add room invite check on canAccessResource validation

ricardogarim · ricardogarim · commit c581cc0686be · 2025-10-01T07:09:30.000-03:00
diff --git a/packages/federation-sdk/src/services/event-authorization.service.ts b/packages/federation-sdk/src/services/event-authorization.service.ts
@@ -267,6 +267,22 @@ export class EventAuthorizationService {
 			return true;
 		}
 
+		for (const [key, event] of state.entries()) {
+			if (key.startsWith('m.room.member:') && event?.isMembershipEvent()) {
+				const membership = event.getContent().membership;
+				const stateKey = event.stateKey;
+				if (membership === 'invite' && stateKey) {
+					const invitedUserServer = stateKey.split(':').pop();
+					if (invitedUserServer === serverName) {
+						this.logger.debug(
+							`Server ${serverName} has pending invites in room, allowing access`,
+						);
+						return true;
+					}
+				}
+			}
+		}
+
 		const historyVisibilityEvent = state.get('m.room.history_visibility:');
 		if (
 			historyVisibilityEvent?.isHistoryVisibilityEvent() &&
diff --git a/packages/homeserver/src/middlewares/canAccessResource.ts b/packages/homeserver/src/middlewares/canAccessResource.ts
@@ -3,14 +3,8 @@ import { errCodes } from '@rocket.chat/federation-sdk';
 import Elysia from 'elysia';
 import { isAuthenticatedMiddleware } from './isAuthenticated';
 
-type RoutesParams = {
-	roomId?: string;
-	mediaId?: string;
-	eventId?: string;
-};
-
 function extractEntityId(
-	params: RoutesParams,
+	params: { roomId?: string; mediaId?: string; eventId?: string },
 	entityType: 'event' | 'media' | 'room',
 ): string {
 	if (entityType === 'room') {
