diff options
author | Erik Johnston <erik@matrix.org> | 2018-08-20 14:49:43 +0100 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2018-08-20 14:49:43 +0100 |
commit | 4d664278afc044e0d6118de4e22bccbf5464402c (patch) | |
tree | 58a6364007ecfbdb6f51f997bbd86f4e538dd8ef /synapse/api/auth.py | |
parent | Remove redundant room_version checks (diff) | |
parent | Merge pull request #3719 from matrix-org/erikj/use_cache_fact (diff) | |
download | synapse-4d664278afc044e0d6118de4e22bccbf5464402c.tar.xz |
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/refactor_state_handler
Diffstat (limited to 'synapse/api/auth.py')
-rw-r--r-- | synapse/api/auth.py | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 9c62ec4374..022211e34e 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -25,7 +25,7 @@ from twisted.internet import defer import synapse.types from synapse import event_auth from synapse.api.constants import EventTypes, JoinRules, Membership -from synapse.api.errors import AuthError, Codes +from synapse.api.errors import AuthError, Codes, ResourceLimitError from synapse.types import UserID from synapse.util.caches import CACHE_SIZE_FACTOR, register_cache from synapse.util.caches.lrucache import LruCache @@ -775,17 +775,34 @@ class Auth(object): ) @defer.inlineCallbacks - def check_auth_blocking(self): + def check_auth_blocking(self, user_id=None): """Checks if the user should be rejected for some external reason, such as monthly active user limiting or global disable flag + + Args: + user_id(str|None): If present, checks for presence against existing + MAU cohort """ if self.hs.config.hs_disabled: - raise AuthError( - 403, self.hs.config.hs_disabled_message, errcode=Codes.HS_DISABLED + raise ResourceLimitError( + 403, self.hs.config.hs_disabled_message, + errcode=Codes.RESOURCE_LIMIT_EXCEED, + admin_uri=self.hs.config.admin_uri, + limit_type=self.hs.config.hs_disabled_limit_type ) if self.hs.config.limit_usage_by_mau is True: + # If the user is already part of the MAU cohort + if user_id: + timestamp = yield self.store.user_last_seen_monthly_active(user_id) + if timestamp: + return + # Else if there is no room in the MAU bucket, bail current_mau = yield self.store.get_monthly_active_count() if current_mau >= self.hs.config.max_mau_value: - raise AuthError( - 403, "MAU Limit Exceeded", errcode=Codes.MAU_LIMIT_EXCEEDED + raise ResourceLimitError( + 403, "Monthly Active User Limit Exceeded", + + admin_uri=self.hs.config.admin_uri, + errcode=Codes.RESOURCE_LIMIT_EXCEED, + limit_type="monthly_active_user" ) |