Allow unhiding events that the C-S API filters away by default

2023-02-12 14:54:24 +02:00 · 2023-02-12 14:54:24 +02:00 · 069401d09d
commit 069401d09d
parent b095b239ac
3 changed files with 12 additions and 2 deletions
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@ -1183,7 +1183,6 @@ class SyncHandler:
            for e in await sync_config.filter_collection.filter_room_state(
                list(state.values())
            )
-            if e.type != EventTypes.Aliases  # until MSC2261 or alternative solution
        }

    async def _find_missing_partial_state_memberships(
--- a/synapse/storage/controllers/init.py
+++ b/synapse/storage/controllers/init.py
@ -38,6 +38,7 @@ class StorageControllers:
        # rewrite all the existing code to split it into high vs low level
        # interfaces.
        self.main = stores.main
+        self.hs = hs

        self.purge_events = PurgeEventsStorageController(hs, stores)
        self.state = StateStorageController(hs, stores)
--- a/synapse/visibility.py
+++ b/synapse/visibility.py
@ -126,6 +126,10 @@ async def filter_events_for_client(
                room_id
            ] = await storage.main.get_retention_policy_for_room(room_id)

+    # meow: let admins see secret events like org.matrix.dummy_event, m.room.aliases
+    #       and events expired by the retention policy.
+    filter_override = user_id in storage.hs.config.meow.filter_override
+
    def allowed(event: EventBase) -> Optional[EventBase]:
        return _check_client_allowed_to_see_event(
            user_id=user_id,
@ -138,6 +142,7 @@ async def filter_events_for_client(
            state=event_id_to_state.get(event.event_id),
            is_peeking=is_peeking,
            sender_erased=erased_senders.get(event.sender, False),
+            filter_override=filter_override,
        )

    # Check each event: gives an iterable of None or (a potentially modified)
@ -285,6 +290,7 @@ def _check_client_allowed_to_see_event(
    retention_policy: RetentionPolicy,
    state: Optional[StateMap[EventBase]],
    sender_erased: bool,
+    filter_override: bool,
 ) -> Optional[EventBase]:
    """Check with the given user is allowed to see the given event

@ -301,6 +307,7 @@ def _check_client_allowed_to_see_event(
        retention_policy: The retention policy of the room
        state: The state at the event, unless its an outlier
        sender_erased: Whether the event sender has been marked as "erased"
+        filter_override: meow

    Returns:
        None if the user cannot see this event at all
@ -314,7 +321,7 @@ def _check_client_allowed_to_see_event(
    # because, if this is not the case, we're probably only checking if the users can
    # see events in the room at that point in the DAG, and that shouldn't be decided
    # on those checks.
-    if filter_send_to_client:
+    if filter_send_to_client and not filter_override:
        if (
            _check_filter_send_to_client(event, clock, retention_policy, sender_ignored)
            == _CheckFilter.DENIED
@ -324,6 +331,9 @@ def _check_client_allowed_to_see_event(
                event.event_id,
            )
            return None
+    # meow: even with filter_override, we want to filter ignored users
+    elif filter_send_to_client and not event.is_state() and sender_ignored:
+        return None

    if event.event_id in always_include_ids:
        return event