Do not allow send_nonmember_event to be called with shadow-banned users. (#8158)

2020-08-25 10:52:15 -04:00 · 2020-08-25 10:52:15 -04:00 · 5099bd68da
parent 6e1c64a668
commit 5099bd68da
2 changed files with 35 additions and 5 deletions
--- a/changelog.d/8158.feature
+++ b/changelog.d/8158.feature
@ -0,0 +1 @@
+ Add support for shadow-banning users (ignoring any message send requests).
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@ -647,24 +647,35 @@ class EventCreationHandler(object):
        event: EventBase,
        context: EventContext,
        ratelimit: bool = True,
+        ignore_shadow_ban: bool = False,
    ) -> int:
        """
        Persists and notifies local clients and federation of an event.

        Args:
-            requester
-            event the event to send.
-            context: the context of the event.
+            requester: The requester sending the event.
+            event: The event to send.
+            context: The context of the event.
            ratelimit: Whether to rate limit this send.
+            ignore_shadow_ban: True if shadow-banned users should be allowed to
+                send this event.

        Return:
            The stream_id of the persisted event.
+
+        Raises:
+            ShadowBanError if the requester has been shadow-banned.
        """
        if event.type == EventTypes.Member:
            raise SynapseError(
                500, "Tried to send member event through non-member codepath"
            )

+        if not ignore_shadow_ban and requester.shadow_banned:
+            # We randomly sleep a bit just to annoy the requester.
+            await self.clock.sleep(random.randint(1, 10))
+            raise ShadowBanError()
+
        user = UserID.from_string(event.sender)

        assert self.hs.is_mine(user), "User must be our own: %s" % (user,)
@ -725,6 +736,14 @@ class EventCreationHandler(object):

        See self.create_event and self.send_nonmember_event.

+        Args:
+            requester: The requester sending the event.
+            event_dict: An entire event.
+            ratelimit: Whether to rate limit this send.
+            txn_id: The transaction ID.
+            ignore_shadow_ban: True if shadow-banned users should be allowed to
+                send this event.
+
        Raises:
            ShadowBanError if the requester has been shadow-banned.
        """
@ -750,7 +769,11 @@ class EventCreationHandler(object):
                raise SynapseError(403, spam_error, Codes.FORBIDDEN)

            stream_id = await self.send_nonmember_event(
-                requester, event, context, ratelimit=ratelimit
+                requester,
+                event,
+                context,
+                ratelimit=ratelimit,
+                ignore_shadow_ban=ignore_shadow_ban,
            )
        return event, stream_id

@ -1190,8 +1213,14 @@ class EventCreationHandler(object):

                    event.internal_metadata.proactively_send = False

+                    # Since this is a dummy-event it is OK if it is sent by a
+                    # shadow-banned user.
                    await self.send_nonmember_event(
-                        requester, event, context, ratelimit=False
+                        requester,
+                        event,
+                        context,
+                        ratelimit=False,
+                        ignore_shadow_ban=True,
                    )
                    dummy_event_sent = True
                    break
				`@ -0,0 +1 @@`
				`Add support for shadow-banning users (ignoring any message send requests).`