Do not allow send_nonmember_event to be called with shadow-banned users. (#8158)

This commit is contained in:
Patrick Cloke 2020-08-25 10:52:15 -04:00 committed by GitHub
parent 6e1c64a668
commit 5099bd68da
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 5 deletions

1
changelog.d/8158.feature Normal file
View file

@ -0,0 +1 @@
Add support for shadow-banning users (ignoring any message send requests).

View file

@ -647,24 +647,35 @@ class EventCreationHandler(object):
event: EventBase, event: EventBase,
context: EventContext, context: EventContext,
ratelimit: bool = True, ratelimit: bool = True,
ignore_shadow_ban: bool = False,
) -> int: ) -> int:
""" """
Persists and notifies local clients and federation of an event. Persists and notifies local clients and federation of an event.
Args: Args:
requester requester: The requester sending the event.
event the event to send. event: The event to send.
context: the context of the event. context: The context of the event.
ratelimit: Whether to rate limit this send. ratelimit: Whether to rate limit this send.
ignore_shadow_ban: True if shadow-banned users should be allowed to
send this event.
Return: Return:
The stream_id of the persisted event. The stream_id of the persisted event.
Raises:
ShadowBanError if the requester has been shadow-banned.
""" """
if event.type == EventTypes.Member: if event.type == EventTypes.Member:
raise SynapseError( raise SynapseError(
500, "Tried to send member event through non-member codepath" 500, "Tried to send member event through non-member codepath"
) )
if not ignore_shadow_ban and requester.shadow_banned:
# We randomly sleep a bit just to annoy the requester.
await self.clock.sleep(random.randint(1, 10))
raise ShadowBanError()
user = UserID.from_string(event.sender) user = UserID.from_string(event.sender)
assert self.hs.is_mine(user), "User must be our own: %s" % (user,) assert self.hs.is_mine(user), "User must be our own: %s" % (user,)
@ -725,6 +736,14 @@ class EventCreationHandler(object):
See self.create_event and self.send_nonmember_event. See self.create_event and self.send_nonmember_event.
Args:
requester: The requester sending the event.
event_dict: An entire event.
ratelimit: Whether to rate limit this send.
txn_id: The transaction ID.
ignore_shadow_ban: True if shadow-banned users should be allowed to
send this event.
Raises: Raises:
ShadowBanError if the requester has been shadow-banned. ShadowBanError if the requester has been shadow-banned.
""" """
@ -750,7 +769,11 @@ class EventCreationHandler(object):
raise SynapseError(403, spam_error, Codes.FORBIDDEN) raise SynapseError(403, spam_error, Codes.FORBIDDEN)
stream_id = await self.send_nonmember_event( stream_id = await self.send_nonmember_event(
requester, event, context, ratelimit=ratelimit requester,
event,
context,
ratelimit=ratelimit,
ignore_shadow_ban=ignore_shadow_ban,
) )
return event, stream_id return event, stream_id
@ -1190,8 +1213,14 @@ class EventCreationHandler(object):
event.internal_metadata.proactively_send = False event.internal_metadata.proactively_send = False
# Since this is a dummy-event it is OK if it is sent by a
# shadow-banned user.
await self.send_nonmember_event( await self.send_nonmember_event(
requester, event, context, ratelimit=False requester,
event,
context,
ratelimit=False,
ignore_shadow_ban=True,
) )
dummy_event_sent = True dummy_event_sent = True
break break