Correctly ratelimit invites when creating a room (#9968)

* Correctly ratelimit invites when creating a room Also allow ratelimiting for more than one action at a time.
author: Brendan Abolivier <babolivier@matrix.org> 2021-05-12 16:05:28 +0200
committer: GitHub <noreply@github.com> 2021-05-12 16:05:28 +0200
commit: a683028d81606708f686b890c0a44f5a20b54798 (patch)
tree: 62d52062df2ebf4617b5297f1315f1bf6314d8ee /tests/rest
parent: Change the format of access tokens away from macaroons (#5588) (diff)
download: synapse-a683028d81606708f686b890c0a44f5a20b54798.tar.xz
1 files changed, 37 insertions, 0 deletions
diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py
index a3694f3d02..7c4bdcdfdd 100644
--- a/tests/rest/client/v1/test_rooms.py
+++ b/tests/rest/client/v1/test_rooms.py
@@ -463,6 +463,43 @@ class RoomsCreateTestCase(RoomBase):
         )
         self.assertEquals(400, channel.code)
 
+    @unittest.override_config({"rc_invites": {"per_room": {"burst_count": 3}}})
+    def test_post_room_invitees_ratelimit(self):
+        """Test that invites sent when creating a room are ratelimited by a RateLimiter,
+        which ratelimits them correctly, including by not limiting when the requester is
+        exempt from ratelimiting.
+        """
+
+        # Build the request's content. We use local MXIDs because invites over federation
+        # are more difficult to mock.
+        content = json.dumps(
+            {
+                "invite": [
+                    "@alice1:red",
+                    "@alice2:red",
+                    "@alice3:red",
+                    "@alice4:red",
+                ]
+            }
+        ).encode("utf8")
+
+        # Test that the invites are correctly ratelimited.
+        channel = self.make_request("POST", "/createRoom", content)
+        self.assertEqual(400, channel.code)
+        self.assertEqual(
+            "Cannot invite so many users at once",
+            channel.json_body["error"],
+        )
+
+        # Add the current user to the ratelimit overrides, allowing them no ratelimiting.
+        self.get_success(
+            self.hs.get_datastore().set_ratelimit_for_user(self.user_id, 0, 0)
+        )
+
+        # Test that the invites aren't ratelimited anymore.
+        channel = self.make_request("POST", "/createRoom", content)
+        self.assertEqual(200, channel.code)
+
 
 class RoomTopicTestCase(RoomBase):
     """ Tests /rooms/$room_id/topic REST events. """
author	Brendan Abolivier <babolivier@matrix.org>	2021-05-12 16:05:28 +0200
committer	GitHub <noreply@github.com>	2021-05-12 16:05:28 +0200
commit	a683028d81606708f686b890c0a44f5a20b54798 (patch)
tree	62d52062df2ebf4617b5297f1315f1bf6314d8ee /tests/rest
parent	Change the format of access tokens away from macaroons (#5588) (diff)
download	synapse-a683028d81606708f686b890c0a44f5a20b54798.tar.xz