ensure post registration auth checks do not fail erroneously

This commit is contained in:
Neil Johnson 2018-08-31 15:42:51 +01:00
parent 3d6aa06577
commit 09f3cf1a7e
4 changed files with 24 additions and 6 deletions

View file

@ -809,11 +809,8 @@ class Auth(object):
elif threepid:
# If the user does not exist yet, but is signing up with a
# reserved threepid then pass auth check
for tp in self.hs.config.mau_limits_reserved_threepids:
if (threepid['medium'] == tp['medium']
and threepid['address'] == tp['address']):
return
if is_threepid_reserved(threepid):
return
# Else if there is no room in the MAU bucket, bail
current_mau = yield self.store.get_monthly_active_count()
if current_mau >= self.hs.config.max_mau_value:

View file

@ -291,6 +291,10 @@ class RegisterRestServlet(ClientV1RestServlet):
password=password,
threepid=threepid,
)
# Necessary due to auth checks prior to the threepid being
# written to the db
if self.store.is_threepid_reserved(threepid):
self.store.upsert_monthly_active_user(registered_user_id)
if session[LoginType.EMAIL_IDENTITY]:
logger.debug("Binding emails %s to %s" % (

View file

@ -406,6 +406,10 @@ class RegisterRestServlet(RestServlet):
generate_token=False,
threepid=threepid,
)
# Necessary due to auth checks prior to the threepid being
# written to the db
if self.store.is_threepid_reserved(threepid):
self.store.upsert_monthly_active_user(registered_user_id)
# remember that we've now registered that user account, and with
# what user ID (since the user may not have specified)

View file

@ -36,7 +36,6 @@ class MonthlyActiveUsersStore(SQLBaseStore):
@defer.inlineCallbacks
def initialise_reserved_users(self, threepids):
# TODO Why can't I do this in init?
store = self.hs.get_datastore()
reserved_user_list = []
@ -220,3 +219,17 @@ class MonthlyActiveUsersStore(SQLBaseStore):
yield self.upsert_monthly_active_user(user_id)
elif now - last_seen_timestamp > LAST_SEEN_GRANULARITY:
yield self.upsert_monthly_active_user(user_id)
def is_threepid_reserved(self, threepid):
"""Check the threepid against the reserved threepid config
Args:
threepid(dict) - The threepid to test for
Returns:
boolean Is the threepid undertest reserved_user
"""
for tp in self.hs.config.mau_limits_reserved_threepids:
if (threepid['medium'] == tp['medium']
and threepid['address'] == tp['address']):
return True
else:
return False