From 6ab8570b11435f7eca2a799240a8ea340a7485e1 Mon Sep 17 00:00:00 2001
From: Niels Andriesse <andriesseniels@gmail.com>
Date: Mon, 25 Jan 2021 14:54:18 +1100
Subject: [PATCH] Clean

---
 .../Sending & Receiving/MessageReceiver+Handling.swift     | 1 +
 .../Sending & Receiving/MessageSender+ClosedGroups.swift   | 7 ++++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/SessionMessagingKit/Sending & Receiving/MessageReceiver+Handling.swift b/SessionMessagingKit/Sending & Receiving/MessageReceiver+Handling.swift
index 4225db1a0..c0e3dc723 100644
--- a/SessionMessagingKit/Sending & Receiving/MessageReceiver+Handling.swift	
+++ b/SessionMessagingKit/Sending & Receiving/MessageReceiver+Handling.swift	
@@ -388,6 +388,7 @@ extension MessageReceiver {
                 let _ = PushNotificationAPI.performOperation(.unsubscribe, for: groupPublicKey, publicKey: userPublicKey)
             }
             // Generate and distribute a new encryption key pair if needed
+            // NOTE: If we're the admin we can be sure at this point that we weren't removed
             let isCurrentUserAdmin = group.groupAdminIds.contains(getUserHexEncodedPublicKey())
             if isCurrentUserAdmin {
                 do {
diff --git a/SessionMessagingKit/Sending & Receiving/MessageSender+ClosedGroups.swift b/SessionMessagingKit/Sending & Receiving/MessageSender+ClosedGroups.swift
index fbf8b87e0..ee06b5063 100644
--- a/SessionMessagingKit/Sending & Receiving/MessageSender+ClosedGroups.swift	
+++ b/SessionMessagingKit/Sending & Receiving/MessageSender+ClosedGroups.swift	
@@ -150,6 +150,7 @@ extension MessageSender {
     
     public static func removeMembers(_ membersToRemove: Set<String>, to groupPublicKey: String, using transaction: YapDatabaseReadWriteTransaction) throws {
         // Get the group, check preconditions & prepare
+        let userPublicKey = getUserHexEncodedPublicKey()
         let groupID = LKGroupUtilities.getEncodedClosedGroupIDAsData(groupPublicKey)
         let threadID = TSGroupThread.threadId(fromGroupId: groupID)
         guard let thread = TSGroupThread.fetch(uniqueId: threadID, transaction: transaction) else {
@@ -160,9 +161,13 @@ extension MessageSender {
             SNLog("Invalid closed group update.")
             throw Error.invalidClosedGroupUpdate
         }
+        guard !membersToRemove.contains(userPublicKey) else {
+            SNLog("Invalid closed group update.")
+            throw Error.invalidClosedGroupUpdate
+        }
         let group = thread.groupModel
         let members = Set(group.groupMemberIds).subtracting(membersToRemove)
-        let isCurrentUserAdmin = group.groupAdminIds.contains(getUserHexEncodedPublicKey())
+        let isCurrentUserAdmin = group.groupAdminIds.contains(userPublicKey)
         // Send the update to the group and generate + distribute a new encryption key pair if needed
         let closedGroupControlMessage = ClosedGroupControlMessage(kind: .membersRemoved(members: membersToRemove.map { Data(hex: $0) }))
         if isCurrentUserAdmin {