Fix knock->leave transition in auth rules (#3694)

* Fix knock->leave transition in auth rules This was an oversight from knocking being added. For safety, this has been verified as at least intended by Synapse to work: f5e2cde3f5/synapse/event_auth.py (L390-L391) * changelog
2022-02-02 08:41:49 -07:00 · 2022-02-02 08:41:49 -07:00 · 0f9eadd1a1
commit 0f9eadd1a1
parent 2cd2a7122c
3 changed files with 5 additions and 2 deletions
--- a/content/rooms/fragments/v8-auth-rules.md
+++ b/content/rooms/fragments/v8-auth-rules.md
@ -91,7 +91,8 @@ The rules are as follows:
        5.  Otherwise, reject.
    5.  If `membership` is `leave`:
        1.  If the `sender` matches `state_key`, allow if and only if
-            that user's current membership state is `invite` or `join`.
+            that user's current membership state is `invite`, `join`,
+            or `knock`.
        2.  If the `sender`'s current membership state is not `join`,
            reject.
        3.  If the *target user*'s current membership state is `ban`,
--- a/content/rooms/v7.md
+++ b/content/rooms/v7.md
@ -114,7 +114,8 @@ The rules are as follows:
        5.  Otherwise, reject.
    4.  If `membership` is `leave`:
        1.  If the `sender` matches `state_key`, allow if and only if
-            that user's current membership state is `invite` or `join`.
+            that user's current membership state is `invite`, `join`,
+            or `knock`.
        2.  If the `sender`'s current membership state is not `join`,
            reject.
        3.  If the *target user*'s current membership state is `ban`,