From b76981b12aebd5df90598f69046abc09bb1e1b9e Mon Sep 17 00:00:00 2001 From: "H. Shay" Date: Thu, 17 Oct 2024 15:06:02 -0700 Subject: [PATCH] use admin to redact if the user isn't ours --- synapse/handlers/admin.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/synapse/handlers/admin.py b/synapse/handlers/admin.py index 851fe57a177..d1989e9d2c6 100644 --- a/synapse/handlers/admin.py +++ b/synapse/handlers/admin.py @@ -73,6 +73,8 @@ def __init__(self, hs: "HomeServer"): self._redact_all_events, REDACT_ALL_EVENTS_ACTION_NAME ) + self.hs = hs + async def get_redact_task(self, redact_id: str) -> Optional[ScheduledTask]: """Get the current status of an active redaction process @@ -423,8 +425,10 @@ async def _redact_all_events( user_id = task.params.get("user_id") assert user_id is not None + # puppet the user if they're ours, otherwise use admin to redact requester = create_requester( - user_id, authenticated_entity=admin.user.to_string() + user_id if self.hs.is_mine_id(user_id) else admin.user.to_string(), + authenticated_entity=admin.user.to_string(), ) reason = task.params.get("reason")