Communication: Matrix room membership + Community Membership

# Communication: Matrix room membership + Community Membership There are two levels of membership currently related to communications" * a user is a member of a community * a user is a member of a Matrix room The two sets of memberships are currently not in sync, with way too many users being assigned room membership. This becomes an issue as soon as we start sending out either Updates or Discussions message notifications. ## Usage Scenarios There are four scenarios that we need to consider separately: * **Reading**: A user that is authorized to READ messages from a Communication (either Updates or Discussion) * **Deleting**: A user is authorized to DELETE a message from a Communication * **Sending**: A user is authorized to SEND a message to a Communication * **Notifications**: A notification event is triggered as something happened to a Communication a User cares about Note that for Reading, Deleting and Sending the user action goes through the GraphQL api (for now). Note that for the Notifications it is the Matrix engine that is the originator of the event, so it is only for the Notifications that the membership of the Matrix Room is key. ## Proposed updates The following updates are proposed: * All Reading to be done using the Matrix Admin account * Note that this is key as we allow far wider reading of the contents of Communication than the membership of the associated Community. * Remove all usages of the functionality for "ensuring that a user has access to all rooms in a Communication" * All Matrix room membership to be done at the point when the user is added / removed from a Community * Sending can only be done by Users that are members of a Matrix Room. * If this fails then something is broken, and it *should* trigger an error * The Deletion for now is done using the Matrix Admin account. * This is not ideal as it means that the Matrix room no longer knows what User removed the message * To be investigated how to give a User temporary elevated permission. * Create the following Admin functionality: * Compare the membership of the Matrix Rooms with the Community membership * Fix memberhip of Matrix Rooms to match Community membership ## Open questions * How to await user Room membership? * Note that this may no longer be relevant if room membership is done at the point of a User joining a Community, as all the Reading is done using the admin account. ## MyRooms needs to use own identity