From b07561405cc1722774401f8c8a485839b90289e8 Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Sun, 12 Feb 2023 14:54:24 +0200
Subject: [PATCH] Allow unhiding events that the C-S API filters away by
 default

---
 synapse/handlers/sync.py                |  1 -
 synapse/storage/controllers/__init__.py |  1 +
 synapse/visibility.py                   | 12 +++++++++++-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/synapse/handlers/sync.py b/synapse/handlers/sync.py
index 9122a79b4..7e214f919 100644
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@@ -1242,7 +1242,6 @@ class SyncHandler:
             for e in await sync_config.filter_collection.filter_room_state(
                 list(state.values())
             )
-            if e.type != EventTypes.Aliases  # until MSC2261 or alternative solution
         }
 
     async def _find_missing_partial_state_memberships(
diff --git a/synapse/storage/controllers/__init__.py b/synapse/storage/controllers/__init__.py
index 5ba848efb..17449b7fc 100644
--- a/synapse/storage/controllers/__init__.py
+++ b/synapse/storage/controllers/__init__.py
@@ -45,6 +45,7 @@ class StorageControllers:
         # rewrite all the existing code to split it into high vs low level
         # interfaces.
         self.main = stores.main
+        self.hs = hs
 
         self.purge_events = PurgeEventsStorageController(hs, stores)
         self.state = StateStorageController(hs, stores)
diff --git a/synapse/visibility.py b/synapse/visibility.py
index e58f649aa..6e1f93d2c 100644
--- a/synapse/visibility.py
+++ b/synapse/visibility.py
@@ -133,6 +133,10 @@ async def filter_events_for_client(
                 room_id
             ] = await storage.main.get_retention_policy_for_room(room_id)
 
+    # meow: let admins see secret events like org.matrix.dummy_event, m.room.aliases
+    #       and events expired by the retention policy.
+    filter_override = user_id in storage.hs.config.meow.filter_override
+
     def allowed(event: EventBase) -> Optional[EventBase]:
         return _check_client_allowed_to_see_event(
             user_id=user_id,
@@ -145,6 +149,7 @@ async def filter_events_for_client(
             state=event_id_to_state.get(event.event_id),
             is_peeking=is_peeking,
             sender_erased=erased_senders.get(event.sender, False),
+            filter_override=filter_override,
         )
 
     # Check each event: gives an iterable of None or (a potentially modified)
@@ -292,6 +297,7 @@ def _check_client_allowed_to_see_event(
     retention_policy: RetentionPolicy,
     state: Optional[StateMap[EventBase]],
     sender_erased: bool,
+    filter_override: bool,
 ) -> Optional[EventBase]:
     """Check with the given user is allowed to see the given event
 
@@ -308,6 +314,7 @@ def _check_client_allowed_to_see_event(
         retention_policy: The retention policy of the room
         state: The state at the event, unless its an outlier
         sender_erased: Whether the event sender has been marked as "erased"
+        filter_override: meow
 
     Returns:
         None if the user cannot see this event at all
@@ -321,7 +328,7 @@ def _check_client_allowed_to_see_event(
     # because, if this is not the case, we're probably only checking if the users can
     # see events in the room at that point in the DAG, and that shouldn't be decided
     # on those checks.
-    if filter_send_to_client:
+    if filter_send_to_client and not filter_override:
         if (
             _check_filter_send_to_client(event, clock, retention_policy, sender_ignored)
             == _CheckFilter.DENIED
@@ -331,6 +338,9 @@ def _check_client_allowed_to_see_event(
                 event.event_id,
             )
             return None
+    # meow: even with filter_override, we want to filter ignored users
+    elif filter_send_to_client and not event.is_state() and sender_ignored:
+        return None
 
     if event.event_id in always_include_ids:
         return event