Add a config option to block all room invites (#2457)

- allows sysadmins the ability to lock down their servers so that people can't send their users room invites.
author: Richard van der Hoff <github@rvanderhoff.org.uk> 2017-09-19 16:08:14 +0100
committer: GitHub <noreply@github.com> 2017-09-19 16:08:14 +0100
commit: aa620d09a01c226d7a6fbc0d839d8abd347a2b2e (patch)
tree: 497fc7af84c9a510e19bbff34e142cf6a799c52b /synapse/handlers/room_member.py
parent: add some comments to on_exchange_third_party_invite_request (diff)
download: synapse-aa620d09a01c226d7a6fbc0d839d8abd347a2b2e.tar.xz
1 files changed, 22 insertions, 0 deletions
diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py
index b3f979b246..9a498c2d3e 100644
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@@ -191,6 +191,8 @@ class RoomMemberHandler(BaseHandler):
         if action in ["kick", "unban"]:
             effective_membership_state = "leave"
 
+        # if this is a join with a 3pid signature, we may need to turn a 3pid
+        # invite into a normal invite before we can handle the join.
         if third_party_signed is not None:
             replication = self.hs.get_replication_layer()
             yield replication.exchange_third_party_invite(
@@ -208,6 +210,16 @@ class RoomMemberHandler(BaseHandler):
             if is_blocked:
                 raise SynapseError(403, "This room has been blocked on this server")
 
+        if (effective_membership_state == "invite" and
+                self.hs.config.block_non_admin_invites):
+            is_requester_admin = yield self.auth.is_server_admin(
+                requester.user,
+            )
+            if not is_requester_admin:
+                raise SynapseError(
+                    403, "Invites have been disabled on this server",
+                )
+
         latest_event_ids = yield self.store.get_latest_event_ids_in_room(room_id)
         current_state_ids = yield self.state_handler.get_current_state_ids(
             room_id, latest_event_ids=latest_event_ids,
@@ -471,6 +483,16 @@ class RoomMemberHandler(BaseHandler):
             requester,
             txn_id
     ):
+        if self.hs.config.block_non_admin_invites:
+            is_requester_admin = yield self.auth.is_server_admin(
+                requester.user,
+            )
+            if not is_requester_admin:
+                raise SynapseError(
+                    403, "Invites have been disabled on this server",
+                    Codes.FORBIDDEN,
+                )
+
         invitee = yield self._lookup_3pid(
             id_server, medium, address
         )
author	Richard van der Hoff <github@rvanderhoff.org.uk>	2017-09-19 16:08:14 +0100
committer	GitHub <noreply@github.com>	2017-09-19 16:08:14 +0100
commit	aa620d09a01c226d7a6fbc0d839d8abd347a2b2e (patch)
tree	497fc7af84c9a510e19bbff34e142cf6a799c52b /synapse/handlers/room_member.py
parent	add some comments to on_exchange_third_party_invite_request (diff)
download	synapse-aa620d09a01c226d7a6fbc0d839d8abd347a2b2e.tar.xz