diff options
| -rw-r--r-- | docs/sample_config.yaml | 5 | ||||
| -rw-r--r-- | synapse/config/server.py | 10 | ||||
| -rw-r--r-- | synapse/rest/client/v1/room.py | 5 |
3 files changed, 20 insertions, 0 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 4779f7bcc7..4cfc2468f0 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -73,6 +73,11 @@ pid_file: DATADIR/homeserver.pid # endpoints via CS API. this is a workaround in advance of MSC1301 landing #auth_profile_reqs: false +# whether to require users to authenticate in order to query /publicRooms +# endpoints via CS API. this is a workaround in advance of +# https://github.com/matrix-org/matrix-doc/issues/612 beinig solved +#auth_public_rooms: false + # The GC threshold parameters to pass to `gc.set_threshold`, if defined # #gc_thresholds: [700, 10, 10] diff --git a/synapse/config/server.py b/synapse/config/server.py index 028695591f..ea84245907 100644 --- a/synapse/config/server.py +++ b/synapse/config/server.py @@ -75,6 +75,11 @@ class ServerConfig(Config): # endpoints via CS API. this is a workaround in advance of MSC1301 landing self.auth_profile_reqs = config.get("auth_profile_reqs", False) + # whether to require users to authenticate in order to query /publicRooms + # endpoints via CS API. this is a workaround in advance of + # https://github.com/matrix-org/matrix-doc/issues/612 beinig solved + self.auth_public_rooms = config.get("auth_public_rooms", False) + # whether to enable search. If disabled, new entries will not be inserted # into the search tables and they will not be indexed. Users will receive # errors when attempting to search for messages. @@ -326,6 +331,11 @@ class ServerConfig(Config): # endpoints via CS API. this is a workaround in advance of MSC1301 landing #auth_profile_reqs: false + # whether to require users to authenticate in order to query /publicRooms + # endpoints via CS API. this is a workaround in advance of + # https://github.com/matrix-org/matrix-doc/issues/612 beinig solved + #auth_public_rooms: false + # The GC threshold parameters to pass to `gc.set_threshold`, if defined # #gc_thresholds: [700, 10, 10] diff --git a/synapse/rest/client/v1/room.py b/synapse/rest/client/v1/room.py index 17a1503cdb..e1aaf89eda 100644 --- a/synapse/rest/client/v1/room.py +++ b/synapse/rest/client/v1/room.py @@ -301,6 +301,11 @@ class PublicRoomListRestServlet(ClientV1RestServlet): try: yield self.auth.get_user_by_req(request, allow_guest=True) except AuthError as e: + # option to allow servers in private federations to require auth + # when accessing /publicRooms via CS API + if self.hs.config.auth_public_rooms: + raise e + # We allow people to not be authed if they're just looking at our # room list, but require auth when we proxy the request. # In both cases we call the auth function, as that has the side |