From b854a375b0a859f8c4e16adf9f2fcec75b5a6816 Mon Sep 17 00:00:00 2001
From: Daniel Wagner-Hall <daniel@matrix.org>
Date: Tue, 1 Sep 2015 11:53:31 +0100
Subject: [PATCH] Check domain of events properly

Federated servers still need to delegate authority to owning servers
---
 synapse/api/auth.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index f63d2daad8..0c0d678562 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -561,7 +561,9 @@ class Auth(object):
         if user_level > redact_level:
             return False
 
-        if EventID.from_string(event.redacts).domain == self.hs.get_config().server_name:
+        redacter_domain = EventID.from_string(event.event_id).domain
+        redactee_domain = EventID.from_string(event.redacts).domain
+        if redacter_domain == redactee_domain:
             return True
 
         raise AuthError(