Cleanup remaining statekey usage for senderIDs (#3106)

roomserver/internal/helpers/helpers.go

@@ -6,7 +6,6 @@ import (
 	"errors"
 	"fmt"
 	"sort"
-	"strings"
 
 	"github.com/matrix-org/gomatrixserverlib"
 	"github.com/matrix-org/gomatrixserverlib/spec"
@@ -55,9 +54,10 @@ func UpdateToInviteMembership(
 			Type: api.OutputTypeRetireInviteEvent,
 			RetireInviteEvent: &api.OutputRetireInviteEvent{
 				EventID:          eventID,
+				RoomID:           add.RoomID(),
 				Membership:       spec.Join,
 				RetiredByEventID: add.EventID(),
-				TargetUserID:     *add.StateKey(),
+				TargetSenderID:   spec.SenderID(*add.StateKey()),
 			},
 		})
 	}
@@ -94,13 +94,13 @@ func IsServerCurrentlyInRoom(ctx context.Context, db storage.Database, serverNam
 	for i := range events {
 		gmslEvents[i] = events[i].PDU
 	}
-	return auth.IsAnyUserOnServerWithMembership(serverName, gmslEvents, spec.Join), nil
+	return auth.IsAnyUserOnServerWithMembership(ctx, db, serverName, gmslEvents, spec.Join), nil
 }
 
 func IsInvitePending(
 	ctx context.Context, db storage.Database,
-	roomID, userID string,
-) (bool, string, string, gomatrixserverlib.PDU, error) {
+	roomID string, senderID spec.SenderID,
+) (bool, spec.SenderID, string, gomatrixserverlib.PDU, error) {
 	// Look up the room NID for the supplied room ID.
 	info, err := db.RoomInfo(ctx, roomID)
 	if err != nil {
@@ -111,13 +111,13 @@ func IsInvitePending(
 	}
 
 	// Look up the state key NID for the supplied user ID.
-	targetUserNIDs, err := db.EventStateKeyNIDs(ctx, []string{userID})
+	targetUserNIDs, err := db.EventStateKeyNIDs(ctx, []string{string(senderID)})
 	if err != nil {
 		return false, "", "", nil, fmt.Errorf("r.DB.EventStateKeyNIDs: %w", err)
 	}
-	targetUserNID, targetUserFound := targetUserNIDs[userID]
+	targetUserNID, targetUserFound := targetUserNIDs[string(senderID)]
 	if !targetUserFound {
-		return false, "", "", nil, fmt.Errorf("missing NID for user %q (%+v)", userID, targetUserNIDs)
+		return false, "", "", nil, fmt.Errorf("missing NID for user %q (%+v)", senderID, targetUserNIDs)
 	}
 
 	// Let's see if we have an event active for the user in the room. If
@@ -156,7 +156,7 @@ func IsInvitePending(
 
 	event, err := verImpl.NewEventFromTrustedJSON(eventJSON, false)
 
-	return true, senderUser, userNIDToEventID[senderUserNIDs[0]], event, err
+	return true, spec.SenderID(senderUser), userNIDToEventID[senderUserNIDs[0]], event, err
 }
 
 // GetMembershipsAtState filters the state events to
@@ -264,7 +264,7 @@ func LoadStateEvents(
 }
 
 func CheckServerAllowedToSeeEvent(
-	ctx context.Context, db storage.Database, info *types.RoomInfo, eventID string, serverName spec.ServerName, isServerInRoom bool,
+	ctx context.Context, db storage.Database, info *types.RoomInfo, roomID string, eventID string, serverName spec.ServerName, isServerInRoom bool,
 ) (bool, error) {
 	stateAtEvent, err := db.GetHistoryVisibilityState(ctx, info, eventID, string(serverName))
 	switch err {
@@ -273,7 +273,7 @@ func CheckServerAllowedToSeeEvent(
 	case tables.OptimisationNotSupportedError:
 		// The database engine didn't support this optimisation, so fall back to using
 		// the old and slow method
-		stateAtEvent, err = slowGetHistoryVisibilityState(ctx, db, info, eventID, serverName)
+		stateAtEvent, err = slowGetHistoryVisibilityState(ctx, db, info, roomID, eventID, serverName)
 		if err != nil {
 			return false, err
 		}
@@ -288,11 +288,11 @@ func CheckServerAllowedToSeeEvent(
 			return false, err
 		}
 	}
-	return auth.IsServerAllowed(serverName, isServerInRoom, stateAtEvent), nil
+	return auth.IsServerAllowed(ctx, db, serverName, isServerInRoom, stateAtEvent), nil
 }
 
 func slowGetHistoryVisibilityState(
-	ctx context.Context, db storage.Database, info *types.RoomInfo, eventID string, serverName spec.ServerName,
+	ctx context.Context, db storage.Database, info *types.RoomInfo, roomID, eventID string, serverName spec.ServerName,
 ) ([]gomatrixserverlib.PDU, error) {
 	roomState := state.NewStateResolution(db, info)
 	stateEntries, err := roomState.LoadStateAtEvent(ctx, eventID)
@@ -319,8 +319,13 @@ func slowGetHistoryVisibilityState(
 	// then we'll filter it out. This does preserve state keys that
 	// are "" since these will contain history visibility etc.
 	for nid, key := range stateKeys {
-		if key != "" && !strings.HasSuffix(key, ":"+string(serverName)) {
-			delete(stateKeys, nid)
+		if key != "" {
+			userID, err := db.GetUserIDForSender(ctx, roomID, spec.SenderID(key))
+			if err == nil && userID != nil {
+				if userID.Domain() != serverName {
+					delete(stateKeys, nid)
+				}
+			}
 		}
 	}
 
@@ -410,7 +415,7 @@ BFSLoop:
 				// hasn't been seen before.
 				if !visited[pre] {
 					visited[pre] = true
-					allowed, err = CheckServerAllowedToSeeEvent(ctx, db, info, pre, serverName, isServerInRoom)
+					allowed, err = CheckServerAllowedToSeeEvent(ctx, db, info, ev.RoomID(), pre, serverName, isServerInRoom)
 					if err != nil {
 						util.GetLogger(ctx).WithField("server", serverName).WithField("event_id", pre).WithError(err).Error(
 							"Error checking if allowed to see event",

roomserver/internal/helpers/helpers_test.go

@@ -8,6 +8,7 @@ import (
 	"github.com/matrix-org/dendrite/internal/caching"
 	"github.com/matrix-org/dendrite/internal/sqlutil"
 	"github.com/matrix-org/dendrite/setup/config"
+	"github.com/matrix-org/gomatrixserverlib/spec"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/matrix-org/dendrite/roomserver/types"
@@ -58,12 +59,12 @@ func TestIsInvitePendingWithoutNID(t *testing.T) {
 		}
 
 		// Alice should have no pending invites and should have a NID
-		pendingInvite, _, _, _, err := IsInvitePending(context.Background(), db, room.ID, alice.ID)
+		pendingInvite, _, _, _, err := IsInvitePending(context.Background(), db, room.ID, spec.SenderID(alice.ID))
 		assert.NoError(t, err, "failed to get pending invites")
 		assert.False(t, pendingInvite, "unexpected pending invite")
 
 		// Bob should have no pending invites and receive a new NID
-		pendingInvite, _, _, _, err = IsInvitePending(context.Background(), db, room.ID, bob.ID)
+		pendingInvite, _, _, _, err = IsInvitePending(context.Background(), db, room.ID, spec.SenderID(bob.ID))
 		assert.NoError(t, err, "failed to get pending invites")
 		assert.False(t, pendingInvite, "unexpected pending invite")
 	})

roomserver/internal/input/input_events.go

@@ -842,17 +842,15 @@ func (r *Inputer) kickGuests(ctx context.Context, event gomatrixserverlib.PDU, r
 			continue
 		}
 
-		// TODO: pseudoIDs: get userID for room using state key (which is now senderID)
-		localpart, senderDomain, err := gomatrixserverlib.SplitID('@', *memberEvent.StateKey())
+		memberUserID, err := r.Queryer.QueryUserIDForSender(ctx, memberEvent.RoomID(), spec.SenderID(*memberEvent.StateKey()))
 		if err != nil {
 			continue
 		}
 
-		// TODO: pseudoIDs: query account by state key (which is now senderID)
 		accountRes := &userAPI.QueryAccountByLocalpartResponse{}
 		if err = r.UserAPI.QueryAccountByLocalpart(ctx, &userAPI.QueryAccountByLocalpartRequest{
-			Localpart:  localpart,
-			ServerName: senderDomain,
+			Localpart:  memberUserID.Local(),
+			ServerName: memberUserID.Domain(),
 		}, accountRes); err != nil {
 			return err
 		}
@@ -896,8 +894,8 @@ func (r *Inputer) kickGuests(ctx context.Context, event gomatrixserverlib.PDU, r
 		inputEvents = append(inputEvents, api.InputRoomEvent{
 			Kind:         api.KindNew,
 			Event:        event,
-			Origin:       senderDomain,
-			SendAsServer: string(senderDomain),
+			Origin:       memberUserID.Domain(),
+			SendAsServer: string(memberUserID.Domain()),
 		})
 		prevEvents = []string{event.EventID()}
 	}

roomserver/internal/input/input_membership.go

@@ -18,7 +18,6 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/matrix-org/gomatrixserverlib"
 	"github.com/matrix-org/gomatrixserverlib/spec"
 
 	"github.com/matrix-org/dendrite/internal"
@@ -72,7 +71,7 @@ func (r *Inputer) updateMemberships(
 		if change.addedEventNID != 0 {
 			ae, _ = helpers.EventMap(events).Lookup(change.addedEventNID)
 		}
-		if updates, err = r.updateMembership(updater, targetUserNID, re, ae, updates); err != nil {
+		if updates, err = r.updateMembership(ctx, updater, targetUserNID, re, ae, updates); err != nil {
 			return nil, err
 		}
 	}
@@ -80,6 +79,7 @@ func (r *Inputer) updateMemberships(
 }
 
 func (r *Inputer) updateMembership(
+	ctx context.Context,
 	updater *shared.RoomUpdater,
 	targetUserNID types.EventStateKeyNID,
 	remove, add *types.Event,
@@ -97,7 +97,7 @@ func (r *Inputer) updateMembership(
 
 	var targetLocal bool
 	if add != nil {
-		targetLocal = r.isLocalTarget(add)
+		targetLocal = r.isLocalTarget(ctx, add)
 	}
 
 	mu, err := updater.MembershipUpdater(targetUserNID, targetLocal)
@@ -136,11 +136,14 @@ func (r *Inputer) updateMembership(
 	}
 }
 
-func (r *Inputer) isLocalTarget(event *types.Event) bool {
+func (r *Inputer) isLocalTarget(ctx context.Context, event *types.Event) bool {
 	isTargetLocalUser := false
 	if statekey := event.StateKey(); statekey != nil {
-		_, domain, _ := gomatrixserverlib.SplitID('@', *statekey)
-		isTargetLocalUser = domain == r.ServerName
+		userID, err := r.Queryer.QueryUserIDForSender(ctx, event.RoomID(), spec.SenderID(*statekey))
+		if err != nil || userID == nil {
+			return isTargetLocalUser
+		}
+		isTargetLocalUser = userID.Domain() == r.ServerName
 	}
 	return isTargetLocalUser
 }
@@ -161,9 +164,10 @@ func updateToJoinMembership(
 			Type: api.OutputTypeRetireInviteEvent,
 			RetireInviteEvent: &api.OutputRetireInviteEvent{
 				EventID:          eventID,
+				RoomID:           add.RoomID(),
 				Membership:       spec.Join,
 				RetiredByEventID: add.EventID(),
-				TargetUserID:     *add.StateKey(),
+				TargetSenderID:   spec.SenderID(*add.StateKey()),
 			},
 		})
 	}
@@ -187,9 +191,10 @@ func updateToLeaveMembership(
 			Type: api.OutputTypeRetireInviteEvent,
 			RetireInviteEvent: &api.OutputRetireInviteEvent{
 				EventID:          eventID,
+				RoomID:           add.RoomID(),
 				Membership:       newMembership,
 				RetiredByEventID: add.EventID(),
-				TargetUserID:     *add.StateKey(),
+				TargetSenderID:   spec.SenderID(*add.StateKey()),
 			},
 		})
 	}

roomserver/internal/perform/perform_admin.go

@@ -149,11 +149,11 @@ func (r *Admin) PerformAdminEvacuateUser(
 	ctx context.Context,
 	userID string,
 ) (affected []string, err error) {
-	_, domain, err := gomatrixserverlib.SplitID('@', userID)
+	fullUserID, err := spec.NewUserID(userID, true)
 	if err != nil {
 		return nil, err
 	}
-	if !r.Cfg.Matrix.IsLocalServerName(domain) {
+	if !r.Cfg.Matrix.IsLocalServerName(fullUserID.Domain()) {
 		return nil, fmt.Errorf("can only evacuate local users using this endpoint")
 	}
 
@@ -172,7 +172,7 @@ func (r *Admin) PerformAdminEvacuateUser(
 	for _, roomID := range allRooms {
 		leaveReq := &api.PerformLeaveRequest{
 			RoomID: roomID,
-			UserID: userID,
+			Leaver: *fullUserID,
 		}
 		leaveRes := &api.PerformLeaveResponse{}
 		outputEvents, err := r.Leaver.PerformLeave(ctx, leaveReq, leaveRes)

roomserver/internal/perform/perform_backfill.go

@@ -582,7 +582,7 @@ func joinEventsFromHistoryVisibility(
 	}
 
 	// Can we see events in the room?
-	canSeeEvents := auth.IsServerAllowed(thisServer, true, events)
+	canSeeEvents := auth.IsServerAllowed(ctx, db, thisServer, true, events)
 	visibility := auth.HistoryVisibilityForRoom(events)
 	if !canSeeEvents {
 		logrus.Infof("ServersAtEvent history not visible to us: %s", visibility)

roomserver/internal/perform/perform_create_room.go

@@ -63,9 +63,17 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 			}
 		}
 	}
-	createContent["creator"] = userID.String()
+	senderID, err := c.DB.GetSenderIDForUser(ctx, roomID.String(), userID)
+	if err != nil {
+		util.GetLogger(ctx).WithError(err).Error("Failed getting senderID for user")
+		return "", &util.JSONResponse{
+			Code: http.StatusInternalServerError,
+			JSON: spec.InternalServerError{},
+		}
+	}
+	createContent["creator"] = senderID
 	createContent["room_version"] = createRequest.RoomVersion
-	powerLevelContent := eventutil.InitialPowerLevelsContent(userID.String())
+	powerLevelContent := eventutil.InitialPowerLevelsContent(string(senderID))
 	joinRuleContent := gomatrixserverlib.JoinRuleContent{
 		JoinRule: spec.Invite,
 	}
@@ -121,7 +129,7 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 	}
 	membershipEvent := gomatrixserverlib.FledglingEvent{
 		Type:     spec.MRoomMember,
-		StateKey: userID.String(),
+		StateKey: string(senderID),
 		Content: gomatrixserverlib.MemberContent{
 			Membership:  spec.Join,
 			DisplayName: createRequest.UserDisplayName,
@@ -270,7 +278,6 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 
 	var builtEvents []*types.HeaderedEvent
 	authEvents := gomatrixserverlib.NewAuthEvents(nil)
-	senderID, err := c.RSAPI.QuerySenderIDForUser(ctx, roomID.String(), userID)
 	if err != nil {
 		util.GetLogger(ctx).WithError(err).Error("rsapi.QuerySenderIDForUser failed")
 		return "", &util.JSONResponse{

roomserver/internal/perform/perform_invite.go

@@ -134,12 +134,12 @@ func (r *Inviter) PerformInvite(
 		return api.ErrInvalidID{Err: fmt.Errorf("the invite must be from a local user")}
 	}
 
-	if event.StateKey() == nil {
+	if event.StateKey() == nil || *event.StateKey() == "" {
 		return fmt.Errorf("invite must be a state event")
 	}
-	invitedUser, err := spec.NewUserID(*event.StateKey(), true)
-	if err != nil {
-		return spec.InvalidParam("The user ID is invalid")
+	invitedUser, err := r.RSAPI.QueryUserIDForSender(ctx, event.RoomID(), spec.SenderID(*event.StateKey()))
+	if err != nil || invitedUser == nil {
+		return spec.InvalidParam("Could not find the matching senderID for this user")
 	}
 	isTargetLocal := r.Cfg.Matrix.IsLocalServerName(invitedUser.Domain())
 

roomserver/internal/perform/perform_join.go

@@ -162,7 +162,7 @@ func (r *Joiner) performJoinRoomByID(
 	}
 
 	// Get the domain part of the room ID.
-	_, domain, err := gomatrixserverlib.SplitID('!', req.RoomIDOrAlias)
+	roomID, err := spec.NewRoomID(req.RoomIDOrAlias)
 	if err != nil {
 		return "", "", rsAPI.ErrInvalidID{Err: fmt.Errorf("room ID %q is invalid: %w", req.RoomIDOrAlias, err)}
 	}
@@ -170,8 +170,8 @@ func (r *Joiner) performJoinRoomByID(
 	// If the server name in the room ID isn't ours then it's a
 	// possible candidate for finding the room via federation. Add
 	// it to the list of servers to try.
-	if !r.Cfg.Matrix.IsLocalServerName(domain) {
-		req.ServerNames = append(req.ServerNames, domain)
+	if !r.Cfg.Matrix.IsLocalServerName(roomID.Domain()) {
+		req.ServerNames = append(req.ServerNames, roomID.Domain())
 	}
 
 	// Prepare the template for the join event.
@@ -203,7 +203,7 @@ func (r *Joiner) performJoinRoomByID(
 		req.Content = map[string]interface{}{}
 	}
 	req.Content["membership"] = spec.Join
-	if authorisedVia, aerr := r.populateAuthorisedViaUserForRestrictedJoin(ctx, req); aerr != nil {
+	if authorisedVia, aerr := r.populateAuthorisedViaUserForRestrictedJoin(ctx, req, senderID); aerr != nil {
 		return "", "", aerr
 	} else if authorisedVia != "" {
 		req.Content["join_authorised_via_users_server"] = authorisedVia
@@ -226,17 +226,17 @@ func (r *Joiner) performJoinRoomByID(
 
 	// Force a federated join if we're dealing with a pending invite
 	// and we aren't in the room.
-	isInvitePending, inviteSender, _, inviteEvent, err := helpers.IsInvitePending(ctx, r.DB, req.RoomIDOrAlias, req.UserID)
+	isInvitePending, inviteSender, _, inviteEvent, err := helpers.IsInvitePending(ctx, r.DB, req.RoomIDOrAlias, senderID)
 	if err == nil && !serverInRoom && isInvitePending {
-		_, inviterDomain, ierr := gomatrixserverlib.SplitID('@', inviteSender)
-		if ierr != nil {
-			return "", "", fmt.Errorf("gomatrixserverlib.SplitID: %w", err)
+		inviter, queryErr := r.RSAPI.QueryUserIDForSender(ctx, req.RoomIDOrAlias, inviteSender)
+		if queryErr != nil {
+			return "", "", fmt.Errorf("r.RSAPI.QueryUserIDForSender: %w", queryErr)
 		}
 
 		// If we were invited by someone from another server then we can
 		// assume they are in the room so we can join via them.
-		if !r.Cfg.Matrix.IsLocalServerName(inviterDomain) {
-			req.ServerNames = append(req.ServerNames, inviterDomain)
+		if inviter != nil && !r.Cfg.Matrix.IsLocalServerName(inviter.Domain()) {
+			req.ServerNames = append(req.ServerNames, inviter.Domain())
 			forceFederatedJoin = true
 			memberEvent := gjson.Parse(string(inviteEvent.JSON()))
 			// only set unsigned if we've got a content.membership, which we _should_
@@ -298,12 +298,8 @@ func (r *Joiner) performJoinRoomByID(
 		// a member of the room. This is best-effort (as in we won't
 		// fail if we can't find the existing membership) because there
 		// is really no harm in just sending another membership event.
-		membershipReq := &api.QueryMembershipForUserRequest{
-			RoomID: req.RoomIDOrAlias,
-			UserID: userID.String(),
-		}
 		membershipRes := &api.QueryMembershipForUserResponse{}
-		_ = r.Queryer.QueryMembershipForUser(ctx, membershipReq, membershipRes)
+		_ = r.Queryer.QueryMembershipForSenderID(ctx, *roomID, senderID, membershipRes)
 
 		// If we haven't already joined the room then send an event
 		// into the room changing our membership status.
@@ -328,7 +324,7 @@ func (r *Joiner) performJoinRoomByID(
 		// The room doesn't exist locally. If the room ID looks like it should
 		// be ours then this probably means that we've nuked our database at
 		// some point.
-		if r.Cfg.Matrix.IsLocalServerName(domain) {
+		if r.Cfg.Matrix.IsLocalServerName(roomID.Domain()) {
 			// If there are no more server names to try then give up here.
 			// Otherwise we'll try a federated join as normal, since it's quite
 			// possible that the room still exists on other servers.
@@ -376,15 +372,12 @@ func (r *Joiner) performFederatedJoinRoomByID(
 func (r *Joiner) populateAuthorisedViaUserForRestrictedJoin(
 	ctx context.Context,
 	joinReq *rsAPI.PerformJoinRequest,
+	senderID spec.SenderID,
 ) (string, error) {
 	roomID, err := spec.NewRoomID(joinReq.RoomIDOrAlias)
 	if err != nil {
 		return "", err
 	}
-	userID, err := spec.NewUserID(joinReq.UserID, true)
-	if err != nil {
-		return "", err
-	}
 
-	return r.Queryer.QueryRestrictedJoinAllowed(ctx, *roomID, *userID)
+	return r.Queryer.QueryRestrictedJoinAllowed(ctx, *roomID, senderID)
 }

roomserver/internal/perform/perform_leave.go

@@ -53,16 +53,12 @@ func (r *Leaver) PerformLeave(
 	req *api.PerformLeaveRequest,
 	res *api.PerformLeaveResponse,
 ) ([]api.OutputEvent, error) {
-	_, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
-	if err != nil {
-		return nil, fmt.Errorf("supplied user ID %q in incorrect format", req.UserID)
-	}
-	if !r.Cfg.Matrix.IsLocalServerName(domain) {
-		return nil, fmt.Errorf("user %q does not belong to this homeserver", req.UserID)
+	if !r.Cfg.Matrix.IsLocalServerName(req.Leaver.Domain()) {
+		return nil, fmt.Errorf("user %q does not belong to this homeserver", req.Leaver.String())
 	}
 	logger := logrus.WithContext(ctx).WithFields(logrus.Fields{
 		"room_id": req.RoomID,
-		"user_id": req.UserID,
+		"user_id": req.Leaver.String(),
 	})
 	logger.Info("User requested to leave join")
 	if strings.HasPrefix(req.RoomID, "!") {
@@ -82,21 +78,26 @@ func (r *Leaver) performLeaveRoomByID(
 	req *api.PerformLeaveRequest,
 	res *api.PerformLeaveResponse, // nolint:unparam
 ) ([]api.OutputEvent, error) {
+	leaver, err := r.RSAPI.QuerySenderIDForUser(ctx, req.RoomID, req.Leaver)
+	if err != nil {
+		return nil, fmt.Errorf("leaver %s has no matching senderID in this room", req.Leaver.String())
+	}
+
 	// If there's an invite outstanding for the room then respond to
 	// that.
-	isInvitePending, senderUser, eventID, _, err := helpers.IsInvitePending(ctx, r.DB, req.RoomID, req.UserID)
+	isInvitePending, senderUser, eventID, _, err := helpers.IsInvitePending(ctx, r.DB, req.RoomID, leaver)
 	if err == nil && isInvitePending {
-		_, senderDomain, serr := gomatrixserverlib.SplitID('@', senderUser)
-		if serr != nil {
-			return nil, fmt.Errorf("sender %q is invalid", senderUser)
+		sender, serr := r.RSAPI.QueryUserIDForSender(ctx, req.RoomID, senderUser)
+		if serr != nil || sender == nil {
+			return nil, fmt.Errorf("sender %q has no matching userID", senderUser)
 		}
-		if !r.Cfg.Matrix.IsLocalServerName(senderDomain) {
-			return r.performFederatedRejectInvite(ctx, req, res, senderUser, eventID)
+		if !r.Cfg.Matrix.IsLocalServerName(sender.Domain()) {
+			return r.performFederatedRejectInvite(ctx, req, res, *sender, eventID, leaver)
 		}
 		// check that this is not a "server notice room"
 		accData := &userapi.QueryAccountDataResponse{}
 		if err = r.UserAPI.QueryAccountData(ctx, &userapi.QueryAccountDataRequest{
-			UserID:   req.UserID,
+			UserID:   req.Leaver.String(),
 			RoomID:   req.RoomID,
 			DataType: "m.tag",
 		}, accData); err != nil {
@@ -127,7 +128,7 @@ func (r *Leaver) performLeaveRoomByID(
 		StateToFetch: []gomatrixserverlib.StateKeyTuple{
 			{
 				EventType: spec.MRoomMember,
-				StateKey:  req.UserID,
+				StateKey:  string(leaver),
 			},
 		},
 	}
@@ -141,26 +142,18 @@ func (r *Leaver) performLeaveRoomByID(
 
 	// Now let's see if the user is in the room.
 	if len(latestRes.StateEvents) == 0 {
-		return nil, fmt.Errorf("user %q is not a member of room %q", req.UserID, req.RoomID)
+		return nil, fmt.Errorf("user %q is not a member of room %q", req.Leaver.String(), req.RoomID)
 	}
 	membership, err := latestRes.StateEvents[0].Membership()
 	if err != nil {
 		return nil, fmt.Errorf("error getting membership: %w", err)
 	}
 	if membership != spec.Join && membership != spec.Invite {
-		return nil, fmt.Errorf("user %q is not joined to the room (membership is %q)", req.UserID, membership)
+		return nil, fmt.Errorf("user %q is not joined to the room (membership is %q)", req.Leaver.String(), membership)
 	}
 
 	// Prepare the template for the leave event.
-	fullUserID, err := spec.NewUserID(req.UserID, true)
-	if err != nil {
-		return nil, err
-	}
-	senderID, err := r.RSAPI.QuerySenderIDForUser(ctx, req.RoomID, *fullUserID)
-	if err != nil {
-		return nil, err
-	}
-	senderIDString := string(senderID)
+	senderIDString := string(leaver)
 	proto := gomatrixserverlib.ProtoEvent{
 		Type:     spec.MRoomMember,
 		SenderID: senderIDString,
@@ -175,16 +168,13 @@ func (r *Leaver) performLeaveRoomByID(
 		return nil, fmt.Errorf("eb.SetUnsigned: %w", err)
 	}
 
-	// Get the sender domain.
-	senderDomain := fullUserID.Domain()
-
 	// We know that the user is in the room at this point so let's build
 	// a leave event.
 	// TODO: Check what happens if the room exists on the server
 	// but everyone has since left. I suspect it does the wrong thing.
 
 	var buildRes rsAPI.QueryLatestEventsAndStateResponse
-	identity, err := r.Cfg.Matrix.SigningIdentityFor(senderDomain)
+	identity, err := r.Cfg.Matrix.SigningIdentityFor(req.Leaver.Domain())
 	if err != nil {
 		return nil, fmt.Errorf("SigningIdentityFor: %w", err)
 	}
@@ -201,8 +191,8 @@ func (r *Leaver) performLeaveRoomByID(
 			{
 				Kind:         api.KindNew,
 				Event:        event,
-				Origin:       senderDomain,
-				SendAsServer: string(senderDomain),
+				Origin:       req.Leaver.Domain(),
+				SendAsServer: string(req.Leaver.Domain()),
 			},
 		},
 	}
@@ -219,21 +209,17 @@ func (r *Leaver) performFederatedRejectInvite(
 	ctx context.Context,
 	req *api.PerformLeaveRequest,
 	res *api.PerformLeaveResponse, // nolint:unparam
-	senderUser, eventID string,
+	inviteSender spec.UserID, eventID string,
+	leaver spec.SenderID,
 ) ([]api.OutputEvent, error) {
-	_, domain, err := gomatrixserverlib.SplitID('@', senderUser)
-	if err != nil {
-		return nil, fmt.Errorf("user ID %q invalid: %w", senderUser, err)
-	}
-
 	// Ask the federation sender to perform a federated leave for us.
 	leaveReq := fsAPI.PerformLeaveRequest{
 		RoomID:      req.RoomID,
-		UserID:      req.UserID,
-		ServerNames: []spec.ServerName{domain},
+		UserID:      req.Leaver.String(),
+		ServerNames: []spec.ServerName{inviteSender.Domain()},
 	}
 	leaveRes := fsAPI.PerformLeaveResponse{}
-	if err = r.FSAPI.PerformLeave(ctx, &leaveReq, &leaveRes); err != nil {
+	if err := r.FSAPI.PerformLeave(ctx, &leaveReq, &leaveRes); err != nil {
 		// failures in PerformLeave should NEVER stop us from telling other components like the
 		// sync API that the invite was withdrawn. Otherwise we can end up with stuck invites.
 		util.GetLogger(ctx).WithError(err).Errorf("failed to PerformLeave, still retiring invite event")
@@ -244,7 +230,7 @@ func (r *Leaver) performFederatedRejectInvite(
 		util.GetLogger(ctx).WithError(err).Errorf("failed to get RoomInfo, still retiring invite event")
 	}
 
-	updater, err := r.DB.MembershipUpdater(ctx, req.RoomID, req.UserID, true, info.RoomVersion)
+	updater, err := r.DB.MembershipUpdater(ctx, req.RoomID, string(leaver), true, info.RoomVersion)
 	if err != nil {
 		util.GetLogger(ctx).WithError(err).Errorf("failed to get MembershipUpdater, still retiring invite event")
 	}
@@ -267,9 +253,10 @@ func (r *Leaver) performFederatedRejectInvite(
 		{
 			Type: api.OutputTypeRetireInviteEvent,
 			RetireInviteEvent: &api.OutputRetireInviteEvent{
-				EventID:      eventID,
-				Membership:   "leave",
-				TargetUserID: req.UserID,
+				EventID:        eventID,
+				RoomID:         req.RoomID,
+				Membership:     "leave",
+				TargetSenderID: leaver,
 			},
 		},
 	}, nil

roomserver/internal/perform/perform_upgrade.go

@@ -38,19 +38,15 @@ type Upgrader struct {
 // PerformRoomUpgrade upgrades a room from one version to another
 func (r *Upgrader) PerformRoomUpgrade(
 	ctx context.Context,
-	roomID, userID string, roomVersion gomatrixserverlib.RoomVersion,
+	roomID string, userID spec.UserID, roomVersion gomatrixserverlib.RoomVersion,
 ) (newRoomID string, err error) {
 	return r.performRoomUpgrade(ctx, roomID, userID, roomVersion)
 }
 
 func (r *Upgrader) performRoomUpgrade(
 	ctx context.Context,
-	roomID, userID string, roomVersion gomatrixserverlib.RoomVersion,
+	roomID string, userID spec.UserID, roomVersion gomatrixserverlib.RoomVersion,
 ) (string, error) {
-	_, userDomain, err := r.Cfg.Matrix.SplitLocalID('@', userID)
-	if err != nil {
-		return "", api.ErrNotAllowed{Err: fmt.Errorf("error validating the user ID")}
-	}
 	evTime := time.Now()
 
 	// Return an immediate error if the room does not exist
@@ -58,14 +54,20 @@ func (r *Upgrader) performRoomUpgrade(
 		return "", err
 	}
 
+	senderID, err := r.URSAPI.QuerySenderIDForUser(ctx, roomID, userID)
+	if err != nil {
+		util.GetLogger(ctx).WithError(err).Error("Failed getting senderID for user")
+		return "", err
+	}
+
 	// 1. Check if the user is authorized to actually perform the upgrade (can send m.room.tombstone)
-	if !r.userIsAuthorized(ctx, userID, roomID) {
+	if !r.userIsAuthorized(ctx, senderID, roomID) {
 		return "", api.ErrNotAllowed{Err: fmt.Errorf("You don't have permission to upgrade the room, power level too low.")}
 	}
 
 	// TODO (#267): Check room ID doesn't clash with an existing one, and we
 	//              probably shouldn't be using pseudo-random strings, maybe GUIDs?
-	newRoomID := fmt.Sprintf("!%s:%s", util.RandomString(16), userDomain)
+	newRoomID := fmt.Sprintf("!%s:%s", util.RandomString(16), userID.Domain())
 
 	// Get the existing room state for the old room.
 	oldRoomReq := &api.QueryLatestEventsAndStateRequest{
@@ -77,25 +79,25 @@ func (r *Upgrader) performRoomUpgrade(
 	}
 
 	// Make the tombstone event
-	tombstoneEvent, pErr := r.makeTombstoneEvent(ctx, evTime, userID, roomID, newRoomID)
+	tombstoneEvent, pErr := r.makeTombstoneEvent(ctx, evTime, senderID, userID.Domain(), roomID, newRoomID)
 	if pErr != nil {
 		return "", pErr
 	}
 
 	// Generate the initial events we need to send into the new room. This includes copied state events and bans
 	// as well as the power level events needed to set up the room
-	eventsToMake, pErr := r.generateInitialEvents(ctx, oldRoomRes, userID, roomID, roomVersion, tombstoneEvent)
+	eventsToMake, pErr := r.generateInitialEvents(ctx, oldRoomRes, senderID, roomID, roomVersion, tombstoneEvent)
 	if pErr != nil {
 		return "", pErr
 	}
 
 	// Send the setup events to the new room
-	if pErr = r.sendInitialEvents(ctx, evTime, userID, userDomain, newRoomID, roomVersion, eventsToMake); pErr != nil {
+	if pErr = r.sendInitialEvents(ctx, evTime, senderID, userID.Domain(), newRoomID, roomVersion, eventsToMake); pErr != nil {
 		return "", pErr
 	}
 
 	// 5. Send the tombstone event to the old room
-	if pErr = r.sendHeaderedEvent(ctx, userDomain, tombstoneEvent, string(userDomain)); pErr != nil {
+	if pErr = r.sendHeaderedEvent(ctx, userID.Domain(), tombstoneEvent, string(userID.Domain())); pErr != nil {
 		return "", pErr
 	}
 
@@ -105,17 +107,17 @@ func (r *Upgrader) performRoomUpgrade(
 	}
 
 	// If the old room had a canonical alias event, it should be deleted in the old room
-	if pErr = r.clearOldCanonicalAliasEvent(ctx, oldRoomRes, evTime, userID, userDomain, roomID); pErr != nil {
+	if pErr = r.clearOldCanonicalAliasEvent(ctx, oldRoomRes, evTime, senderID, userID.Domain(), roomID); pErr != nil {
 		return "", pErr
 	}
 
 	// 4. Move local aliases to the new room
-	if pErr = moveLocalAliases(ctx, roomID, newRoomID, userID, r.URSAPI); pErr != nil {
+	if pErr = moveLocalAliases(ctx, roomID, newRoomID, senderID, userID, r.URSAPI); pErr != nil {
 		return "", pErr
 	}
 
 	// 6. Restrict power levels in the old room
-	if pErr = r.restrictOldRoomPowerLevels(ctx, evTime, userID, userDomain, roomID); pErr != nil {
+	if pErr = r.restrictOldRoomPowerLevels(ctx, evTime, senderID, userID.Domain(), roomID); pErr != nil {
 		return "", pErr
 	}
 
@@ -130,7 +132,7 @@ func (r *Upgrader) getRoomPowerLevels(ctx context.Context, roomID string) (*goma
 	return oldPowerLevelsEvent.PowerLevels()
 }
 
-func (r *Upgrader) restrictOldRoomPowerLevels(ctx context.Context, evTime time.Time, userID string, userDomain spec.ServerName, roomID string) error {
+func (r *Upgrader) restrictOldRoomPowerLevels(ctx context.Context, evTime time.Time, senderID spec.SenderID, userDomain spec.ServerName, roomID string) error {
 	restrictedPowerLevelContent, pErr := r.getRoomPowerLevels(ctx, roomID)
 	if pErr != nil {
 		return pErr
@@ -147,7 +149,7 @@ func (r *Upgrader) restrictOldRoomPowerLevels(ctx context.Context, evTime time.T
 	restrictedPowerLevelContent.EventsDefault = restrictedDefaultPowerLevel
 	restrictedPowerLevelContent.Invite = restrictedDefaultPowerLevel
 
-	restrictedPowerLevelsHeadered, resErr := r.makeHeaderedEvent(ctx, evTime, userID, roomID, gomatrixserverlib.FledglingEvent{
+	restrictedPowerLevelsHeadered, resErr := r.makeHeaderedEvent(ctx, evTime, senderID, userDomain, roomID, gomatrixserverlib.FledglingEvent{
 		Type:     spec.MRoomPowerLevels,
 		StateKey: "",
 		Content:  restrictedPowerLevelContent,
@@ -165,7 +167,7 @@ func (r *Upgrader) restrictOldRoomPowerLevels(ctx context.Context, evTime time.T
 }
 
 func moveLocalAliases(ctx context.Context,
-	roomID, newRoomID, userID string,
+	roomID, newRoomID string, senderID spec.SenderID, userID spec.UserID,
 	URSAPI api.RoomserverInternalAPI,
 ) (err error) {
 
@@ -175,14 +177,6 @@ func moveLocalAliases(ctx context.Context,
 		return fmt.Errorf("Failed to get old room aliases: %w", err)
 	}
 
-	fullUserID, err := spec.NewUserID(userID, true)
-	if err != nil {
-		return fmt.Errorf("Failed to get userID: %w", err)
-	}
-	senderID, err := URSAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
-	if err != nil {
-		return fmt.Errorf("Failed to get senderID: %w", err)
-	}
 	for _, alias := range aliasRes.Aliases {
 		removeAliasReq := api.RemoveRoomAliasRequest{SenderID: senderID, Alias: alias}
 		removeAliasRes := api.RemoveRoomAliasResponse{}
@@ -190,7 +184,7 @@ func moveLocalAliases(ctx context.Context,
 			return fmt.Errorf("Failed to remove old room alias: %w", err)
 		}
 
-		setAliasReq := api.SetRoomAliasRequest{UserID: userID, Alias: alias, RoomID: newRoomID}
+		setAliasReq := api.SetRoomAliasRequest{UserID: userID.String(), Alias: alias, RoomID: newRoomID}
 		setAliasRes := api.SetRoomAliasResponse{}
 		if err = URSAPI.SetRoomAlias(ctx, &setAliasReq, &setAliasRes); err != nil {
 			return fmt.Errorf("Failed to set new room alias: %w", err)
@@ -199,7 +193,7 @@ func moveLocalAliases(ctx context.Context,
 	return nil
 }
 
-func (r *Upgrader) clearOldCanonicalAliasEvent(ctx context.Context, oldRoom *api.QueryLatestEventsAndStateResponse, evTime time.Time, userID string, userDomain spec.ServerName, roomID string) error {
+func (r *Upgrader) clearOldCanonicalAliasEvent(ctx context.Context, oldRoom *api.QueryLatestEventsAndStateResponse, evTime time.Time, senderID spec.SenderID, userDomain spec.ServerName, roomID string) error {
 	for _, event := range oldRoom.StateEvents {
 		if event.Type() != spec.MRoomCanonicalAlias || !event.StateKeyEquals("") {
 			continue
@@ -217,7 +211,7 @@ func (r *Upgrader) clearOldCanonicalAliasEvent(ctx context.Context, oldRoom *api
 		}
 	}
 
-	emptyCanonicalAliasEvent, resErr := r.makeHeaderedEvent(ctx, evTime, userID, roomID, gomatrixserverlib.FledglingEvent{
+	emptyCanonicalAliasEvent, resErr := r.makeHeaderedEvent(ctx, evTime, senderID, userDomain, roomID, gomatrixserverlib.FledglingEvent{
 		Type:    spec.MRoomCanonicalAlias,
 		Content: map[string]interface{}{},
 	})
@@ -280,7 +274,7 @@ func (r *Upgrader) validateRoomExists(ctx context.Context, roomID string) error
 	return nil
 }
 
-func (r *Upgrader) userIsAuthorized(ctx context.Context, userID, roomID string,
+func (r *Upgrader) userIsAuthorized(ctx context.Context, senderID spec.SenderID, roomID string,
 ) bool {
 	plEvent := api.GetStateEvent(ctx, r.URSAPI, roomID, gomatrixserverlib.StateKeyTuple{
 		EventType: spec.MRoomPowerLevels,
@@ -295,26 +289,18 @@ func (r *Upgrader) userIsAuthorized(ctx context.Context, userID, roomID string,
 	}
 	// Check for power level required to send tombstone event (marks the current room as obsolete),
 	// if not found, use the StateDefault power level
-	fullUserID, err := spec.NewUserID(userID, true)
-	if err != nil {
-		return false
-	}
-	senderID, err := r.URSAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
-	if err != nil {
-		return false
-	}
 	return pl.UserLevel(senderID) >= pl.EventLevel("m.room.tombstone", true)
 }
 
 // nolint:gocyclo
-func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.QueryLatestEventsAndStateResponse, userID, roomID string, newVersion gomatrixserverlib.RoomVersion, tombstoneEvent *types.HeaderedEvent) ([]gomatrixserverlib.FledglingEvent, error) {
+func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.QueryLatestEventsAndStateResponse, senderID spec.SenderID, roomID string, newVersion gomatrixserverlib.RoomVersion, tombstoneEvent *types.HeaderedEvent) ([]gomatrixserverlib.FledglingEvent, error) {
 	state := make(map[gomatrixserverlib.StateKeyTuple]*types.HeaderedEvent, len(oldRoom.StateEvents))
 	for _, event := range oldRoom.StateEvents {
 		if event.StateKey() == nil {
 			// This shouldn't ever happen, but better to be safe than sorry.
 			continue
 		}
-		if event.Type() == spec.MRoomMember && !event.StateKeyEquals(userID) {
+		if event.Type() == spec.MRoomMember && !event.StateKeyEquals(string(senderID)) {
 			// With the exception of bans which we do want to copy, we
 			// should ignore membership events that aren't our own, as event auth will
 			// prevent us from being able to create membership events on behalf of other
@@ -330,6 +316,7 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 			}
 		}
 		// skip events that rely on a specific user being present
+		// TODO: What to do here for pseudoIDs? It's checking non-member events for state keys with userIDs.
 		sKey := *event.StateKey()
 		if event.Type() != spec.MRoomMember && len(sKey) > 0 && sKey[:1] == "@" {
 			continue
@@ -340,10 +327,10 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 	// The following events are ones that we are going to override manually
 	// in the following section.
 	override := map[gomatrixserverlib.StateKeyTuple]struct{}{
-		{EventType: spec.MRoomCreate, StateKey: ""}:      {},
-		{EventType: spec.MRoomMember, StateKey: userID}:  {},
-		{EventType: spec.MRoomPowerLevels, StateKey: ""}: {},
-		{EventType: spec.MRoomJoinRules, StateKey: ""}:   {},
+		{EventType: spec.MRoomCreate, StateKey: ""}:               {},
+		{EventType: spec.MRoomMember, StateKey: string(senderID)}: {},
+		{EventType: spec.MRoomPowerLevels, StateKey: ""}:          {},
+		{EventType: spec.MRoomJoinRules, StateKey: ""}:            {},
 	}
 
 	// The overridden events are essential events that must be present in the
@@ -355,7 +342,7 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 	}
 
 	oldCreateEvent := state[gomatrixserverlib.StateKeyTuple{EventType: spec.MRoomCreate, StateKey: ""}]
-	oldMembershipEvent := state[gomatrixserverlib.StateKeyTuple{EventType: spec.MRoomMember, StateKey: userID}]
+	oldMembershipEvent := state[gomatrixserverlib.StateKeyTuple{EventType: spec.MRoomMember, StateKey: string(senderID)}]
 	oldPowerLevelsEvent := state[gomatrixserverlib.StateKeyTuple{EventType: spec.MRoomPowerLevels, StateKey: ""}]
 	oldJoinRulesEvent := state[gomatrixserverlib.StateKeyTuple{EventType: spec.MRoomJoinRules, StateKey: ""}]
 
@@ -364,7 +351,7 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 	// in the create event (such as for the room types MSC).
 	newCreateContent := map[string]interface{}{}
 	_ = json.Unmarshal(oldCreateEvent.Content(), &newCreateContent)
-	newCreateContent["creator"] = userID
+	newCreateContent["creator"] = string(senderID)
 	newCreateContent["room_version"] = newVersion
 	newCreateContent["predecessor"] = gomatrixserverlib.PreviousRoom{
 		EventID: tombstoneEvent.EventID(),
@@ -385,7 +372,7 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 	newMembershipContent["membership"] = spec.Join
 	newMembershipEvent := gomatrixserverlib.FledglingEvent{
 		Type:     spec.MRoomMember,
-		StateKey: userID,
+		StateKey: string(senderID),
 		Content:  newMembershipContent,
 	}
 
@@ -400,14 +387,6 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 		return nil, fmt.Errorf("Power level event content was invalid")
 	}
 
-	fullUserID, err := spec.NewUserID(userID, true)
-	if err != nil {
-		return nil, err
-	}
-	senderID, err := r.URSAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
-	if err != nil {
-		return nil, err
-	}
 	tempPowerLevelsEvent, powerLevelsOverridden := createTemporaryPowerLevels(powerLevelContent, senderID)
 
 	// Now do the join rules event, same as the create and membership
@@ -470,21 +449,13 @@ func (r *Upgrader) generateInitialEvents(ctx context.Context, oldRoom *api.Query
 	return eventsToMake, nil
 }
 
-func (r *Upgrader) sendInitialEvents(ctx context.Context, evTime time.Time, userID string, userDomain spec.ServerName, newRoomID string, newVersion gomatrixserverlib.RoomVersion, eventsToMake []gomatrixserverlib.FledglingEvent) error {
+func (r *Upgrader) sendInitialEvents(ctx context.Context, evTime time.Time, senderID spec.SenderID, userDomain spec.ServerName, newRoomID string, newVersion gomatrixserverlib.RoomVersion, eventsToMake []gomatrixserverlib.FledglingEvent) error {
 	var err error
 	var builtEvents []*types.HeaderedEvent
 	authEvents := gomatrixserverlib.NewAuthEvents(nil)
 	for i, e := range eventsToMake {
 		depth := i + 1 // depth starts at 1
 
-		fullUserID, userIDErr := spec.NewUserID(userID, true)
-		if userIDErr != nil {
-			return userIDErr
-		}
-		senderID, queryErr := r.URSAPI.QuerySenderIDForUser(ctx, newRoomID, *fullUserID)
-		if queryErr != nil {
-			return queryErr
-		}
 		proto := gomatrixserverlib.ProtoEvent{
 			SenderID: string(senderID),
 			RoomID:   newRoomID,
@@ -549,7 +520,7 @@ func (r *Upgrader) sendInitialEvents(ctx context.Context, evTime time.Time, user
 func (r *Upgrader) makeTombstoneEvent(
 	ctx context.Context,
 	evTime time.Time,
-	userID, roomID, newRoomID string,
+	senderID spec.SenderID, senderDomain spec.ServerName, roomID, newRoomID string,
 ) (*types.HeaderedEvent, error) {
 	content := map[string]interface{}{
 		"body":             "This room has been replaced",
@@ -559,30 +530,21 @@ func (r *Upgrader) makeTombstoneEvent(
 		Type:    "m.room.tombstone",
 		Content: content,
 	}
-	return r.makeHeaderedEvent(ctx, evTime, userID, roomID, event)
+	return r.makeHeaderedEvent(ctx, evTime, senderID, senderDomain, roomID, event)
 }
 
-func (r *Upgrader) makeHeaderedEvent(ctx context.Context, evTime time.Time, userID, roomID string, event gomatrixserverlib.FledglingEvent) (*types.HeaderedEvent, error) {
-	fullUserID, err := spec.NewUserID(userID, true)
-	if err != nil {
-		return nil, err
-	}
-	senderID, err := r.URSAPI.QuerySenderIDForUser(ctx, roomID, *fullUserID)
-	if err != nil {
-		return nil, err
-	}
+func (r *Upgrader) makeHeaderedEvent(ctx context.Context, evTime time.Time, senderID spec.SenderID, senderDomain spec.ServerName, roomID string, event gomatrixserverlib.FledglingEvent) (*types.HeaderedEvent, error) {
 	proto := gomatrixserverlib.ProtoEvent{
 		SenderID: string(senderID),
 		RoomID:   roomID,
 		Type:     event.Type,
 		StateKey: &event.StateKey,
 	}
-	err = proto.SetContent(event.Content)
+	err := proto.SetContent(event.Content)
 	if err != nil {
 		return nil, fmt.Errorf("failed to set new %q event content: %w", proto.Type, err)
 	}
 	// Get the sender domain.
-	senderDomain := fullUserID.Domain()
 	identity, err := r.Cfg.Matrix.SigningIdentityFor(senderDomain)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get signing identity for %q: %w", senderDomain, err)

roomserver/internal/query/query.go

@@ -48,7 +48,7 @@ type Queryer struct {
 	Cfg               *config.Dendrite
 }
 
-func (r *Queryer) RestrictedRoomJoinInfo(ctx context.Context, roomID spec.RoomID, userID spec.UserID, localServerName spec.ServerName) (*gomatrixserverlib.RestrictedRoomJoinInfo, error) {
+func (r *Queryer) RestrictedRoomJoinInfo(ctx context.Context, roomID spec.RoomID, senderID spec.SenderID, localServerName spec.ServerName) (*gomatrixserverlib.RestrictedRoomJoinInfo, error) {
 	roomInfo, err := r.QueryRoomInfo(ctx, roomID)
 	if err != nil || roomInfo == nil || roomInfo.IsStub() {
 		return nil, err
@@ -64,7 +64,7 @@ func (r *Queryer) RestrictedRoomJoinInfo(ctx context.Context, roomID spec.RoomID
 		return nil, fmt.Errorf("InternalServerError: Failed to query room: %w", err)
 	}
 
-	userJoinedToRoom, err := r.UserJoinedToRoom(ctx, types.RoomNID(roomInfo.RoomNID), userID)
+	userJoinedToRoom, err := r.UserJoinedToRoom(ctx, types.RoomNID(roomInfo.RoomNID), senderID)
 	if err != nil {
 		util.GetLogger(ctx).WithError(err).Error("rsAPI.UserJoinedToRoom failed")
 		return nil, fmt.Errorf("InternalServerError: %w", err)
@@ -220,13 +220,14 @@ func (r *Queryer) QueryEventsByID(
 	return nil
 }
 
-// QueryMembershipForUser implements api.RoomserverInternalAPI
-func (r *Queryer) QueryMembershipForUser(
+// QueryMembershipForSenderID implements api.RoomserverInternalAPI
+func (r *Queryer) QueryMembershipForSenderID(
 	ctx context.Context,
-	request *api.QueryMembershipForUserRequest,
+	roomID spec.RoomID,
+	senderID spec.SenderID,
 	response *api.QueryMembershipForUserResponse,
 ) error {
-	info, err := r.DB.RoomInfo(ctx, request.RoomID)
+	info, err := r.DB.RoomInfo(ctx, roomID.String())
 	if err != nil {
 		return err
 	}
@@ -236,7 +237,7 @@ func (r *Queryer) QueryMembershipForUser(
 	}
 	response.RoomExists = true
 
-	membershipEventNID, stillInRoom, isRoomforgotten, err := r.DB.GetMembership(ctx, info.RoomNID, request.UserID)
+	membershipEventNID, stillInRoom, isRoomforgotten, err := r.DB.GetMembership(ctx, info.RoomNID, senderID)
 	if err != nil {
 		return err
 	}
@@ -264,6 +265,24 @@ func (r *Queryer) QueryMembershipForUser(
 	return err
 }
 
+// QueryMembershipForUser implements api.RoomserverInternalAPI
+func (r *Queryer) QueryMembershipForUser(
+	ctx context.Context,
+	request *api.QueryMembershipForUserRequest,
+	response *api.QueryMembershipForUserResponse,
+) error {
+	senderID, err := r.DB.GetSenderIDForUser(ctx, request.RoomID, request.UserID)
+	if err != nil {
+		return err
+	}
+
+	roomID, err := spec.NewRoomID(request.RoomID)
+	if err != nil {
+		return err
+	}
+	return r.QueryMembershipForSenderID(ctx, *roomID, senderID, response)
+}
+
 // QueryMembershipAtEvent returns the known memberships at a given event.
 // If the state before an event is not known, an empty list will be returned
 // for that event instead.
@@ -373,7 +392,7 @@ func (r *Queryer) QueryMembershipsForRoom(
 	// If no sender is specified then we will just return the entire
 	// set of memberships for the room, regardless of whether a specific
 	// user is allowed to see them or not.
-	if request.Sender == "" {
+	if request.SenderID == "" {
 		var events []types.Event
 		var eventNIDs []types.EventNID
 		eventNIDs, err = r.DB.GetMembershipEventNIDsForRoom(ctx, info.RoomNID, request.JoinedOnly, request.LocalOnly)
@@ -388,18 +407,15 @@ func (r *Queryer) QueryMembershipsForRoom(
 			return fmt.Errorf("r.DB.Events: %w", err)
 		}
 		for _, event := range events {
-			sender := spec.UserID{}
-			userID, queryErr := r.QueryUserIDForSender(ctx, event.RoomID(), event.SenderID())
-			if queryErr == nil && userID != nil {
-				sender = *userID
-			}
-			clientEvent := synctypes.ToClientEvent(event.PDU, synctypes.FormatAll, sender)
+			clientEvent := synctypes.ToClientEventDefault(func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
+				return r.QueryUserIDForSender(ctx, roomID, senderID)
+			}, event)
 			response.JoinEvents = append(response.JoinEvents, clientEvent)
 		}
 		return nil
 	}
 
-	membershipEventNID, stillInRoom, isRoomforgotten, err := r.DB.GetMembership(ctx, info.RoomNID, request.Sender)
+	membershipEventNID, stillInRoom, isRoomforgotten, err := r.DB.GetMembership(ctx, info.RoomNID, request.SenderID)
 	if err != nil {
 		return err
 	}
@@ -442,12 +458,9 @@ func (r *Queryer) QueryMembershipsForRoom(
 	}
 
 	for _, event := range events {
-		sender := spec.UserID{}
-		userID, err := r.QueryUserIDForSender(ctx, event.RoomID(), event.SenderID())
-		if err == nil && userID != nil {
-			sender = *userID
-		}
-		clientEvent := synctypes.ToClientEvent(event.PDU, synctypes.FormatAll, sender)
+		clientEvent := synctypes.ToClientEventDefault(func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
+			return r.QueryUserIDForSender(ctx, roomID, senderID)
+		}, event)
 		response.JoinEvents = append(response.JoinEvents, clientEvent)
 	}
 
@@ -489,6 +502,7 @@ func (r *Queryer) QueryServerAllowedToSeeEvent(
 	ctx context.Context,
 	serverName spec.ServerName,
 	eventID string,
+	roomID string,
 ) (allowed bool, err error) {
 	events, err := r.DB.EventNIDs(ctx, []string{eventID})
 	if err != nil {
@@ -518,7 +532,7 @@ func (r *Queryer) QueryServerAllowedToSeeEvent(
 	}
 
 	return helpers.CheckServerAllowedToSeeEvent(
-		ctx, r.DB, info, eventID, serverName, isInRoom,
+		ctx, r.DB, info, roomID, eventID, serverName, isInRoom,
 	)
 }
 
@@ -909,8 +923,8 @@ func (r *Queryer) QueryAuthChain(ctx context.Context, req *api.QueryAuthChainReq
 	return nil
 }
 
-func (r *Queryer) InvitePending(ctx context.Context, roomID spec.RoomID, userID spec.UserID) (bool, error) {
-	pending, _, _, _, err := helpers.IsInvitePending(ctx, r.DB, roomID.String(), userID.String())
+func (r *Queryer) InvitePending(ctx context.Context, roomID spec.RoomID, senderID spec.SenderID) (bool, error) {
+	pending, _, _, _, err := helpers.IsInvitePending(ctx, r.DB, roomID.String(), senderID)
 	return pending, err
 }
 
@@ -926,8 +940,8 @@ func (r *Queryer) CurrentStateEvent(ctx context.Context, roomID spec.RoomID, eve
 	return res, err
 }
 
-func (r *Queryer) UserJoinedToRoom(ctx context.Context, roomNID types.RoomNID, userID spec.UserID) (bool, error) {
-	_, isIn, _, err := r.DB.GetMembership(ctx, roomNID, userID.String())
+func (r *Queryer) UserJoinedToRoom(ctx context.Context, roomNID types.RoomNID, senderID spec.SenderID) (bool, error) {
+	_, isIn, _, err := r.DB.GetMembership(ctx, roomNID, senderID)
 	return isIn, err
 }
 
@@ -957,7 +971,7 @@ func (r *Queryer) LocallyJoinedUsers(ctx context.Context, roomVersion gomatrixse
 }
 
 // nolint:gocyclo
-func (r *Queryer) QueryRestrictedJoinAllowed(ctx context.Context, roomID spec.RoomID, userID spec.UserID) (string, error) {
+func (r *Queryer) QueryRestrictedJoinAllowed(ctx context.Context, roomID spec.RoomID, senderID spec.SenderID) (string, error) {
 	// Look up if we know anything about the room. If it doesn't exist
 	// or is a stub entry then we can't do anything.
 	roomInfo, err := r.DB.RoomInfo(ctx, roomID.String())
@@ -972,7 +986,7 @@ func (r *Queryer) QueryRestrictedJoinAllowed(ctx context.Context, roomID spec.Ro
 		return "", err
 	}
 
-	return verImpl.CheckRestrictedJoin(ctx, r.Cfg.Global.ServerName, &api.JoinRoomQuerier{Roomserver: r}, roomID, userID)
+	return verImpl.CheckRestrictedJoin(ctx, r.Cfg.Global.ServerName, &api.JoinRoomQuerier{Roomserver: r}, roomID, senderID)
 }
 
 func (r *Queryer) QuerySenderIDForUser(ctx context.Context, roomID string, userID spec.UserID) (spec.SenderID, error) {