Refactor checking restricted join rules (#10007)

To be more consistent with similar code. The check now automatically raises an AuthError instead of passing back a boolean. It also absorbs some shared logic between callers.
2025-05-02 12:56:02 -04:00 · 2021-05-18 12:17:04 -04:00 · 2021-05-18 12:17:04 -04:00 · ac6bfcd52f
commit ac6bfcd52f
parent 4d6e5a5e99
4 changed files with 49 additions and 50 deletions
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@ -260,25 +260,15 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):

        if event.membership == Membership.JOIN:
            newly_joined = True
-            user_is_invited = False
+            prev_member_event = None
            if prev_member_event_id:
                prev_member_event = await self.store.get_event(prev_member_event_id)
                newly_joined = prev_member_event.membership != Membership.JOIN
-                user_is_invited = prev_member_event.membership == Membership.INVITE

-            # If the member is not already in the room and is not accepting an invite,
-            # check if they should be allowed access via membership in a space.
-            if (
-                newly_joined
-                and not user_is_invited
-                and not await self.event_auth_handler.can_join_without_invite(
-                    prev_state_ids, event.room_version, user_id
-                )
-            ):
-                raise AuthError(
-                    403,
-                    "You do not belong to any of the required spaces to join this room.",
-                )
+            # Check if the member should be allowed access via membership in a space.
+            await self.event_auth_handler.check_restricted_join_rules(
+                prev_state_ids, event.room_version, user_id, prev_member_event
+            )

            # Only rate-limit if the user actually joined the room, otherwise we'll end
            # up blocking profile updates.