summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--changelog.d/7260.bugfix1
-rw-r--r--synapse/handlers/room.py7
2 files changed, 8 insertions, 0 deletions
diff --git a/changelog.d/7260.bugfix b/changelog.d/7260.bugfix
new file mode 100644

index 0000000000..9e50b56f23
--- /dev/null
+++ b/changelog.d/7260.bugfix
@@ -0,0 +1 @@
+Fix room publish permissions not being checked on room creation.
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py

index df3e0cff67..3d10e4b2d9 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -645,6 +645,13 @@ class RoomCreationHandler(BaseHandler):
                 check_membership=False,
             )
 
+        if is_public:
+            if not self.config.is_publishing_room_allowed(user_id, room_id, room_alias):
+                # Lets just return a generic message, as there may be all sorts of
+                # reasons why we said no. TODO: Allow configurable error messages
+                # per alias creation rule?
+                raise SynapseError(403, "Not allowed to publish room")
+
         preset_config = config.get(
             "preset",
             RoomCreationPreset.PRIVATE_CHAT
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-03-13 02:10:18 +0000