summary refs log tree commit diff
diff options
context:
space:
mode:
authorCaleb James DeLisle <cjd@cjdns.fr>2017-06-23 13:01:04 +0200
committerCaleb James DeLisle <cjd@cjdns.fr>2017-06-23 13:01:04 +0200
commit1591eddaea779d2805afb1acc102630a8e580f0d (patch)
tree409d544263d05f48766823b9d7ad0a90da74c1ea
parentMerge pull request #2297 from matrix-org/erikj/user_dir_fix (diff)
downloadsynapse-1591eddaea779d2805afb1acc102630a8e580f0d.tar.xz
Add configuration parameter to allow redaction of content from push messages for google/apple devices
Diffstat (limited to '')
-rw-r--r--synapse/config/homeserver.py3
-rw-r--r--synapse/config/pushconfig.py40
-rw-r--r--synapse/push/httppusher.py2
3 files changed, 43 insertions, 2 deletions
diff --git a/synapse/config/homeserver.py b/synapse/config/homeserver.py
index 0f890fc04a..327c7e4fc6 100644
--- a/synapse/config/homeserver.py
+++ b/synapse/config/homeserver.py
@@ -33,6 +33,7 @@ from .jwt import JWTConfig
 from .password_auth_providers import PasswordAuthProviderConfig
 from .emailconfig import EmailConfig
 from .workers import WorkerConfig
+from .pushconfig import PushConfig
 
 
 class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig,
@@ -40,7 +41,7 @@ class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig,
                        VoipConfig, RegistrationConfig, MetricsConfig, ApiConfig,
                        AppServiceConfig, KeyConfig, SAML2Config, CasConfig,
                        JWTConfig, PasswordConfig, EmailConfig,
-                       WorkerConfig, PasswordAuthProviderConfig,):
+                       WorkerConfig, PasswordAuthProviderConfig, PushConfig,):
     pass
 
 
diff --git a/synapse/config/pushconfig.py b/synapse/config/pushconfig.py
new file mode 100644
index 0000000000..afe8aba0a8
--- /dev/null
+++ b/synapse/config/pushconfig.py
@@ -0,0 +1,40 @@
+# -*- coding: utf-8 -*-
+# Copyright 2015, 2016 OpenMarket Ltd
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This file can't be called email.py because if it is, we cannot:
+import email.utils
+
+from ._base import Config
+
+
+class PushConfig(Config):
+    def read_config(self, config):
+        self.push_redact_content = False
+
+        push_config = config.get("email", {})
+        self.push_redact_content = push_config.get("redact_content", False)
+
+    def default_config(self, config_dir_path, server_name, **kwargs):
+        return """
+        # Control how push messages are sent to google/apple to notifications.
+        # Normally every message is posted to a push server hosted by matrix.org
+        # which is registered with google and apple in order to allow push
+        # notifications to be sent to mobile devices.
+        # Setting redact_content to true will make the push messages contain no
+        # message content which will provide increased privacy.
+        #
+        #push:
+        #   redact_content: false
+        """
diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py
index c0f8176e3d..f3f872895a 100644
--- a/synapse/push/httppusher.py
+++ b/synapse/push/httppusher.py
@@ -275,7 +275,7 @@ class HttpPusher(object):
         if event.type == 'm.room.member':
             d['notification']['membership'] = event.content['membership']
             d['notification']['user_is_target'] = event.state_key == self.user_id
-        if 'content' in event:
+        if not hs.config.push_redact_content and 'content' in event:
             d['notification']['content'] = event.content
 
         # We no longer send aliases separately, instead, we send the human