summary refs log tree commit diff
diff options
context:
space:
mode:
authorAndrew Morgan <andrew@amorgan.xyz>2021-04-20 16:41:37 +0100
committerAndrew Morgan <andrew@amorgan.xyz>2021-04-20 16:41:37 +0100
commitde2918f0cb5d0c6ae3e98b44ae2f3042be6fe6b9 (patch)
treef853d684ad2d21b81533cedfc9dbc9bb21cf8387
parentMerge commit 'ff5c4da12' into anoa/dinsic_release_1_31_0 (diff)
parentDon't MAU limit AS ghost users (diff)
downloadsynapse-de2918f0cb5d0c6ae3e98b44ae2f3042be6fe6b9.tar.xz
Merge commit '7932d4e9f' into anoa/dinsic_release_1_31_0
Diffstat
-rw-r--r--synapse/api/auth_blocking.py7


1 files changed, 7 insertions, 0 deletions
diff --git a/synapse/api/auth_blocking.py b/synapse/api/auth_blocking.py

index 9c227218e0..d8088f524a 100644
--- a/synapse/api/auth_blocking.py
+++ b/synapse/api/auth_blocking.py
@@ -36,6 +36,7 @@ class AuthBlocking:
         self._limit_usage_by_mau = hs.config.limit_usage_by_mau
         self._mau_limits_reserved_threepids = hs.config.mau_limits_reserved_threepids
         self._server_name = hs.hostname
+        self._track_appservice_user_ips = hs.config.appservice.track_appservice_user_ips
 
     async def check_auth_blocking(
         self,
@@ -76,6 +77,12 @@ class AuthBlocking:
                 # We never block the server from doing actions on behalf of
                 # users.
                 return
+            elif requester.app_service and not self._track_appservice_user_ips:
+                # If we're authenticated as an appservice then we only block
+                # auth if `track_appservice_user_ips` is set, as that option
+                # implicitly means that application services are part of MAU
+                # limits.
+                return
 
         # Never fail an auth check for the server notices users or support user
         # This can be a problem where event creation is prohibited due to blocking

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-25 12:52:17 +0000