resolve the last few relevant pedantic clippy lints

Signed-off-by: strawberry <strawberry@puppygock.gay>

src/api/client_server/filter.rs

@@ -12,9 +12,8 @@ use crate::{services, Error, Result, Ruma};
 /// - A user can only access their own filters
 pub async fn get_filter_route(body: Ruma<get_filter::v3::Request>) -> Result<get_filter::v3::Response> {
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");
-	let filter = match services().users.get_filter(sender_user, &body.filter_id)? {
-		Some(filter) => filter,
-		None => return Err(Error::BadRequest(ErrorKind::NotFound, "Filter not found.")),
+	let Some(filter) = services().users.get_filter(sender_user, &body.filter_id)? else {
+		return Err(Error::BadRequest(ErrorKind::NotFound, "Filter not found."));
 	};
 
 	Ok(get_filter::v3::Response::new(filter))

src/api/client_server/keys.rs

@@ -387,36 +387,33 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
 		.collect();
 
 	while let Some((server, response)) = futures.next().await {
-		match response {
-			Ok(Ok(response)) => {
-				for (user, masterkey) in response.master_keys {
-					let (master_key_id, mut master_key) = services().users.parse_master_key(&user, &masterkey)?;
+		if let Ok(Ok(response)) = response {
+			for (user, masterkey) in response.master_keys {
+				let (master_key_id, mut master_key) = services().users.parse_master_key(&user, &masterkey)?;
 
-					if let Some(our_master_key) =
-						services()
-							.users
-							.get_key(&master_key_id, sender_user, &user, &allowed_signatures)?
-					{
-						let (_, our_master_key) = services().users.parse_master_key(&user, &our_master_key)?;
-						master_key.signatures.extend(our_master_key.signatures);
-					}
-					let json = serde_json::to_value(master_key).expect("to_value always works");
-					let raw = serde_json::from_value(json).expect("Raw::from_value always works");
-					services().users.add_cross_signing_keys(
-						&user, &raw, &None, &None,
-						false, /* Dont notify. A notification would trigger another key request resulting in an
-						       * endless loop */
-					)?;
-					master_keys.insert(user, raw);
+				if let Some(our_master_key) =
+					services()
+						.users
+						.get_key(&master_key_id, sender_user, &user, &allowed_signatures)?
+				{
+					let (_, our_master_key) = services().users.parse_master_key(&user, &our_master_key)?;
+					master_key.signatures.extend(our_master_key.signatures);
 				}
+				let json = serde_json::to_value(master_key).expect("to_value always works");
+				let raw = serde_json::from_value(json).expect("Raw::from_value always works");
+				services().users.add_cross_signing_keys(
+					&user, &raw, &None, &None,
+					false, /* Dont notify. A notification would trigger another key request resulting in an
+					       * endless loop */
+				)?;
+				master_keys.insert(user, raw);
+			}
 
-				self_signing_keys.extend(response.self_signing_keys);
-				device_keys.extend(response.device_keys);
-			},
-			_ => {
-				back_off(server.to_owned()).await;
-				failures.insert(server.to_string(), json!({}));
-			},
+			self_signing_keys.extend(response.self_signing_keys);
+			device_keys.extend(response.device_keys);
+		} else {
+			back_off(server.to_owned()).await;
+			failures.insert(server.to_string(), json!({}));
 		}
 	}
 

src/api/client_server/media.rs

@@ -788,13 +788,12 @@ async fn request_url_preview(url: &str) -> Result<UrlPreviewData> {
 		));
 	}
 
-	let content_type = match response
+	let Some(content_type) = response
 		.headers()
 		.get(reqwest::header::CONTENT_TYPE)
 		.and_then(|x| x.to_str().ok())
-	{
-		Some(ct) => ct,
-		None => return Err(Error::BadRequest(ErrorKind::Unknown, "Unknown Content-Type")),
+	else {
+		return Err(Error::BadRequest(ErrorKind::Unknown, "Unknown Content-Type"));
 	};
 	let data = match content_type {
 		html if html.starts_with("text/html") => download_html(client, url).await?,

src/api/client_server/membership.rs

@@ -669,17 +669,15 @@ pub(crate) async fn join_room_by_id_helper(
 							"There is a signed event. This room is probably using restricted joins. Adding signature \
 							 to our event"
 						);
-						let (signed_event_id, signed_value) =
-							match gen_event_id_canonical_json(signed_raw, &room_version_id) {
-								Ok(t) => t,
-								Err(_) => {
-									// Event could not be converted to canonical json
-									return Err(Error::BadRequest(
-										ErrorKind::InvalidParam,
-										"Could not convert event to canonical json.",
-									));
-								},
-							};
+						let Ok((signed_event_id, signed_value)) =
+							gen_event_id_canonical_json(signed_raw, &room_version_id)
+						else {
+							// Event could not be converted to canonical json
+							return Err(Error::BadRequest(
+								ErrorKind::InvalidParam,
+								"Could not convert event to canonical json.",
+							));
+						};
 
 						if signed_event_id != event_id {
 							return Err(Error::BadRequest(
@@ -753,9 +751,8 @@ pub(crate) async fn join_room_by_id_helper(
 			.iter()
 			.map(|pdu| validate_and_add_event_id(pdu, &room_version_id, &pub_key_map))
 		{
-			let (event_id, value) = match result.await {
-				Ok(t) => t,
-				Err(_) => continue,
+			let Ok((event_id, value)) = result.await else {
+				continue;
 			};
 
 			let pdu = PduEvent::from_id_val(&event_id, value.clone()).map_err(|e| {
@@ -783,9 +780,8 @@ pub(crate) async fn join_room_by_id_helper(
 			.iter()
 			.map(|pdu| validate_and_add_event_id(pdu, &room_version_id, &pub_key_map))
 		{
-			let (event_id, value) = match result.await {
-				Ok(t) => t,
-				Err(_) => continue,
+			let Ok((event_id, value)) = result.await else {
+				continue;
 			};
 
 			services()
@@ -1104,15 +1100,13 @@ pub(crate) async fn join_room_by_id_helper(
 				.await?;
 
 			if let Some(signed_raw) = send_join_response.room_state.event {
-				let (signed_event_id, signed_value) = match gen_event_id_canonical_json(&signed_raw, &room_version_id) {
-					Ok(t) => t,
-					Err(_) => {
-						// Event could not be converted to canonical json
-						return Err(Error::BadRequest(
-							ErrorKind::InvalidParam,
-							"Could not convert event to canonical json.",
-						));
-					},
+				let Ok((signed_event_id, signed_value)) = gen_event_id_canonical_json(&signed_raw, &room_version_id)
+				else {
+					// Event could not be converted to canonical json
+					return Err(Error::BadRequest(
+						ErrorKind::InvalidParam,
+						"Could not convert event to canonical json.",
+					));
 				};
 
 				if signed_event_id != event_id {
@@ -1311,15 +1305,12 @@ pub(crate) async fn invite_helper(
 
 		// We do not add the event_id field to the pdu here because of signature and
 		// hashes checks
-		let (event_id, value) = match gen_event_id_canonical_json(&response.event, &room_version_id) {
-			Ok(t) => t,
-			Err(_) => {
-				// Event could not be converted to canonical json
-				return Err(Error::BadRequest(
-					ErrorKind::InvalidParam,
-					"Could not convert event to canonical json.",
-				));
-			},
+		let Ok((event_id, value)) = gen_event_id_canonical_json(&response.event, &room_version_id) else {
+			// Event could not be converted to canonical json
+			return Err(Error::BadRequest(
+				ErrorKind::InvalidParam,
+				"Could not convert event to canonical json.",
+			));
 		};
 
 		if *pdu.event_id != *event_id {

src/api/client_server/report.rs

@@ -21,14 +21,11 @@ pub async fn report_event_route(body: Ruma<report_content::v3::Request>) -> Resu
 	info!("Received /report request by user {}", sender_user);
 
 	// check if we know about the reported event ID or if it's invalid
-	let pdu = match services().rooms.timeline.get_pdu(&body.event_id)? {
-		Some(pdu) => pdu,
-		_ => {
-			return Err(Error::BadRequest(
-				ErrorKind::NotFound,
-				"Event ID is not known to us or Event ID is invalid",
-			))
-		},
+	let Some(pdu) = services().rooms.timeline.get_pdu(&body.event_id)? else {
+		return Err(Error::BadRequest(
+			ErrorKind::NotFound,
+			"Event ID is not known to us or Event ID is invalid",
+		));
 	};
 
 	// check if the room ID from the URI matches the PDU's room ID

src/api/client_server/sync.rs

@@ -314,28 +314,23 @@ async fn sync_helper(
 			None => HashMap::new(),
 		};
 
-		let left_event_id = match services().rooms.state_accessor.room_state_get_id(
+		let Some(left_event_id) = services().rooms.state_accessor.room_state_get_id(
 			&room_id,
 			&StateEventType::RoomMember,
 			sender_user.as_str(),
-		)? {
-			Some(e) => e,
-			None => {
-				error!("Left room but no left state event");
-				continue;
-			},
+		)?
+		else {
+			error!("Left room but no left state event");
+			continue;
 		};
 
-		let left_shortstatehash = match services()
+		let Some(left_shortstatehash) = services()
 			.rooms
 			.state_accessor
 			.pdu_shortstatehash(&left_event_id)?
-		{
-			Some(s) => s,
-			None => {
-				error!("Leave event has no state");
-				continue;
-			},
+		else {
+			error!("Leave event has no state");
+			continue;
 		};
 
 		let mut left_state_ids = services()
@@ -616,9 +611,7 @@ async fn load_joined_room(
 
 	// Database queries:
 
-	let current_shortstatehash = if let Some(s) = services().rooms.state.get_room_shortstatehash(room_id)? {
-		s
-	} else {
+	let Some(current_shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? else {
 		error!("Room {} has no state", room_id);
 		return Err(Error::BadDatabase("Room has no state"));
 	};
@@ -736,12 +729,9 @@ async fn load_joined_room(
 						.get_statekey_from_short(shortstatekey)?;
 
 					if event_type != StateEventType::RoomMember {
-						let pdu = match services().rooms.timeline.get_pdu(&id)? {
-							Some(pdu) => pdu,
-							None => {
-								error!("Pdu in state not found: {}", id);
-								continue;
-							},
+						let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+							error!("Pdu in state not found: {}", id);
+							continue;
 						};
 						state_events.push(pdu);
 
@@ -755,12 +745,9 @@ async fn load_joined_room(
                 // TODO: Delete the following line when this is resolved: https://github.com/vector-im/element-web/issues/22565
                 || (cfg!(feature = "element_hacks") && *sender_user == state_key)
 					{
-						let pdu = match services().rooms.timeline.get_pdu(&id)? {
-							Some(pdu) => pdu,
-							None => {
-								error!("Pdu in state not found: {}", id);
-								continue;
-							},
+						let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+							error!("Pdu in state not found: {}", id);
+							continue;
 						};
 
 						// This check is in case a bad user ID made it into the database
@@ -812,12 +799,9 @@ async fn load_joined_room(
 
 					for (key, id) in current_state_ids {
 						if full_state || since_state_ids.get(&key) != Some(&id) {
-							let pdu = match services().rooms.timeline.get_pdu(&id)? {
-								Some(pdu) => pdu,
-								None => {
-									error!("Pdu in state not found: {}", id);
-									continue;
-								},
+							let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+								error!("Pdu in state not found: {}", id);
+								continue;
 							};
 
 							if pdu.kind == TimelineEventType::RoomMember {
@@ -1209,9 +1193,7 @@ pub async fn sync_events_v4_route(
 		);
 
 		for room_id in &all_joined_rooms {
-			let current_shortstatehash = if let Some(s) = services().rooms.state.get_room_shortstatehash(room_id)? {
-				s
-			} else {
+			let Some(current_shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? else {
 				error!("Room {} has no state", room_id);
 				continue;
 			};
@@ -1272,12 +1254,9 @@ pub async fn sync_events_v4_route(
 
 					for (key, id) in current_state_ids {
 						if since_state_ids.get(&key) != Some(&id) {
-							let pdu = match services().rooms.timeline.get_pdu(&id)? {
-								Some(pdu) => pdu,
-								None => {
-									error!("Pdu in state not found: {}", id);
-									continue;
-								},
+							let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+								error!("Pdu in state not found: {}", id);
+								continue;
 							};
 							if pdu.kind == TimelineEventType::RoomMember {
 								if let Some(state_key) = &pdu.state_key {

src/api/ruma_wrapper/axum.rs

@@ -84,82 +84,60 @@ where
 			None
 		};
 
-		let (sender_user, sender_device, sender_servername, from_appservice) = if let Some(info) =
-			appservice_registration
-		{
-			match metadata.authentication {
-				AuthScheme::AccessToken => {
-					let user_id = query_params.user_id.map_or_else(
-						|| {
-							UserId::parse_with_server_name(
-								info.registration.sender_localpart.as_str(),
-								services().globals.server_name(),
-							)
-							.unwrap()
-						},
-						|s| UserId::parse(s).unwrap(),
-					);
+		let (sender_user, sender_device, sender_servername, from_appservice) =
+			if let Some(info) = appservice_registration {
+				match metadata.authentication {
+					AuthScheme::AccessToken => {
+						let user_id = query_params.user_id.map_or_else(
+							|| {
+								UserId::parse_with_server_name(
+									info.registration.sender_localpart.as_str(),
+									services().globals.server_name(),
+								)
+								.unwrap()
+							},
+							|s| UserId::parse(s).unwrap(),
+						);
 
-					debug!("User ID: {:?}", user_id);
+						debug!("User ID: {:?}", user_id);
 
-					if !services().users.exists(&user_id)? {
-						return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
-					}
+						if !services().users.exists(&user_id)? {
+							return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
+						}
 
-					// TODO: Check if appservice is allowed to be that user
-					(Some(user_id), None, None, true)
-				},
-				AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken => {
-					let user_id = query_params.user_id.map_or_else(
-						|| {
-							UserId::parse_with_server_name(
-								info.registration.sender_localpart.as_str(),
-								services().globals.server_name(),
-							)
-							.unwrap()
-						},
-						|s| UserId::parse(s).unwrap(),
-					);
-
-					debug!("User ID: {:?}", user_id);
-
-					if !services().users.exists(&user_id)? {
-						(None, None, None, true)
-					} else {
 						// TODO: Check if appservice is allowed to be that user
 						(Some(user_id), None, None, true)
-					}
-				},
-				AuthScheme::ServerSignatures | AuthScheme::None => (None, None, None, true),
-			}
-		} else {
-			match metadata.authentication {
-				AuthScheme::AccessToken => {
-					let token = match token {
-						Some(token) => token,
-						_ => return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token.")),
-					};
+					},
+					AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken => {
+						let user_id = query_params.user_id.map_or_else(
+							|| {
+								UserId::parse_with_server_name(
+									info.registration.sender_localpart.as_str(),
+									services().globals.server_name(),
+								)
+								.unwrap()
+							},
+							|s| UserId::parse(s).unwrap(),
+						);
 
-					match services().users.find_from_token(token)? {
-						None => {
-							return Err(Error::BadRequest(
-								ErrorKind::UnknownToken {
-									soft_logout: false,
-								},
-								"Unknown access token.",
-							))
-						},
-						Some((user_id, device_id)) => {
-							(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
-						},
-					}
-				},
-				AuthScheme::AccessTokenOptional => {
-					let token = token.unwrap_or("");
+						debug!("User ID: {:?}", user_id);
+
+						if !services().users.exists(&user_id)? {
+							(None, None, None, true)
+						} else {
+							// TODO: Check if appservice is allowed to be that user
+							(Some(user_id), None, None, true)
+						}
+					},
+					AuthScheme::ServerSignatures | AuthScheme::None => (None, None, None, true),
+				}
+			} else {
+				match metadata.authentication {
+					AuthScheme::AccessToken => {
+						let Some(token) = token else {
+							return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token."));
+						};
 
-					if token.is_empty() {
-						(None, None, None, false)
-					} else {
 						match services().users.find_from_token(token)? {
 							None => {
 								return Err(Error::BadRequest(
@@ -173,112 +151,13 @@ where
 								(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
 							},
 						}
-					}
-				},
-				// treat non-appservice registrations as None authentication
-				AuthScheme::AppserviceToken => (None, None, None, false),
-				AuthScheme::ServerSignatures => {
-					if !services().globals.allow_federation() {
-						return Err(Error::bad_config("Federation is disabled."));
-					}
-
-					let TypedHeader(Authorization(x_matrix)) = parts
-						.extract::<TypedHeader<Authorization<XMatrix>>>()
-						.await
-						.map_err(|e| {
-							warn!("Missing or invalid Authorization header: {}", e);
-
-							let msg = match e.reason() {
-								TypedHeaderRejectionReason::Missing => "Missing Authorization header.",
-								TypedHeaderRejectionReason::Error(_) => "Invalid X-Matrix signatures.",
-								_ => "Unknown header-related error",
-							};
-
-							Error::BadRequest(ErrorKind::Forbidden, msg)
-						})?;
-
-					let origin_signatures =
-						BTreeMap::from_iter([(x_matrix.key.clone(), CanonicalJsonValue::String(x_matrix.sig))]);
-
-					let signatures = BTreeMap::from_iter([(
-						x_matrix.origin.as_str().to_owned(),
-						CanonicalJsonValue::Object(origin_signatures),
-					)]);
-
-					let server_destination = services().globals.server_name().as_str().to_owned();
-
-					if let Some(destination) = x_matrix.destination.as_ref() {
-						if destination != &server_destination {
-							return Err(Error::BadRequest(ErrorKind::Forbidden, "Invalid authorization."));
-						}
-					}
-
-					let mut request_map = BTreeMap::from_iter([
-						("method".to_owned(), CanonicalJsonValue::String(parts.method.to_string())),
-						("uri".to_owned(), CanonicalJsonValue::String(parts.uri.to_string())),
-						(
-							"origin".to_owned(),
-							CanonicalJsonValue::String(x_matrix.origin.as_str().to_owned()),
-						),
-						("destination".to_owned(), CanonicalJsonValue::String(server_destination)),
-						("signatures".to_owned(), CanonicalJsonValue::Object(signatures)),
-					]);
-
-					if let Some(json_body) = &json_body {
-						request_map.insert("content".to_owned(), json_body.clone());
-					};
-
-					let keys_result = services()
-						.rooms
-						.event_handler
-						.fetch_signing_keys_for_server(&x_matrix.origin, vec![x_matrix.key.clone()])
-						.await;
-
-					let keys = match keys_result {
-						Ok(b) => b,
-						Err(e) => {
-							warn!("Failed to fetch signing keys: {}", e);
-							return Err(Error::BadRequest(ErrorKind::Forbidden, "Failed to fetch signing keys."));
-						},
-					};
-
-					let pub_key_map = BTreeMap::from_iter([(x_matrix.origin.as_str().to_owned(), keys)]);
-
-					match ruma::signatures::verify_json(&pub_key_map, &request_map) {
-						Ok(()) => (None, None, Some(x_matrix.origin), false),
-						Err(e) => {
-							warn!(
-								"Failed to verify json request from {}: {}\n{:?}",
-								x_matrix.origin, e, request_map
-							);
-
-							if parts.uri.to_string().contains('@') {
-								warn!(
-									"Request uri contained '@' character. Make sure your reverse proxy gives Conduit \
-									 the raw uri (apache: use nocanon)"
-								);
-							}
-
-							return Err(Error::BadRequest(
-								ErrorKind::Forbidden,
-								"Failed to verify X-Matrix signatures.",
-							));
-						},
-					}
-				},
-				AuthScheme::None => match parts.uri.path() {
-					// allow_public_room_directory_without_auth
-					"/_matrix/client/v3/publicRooms" | "/_matrix/client/r0/publicRooms" => {
-						if !services()
-							.globals
-							.config
-							.allow_public_room_directory_without_auth
-						{
-							let token = match token {
-								Some(token) => token,
-								_ => return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token.")),
-							};
+					},
+					AuthScheme::AccessTokenOptional => {
+						let token = token.unwrap_or("");
 
+						if token.is_empty() {
+							(None, None, None, false)
+						} else {
 							match services().users.find_from_token(token)? {
 								None => {
 									return Err(Error::BadRequest(
@@ -292,14 +171,132 @@ where
 									(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
 								},
 							}
-						} else {
-							(None, None, None, false)
 						}
 					},
-					_ => (None, None, None, false),
-				},
-			}
-		};
+					// treat non-appservice registrations as None authentication
+					AuthScheme::AppserviceToken => (None, None, None, false),
+					AuthScheme::ServerSignatures => {
+						if !services().globals.allow_federation() {
+							return Err(Error::bad_config("Federation is disabled."));
+						}
+
+						let TypedHeader(Authorization(x_matrix)) = parts
+							.extract::<TypedHeader<Authorization<XMatrix>>>()
+							.await
+							.map_err(|e| {
+								warn!("Missing or invalid Authorization header: {}", e);
+
+								let msg = match e.reason() {
+									TypedHeaderRejectionReason::Missing => "Missing Authorization header.",
+									TypedHeaderRejectionReason::Error(_) => "Invalid X-Matrix signatures.",
+									_ => "Unknown header-related error",
+								};
+
+								Error::BadRequest(ErrorKind::Forbidden, msg)
+							})?;
+
+						let origin_signatures =
+							BTreeMap::from_iter([(x_matrix.key.clone(), CanonicalJsonValue::String(x_matrix.sig))]);
+
+						let signatures = BTreeMap::from_iter([(
+							x_matrix.origin.as_str().to_owned(),
+							CanonicalJsonValue::Object(origin_signatures),
+						)]);
+
+						let server_destination = services().globals.server_name().as_str().to_owned();
+
+						if let Some(destination) = x_matrix.destination.as_ref() {
+							if destination != &server_destination {
+								return Err(Error::BadRequest(ErrorKind::Forbidden, "Invalid authorization."));
+							}
+						}
+
+						let mut request_map = BTreeMap::from_iter([
+							("method".to_owned(), CanonicalJsonValue::String(parts.method.to_string())),
+							("uri".to_owned(), CanonicalJsonValue::String(parts.uri.to_string())),
+							(
+								"origin".to_owned(),
+								CanonicalJsonValue::String(x_matrix.origin.as_str().to_owned()),
+							),
+							("destination".to_owned(), CanonicalJsonValue::String(server_destination)),
+							("signatures".to_owned(), CanonicalJsonValue::Object(signatures)),
+						]);
+
+						if let Some(json_body) = &json_body {
+							request_map.insert("content".to_owned(), json_body.clone());
+						};
+
+						let keys_result = services()
+							.rooms
+							.event_handler
+							.fetch_signing_keys_for_server(&x_matrix.origin, vec![x_matrix.key.clone()])
+							.await;
+
+						let keys = match keys_result {
+							Ok(b) => b,
+							Err(e) => {
+								warn!("Failed to fetch signing keys: {}", e);
+								return Err(Error::BadRequest(ErrorKind::Forbidden, "Failed to fetch signing keys."));
+							},
+						};
+
+						let pub_key_map = BTreeMap::from_iter([(x_matrix.origin.as_str().to_owned(), keys)]);
+
+						match ruma::signatures::verify_json(&pub_key_map, &request_map) {
+							Ok(()) => (None, None, Some(x_matrix.origin), false),
+							Err(e) => {
+								warn!(
+									"Failed to verify json request from {}: {}\n{:?}",
+									x_matrix.origin, e, request_map
+								);
+
+								if parts.uri.to_string().contains('@') {
+									warn!(
+										"Request uri contained '@' character. Make sure your reverse proxy gives \
+										 Conduit the raw uri (apache: use nocanon)"
+									);
+								}
+
+								return Err(Error::BadRequest(
+									ErrorKind::Forbidden,
+									"Failed to verify X-Matrix signatures.",
+								));
+							},
+						}
+					},
+					AuthScheme::None => match parts.uri.path() {
+						// allow_public_room_directory_without_auth
+						"/_matrix/client/v3/publicRooms" | "/_matrix/client/r0/publicRooms" => {
+							if !services()
+								.globals
+								.config
+								.allow_public_room_directory_without_auth
+							{
+								let Some(token) = token else {
+									return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token."));
+								};
+
+								match services().users.find_from_token(token)? {
+									None => {
+										return Err(Error::BadRequest(
+											ErrorKind::UnknownToken {
+												soft_logout: false,
+											},
+											"Unknown access token.",
+										))
+									},
+									Some((user_id, device_id)) => {
+										(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
+									},
+								}
+							} else {
+								(None, None, None, false)
+							}
+						},
+						_ => (None, None, None, false),
+					},
+				}
+			};
 
 		let mut http_request = Request::builder().uri(parts.uri).method(parts.method);
 		*http_request.headers_mut().unwrap() = parts.headers;

src/api/server_server.rs

@@ -429,74 +429,64 @@ async fn find_actual_destination(destination: &'_ ServerName) -> (FedDest, FedDe
 				FedDest::Named(host.to_owned(), port.to_owned())
 			} else {
 				debug!("Requesting well known for {destination}");
-				match request_well_known(destination.as_str()).await {
-					Some(delegated_hostname) => {
-						debug!("3: A .well-known file is available");
-						hostname = add_port_to_hostname(&delegated_hostname).into_uri_string();
-						match get_ip_with_port(&delegated_hostname) {
-							Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
-							None => {
-								if let Some(pos) = delegated_hostname.find(':') {
-									debug!("3.2: Hostname with port in .well-known file");
+				if let Some(delegated_hostname) = request_well_known(destination.as_str()).await {
+					debug!("3: A .well-known file is available");
+					hostname = add_port_to_hostname(&delegated_hostname).into_uri_string();
+					match get_ip_with_port(&delegated_hostname) {
+						Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
+						None => {
+							if let Some(pos) = delegated_hostname.find(':') {
+								debug!("3.2: Hostname with port in .well-known file");
 
-									let (host, port) = delegated_hostname.split_at(pos);
-									query_and_cache_override(host, host, port.parse::<u16>().unwrap_or(8448)).await;
+								let (host, port) = delegated_hostname.split_at(pos);
+								query_and_cache_override(host, host, port.parse::<u16>().unwrap_or(8448)).await;
 
-									FedDest::Named(host.to_owned(), port.to_owned())
-								} else {
-									debug!("Delegated hostname has no port in this branch");
-									if let Some(hostname_override) = query_srv_record(&delegated_hostname).await {
-										debug!("3.3: SRV lookup successful");
+								FedDest::Named(host.to_owned(), port.to_owned())
+							} else {
+								debug!("Delegated hostname has no port in this branch");
+								if let Some(hostname_override) = query_srv_record(&delegated_hostname).await {
+									debug!("3.3: SRV lookup successful");
 
-										let force_port = hostname_override.port();
-										query_and_cache_override(
-											&delegated_hostname,
-											&hostname_override.hostname(),
-											force_port.unwrap_or(8448),
-										)
-										.await;
+									let force_port = hostname_override.port();
+									query_and_cache_override(
+										&delegated_hostname,
+										&hostname_override.hostname(),
+										force_port.unwrap_or(8448),
+									)
+									.await;
 
-										if let Some(port) = force_port {
-											FedDest::Named(delegated_hostname, format!(":{port}"))
-										} else {
-											add_port_to_hostname(&delegated_hostname)
-										}
+									if let Some(port) = force_port {
+										FedDest::Named(delegated_hostname, format!(":{port}"))
 									} else {
-										debug!("3.4: No SRV records, just use the hostname from .well-known");
-										query_and_cache_override(&delegated_hostname, &delegated_hostname, 8448).await;
 										add_port_to_hostname(&delegated_hostname)
 									}
-								}
-							},
-						}
-					},
-					None => {
-						debug!("4: No .well-known or an error occured");
-						match query_srv_record(&destination_str).await {
-							Some(hostname_override) => {
-								debug!("4: SRV record found");
-
-								let force_port = hostname_override.port();
-								query_and_cache_override(
-									&hostname,
-									&hostname_override.hostname(),
-									force_port.unwrap_or(8448),
-								)
-								.await;
-
-								if let Some(port) = force_port {
-									FedDest::Named(hostname.clone(), format!(":{port}"))
 								} else {
-									add_port_to_hostname(&hostname)
+									debug!("3.4: No SRV records, just use the hostname from .well-known");
+									query_and_cache_override(&delegated_hostname, &delegated_hostname, 8448).await;
+									add_port_to_hostname(&delegated_hostname)
 								}
-							},
-							None => {
-								debug!("5: No SRV record found");
-								query_and_cache_override(&destination_str, &destination_str, 8448).await;
-								add_port_to_hostname(&destination_str)
-							},
+							}
+						},
+					}
+				} else {
+					debug!("4: No .well-known or an error occured");
+					if let Some(hostname_override) = query_srv_record(&destination_str).await {
+						debug!("4: SRV record found");
+
+						let force_port = hostname_override.port();
+						query_and_cache_override(&hostname, &hostname_override.hostname(), force_port.unwrap_or(8448))
+							.await;
+
+						if let Some(port) = force_port {
+							FedDest::Named(hostname.clone(), format!(":{port}"))
+						} else {
+							add_port_to_hostname(&hostname)
 						}
-					},
+					} else {
+						debug!("5: No SRV record found");
+						query_and_cache_override(&destination_str, &destination_str, 8448).await;
+						add_port_to_hostname(&destination_str)
+					}
 				}
 			}
 		},
@@ -776,15 +766,12 @@ pub fn parse_incoming_pdu(pdu: &RawJsonValue) -> Result<(OwnedEventId, Canonical
 
 	let room_version_id = services().rooms.state.get_room_version(&room_id)?;
 
-	let (event_id, value) = match gen_event_id_canonical_json(pdu, &room_version_id) {
-		Ok(t) => t,
-		Err(_) => {
-			// Event could not be converted to canonical json
-			return Err(Error::BadRequest(
-				ErrorKind::InvalidParam,
-				"Could not convert event to canonical json.",
-			));
-		},
+	let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, &room_version_id) else {
+		// Event could not be converted to canonical json
+		return Err(Error::BadRequest(
+			ErrorKind::InvalidParam,
+			"Could not convert event to canonical json.",
+		));
 	};
 	Ok((event_id, value, room_id))
 }
@@ -1379,12 +1366,13 @@ pub async fn get_room_state_route(body: Ruma<get_room_state::v1::Request>) -> Re
 
 	Ok(get_room_state::v1::Response {
 		auth_chain: auth_chain_ids
-			.filter_map(|id| match services().rooms.timeline.get_pdu_json(&id).ok()? {
-				Some(json) => Some(PduEvent::convert_to_outgoing_federation_event(json)),
-				None => {
+			.filter_map(|id| {
+				if let Some(json) = services().rooms.timeline.get_pdu_json(&id).ok()? {
+					Some(PduEvent::convert_to_outgoing_federation_event(json))
+				} else {
 					error!("Could not find event json for {id} in db.");
 					None
-				},
+				}
 			})
 			.collect(),
 		pdus,
@@ -1623,15 +1611,12 @@ async fn create_join_event(
 	// We do not add the event_id field to the pdu here because of signature and
 	// hashes checks
 	let room_version_id = services().rooms.state.get_room_version(room_id)?;
-	let (event_id, value) = match gen_event_id_canonical_json(pdu, &room_version_id) {
-		Ok(t) => t,
-		Err(_) => {
-			// Event could not be converted to canonical json
-			return Err(Error::BadRequest(
-				ErrorKind::InvalidParam,
-				"Could not convert event to canonical json.",
-			));
-		},
+	let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, &room_version_id) else {
+		// Event could not be converted to canonical json
+		return Err(Error::BadRequest(
+			ErrorKind::InvalidParam,
+			"Could not convert event to canonical json.",
+		));
 	};
 
 	let origin: OwnedServerName = serde_json::from_value(

src/database/abstraction/rocksdb.rs

@@ -253,18 +253,17 @@ impl KeyValueDatabaseEngine for Arc<Engine> {
 		let options = BackupEngineOptions::new(path.unwrap())?;
 		let mut engine = BackupEngine::open(&options, &self.env)?;
 		let ret = if self.config.database_backups_to_keep > 0 {
-			match engine.create_new_backup_flush(&self.rocks, true) {
-				Err(e) => return Err(Box::new(e)),
-				Ok(()) => {
-					let engine_info = engine.get_backup_info();
-					let info = &engine_info.last().unwrap();
-					info!(
-						"Created database backup #{} using {} bytes in {} files",
-						info.backup_id, info.size, info.num_files,
-					);
-					Ok(())
-				},
+			if let Err(e) = engine.create_new_backup_flush(&self.rocks, true) {
+				return Err(Box::new(e));
 			}
+
+			let engine_info = engine.get_backup_info();
+			let info = &engine_info.last().unwrap();
+			info!(
+				"Created database backup #{} using {} bytes in {} files",
+				info.backup_id, info.size, info.num_files,
+			);
+			Ok(())
 		} else {
 			Ok(())
 		};

src/database/abstraction/sqlite.rs

@@ -43,7 +43,7 @@ impl<T> Drop for NonAliasingBox<T> {
 	}
 }
 
-pub struct Engine {
+pub(crate) struct Engine {
 	writer: Mutex<Connection>,
 	read_conn_tls: ThreadLocal<Connection>,
 	read_iterator_conn_tls: ThreadLocal<Connection>,

src/database/key_value/rooms/search.rs

@@ -52,12 +52,11 @@ impl service::rooms::search::Data for KeyValueDatabase {
 				.map(move |(key, _)| key[prefix3.len()..].to_vec())
 		});
 
-		let common_elements = match utils::common_elements(iterators, |a, b| {
+		let Some(common_elements) = utils::common_elements(iterators, |a, b| {
 			// We compare b with a because we reversed the iterator earlier
 			b.cmp(a)
-		}) {
-			Some(it) => it,
-			None => return Ok(None),
+		}) else {
+			return Ok(None);
 		};
 
 		Ok(Some((Box::new(common_elements), words)))

src/database/key_value/rooms/short.rs

@@ -11,18 +11,15 @@ impl service::rooms::short::Data for KeyValueDatabase {
 			return Ok(*short);
 		}
 
-		let short = match self.eventid_shorteventid.get(event_id.as_bytes())? {
-			Some(shorteventid) => {
-				utils::u64_from_bytes(&shorteventid).map_err(|_| Error::bad_database("Invalid shorteventid in db."))?
-			},
-			None => {
-				let shorteventid = services().globals.next_count()?;
-				self.eventid_shorteventid
-					.insert(event_id.as_bytes(), &shorteventid.to_be_bytes())?;
-				self.shorteventid_eventid
-					.insert(&shorteventid.to_be_bytes(), event_id.as_bytes())?;
-				shorteventid
-			},
+		let short = if let Some(shorteventid) = self.eventid_shorteventid.get(event_id.as_bytes())? {
+			utils::u64_from_bytes(&shorteventid).map_err(|_| Error::bad_database("Invalid shorteventid in db."))?
+		} else {
+			let shorteventid = services().globals.next_count()?;
+			self.eventid_shorteventid
+				.insert(event_id.as_bytes(), &shorteventid.to_be_bytes())?;
+			self.shorteventid_eventid
+				.insert(&shorteventid.to_be_bytes(), event_id.as_bytes())?;
+			shorteventid
 		};
 
 		self.eventidshort_cache
@@ -79,17 +76,15 @@ impl service::rooms::short::Data for KeyValueDatabase {
 		statekey_vec.push(0xFF);
 		statekey_vec.extend_from_slice(state_key.as_bytes());
 
-		let short = match self.statekey_shortstatekey.get(&statekey_vec)? {
-			Some(shortstatekey) => utils::u64_from_bytes(&shortstatekey)
-				.map_err(|_| Error::bad_database("Invalid shortstatekey in db."))?,
-			None => {
-				let shortstatekey = services().globals.next_count()?;
-				self.statekey_shortstatekey
-					.insert(&statekey_vec, &shortstatekey.to_be_bytes())?;
-				self.shortstatekey_statekey
-					.insert(&shortstatekey.to_be_bytes(), &statekey_vec)?;
-				shortstatekey
-			},
+		let short = if let Some(shortstatekey) = self.statekey_shortstatekey.get(&statekey_vec)? {
+			utils::u64_from_bytes(&shortstatekey).map_err(|_| Error::bad_database("Invalid shortstatekey in db."))?
+		} else {
+			let shortstatekey = services().globals.next_count()?;
+			self.statekey_shortstatekey
+				.insert(&statekey_vec, &shortstatekey.to_be_bytes())?;
+			self.shortstatekey_statekey
+				.insert(&shortstatekey.to_be_bytes(), &statekey_vec)?;
+			shortstatekey
 		};
 
 		self.statekeyshort_cache
@@ -170,18 +165,17 @@ impl service::rooms::short::Data for KeyValueDatabase {
 
 	/// Returns (shortstatehash, already_existed)
 	fn get_or_create_shortstatehash(&self, state_hash: &[u8]) -> Result<(u64, bool)> {
-		Ok(match self.statehash_shortstatehash.get(state_hash)? {
-			Some(shortstatehash) => (
+		Ok(if let Some(shortstatehash) = self.statehash_shortstatehash.get(state_hash)? {
+			(
 				utils::u64_from_bytes(&shortstatehash)
 					.map_err(|_| Error::bad_database("Invalid shortstatehash in db."))?,
 				true,
-			),
-			None => {
-				let shortstatehash = services().globals.next_count()?;
-				self.statehash_shortstatehash
-					.insert(state_hash, &shortstatehash.to_be_bytes())?;
-				(shortstatehash, false)
-			},
+			)
+		} else {
+			let shortstatehash = services().globals.next_count()?;
+			self.statehash_shortstatehash
+				.insert(state_hash, &shortstatehash.to_be_bytes())?;
+			(shortstatehash, false)
 		})
 	}
 
@@ -193,16 +187,13 @@ impl service::rooms::short::Data for KeyValueDatabase {
 	}
 
 	fn get_or_create_shortroomid(&self, room_id: &RoomId) -> Result<u64> {
-		Ok(match self.roomid_shortroomid.get(room_id.as_bytes())? {
-			Some(short) => {
-				utils::u64_from_bytes(&short).map_err(|_| Error::bad_database("Invalid shortroomid in db."))?
-			},
-			None => {
-				let short = services().globals.next_count()?;
-				self.roomid_shortroomid
-					.insert(room_id.as_bytes(), &short.to_be_bytes())?;
-				short
-			},
+		Ok(if let Some(short) = self.roomid_shortroomid.get(room_id.as_bytes())? {
+			utils::u64_from_bytes(&short).map_err(|_| Error::bad_database("Invalid shortroomid in db."))?
+		} else {
+			let short = services().globals.next_count()?;
+			self.roomid_shortroomid
+				.insert(room_id.as_bytes(), &short.to_be_bytes())?;
+			short
 		})
 	}
 }

src/database/key_value/rooms/state_accessor.rs

@@ -77,13 +77,12 @@ impl service::rooms::state_accessor::Data for KeyValueDatabase {
 	fn state_get_id(
 		&self, shortstatehash: u64, event_type: &StateEventType, state_key: &str,
 	) -> Result<Option<Arc<EventId>>> {
-		let shortstatekey = match services()
+		let Some(shortstatekey) = services()
 			.rooms
 			.short
 			.get_shortstatekey(event_type, state_key)?
-		{
-			Some(s) => s,
-			None => return Ok(None),
+		else {
+			return Ok(None);
 		};
 		let full_state = services()
 			.rooms

src/service/admin/room_moderation.rs

@@ -119,26 +119,25 @@ pub(crate) async fn process(command: RoomModerationCommand, body: Vec<&str>) ->
 					 using get_alias_helper to fetch room ID remotely"
 				);
 
-				let room_id = match services().rooms.alias.resolve_local_alias(&room_alias)? {
-					Some(room_id) => room_id,
-					None => {
-						debug!(
-							"We don't have this room alias to a room ID locally, attempting to fetch room ID over \
-							 federation"
-						);
+				let room_id = if let Some(room_id) = services().rooms.alias.resolve_local_alias(&room_alias)? {
+					room_id
+				} else {
+					debug!(
+						"We don't have this room alias to a room ID locally, attempting to fetch room ID over \
+						 federation"
+					);
 
-						match get_alias_helper(room_alias).await {
-							Ok(response) => {
-								debug!("Got federation response fetching room ID for room {room}: {:?}", response);
-								response.room_id
-							},
-							Err(e) => {
-								return Ok(RoomMessageEventContent::text_plain(format!(
-									"Failed to resolve room alias {room} to a room ID: {e}"
-								)));
-							},
-						}
-					},
+					match get_alias_helper(room_alias).await {
+						Ok(response) => {
+							debug!("Got federation response fetching room ID for room {room}: {:?}", response);
+							response.room_id
+						},
+						Err(e) => {
+							return Ok(RoomMessageEventContent::text_plain(format!(
+								"Failed to resolve room alias {room} to a room ID: {e}"
+							)));
+						},
+					}
 				};
 
 				services().rooms.metadata.ban_room(&room_id, true)?;
@@ -352,14 +351,12 @@ pub(crate) async fn process(command: RoomModerationCommand, body: Vec<&str>) ->
 
 				if disable_federation {
 					return Ok(RoomMessageEventContent::text_plain(format!(
-						"Finished bulk room ban, banned {} total rooms, evicted all users, and disabled incoming \
-						 federation with the room.",
-						room_ban_count
+						"Finished bulk room ban, banned {room_ban_count} total rooms, evicted all users, and disabled \
+						 incoming federation with the room."
 					)));
 				}
 				return Ok(RoomMessageEventContent::text_plain(format!(
-					"Finished bulk room ban, banned {} total rooms and evicted all users.",
-					room_ban_count
+					"Finished bulk room ban, banned {room_ban_count} total rooms and evicted all users."
 				)));
 			}
 
@@ -403,26 +400,25 @@ pub(crate) async fn process(command: RoomModerationCommand, body: Vec<&str>) ->
 					 using get_alias_helper to fetch room ID remotely"
 				);
 
-				let room_id = match services().rooms.alias.resolve_local_alias(&room_alias)? {
-					Some(room_id) => room_id,
-					None => {
-						debug!(
-							"We don't have this room alias to a room ID locally, attempting to fetch room ID over \
-							 federation"
-						);
+				let room_id = if let Some(room_id) = services().rooms.alias.resolve_local_alias(&room_alias)? {
+					room_id
+				} else {
+					debug!(
+						"We don't have this room alias to a room ID locally, attempting to fetch room ID over \
+						 federation"
+					);
 
-						match get_alias_helper(room_alias).await {
-							Ok(response) => {
-								debug!("Got federation response fetching room ID for room {room}: {:?}", response);
-								response.room_id
-							},
-							Err(e) => {
-								return Ok(RoomMessageEventContent::text_plain(format!(
-									"Failed to resolve room alias {room} to a room ID: {e}"
-								)));
-							},
-						}
-					},
+					match get_alias_helper(room_alias).await {
+						Ok(response) => {
+							debug!("Got federation response fetching room ID for room {room}: {:?}", response);
+							response.room_id
+						},
+						Err(e) => {
+							return Ok(RoomMessageEventContent::text_plain(format!(
+								"Failed to resolve room alias {room} to a room ID: {e}"
+							)));
+						},
+					}
 				};
 
 				services().rooms.metadata.ban_room(&room_id, false)?;

src/service/media/mod.rs

@@ -214,13 +214,10 @@ impl Service {
 					})
 					.transpose()?;
 
-				let mxc_s = match mxc {
-					Some(mxc) => mxc,
-					None => {
-						return Err(Error::bad_database(
-							"Parsed MXC URL unicode bytes from database but still is None",
-						));
-					},
+				let Some(mxc_s) = mxc else {
+					return Err(Error::bad_database(
+						"Parsed MXC URL unicode bytes from database but still is None",
+					));
 				};
 
 				debug!("Parsed MXC key to URL: {}", mxc_s);

src/service/rooms/event_handler/mod.rs

@@ -314,9 +314,8 @@ impl Service {
 				Ok(ruma::signatures::Verified::Signatures) => {
 					// Redact
 					warn!("Calculated hash does not match: {}", event_id);
-					let obj = match ruma::canonical_json::redact(value, room_version_id, None) {
-						Ok(obj) => obj,
-						Err(_) => return Err(Error::BadRequest(ErrorKind::InvalidParam, "Redaction failed")),
+					let Ok(obj) = ruma::canonical_json::redact(value, room_version_id, None) else {
+						return Err(Error::BadRequest(ErrorKind::InvalidParam, "Redaction failed"));
 					};
 
 					// Skip the PDU if it is redacted and we already have it as an outlier event
@@ -373,12 +372,9 @@ impl Service {
 			// Build map of auth events
 			let mut auth_events = HashMap::new();
 			for id in &incoming_pdu.auth_events {
-				let auth_event = match services().rooms.timeline.get_pdu(id)? {
-					Some(e) => e,
-					None => {
-						warn!("Could not find auth event {}", id);
-						continue;
-					},
+				let Some(auth_event) = services().rooms.timeline.get_pdu(id)? else {
+					warn!("Could not find auth event {}", id);
+					continue;
 				};
 
 				self.check_room_id(room_id, &auth_event)?;
@@ -525,20 +521,16 @@ impl Service {
 
 			let mut okay = true;
 			for prev_eventid in &incoming_pdu.prev_events {
-				let prev_event = if let Ok(Some(pdu)) = services().rooms.timeline.get_pdu(prev_eventid) {
-					pdu
-				} else {
+				let Ok(Some(prev_event)) = services().rooms.timeline.get_pdu(prev_eventid) else {
 					okay = false;
 					break;
 				};
 
-				let sstatehash = if let Ok(Some(s)) = services()
+				let Ok(Some(sstatehash)) = services()
 					.rooms
 					.state_accessor
 					.pdu_shortstatehash(prev_eventid)
-				{
-					s
-				} else {
+				else {
 					okay = false;
 					break;
 				};
@@ -1072,14 +1064,12 @@ impl Service {
 					{
 						Ok(res) => {
 							info!("Got {} over federation", next_id);
-							let (calculated_event_id, value) =
-								match pdu::gen_event_id_canonical_json(&res.pdu, room_version_id) {
-									Ok(t) => t,
-									Err(_) => {
-										back_off((*next_id).to_owned()).await;
-										continue;
-									},
-								};
+							let Ok((calculated_event_id, value)) =
+								pdu::gen_event_id_canonical_json(&res.pdu, room_version_id)
+							else {
+								back_off((*next_id).to_owned()).await;
+								continue;
+							};
 
 							if calculated_event_id != *next_id {
 								warn!(
@@ -1616,21 +1606,18 @@ impl Service {
 
 	/// Returns Ok if the acl allows the server
 	pub fn acl_check(&self, server_name: &ServerName, room_id: &RoomId) -> Result<()> {
-		let acl_event =
-			match services()
+		let acl_event = if let Some(acl) =
+			services()
 				.rooms
 				.state_accessor
 				.room_state_get(room_id, &StateEventType::RoomServerAcl, "")?
-			{
-				Some(acl) => {
-					debug!("ACL event found: {acl:?}");
-					acl
-				},
-				None => {
-					info!("No ACL event found");
-					return Ok(());
-				},
-			};
+		{
+			debug!("ACL event found: {acl:?}");
+			acl
+		} else {
+			debug!("No ACL event found");
+			return Ok(());
+		};
 
 		let acl_event_content: RoomServerAclEventContent = match serde_json::from_str(acl_event.content.get()) {
 			Ok(content) => {

src/service/rooms/spaces/mod.rs

@@ -90,7 +90,7 @@ impl Arena {
 
 	/// Returns the first untraversed node, marking it as traversed in the
 	/// process
-	pub fn first_untraversed(&mut self) -> Option<NodeId> {
+	fn first_untraversed(&mut self) -> Option<NodeId> {
 		if self.nodes.is_empty() {
 			None
 		} else if let Some(untraversed) = self.first_untraversed {
@@ -133,7 +133,7 @@ impl Arena {
 	}
 
 	/// Adds all the given nodes as children of the parent node
-	pub fn push(&mut self, parent: NodeId, mut children: Vec<OwnedRoomId>) {
+	fn push(&mut self, parent: NodeId, mut children: Vec<OwnedRoomId>) {
 		if children.is_empty() {
 			self.traverse(parent);
 		} else if self.nodes.get(parent.index).is_some() {
@@ -204,7 +204,7 @@ impl Arena {
 		}
 	}
 
-	pub fn new(root: OwnedRoomId, max_depth: usize) -> Self {
+	fn new(root: OwnedRoomId, max_depth: usize) -> Self {
 		let zero_depth = max_depth == 0;
 
 		Arena {
@@ -229,11 +229,11 @@ impl Arena {
 
 // Note: perhaps use some better form of token rather than just room count
 #[derive(Debug, PartialEq)]
-pub struct PagnationToken {
-	pub skip: UInt,
-	pub limit: UInt,
-	pub max_depth: UInt,
-	pub suggested_only: bool,
+pub(crate) struct PagnationToken {
+	pub(crate) skip: UInt,
+	pub(crate) limit: UInt,
+	pub(crate) max_depth: UInt,
+	pub(crate) suggested_only: bool,
 }
 
 impl FromStr for PagnationToken {

src/service/rooms/state/mod.rs

@@ -4,7 +4,7 @@ use std::{
 	sync::Arc,
 };
 
-pub use data::Data;
+pub(crate) use data::Data;
 use ruma::{
 	api::client::error::ErrorKind,
 	events::{
@@ -43,9 +43,8 @@ impl Service {
 				.ok()
 				.map(|(_, id)| id)
 		}) {
-			let pdu = match services().rooms.timeline.get_pdu_json(&event_id)? {
-				Some(pdu) => pdu,
-				None => continue,
+			let Some(pdu) = services().rooms.timeline.get_pdu_json(&event_id)? else {
+				continue;
 			};
 
 			let pdu: PduEvent = match serde_json::from_str(
@@ -57,19 +56,16 @@ impl Service {
 
 			match pdu.kind {
 				TimelineEventType::RoomMember => {
-					let membership_event = match serde_json::from_str::<RoomMemberEventContent>(pdu.content.get()) {
-						Ok(e) => e,
-						Err(_) => continue,
+					let Ok(membership_event) = serde_json::from_str::<RoomMemberEventContent>(pdu.content.get()) else {
+						continue;
 					};
 
-					let state_key = match pdu.state_key {
-						Some(k) => k,
-						None => continue,
+					let Some(state_key) = pdu.state_key else {
+						continue;
 					};
 
-					let user_id = match UserId::parse(state_key) {
-						Ok(id) => id,
-						Err(_) => continue,
+					let Ok(user_id) = UserId::parse(state_key) else {
+						continue;
 					};
 
 					services()
@@ -355,12 +351,9 @@ impl Service {
 		&self, room_id: &RoomId, kind: &TimelineEventType, sender: &UserId, state_key: Option<&str>,
 		content: &serde_json::value::RawValue,
 	) -> Result<StateMap<Arc<PduEvent>>> {
-		let shortstatehash =
-			if let Some(current_shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? {
-				current_shortstatehash
-			} else {
-				return Ok(HashMap::new());
-			};
+		let Some(shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? else {
+			return Ok(HashMap::new());
+		};
 
 		let auth_events =
 			state_res::auth_types_for_event(kind, sender, state_key, content).expect("content is a valid JSON object");

src/service/rooms/state_accessor/mod.rs

@@ -143,9 +143,8 @@ impl Service {
 	/// the room's history_visibility at that event's state.
 	#[tracing::instrument(skip(self, user_id, room_id, event_id))]
 	pub fn user_can_see_event(&self, user_id: &UserId, room_id: &RoomId, event_id: &EventId) -> Result<bool> {
-		let shortstatehash = match self.pdu_shortstatehash(event_id)? {
-			Some(shortstatehash) => shortstatehash,
-			None => return Ok(true),
+		let Some(shortstatehash) = self.pdu_shortstatehash(event_id)? else {
+			return Ok(true);
 		};
 
 		if let Some(visibility) = self

src/service/users/mod.rs

@@ -473,7 +473,7 @@ impl Service {
 }
 
 /// Ensure that a user only sees signatures from themselves and the target user
-pub fn clean_signatures<F: Fn(&UserId) -> bool>(
+pub(crate) fn clean_signatures<F: Fn(&UserId) -> bool>(
 	cross_signing_key: &mut serde_json::Value, sender_user: Option<&UserId>, user_id: &UserId, allowed_signatures: F,
 ) -> Result<(), Error> {
 	if let Some(signatures) = cross_signing_key