From ae0835bf25e9681cdc8939eab6fa60378a696552 Mon Sep 17 00:00:00 2001
From: Pierre Lehnen <55164754+pierre-lehnen-rc@users.noreply.github.com>
Date: Fri, 1 Jul 2022 12:48:57 -0300
Subject: [PATCH] Chore: Room access validation may be called without user
 information (#26086)

---
 .../livechat/server/roomAccessValidator.internalService.ts    | 2 +-
 apps/meteor/server/sdk/types/IAuthorization.ts                | 4 ++--
 apps/meteor/server/sdk/types/IAuthorizationLivechat.ts        | 2 +-
 apps/meteor/server/services/authorization/canAccessRoom.ts    | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/meteor/app/livechat/server/roomAccessValidator.internalService.ts b/apps/meteor/app/livechat/server/roomAccessValidator.internalService.ts
index d33c08f6e69..dc1a1a6cbc8 100644
--- a/apps/meteor/app/livechat/server/roomAccessValidator.internalService.ts
+++ b/apps/meteor/app/livechat/server/roomAccessValidator.internalService.ts
@@ -9,7 +9,7 @@ export class AuthorizationLivechat extends ServiceClassInternal implements IAuth
 
 	protected internal = true;
 
-	async canAccessRoom(room: IOmnichannelRoom, user: Pick<IUser, '_id'>, extraData?: object): Promise<boolean> {
+	async canAccessRoom(room: IOmnichannelRoom, user?: Pick<IUser, '_id'>, extraData?: object): Promise<boolean> {
 		for (const validator of validators) {
 			if (validator(room, user, extraData)) {
 				return true;
diff --git a/apps/meteor/server/sdk/types/IAuthorization.ts b/apps/meteor/server/sdk/types/IAuthorization.ts
index 1e8e670d54a..4ea68135c51 100644
--- a/apps/meteor/server/sdk/types/IAuthorization.ts
+++ b/apps/meteor/server/sdk/types/IAuthorization.ts
@@ -2,7 +2,7 @@ import type { IRoom, IUser } from '@rocket.chat/core-typings';
 
 export type RoomAccessValidator = (
 	room: Pick<IRoom, '_id' | 't' | 'teamId' | 'prid'>,
-	user: Pick<IUser, '_id'>,
+	user?: Pick<IUser, '_id'>,
 	extraData?: Record<string, any>,
 ) => Promise<boolean>;
 
@@ -11,5 +11,5 @@ export interface IAuthorization {
 	hasPermission(userId: string, permissionId: string, scope?: string): Promise<boolean>;
 	hasAtLeastOnePermission(userId: string, permissions: string[], scope?: string): Promise<boolean>;
 	canAccessRoom: RoomAccessValidator;
-	canAccessRoomId(rid: IRoom['_id'], uid: IUser['_id']): Promise<boolean>;
+	canAccessRoomId(rid: IRoom['_id'], uid?: IUser['_id']): Promise<boolean>;
 }
diff --git a/apps/meteor/server/sdk/types/IAuthorizationLivechat.ts b/apps/meteor/server/sdk/types/IAuthorizationLivechat.ts
index 0fa37808433..0fb4ffcca8b 100644
--- a/apps/meteor/server/sdk/types/IAuthorizationLivechat.ts
+++ b/apps/meteor/server/sdk/types/IAuthorizationLivechat.ts
@@ -1,5 +1,5 @@
 import type { IOmnichannelRoom, IUser } from '@rocket.chat/core-typings';
 
 export interface IAuthorizationLivechat {
-	canAccessRoom: (room: IOmnichannelRoom, user: Pick<IUser, '_id'>, extraData?: Record<string, any>) => Promise<boolean>;
+	canAccessRoom: (room: IOmnichannelRoom, user?: Pick<IUser, '_id'>, extraData?: Record<string, any>) => Promise<boolean>;
 }
diff --git a/apps/meteor/server/services/authorization/canAccessRoom.ts b/apps/meteor/server/services/authorization/canAccessRoom.ts
index 4ff441cf63c..7552f0eeabe 100644
--- a/apps/meteor/server/services/authorization/canAccessRoom.ts
+++ b/apps/meteor/server/services/authorization/canAccessRoom.ts
@@ -7,7 +7,7 @@ import { RoomAccessValidator } from '../../sdk/types/IAuthorization';
 import { canAccessRoomLivechat } from './canAccessRoomLivechat';
 import { canAccessRoomVoip } from './canAccessRoomVoip';
 
-async function canAccessPublicRoom(user: Partial<IUser>): Promise<boolean> {
+async function canAccessPublicRoom(user?: Partial<IUser>): Promise<boolean> {
 	if (!user?._id) {
 		// TODO: it was using cached version from /app/settings/server/raw.js
 		const anon = await Settings.getValueById('Accounts_AllowAnonymousRead');
-- 
GitLab