Add m.federate check too

Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
2026-03-13 06:54:10 +01:00 · 2025-01-25 12:31:17 +01:00 · 2025-01-25 12:31:17 +01:00 · 90cffdf405
parent a6f945fcbb
commit 90cffdf405
3 changed files with 21 additions and 15 deletions
--- a/changelogs/room_versions/newsfragments/2065.clarification
+++ b/changelogs/room_versions/newsfragments/2065.clarification
@ -1 +1 @@
-Clarify that events with rejected auth events must be rejected for room versions 6 and 7.
+For room versions 6 and 7, clarify in the authorization rules that `m.federate` must be checkd and that events with rejected auth events must be rejected, for parity with all the other room versions.
--- a/content/rooms/v6.md
+++ b/content/rooms/v6.md
@ -99,7 +99,10 @@ The rules are as follows:
        performed on receipt of a
        PDU](/server-server-api/#checks-performed-on-receipt-of-a-pdu), reject.
    4. If there is no `m.room.create` event among the entries, reject.
-3.  If type is `m.room.member`:
+3. If the `content` of the `m.room.create` event in the room state has the
+   property `m.federate` set to `false`, and the `sender` domain of the event
+   does not match the `sender` domain of the create event, reject.
+4.  If type is `m.room.member`:
    1.  If there is no `state_key` property, or no `membership` property in
        `content`, reject.
    2.  If `membership` is `join`:
@ -157,15 +160,15 @@ The rules are as follows:
            than the `sender`'s power level, allow.
        3.  Otherwise, reject.
    6.  Otherwise, the membership is unknown. Reject.
-4.  If the `sender`'s current membership state is not `join`, reject.
-5.  If type is `m.room.third_party_invite`:
+5.  If the `sender`'s current membership state is not `join`, reject.
+6.  If type is `m.room.third_party_invite`:
    1.  Allow if and only if `sender`'s current power level is greater
        than or equal to the *invite level*.
-6.  If the event type's *required power level* is greater than the
+7.  If the event type's *required power level* is greater than the
    `sender`'s power level, reject.
-7.  If the event has a `state_key` that starts with an `@` and does not
+8.  If the event has a `state_key` that starts with an `@` and does not
    match the `sender`, reject.
-8. If type is `m.room.power_levels`:
+9. If type is `m.room.power_levels`:
    1.  If the `users` property in `content` is not an object with keys that
        are valid user IDs with values that are integers (or a string
        that is an integer), reject.
@ -196,7 +199,7 @@ The rules are as follows:
        1.  If the new value is greater than the `sender`'s current power
            level, reject.
    8. Otherwise, allow.
-9. Otherwise, allow.
+10. Otherwise, allow.

 {{% boxes/note %}}
 Some consequences of these rules:
--- a/content/rooms/v7.md
+++ b/content/rooms/v7.md
@ -85,7 +85,10 @@ The rules are as follows:
        performed on receipt of a
        PDU](/server-server-api/#checks-performed-on-receipt-of-a-pdu), reject.
    4. If there is no `m.room.create` event among the entries, reject.
-3.  If type is `m.room.member`:
+3. If the `content` of the `m.room.create` event in the room state has the
+   property `m.federate` set to `false`, and the `sender` domain of the event
+   does not match the `sender` domain of the create event, reject.
+4.  If type is `m.room.member`:
    1.  If there is no `state_key` property, or no `membership` property in
        `content`, reject.
    2.  If `membership` is `join`:
@ -153,15 +156,15 @@ The rules are as follows:
            or `join`, allow.
        4.  Otherwise, reject.
    7.  Otherwise, the membership is unknown. Reject.
-4.  If the `sender`'s current membership state is not `join`, reject.
-5.  If type is `m.room.third_party_invite`:
+5.  If the `sender`'s current membership state is not `join`, reject.
+6.  If type is `m.room.third_party_invite`:
    1.  Allow if and only if `sender`'s current power level is greater
        than or equal to the *invite level*.
-6.  If the event type's *required power level* is greater than the
+7.  If the event type's *required power level* is greater than the
    `sender`'s power level, reject.
-7.  If the event has a `state_key` that starts with an `@` and does not
+8.  If the event has a `state_key` that starts with an `@` and does not
    match the `sender`, reject.
-8. If type is `m.room.power_levels`:
+9. If type is `m.room.power_levels`:
    1.  If the `users` property in `content` is not an object with keys that
        are valid user IDs with values that are integers (or a string
        that is an integer), reject.
@ -190,7 +193,7 @@ The rules are as follows:
        1.  If the new value is greater than the `sender`'s current power
            level, reject.
    8. Otherwise, allow..
-9. Otherwise, allow.
+10. Otherwise, allow.

 {{% boxes/note %}}
 Some consequences of these rules: