diff options
author | Erik Johnston <erik@matrix.org> | 2020-12-17 12:04:14 +0000 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2020-12-17 12:04:14 +0000 |
commit | 7932d4e9f7e140ef05a3099e18120101019ec3e1 (patch) | |
tree | 0a1e67cd20b3c6729d09e4ffbbc96868783b05b0 /synapse | |
parent | 1.24.0 (diff) | |
download | synapse-7932d4e9f7e140ef05a3099e18120101019ec3e1.tar.xz |
Don't MAU limit AS ghost users
Diffstat (limited to 'synapse')
-rw-r--r-- | synapse/api/auth_blocking.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/synapse/api/auth_blocking.py b/synapse/api/auth_blocking.py index 9c227218e0..d8088f524a 100644 --- a/synapse/api/auth_blocking.py +++ b/synapse/api/auth_blocking.py @@ -36,6 +36,7 @@ class AuthBlocking: self._limit_usage_by_mau = hs.config.limit_usage_by_mau self._mau_limits_reserved_threepids = hs.config.mau_limits_reserved_threepids self._server_name = hs.hostname + self._track_appservice_user_ips = hs.config.appservice.track_appservice_user_ips async def check_auth_blocking( self, @@ -76,6 +77,12 @@ class AuthBlocking: # We never block the server from doing actions on behalf of # users. return + elif requester.app_service and not self._track_appservice_user_ips: + # If we're authenticated as an appservice then we only block + # auth if `track_appservice_user_ips` is set, as that option + # implicitly means that application services are part of MAU + # limits. + return # Never fail an auth check for the server notices users or support user # This can be a problem where event creation is prohibited due to blocking |