join_authorised_via_users_server
user must be joined to the room
#1477
Labels
A-Room-spec
Something to do with the room version specifications
A-S2S
Server-to-Server API (federation)
spec-omission
implemented but not currently specified
Link to problem area: https://spec.matrix.org/v1.6/rooms/v10/#authorization-rules (and room versions using the same condition)
Issue
Under 4.3.5.2 we only verify that the user has permission to do it, but in practice we also pull their membership event to ensure they're also joined to the room.
This is a documentation error: implementation and the original MSC both require the referenced user.
Implementation (Synapse): https://github.com/matrix-org/synapse/blob/a368d30c1cfe7457fca4fcdd03ae481ba65a226c/synapse/event_auth.py#L632
The MSC states:
Additionally, the
auth_events
restriction is not mentioned in the spec:but is added by Synapse here
The text was updated successfully, but these errors were encountered: