Request to join checks

commonspace/object/acl/list/aclrecordbuilder.go

@@ -488,7 +488,7 @@ func (a *aclRecordBuilder) buildInviteRevoke(inviteRecordId string) (value *aclr
 func (a *aclRecordBuilder) BuildRequestJoin(payload RequestJoinPayload) (rawRecord *consensusproto.RawRecord, err error) {
 	var inviteId string
 	for id, inv := range a.state.invites {
-		if inv.Key.Equals(payload.InviteKey.GetPublic()) && inv.Type == aclrecordproto.AclInviteType_RequestToJoin {
+		if inv.Key.Equals(payload.InviteKey.GetPublic()) {
 			inviteId = id
 		}
 	}

commonspace/object/acl/list/acltestsuite_test.go

@@ -142,6 +142,8 @@ func TestAclExecutor(t *testing.T) {
 		{"a.batch::revoke:oldInvId;invite_anyone:someId,a", nil},
 		{"new4.invite_join::someId", nil},
 		{"new4.add::super,r,superm", nil},
+		// check that users can't join using request to join for anyone can join links
+		{"new5.join::someId", ErrNoSuchInvite},
 	}
 	for _, cmd := range cmds {
 		err := a.Execute(cmd.cmd)

commonspace/object/acl/list/validator.go

@@ -282,6 +282,9 @@ func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequ
 	if !c.aclState.Permissions(authorIdentity).NoPermissions() {
 		return ErrInsufficientPermissions
 	}
+	if invite.Type != aclrecordproto.AclInviteType_RequestToJoin {
+		return ErrNoSuchInvite
+	}
 	inviteIdentity, err := c.keyStore.PubKeyFromProto(ch.InviteIdentity)
 	if err != nil {
 		return