From e89530fb84e81f822d9c1a6b58d086d669fd9008 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Blin?=
 <sebastien.blin@savoirfairelinux.com>
Date: Thu, 14 Dec 2023 14:23:39 -0500
Subject: [PATCH] conversationrepository: fix level check for profile
 validation

If a member leaves the conversation after changing the profile,
it should not break the validation

Change-Id: I0a7135f8b2906a2049ca4443f6bddb9d44ee5cc8
---
 src/jamidht/conversationrepository.cpp | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/jamidht/conversationrepository.cpp b/src/jamidht/conversationrepository.cpp
index 283a560366..fd1675765f 100644
--- a/src/jamidht/conversationrepository.cpp
+++ b/src/jamidht/conversationrepository.cpp
@@ -1469,18 +1469,21 @@ ConversationRepository::Impl::checkValidProfileUpdate(const std::string& userDev
     if (userUri.empty())
         return false;
 
+    // Check if profile is changed by an user with correct privilege
     auto valid = false;
-    {
-        std::lock_guard<std::mutex> lk(membersMtx_);
-        for (const auto& member : members_) {
-            if (member.uri == userUri) {
-                valid = member.role <= updateProfilePermLvl_;
-                break;
-            }
-        }
+    if (updateProfilePermLvl_ == MemberRole::ADMIN) {
+        std::string adminFile = fmt::format("admins/{}.crt", userUri);
+        auto adminCert = fileAtTree(adminFile, treeNew);
+        valid |= adminCert != nullptr;
     }
+    if (updateProfilePermLvl_ >= MemberRole::MEMBER) {
+        std::string memberFile = fmt::format("members/{}.crt", userUri);
+        auto memberCert = fileAtTree(memberFile, treeNew);
+        valid |= memberCert != nullptr;
+    }
+
     if (!valid) {
-        JAMI_ERROR("Profile changed from unauthorized user: {}", userDevice);
+        JAMI_ERROR("Profile changed from unauthorized user: {} ({})", userDevice, userUri);
         return false;
     }
 
-- 
GitLab