Move third_party_rules check to event creation time

Rather than waiting until we handle the event, call the ThirdPartyRules check
when we fist create the event.

1 files changed, 11 insertions, 8 deletions

diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index c52e6824d3..987c759791 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -795,6 +795,17 @@ class EventCreationHandler:
         if requester:
             context.app_service = requester.app_service
 
+        event_allowed = await self.third_party_event_rules.check_event_allowed(
+            event, context
+        )
+        if not event_allowed:
+            logger.info(
+                "Event %s forbidden by third-party rules", event,
+            )
+            raise SynapseError(
+                403, "This event is not allowed in this context", Codes.FORBIDDEN
+            )
+
         self.validator.validate_new(event, self.config)
 
         # If this event is an annotation then we check that that the sender
@@ -881,14 +892,6 @@ class EventCreationHandler:
         else:
             room_version = await self.store.get_room_version_id(event.room_id)
 
-        event_allowed = await self.third_party_event_rules.check_event_allowed(
-            event, context
-        )
-        if not event_allowed:
-            raise SynapseError(
-                403, "This event is not allowed in this context", Codes.FORBIDDEN
-            )
-
         if event.internal_metadata.is_out_of_band_membership():
             # the only sort of out-of-band-membership events we expect to see here
             # are invite rejections we have generated ourselves.