Skip to content

fix: upload not working #225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rodrigok merged 1 commit into from
Sep 25, 2025
Merged

fix: upload not working #225

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions biome.jsonc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@
"**/node_modules",
".vscode",
"dist",
"federation-bundle",
"link",
".turbo",
"tsconfig.*.json"
Expand Down
14 changes: 0 additions & 14 deletions packages/federation-sdk/src/container.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,6 @@ import { EventStagingRepository } from './repositories/event-staging.repository'
import { EventRepository } from './repositories/event.repository';
import { Key, KeyRepository } from './repositories/key.repository';
import { Lock, LockRepository } from './repositories/lock.repository';
import {
MatrixBridgedRoom,
MatrixBridgedRoomRepository,
} from './repositories/matrix-bridged-room.repository';
import { Room, RoomRepository } from './repositories/room.repository';
import { Server, ServerRepository } from './repositories/server.repository';
import { StateRepository, StateStore } from './repositories/state.repository';
Expand Down Expand Up @@ -98,23 +94,13 @@ export async function createFederationContainer(
useValue: db.collection<Upload>('rocketchat_uploads'),
});

container.register<Collection<MatrixBridgedRoom>>(
'MatrixBridgedRoomCollection',
{
useValue: db.collection<MatrixBridgedRoom>(
'rocketchat_matrix_bridged_rooms',
),
},
);

container.registerSingleton(EventRepository);
container.registerSingleton(EventStagingRepository);
container.registerSingleton(KeyRepository);
container.registerSingleton(LockRepository);
container.registerSingleton(RoomRepository);
container.registerSingleton(StateRepository);
container.registerSingleton(ServerRepository);
container.registerSingleton(MatrixBridgedRoomRepository);
container.registerSingleton(UploadRepository);

container.registerSingleton(FederationRequestService);
Expand Down
24 changes: 0 additions & 24 deletions packages/federation-sdk/src/repositories/matrix-bridged-room.repository.ts
View file
Open in desktop

This file was deleted.

7 changes: 3 additions & 4 deletions packages/federation-sdk/src/repositories/upload.repository.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ export type Upload = {
rid: string;
federation: {
mxcUri: string;
mrid: string;
serverName: string;
mediaId: string;
};
Expand All @@ -16,11 +17,9 @@ export class UploadRepository {
@inject('UploadCollection') private readonly collection: Collection<Upload>,
) {}

async findRocketChatRoomIdByMediaId(mediaId: string): Promise<string | null> {
const upload = await this.collection.findOne({
async findByMediaId(mediaId: string): Promise<Upload | null> {
return this.collection.findOne({
'federation.mediaId': mediaId,
});

return upload?.rid || null;
}
}
14 changes: 3 additions & 11 deletions packages/federation-sdk/src/services/event-authorization.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ import type {
} from '@rocket.chat/federation-room';
import { singleton } from 'tsyringe';
import { KeyRepository } from '../repositories/key.repository';
import { MatrixBridgedRoomRepository } from '../repositories/matrix-bridged-room.repository';
import { UploadRepository } from '../repositories/upload.repository';
import { ConfigService } from './config.service';
import { EventService } from './event.service';
Expand All @@ -28,7 +27,6 @@ export class EventAuthorizationService {
private readonly eventService: EventService,
private readonly configService: ConfigService,
private readonly uploadRepository: UploadRepository,
private readonly matrixBridgedRoomRepository: MatrixBridgedRoomRepository,
private readonly keyRepository: KeyRepository,
) {}

Expand Down Expand Up @@ -367,19 +365,13 @@ export class EventAuthorizationService {
// TODO duplicated from canAccessEvent. need to refactor into a common method
async canAccessMedia(mediaId: string, serverName: string): Promise<boolean> {
try {
const rcRoomId =
await this.uploadRepository.findRocketChatRoomIdByMediaId(mediaId);
if (!rcRoomId) {
const rcUpload = await this.uploadRepository.findByMediaId(mediaId);
if (!rcUpload) {
this.logger.debug(`Media ${mediaId} not found in any room`);
return false;
}

const matrixRoomId =
await this.matrixBridgedRoomRepository.findMatrixRoomId(rcRoomId);
if (!matrixRoomId) {
this.logger.debug(`Media ${mediaId} not found in any room`);
return false;
}
const matrixRoomId = rcUpload.federation.mrid;

Comment on lines +368 to 375
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Guard against missing federation.mrid to prevent runtime crash.

Older upload docs may lack federation or mrid. Accessing rcUpload.federation.mrid can throw.

Apply this diff:

-			const rcUpload = await this.uploadRepository.findByMediaId(mediaId);
-			if (!rcUpload) {
+			const rcUpload = await this.uploadRepository.findByMediaId(mediaId);
+			if (!rcUpload) {
 				this.logger.debug(`Media ${mediaId} not found in any room`);
 				return false;
 			}
-
-			const matrixRoomId = rcUpload.federation.mrid;
+			const matrixRoomId = rcUpload.federation?.mrid;
+			if (!matrixRoomId) {
+				this.logger.debug(
+					`Media ${mediaId} found but missing federation.mrid; denying access`,
+				);
+				return false;
+			}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const rcUpload = await this.uploadRepository.findByMediaId(mediaId);
if (!rcUpload) {
this.logger.debug(`Media ${mediaId} not found in any room`);
return false;
}
const matrixRoomId =
await this.matrixBridgedRoomRepository.findMatrixRoomId(rcRoomId);
if (!matrixRoomId) {
this.logger.debug(`Media ${mediaId} not found in any room`);
return false;
}
const matrixRoomId = rcUpload.federation.mrid;
const rcUpload = await this.uploadRepository.findByMediaId(mediaId);
if (!rcUpload) {
this.logger.debug(`Media ${mediaId} not found in any room`);
return false;
}
const matrixRoomId = rcUpload.federation?.mrid;
if (!matrixRoomId) {
this.logger.debug(
`Media ${mediaId} found but missing federation.mrid; denying access`,
);
return false;
}
🤖 Prompt for AI Agents 
In packages/federation-sdk/src/services/event-authorization.service.ts around
lines 368 to 375, accessing rcUpload.federation.mrid may throw for older upload
docs missing federation or mrid; guard by checking rcUpload.federation and
rcUpload.federation.mrid before reading it, log a debug/warn with the mediaId if
missing, and return false (or otherwise bail out) instead of dereferencing;
ensure matrixRoomId is only assigned after the presence check and keep typesafe
access (optional: narrow types or use optional chaining with a clear fallback
and early return).

const state = await this.stateService.getFullRoomState(matrixRoomId);

Expand Down