Clarify that redaction events are subject to auth rules #1824
Conversation
It might be helpful to summarise what the misunderstanding was, for future reference. The discussion in the room is rather verbose. |
|
... though having read the diff I think I can guess what the misunderstanding was. |
|
The misunderstanding was that 'are not explicitly part of the auth rules' and 'should always fall into "10. Otherwise, allow".' was interpreted as meaning that redaction events are not subject to the auth rules at all.
|
|
For reference, the affected part of the spec is https://spec.matrix.org/v1.10/rooms/v3/#authorization-rules, and similar in subsequent room versions. |
There was a problem hiding this comment.
Thanks for this. I think it helps, but I think it could be clearer.
Also, please add a sign-off to the PR, per https://github.com/matrix-org/matrix-spec/blob/main/CONTRIBUTING.rst#sign-off
Signed-off-by: Matthias Ahouansou <matthias@ahouansou.cz>
|
Can you add the sign-off to the PR description, please? Otherwise we don't have sign-off for your first commit |
|
Just to ensure you are aware, I have signed off the pull request now.
|
| @@ -99,7 +99,7 @@ level_ is **not** considered by the auth rules. | |||
|
|
|||
| The ability to send a redaction event does not mean that the redaction itself should | |||
| be performed. Receiving servers must perform additional checks, as described in | |||
| the [Redactions](#redactions) section below. | |||
| the [Handling redactions](#handling-redactions) section. | |||
There was a problem hiding this comment.
It is below in v10, but ... 🤷♂️
Context: there was a misunderstanding about how redactions interact with auth rules.
Signed-off-by: Matthias Ahouansou matthias@ahouansou.cz
Preview: https://pr1824--matrix-spec-previews.netlify.app