diff options
| author | Patrick Cloke <clokep@users.noreply.github.com> | 2021-01-25 14:49:39 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-25 14:49:39 -0500 |
| commit | 4a55d267eef1388690e6781b580910e341358f95 (patch) | |
| tree | 15a03146d09d0b8c3c2f7ef51a3c9ab9123e61ba /synapse/storage | |
| parent | Fix Python 3.5 old deps build by using a compatible pip version. (#9217) (diff) | |
| download | synapse-4a55d267eef1388690e6781b580910e341358f95.tar.xz | |
Add an admin API for shadow-banning users. (#9209)
This expands the current shadow-banning feature to be usable via the admin API and adds documentation for it. A shadow-banned users receives successful responses to their client-server API requests, but the events are not propagated into rooms. Shadow-banning a user should be used as a tool of last resort and may lead to confusing or broken behaviour for the client.
Diffstat (limited to 'synapse/storage')
| -rw-r--r-- | synapse/storage/databases/main/registration.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/synapse/storage/databases/main/registration.py b/synapse/storage/databases/main/registration.py index 585b4049d6..0618b4387a 100644 --- a/synapse/storage/databases/main/registration.py +++ b/synapse/storage/databases/main/registration.py @@ -360,6 +360,35 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore): await self.db_pool.runInteraction("set_server_admin", set_server_admin_txn) + async def set_shadow_banned(self, user: UserID, shadow_banned: bool) -> None: + """Sets whether a user shadow-banned. + + Args: + user: user ID of the user to test + shadow_banned: true iff the user is to be shadow-banned, false otherwise. + """ + + def set_shadow_banned_txn(txn): + self.db_pool.simple_update_one_txn( + txn, + table="users", + keyvalues={"name": user.to_string()}, + updatevalues={"shadow_banned": shadow_banned}, + ) + # In order for this to apply immediately, clear the cache for this user. + tokens = self.db_pool.simple_select_onecol_txn( + txn, + table="access_tokens", + keyvalues={"user_id": user.to_string()}, + retcol="token", + ) + for token in tokens: + self._invalidate_cache_and_stream( + txn, self.get_user_by_access_token, (token,) + ) + + await self.db_pool.runInteraction("set_shadow_banned", set_shadow_banned_txn) + def _query_for_auth(self, txn, token: str) -> Optional[TokenLookupResult]: sql = """ SELECT users.name as user_id, |