From ae42d673d757a8c4104990fde191c29cf1ed9773 Mon Sep 17 00:00:00 2001
From: Travis Ralston <travpc@gmail.com>
Date: Wed, 10 Jul 2019 18:12:23 -0600
Subject: [PATCH] Disable admin routes from policy checks

---
 src/api/security/MSCSecurity.ts | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/api/security/MSCSecurity.ts b/src/api/security/MSCSecurity.ts
index 4d80635..aa83210 100644
--- a/src/api/security/MSCSecurity.ts
+++ b/src/api/security/MSCSecurity.ts
@@ -15,6 +15,7 @@ export const ROLE_MSC_USER = "ROLE_MSC_USER";
 export const ROLE_MSC_ADMIN = "ROLE_MSC_ADMIN";
 
 const TERMS_IGNORED_ROUTES = [
+    {method: "*", path: "/api/v1/dimension/admin/"},
     {method: "GET", path: "/_matrix/integrations/v1/terms"},
     {method: "POST", path: "/_matrix/integrations/v1/terms"},
     {method: "POST", path: "/_matrix/integrations/v1/register"},
@@ -61,6 +62,10 @@ export default class MSCSecurity implements ServiceAuthenticator {
                     let needTerms = true;
                     if (req.method !== "OPTIONS") {
                         for (const route of TERMS_IGNORED_ROUTES) {
+                            if (route.method === "*" && req.path.startsWith(route.path)) {
+                                needTerms = false;
+                                break;
+                            }
                             if (route.method === req.method && route.path === req.path) {
                                 needTerms = false;
                                 break;