diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py
index 302efc1b9a..0cb8fad89a 100644
--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@@ -14,10 +14,7 @@
# limitations under the License.
import logging
-
-from six import raise_from
-
-from twisted.internet import defer
+import random
from synapse.api.errors import (
AuthError,
@@ -56,16 +53,15 @@ class BaseProfileHandler(BaseHandler):
self.user_directory_handler = hs.get_user_directory_handler()
- @defer.inlineCallbacks
- def get_profile(self, user_id):
+ async def get_profile(self, user_id):
target_user = UserID.from_string(user_id)
if self.hs.is_mine(target_user):
try:
- displayname = yield self.store.get_profile_displayname(
+ displayname = await self.store.get_profile_displayname(
target_user.localpart
)
- avatar_url = yield self.store.get_profile_avatar_url(
+ avatar_url = await self.store.get_profile_avatar_url(
target_user.localpart
)
except StoreError as e:
@@ -76,7 +72,7 @@ class BaseProfileHandler(BaseHandler):
return {"displayname": displayname, "avatar_url": avatar_url}
else:
try:
- result = yield self.federation.make_query(
+ result = await self.federation.make_query(
destination=target_user.domain,
query_type="profile",
args={"user_id": user_id},
@@ -84,12 +80,11 @@ class BaseProfileHandler(BaseHandler):
)
return result
except RequestSendFailed as e:
- raise_from(SynapseError(502, "Failed to fetch profile"), e)
+ raise SynapseError(502, "Failed to fetch profile") from e
except HttpResponseException as e:
raise e.to_synapse_error()
- @defer.inlineCallbacks
- def get_profile_from_cache(self, user_id):
+ async def get_profile_from_cache(self, user_id):
"""Get the profile information from our local cache. If the user is
ours then the profile information will always be corect. Otherwise,
it may be out of date/missing.
@@ -97,10 +92,10 @@ class BaseProfileHandler(BaseHandler):
target_user = UserID.from_string(user_id)
if self.hs.is_mine(target_user):
try:
- displayname = yield self.store.get_profile_displayname(
+ displayname = await self.store.get_profile_displayname(
target_user.localpart
)
- avatar_url = yield self.store.get_profile_avatar_url(
+ avatar_url = await self.store.get_profile_avatar_url(
target_user.localpart
)
except StoreError as e:
@@ -110,14 +105,13 @@ class BaseProfileHandler(BaseHandler):
return {"displayname": displayname, "avatar_url": avatar_url}
else:
- profile = yield self.store.get_from_remote_profile_cache(user_id)
+ profile = await self.store.get_from_remote_profile_cache(user_id)
return profile or {}
- @defer.inlineCallbacks
- def get_displayname(self, target_user):
+ async def get_displayname(self, target_user):
if self.hs.is_mine(target_user):
try:
- displayname = yield self.store.get_profile_displayname(
+ displayname = await self.store.get_profile_displayname(
target_user.localpart
)
except StoreError as e:
@@ -128,14 +122,14 @@ class BaseProfileHandler(BaseHandler):
return displayname
else:
try:
- result = yield self.federation.make_query(
+ result = await self.federation.make_query(
destination=target_user.domain,
query_type="profile",
args={"user_id": target_user.to_string(), "field": "displayname"},
ignore_backoff=True,
)
except RequestSendFailed as e:
- raise_from(SynapseError(502, "Failed to fetch profile"), e)
+ raise SynapseError(502, "Failed to fetch profile") from e
except HttpResponseException as e:
raise e.to_synapse_error()
@@ -167,6 +161,9 @@ class BaseProfileHandler(BaseHandler):
Codes.FORBIDDEN,
)
+ if not isinstance(new_displayname, str):
+ raise SynapseError(400, "Invalid displayname")
+
if len(new_displayname) > MAX_DISPLAYNAME_LEN:
raise SynapseError(
400, "Displayname is too long (max %i)" % (MAX_DISPLAYNAME_LEN,)
@@ -191,11 +188,10 @@ class BaseProfileHandler(BaseHandler):
await self._update_join_states(requester, target_user)
- @defer.inlineCallbacks
- def get_avatar_url(self, target_user):
+ async def get_avatar_url(self, target_user):
if self.hs.is_mine(target_user):
try:
- avatar_url = yield self.store.get_profile_avatar_url(
+ avatar_url = await self.store.get_profile_avatar_url(
target_user.localpart
)
except StoreError as e:
@@ -205,14 +201,14 @@ class BaseProfileHandler(BaseHandler):
return avatar_url
else:
try:
- result = yield self.federation.make_query(
+ result = await self.federation.make_query(
destination=target_user.domain,
query_type="profile",
args={"user_id": target_user.to_string(), "field": "avatar_url"},
ignore_backoff=True,
)
except RequestSendFailed as e:
- raise_from(SynapseError(502, "Failed to fetch profile"), e)
+ raise SynapseError(502, "Failed to fetch profile") from e
except HttpResponseException as e:
raise e.to_synapse_error()
@@ -221,8 +217,14 @@ class BaseProfileHandler(BaseHandler):
async def set_avatar_url(
self, target_user, requester, new_avatar_url, by_admin=False
):
- """target_user is the user whose avatar_url is to be changed;
- auth_user is the user attempting to make this change."""
+ """Set a new avatar URL for a user.
+
+ Args:
+ target_user (UserID): the user whose avatar URL is to be changed.
+ requester (Requester): The user attempting to make this change.
+ new_avatar_url (str): The avatar URL to give this user.
+ by_admin (bool): Whether this change was made by an administrator.
+ """
if not self.hs.is_mine(target_user):
raise SynapseError(400, "User is not hosted on this homeserver")
@@ -236,6 +238,9 @@ class BaseProfileHandler(BaseHandler):
400, "Changing avatar is disabled on this server", Codes.FORBIDDEN
)
+ if not isinstance(new_avatar_url, str):
+ raise SynapseError(400, "Invalid displayname")
+
if len(new_avatar_url) > MAX_AVATAR_URL_LEN:
raise SynapseError(
400, "Avatar URL is too long (max %i)" % (MAX_AVATAR_URL_LEN,)
@@ -255,8 +260,7 @@ class BaseProfileHandler(BaseHandler):
await self._update_join_states(requester, target_user)
- @defer.inlineCallbacks
- def on_profile_query(self, args):
+ async def on_profile_query(self, args):
user = UserID.from_string(args["user_id"])
if not self.hs.is_mine(user):
raise SynapseError(400, "User is not hosted on this homeserver")
@@ -266,12 +270,12 @@ class BaseProfileHandler(BaseHandler):
response = {}
try:
if just_field is None or just_field == "displayname":
- response["displayname"] = yield self.store.get_profile_displayname(
+ response["displayname"] = await self.store.get_profile_displayname(
user.localpart
)
if just_field is None or just_field == "avatar_url":
- response["avatar_url"] = yield self.store.get_profile_avatar_url(
+ response["avatar_url"] = await self.store.get_profile_avatar_url(
user.localpart
)
except StoreError as e:
@@ -287,6 +291,12 @@ class BaseProfileHandler(BaseHandler):
await self.ratelimit(requester)
+ # Do not actually update the room state for shadow-banned users.
+ if requester.shadow_banned:
+ # We randomly sleep a bit just to annoy the requester.
+ await self.clock.sleep(random.randint(1, 10))
+ return
+
room_ids = await self.store.get_rooms_for_user(target_user.to_string())
for room_id in room_ids:
@@ -306,8 +316,7 @@ class BaseProfileHandler(BaseHandler):
"Failed to update join event for room %s - %s", room_id, str(e)
)
- @defer.inlineCallbacks
- def check_profile_query_allowed(self, target_user, requester=None):
+ async def check_profile_query_allowed(self, target_user, requester=None):
"""Checks whether a profile query is allowed. If the
'require_auth_for_profile_requests' config flag is set to True and a
'requester' is provided, the query is only allowed if the two users
@@ -339,8 +348,8 @@ class BaseProfileHandler(BaseHandler):
return
try:
- requester_rooms = yield self.store.get_rooms_for_user(requester.to_string())
- target_user_rooms = yield self.store.get_rooms_for_user(
+ requester_rooms = await self.store.get_rooms_for_user(requester.to_string())
+ target_user_rooms = await self.store.get_rooms_for_user(
target_user.to_string()
)
@@ -373,25 +382,24 @@ class MasterProfileHandler(BaseProfileHandler):
"Update remote profile", self._update_remote_profile_cache
)
- @defer.inlineCallbacks
- def _update_remote_profile_cache(self):
+ async def _update_remote_profile_cache(self):
"""Called periodically to check profiles of remote users we haven't
checked in a while.
"""
- entries = yield self.store.get_remote_profile_cache_entries_that_expire(
+ entries = await self.store.get_remote_profile_cache_entries_that_expire(
last_checked=self.clock.time_msec() - self.PROFILE_UPDATE_EVERY_MS
)
for user_id, displayname, avatar_url in entries:
- is_subscribed = yield self.store.is_subscribed_remote_profile_for_user(
+ is_subscribed = await self.store.is_subscribed_remote_profile_for_user(
user_id
)
if not is_subscribed:
- yield self.store.maybe_delete_remote_profile_cache(user_id)
+ await self.store.maybe_delete_remote_profile_cache(user_id)
continue
try:
- profile = yield self.federation.make_query(
+ profile = await self.federation.make_query(
destination=get_domain_from_id(user_id),
query_type="profile",
args={"user_id": user_id},
@@ -400,7 +408,7 @@ class MasterProfileHandler(BaseProfileHandler):
except Exception:
logger.exception("Failed to get avatar_url")
- yield self.store.update_remote_profile_cache(
+ await self.store.update_remote_profile_cache(
user_id, displayname, avatar_url
)
continue
@@ -409,4 +417,4 @@ class MasterProfileHandler(BaseProfileHandler):
new_avatar = profile.get("avatar_url")
# We always hit update to update the last_check timestamp
- yield self.store.update_remote_profile_cache(user_id, new_name, new_avatar)
+ await self.store.update_remote_profile_cache(user_id, new_name, new_avatar)
|
