forked from MirrorHub/synapse
Do not allow send_nonmember_event to be called with shadow-banned users. (#8158)
This commit is contained in:
parent
6e1c64a668
commit
5099bd68da
2 changed files with 35 additions and 5 deletions
1
changelog.d/8158.feature
Normal file
1
changelog.d/8158.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add support for shadow-banning users (ignoring any message send requests).
|
|
@ -647,24 +647,35 @@ class EventCreationHandler(object):
|
||||||
event: EventBase,
|
event: EventBase,
|
||||||
context: EventContext,
|
context: EventContext,
|
||||||
ratelimit: bool = True,
|
ratelimit: bool = True,
|
||||||
|
ignore_shadow_ban: bool = False,
|
||||||
) -> int:
|
) -> int:
|
||||||
"""
|
"""
|
||||||
Persists and notifies local clients and federation of an event.
|
Persists and notifies local clients and federation of an event.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
requester
|
requester: The requester sending the event.
|
||||||
event the event to send.
|
event: The event to send.
|
||||||
context: the context of the event.
|
context: The context of the event.
|
||||||
ratelimit: Whether to rate limit this send.
|
ratelimit: Whether to rate limit this send.
|
||||||
|
ignore_shadow_ban: True if shadow-banned users should be allowed to
|
||||||
|
send this event.
|
||||||
|
|
||||||
Return:
|
Return:
|
||||||
The stream_id of the persisted event.
|
The stream_id of the persisted event.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
ShadowBanError if the requester has been shadow-banned.
|
||||||
"""
|
"""
|
||||||
if event.type == EventTypes.Member:
|
if event.type == EventTypes.Member:
|
||||||
raise SynapseError(
|
raise SynapseError(
|
||||||
500, "Tried to send member event through non-member codepath"
|
500, "Tried to send member event through non-member codepath"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if not ignore_shadow_ban and requester.shadow_banned:
|
||||||
|
# We randomly sleep a bit just to annoy the requester.
|
||||||
|
await self.clock.sleep(random.randint(1, 10))
|
||||||
|
raise ShadowBanError()
|
||||||
|
|
||||||
user = UserID.from_string(event.sender)
|
user = UserID.from_string(event.sender)
|
||||||
|
|
||||||
assert self.hs.is_mine(user), "User must be our own: %s" % (user,)
|
assert self.hs.is_mine(user), "User must be our own: %s" % (user,)
|
||||||
|
@ -725,6 +736,14 @@ class EventCreationHandler(object):
|
||||||
|
|
||||||
See self.create_event and self.send_nonmember_event.
|
See self.create_event and self.send_nonmember_event.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
requester: The requester sending the event.
|
||||||
|
event_dict: An entire event.
|
||||||
|
ratelimit: Whether to rate limit this send.
|
||||||
|
txn_id: The transaction ID.
|
||||||
|
ignore_shadow_ban: True if shadow-banned users should be allowed to
|
||||||
|
send this event.
|
||||||
|
|
||||||
Raises:
|
Raises:
|
||||||
ShadowBanError if the requester has been shadow-banned.
|
ShadowBanError if the requester has been shadow-banned.
|
||||||
"""
|
"""
|
||||||
|
@ -750,7 +769,11 @@ class EventCreationHandler(object):
|
||||||
raise SynapseError(403, spam_error, Codes.FORBIDDEN)
|
raise SynapseError(403, spam_error, Codes.FORBIDDEN)
|
||||||
|
|
||||||
stream_id = await self.send_nonmember_event(
|
stream_id = await self.send_nonmember_event(
|
||||||
requester, event, context, ratelimit=ratelimit
|
requester,
|
||||||
|
event,
|
||||||
|
context,
|
||||||
|
ratelimit=ratelimit,
|
||||||
|
ignore_shadow_ban=ignore_shadow_ban,
|
||||||
)
|
)
|
||||||
return event, stream_id
|
return event, stream_id
|
||||||
|
|
||||||
|
@ -1190,8 +1213,14 @@ class EventCreationHandler(object):
|
||||||
|
|
||||||
event.internal_metadata.proactively_send = False
|
event.internal_metadata.proactively_send = False
|
||||||
|
|
||||||
|
# Since this is a dummy-event it is OK if it is sent by a
|
||||||
|
# shadow-banned user.
|
||||||
await self.send_nonmember_event(
|
await self.send_nonmember_event(
|
||||||
requester, event, context, ratelimit=False
|
requester,
|
||||||
|
event,
|
||||||
|
context,
|
||||||
|
ratelimit=False,
|
||||||
|
ignore_shadow_ban=True,
|
||||||
)
|
)
|
||||||
dummy_event_sent = True
|
dummy_event_sent = True
|
||||||
break
|
break
|
||||||
|
|
Loading…
Reference in a new issue