From 7b8b2d1b7bb5466791ca45dfdaf010fff081bffa Mon Sep 17 00:00:00 2001
From: Eric Eastwood <erice@element.io>
Date: Thu, 8 Jul 2021 20:36:02 -0500
Subject: [PATCH] Add some better comments on what we're trying to check for

---
 synapse/rest/client/v1/room.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/synapse/rest/client/v1/room.py b/synapse/rest/client/v1/room.py
index a0d6904dd4..7ff4ad6bf5 100644
--- a/synapse/rest/client/v1/room.py
+++ b/synapse/rest/client/v1/room.py
@@ -29,8 +29,6 @@ from synapse.api.errors import (
     SynapseError,
 )
 from synapse.api.filtering import Filter
-
-
 from synapse.appservice import ApplicationService
 from synapse.events.utils import format_event_for_client_v2
 from synapse.http.servlet import (
@@ -398,13 +396,16 @@ class RoomBatchSendEventRestServlet(TransactionRestServlet):
             Requester object
         """
 
+        # It's ok if the app service is trying to use the sender from their registration
         if app_service.sender == user_id:
             pass
+        # Check to make sure the app service is allowed to control the user
         elif not app_service.is_interested_in_user(user_id):
             raise AuthError(
                 403,
                 "Application service cannot masquerade as this user (%s)." % user_id,
             )
+        # Check to make sure the user is already registered on the homeserver
         elif not (await self.store.get_user_by_id(user_id)):
             raise AuthError(
                 403, "Application service has not registered this user (%s)" % user_id