summary refs log tree commit diff
path: root/synapse/handlers
diff options
context:
space:
mode:
authorDavid Baker <dave@matrix.org>2017-10-04 10:47:54 +0100
committerDavid Baker <dave@matrix.org>2017-10-04 10:47:54 +0100
commit197c14dbcfa9bc5bb281833a91ee035cb154216d (patch)
treed3722c194baf40119b93c3e6bf4d4ba7accf60fc /synapse/handlers
parentMerge pull request #2492 from matrix-org/dbkr/spam_check_invites (diff)
downloadsynapse-197c14dbcfa9bc5bb281833a91ee035cb154216d.tar.xz
Add room creation checks to spam checker
Lets the spam checker deny attempts to create rooms and add aliases
to them.
Diffstat (limited to 'synapse/handlers')
-rw-r--r--synapse/handlers/directory.py7
-rw-r--r--synapse/handlers/room.py8
2 files changed, 15 insertions, 0 deletions
diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py
index 943554ce98..ed18bb20bb 100644
--- a/synapse/handlers/directory.py
+++ b/synapse/handlers/directory.py
@@ -40,6 +40,8 @@ class DirectoryHandler(BaseHandler):
             "directory", self.on_directory_query
         )
 
+        self.spam_checker = hs.get_spam_checker()
+
     @defer.inlineCallbacks
     def _create_association(self, room_alias, room_id, servers=None, creator=None):
         # general association creation for both human users and app services
@@ -73,6 +75,11 @@ class DirectoryHandler(BaseHandler):
         # association creation for human users
         # TODO(erikj): Do user auth.
 
+        if not self.spam_checker.user_may_create_room_alias(user_id, room_alias):
+            raise SynapseError(
+                403, "This user is not permitted to create this alias",
+            )
+
         can_create = yield self.can_modify_alias(
             room_alias,
             user_id=user_id
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py
index 5698d28088..f909ea04f0 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -60,6 +60,11 @@ class RoomCreationHandler(BaseHandler):
         },
     }
 
+    def __init__(self, hs):
+        super(RoomCreationHandler, self).__init__(hs)
+
+        self.spam_checker = hs.get_spam_checker()
+
     @defer.inlineCallbacks
     def create_room(self, requester, config, ratelimit=True):
         """ Creates a new room.
@@ -75,6 +80,9 @@ class RoomCreationHandler(BaseHandler):
         """
         user_id = requester.user.to_string()
 
+        if not self.spam_checker.user_may_create_room(user_id):
+                raise SynapseError(403, "You are not permitted to create rooms")
+
         if ratelimit:
             yield self.ratelimit(requester)