
+                .map(|event| {
+                    serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
+                        .map_err(|_| {
+                            Error::bad_database(
+                                "Invalid room history visibility event in database.",
+                            )
+                        })
+                        .map(|e| e.history_visibility)
+                }),
+            Some(Ok(HistoryVisibility::WorldReadable))
+        ) {
+            return Err(Error::BadRequest(
+                ErrorKind::Forbidden,
+                "You don't have permission to view the room state.",
+            ));
+        }
     }
 
     let event = db
@@ -157,11 +195,28 @@ pub fn get_state_events_for_empty_key_route(
 ) -> ConduitResult<get_state_events_for_empty_key::Response> {
     let sender_id = body.sender_id.as_ref().expect("user is authenticated");
 
+    // Users not in the room should not be able to access the state unless history_visibility is
+    // WorldReadable
     if !db.rooms.is_joined(sender_id, &body.room_id)? {
-        return Err(Error::BadRequest(
+        if !matches!(
-            ErrorKind::Forbidden,
+            db.rooms
-            "You don't have permission to view the room state.",
+                .room_state_get(&body.room_id, &EventType::RoomHistoryVisibility, "")?
-        ));
+                .map(|event| {
+                    serde_json::from_value::<HistoryVisibilityEventContent>(event.content)
+                        .map_err(|_| {
+                            Error::bad_database(
+                                "Invalid room history visibility event in database.",
+                            )
+                        })
+                        .map(|e| e.history_visibility)
+                }),
+            Some(Ok(HistoryVisibility::WorldReadable))
+        ) {
+            return Err(Error::BadRequest(
+                ErrorKind::Forbidden,
+                "You don't have permission to view the room state.",
+            ));
+        }
     }
 
     let event = db