summary refs log tree commit diff
path: root/synapse/event_auth.py
diff options
context:
space:
mode:
authorChen Zhang <c.expecto.patronum@gmail.com>2023-08-29 02:37:09 -0700
committerGitHub <noreply@github.com>2023-08-29 10:37:09 +0100
commit692ee2af190a82f2484427d0be773a0ff5282be1 (patch)
tree982f1b162f955758ff182fbda26ea22aea655e9a /synapse/event_auth.py
parentPass the device ID around in the presence handler (#16171) (diff)
downloadsynapse-692ee2af190a82f2484427d0be773a0ff5282be1.tar.xz
Fix inaccurate error message while trying to ban or unban a user with the same or higher PL (#16205)
Diffstat (limited to 'synapse/event_auth.py')
-rw-r--r--synapse/event_auth.py8
1 files changed, 7 insertions, 1 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index 3a260a492b..531bb74f07 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -669,12 +669,18 @@ def _is_membership_change_allowed(
                     errcode=Codes.INSUFFICIENT_POWER,
                 )
     elif Membership.BAN == membership:
-        if user_level < ban_level or user_level <= target_level:
+        if user_level < ban_level:
             raise UnstableSpecAuthError(
                 403,
                 "You don't have permission to ban",
                 errcode=Codes.INSUFFICIENT_POWER,
             )
+        elif user_level <= target_level:
+            raise UnstableSpecAuthError(
+                403,
+                "You don't have permission to ban this user",
+                errcode=Codes.INSUFFICIENT_POWER,
+            )
     elif room_version.knock_join_rule and Membership.KNOCK == membership:
         if join_rule != JoinRules.KNOCK and (
             not room_version.knock_restricted_join_rule