diff options
author | David Baker <dbkr@users.noreply.github.com> | 2017-10-04 14:49:20 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-04 14:49:20 +0100 |
commit | 93b0cf7a991a94ca1ec009f8fe059758e79b648e (patch) | |
tree | deecafe01324a4d683327020a52e05fb68a3dd1d /synapse/handlers | |
parent | Merge pull request #2492 from matrix-org/dbkr/spam_check_invites (diff) | |
parent | spam check room publishing (diff) | |
download | synapse-93b0cf7a991a94ca1ec009f8fe059758e79b648e.tar.xz |
Merge pull request #2495 from matrix-org/dbkr/spam_check_room_creation
Add room creation checks to spam checker
Diffstat (limited to 'synapse/handlers')
-rw-r--r-- | synapse/handlers/directory.py | 15 | ||||
-rw-r--r-- | synapse/handlers/room.py | 8 |
2 files changed, 23 insertions, 0 deletions
diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py index 943554ce98..a0464ae5c0 100644 --- a/synapse/handlers/directory.py +++ b/synapse/handlers/directory.py @@ -40,6 +40,8 @@ class DirectoryHandler(BaseHandler): "directory", self.on_directory_query ) + self.spam_checker = hs.get_spam_checker() + @defer.inlineCallbacks def _create_association(self, room_alias, room_id, servers=None, creator=None): # general association creation for both human users and app services @@ -73,6 +75,11 @@ class DirectoryHandler(BaseHandler): # association creation for human users # TODO(erikj): Do user auth. + if not self.spam_checker.user_may_create_room_alias(user_id, room_alias): + raise SynapseError( + 403, "This user is not permitted to create this alias", + ) + can_create = yield self.can_modify_alias( room_alias, user_id=user_id @@ -327,6 +334,14 @@ class DirectoryHandler(BaseHandler): room_id (str) visibility (str): "public" or "private" """ + if not self.spam_checker.user_may_publish_room( + requester.user.to_string(), room_id + ): + raise AuthError( + 403, + "This user is not permitted to publish rooms to the room list" + ) + if requester.is_guest: raise AuthError(403, "Guests cannot edit the published room list") diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index 5698d28088..535ba9517c 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -60,6 +60,11 @@ class RoomCreationHandler(BaseHandler): }, } + def __init__(self, hs): + super(RoomCreationHandler, self).__init__(hs) + + self.spam_checker = hs.get_spam_checker() + @defer.inlineCallbacks def create_room(self, requester, config, ratelimit=True): """ Creates a new room. @@ -75,6 +80,9 @@ class RoomCreationHandler(BaseHandler): """ user_id = requester.user.to_string() + if not self.spam_checker.user_may_create_room(user_id): + raise SynapseError(403, "You are not permitted to create rooms") + if ratelimit: yield self.ratelimit(requester) |