diff options
| -rw-r--r-- | changelog.d/3680.feature | 1 | ||||
| -rw-r--r-- | synapse/api/constants.py | 3 | ||||
| -rw-r--r-- | synapse/server_notices/consent_server_notices.py | 3 | ||||
| -rw-r--r-- | synapse/server_notices/resource_limits_server_notices.py | 112 | ||||
| -rw-r--r-- | synapse/server_notices/server_notices_manager.py | 30 | ||||
| -rw-r--r-- | synapse/server_notices/server_notices_sender.py | 33 | ||||
| -rw-r--r-- | tests/server_notices/test_resource_limits_server_notices.py | 125 |
7 files changed, 282 insertions, 25 deletions
diff --git a/changelog.d/3680.feature b/changelog.d/3680.feature new file mode 100644 index 0000000000..4edaaf76a8 --- /dev/null +++ b/changelog.d/3680.feature @@ -0,0 +1 @@ +Server notices for resource limit blocking diff --git a/synapse/api/constants.py b/synapse/api/constants.py index b0da506f6d..1fb24578e2 100644 --- a/synapse/api/constants.py +++ b/synapse/api/constants.py @@ -78,6 +78,9 @@ class EventTypes(object): Name = "m.room.name" ServerACL = "m.room.server_acl" + Pinned = "m.room.pinned_events" + + ServerNoticeLimitReached = "m.server_notice.usage_limit_reached" class RejectedReason(object): diff --git a/synapse/server_notices/consent_server_notices.py b/synapse/server_notices/consent_server_notices.py index 5e3044d164..783ceae1ad 100644 --- a/synapse/server_notices/consent_server_notices.py +++ b/synapse/server_notices/consent_server_notices.py @@ -22,6 +22,7 @@ from synapse.api.errors import SynapseError from synapse.api.urls import ConsentURIBuilder from synapse.config import ConfigError from synapse.types import get_localpart_from_id +from synapse.api.constants import EventTypes logger = logging.getLogger(__name__) @@ -103,7 +104,7 @@ class ConsentServerNotices(object): }, ) yield self._server_notices_manager.send_notice( - user_id, content, + user_id, content ) yield self._store.user_set_consent_server_notice_sent( user_id, self._current_consent_version, diff --git a/synapse/server_notices/resource_limits_server_notices.py b/synapse/server_notices/resource_limits_server_notices.py new file mode 100644 index 0000000000..94d0f98189 --- /dev/null +++ b/synapse/server_notices/resource_limits_server_notices.py @@ -0,0 +1,112 @@ +# -*- coding: utf-8 -*- +# Copyright 2018 New Vector Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import logging + +from twisted.internet import defer + +from synapse.api.errors import AuthError, SynapseError +from synapse.api.constants import EventTypes + +logger = logging.getLogger(__name__) + + +class ResourceLimitsServerNotices(object): + """ + """ + def __init__(self, hs): + """ + + Args: + hs (synapse.server.HomeServer): + """ + self._server_notices_manager = hs.get_server_notices_manager() + self._store = hs.get_datastore() + self.auth = hs.get_auth() + self._server_notice_content = hs.config.user_consent_server_notice_content + self._limit_usage_by_mau = hs.config.limit_usage_by_mau + self._hs_disabled = hs.config.hs_disabled + + self._notified_of_blocking = set() + self._resouce_limited = False + + # Config checks? + + @defer.inlineCallbacks + def maybe_send_server_notice_to_user(self, user_id): + """Check if we need to send a notice to this user, and does so if so + + Args: + user_id (str): user to check + + Returns: + Deferred + """ + if self._hs_disabled is True: + return + + if self._limit_usage_by_mau is True: + timestamp = yield self._store.user_last_seen_monthly_active(user_id) + if timestamp is None: + # This user will be blocked from receiving the notice anyway. + # In practice, not sure we can ever get here + return + try: + # Normally should always pass in user_id if you have it, but in + # this case are checking what would happen to other users if they + # were to arrive. + yield self.auth.check_auth_blocking() + self._resouce_limited = False + # Need to start removing notices + if user_id in self._notified_of_blocking: + # Send message to remove warning + # send state event here + # How do I do this? if drop the id, how to refer to it? + content = { + "pinned":[] + } + yield self._server_notices_manager.send_notice( + user_id, content, EventTypes.Pinned, '', + ) + + self._notified_of_blocking.remove(user_id) + + except AuthError as e: + # Need to start notifying of blocking + try: + self._resouce_limited = True + if user_id not in self._notified_of_blocking: + # TODO use admin email contained in error once PR lands + content = { + 'body': e.msg, + 'admin_email': 'stunt@adminemail.com', + } + event = yield self._server_notices_manager.send_notice( + user_id, content, EventTypes.ServerNoticeLimitReached + ) + + # send server notices state event here + # TODO Over writing pinned events + content = { + "pinned":[ + event.event_id, + ] + } + yield self._server_notices_manager.send_notice( + user_id, content, EventTypes.Pinned, '', + ) + + self._notified_of_blocking.add(user_id) + except SynapseError as e: + logger.error("Error sending server notice about resource limits: %s", e) diff --git a/synapse/server_notices/server_notices_manager.py b/synapse/server_notices/server_notices_manager.py index a26deace53..3e57f8211a 100644 --- a/synapse/server_notices/server_notices_manager.py +++ b/synapse/server_notices/server_notices_manager.py @@ -46,7 +46,10 @@ class ServerNoticesManager(object): return self._config.server_notices_mxid is not None @defer.inlineCallbacks - def send_notice(self, user_id, event_content): + def send_notice( + self, user_id, event_content, + type=EventTypes.Message, state_key=None + ): """Send a notice to the given user Creates the server notices room, if none exists. @@ -54,9 +57,11 @@ class ServerNoticesManager(object): Args: user_id (str): mxid of user to send event to. event_content (dict): content of event to send + type(EventTypes): type of event + is_state_event(bool): Is the event a state event Returns: - Deferred[None] + Deferred[FrozenEvent] """ room_id = yield self.get_notice_room_for_user(user_id) @@ -65,15 +70,19 @@ class ServerNoticesManager(object): logger.info("Sending server notice to %s", user_id) - yield self._event_creation_handler.create_and_send_nonmember_event( - requester, { - "type": EventTypes.Message, - "room_id": room_id, - "sender": system_mxid, - "content": event_content, - }, - ratelimit=False, + event_dict = { + "type": type, + "room_id": room_id, + "sender": system_mxid, + "content": event_content, + } + if state_key: + event_dict['state_key'] = state_key + + res = yield self._event_creation_handler.create_and_send_nonmember_event( + requester, event_dict, ratelimit=False, ) + defer.returnValue(res) @cachedInlineCallbacks() def get_notice_room_for_user(self, user_id): @@ -141,6 +150,7 @@ class ServerNoticesManager(object): creator_join_profile=join_profile, ) room_id = info['room_id'] + yield self._store.add_tag_to_room(user_id, room_id, 'm.server_notice', None) logger.info("Created server notices room %s for %s", room_id, user_id) defer.returnValue(room_id) diff --git a/synapse/server_notices/server_notices_sender.py b/synapse/server_notices/server_notices_sender.py index 5d23965f34..6121b2f267 100644 --- a/synapse/server_notices/server_notices_sender.py +++ b/synapse/server_notices/server_notices_sender.py @@ -12,7 +12,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +from twisted.internet import defer + from synapse.server_notices.consent_server_notices import ConsentServerNotices +from synapse.server_notices.resource_limits_server_notices import ( + ResourceLimitsServerNotices, +) class ServerNoticesSender(object): @@ -25,34 +30,34 @@ class ServerNoticesSender(object): Args: hs (synapse.server.HomeServer): """ - # todo: it would be nice to make this more dynamic - self._consent_server_notices = ConsentServerNotices(hs) + self._server_notices = ( + ConsentServerNotices(hs), + ResourceLimitsServerNotices(hs) + ) + @defer.inlineCallbacks def on_user_syncing(self, user_id): """Called when the user performs a sync operation. Args: user_id (str): mxid of user who synced - - Returns: - Deferred """ - return self._consent_server_notices.maybe_send_server_notice_to_user( - user_id, - ) + for sn in self._server_notices: + yield sn.maybe_send_server_notice_to_user( + user_id, + ) + @defer.inlineCallbacks def on_user_ip(self, user_id): """Called on the master when a worker process saw a client request. Args: user_id (str): mxid - - Returns: - Deferred """ # The synchrotrons use a stubbed version of ServerNoticesSender, so # we check for notices to send to the user in on_user_ip as well as # in on_user_syncing - return self._consent_server_notices.maybe_send_server_notice_to_user( - user_id, - ) + for sn in self._server_notices: + yield sn.maybe_send_server_notice_to_user( + user_id, + ) diff --git a/tests/server_notices/test_resource_limits_server_notices.py b/tests/server_notices/test_resource_limits_server_notices.py new file mode 100644 index 0000000000..a69253f1b6 --- /dev/null +++ b/tests/server_notices/test_resource_limits_server_notices.py @@ -0,0 +1,125 @@ +from mock import Mock + +from twisted.internet import defer + +from synapse.api.errors import AuthError +from synapse.handlers.auth import AuthHandler +from synapse.server_notices.resource_limits_server_notices import ( + ResourceLimitsServerNotices, +) + +from tests import unittest +from tests.utils import setup_test_homeserver + + +class AuthHandlers(object): + def __init__(self, hs): + self.auth_handler = AuthHandler(hs) + + +class TestResourceLimitsServerNotices(unittest.TestCase): + @defer.inlineCallbacks + def setUp(self): + self.hs = yield setup_test_homeserver(handlers=None) + self.hs.handlers = AuthHandlers(self.hs) + self.auth_handler = self.hs.handlers.auth_handler + self.server_notices_sender = self.hs.get_server_notices_sender() + + # relying on [1] is far from ideal, but the only case where + # ResourceLimitsServerNotices class needs to be isolated is this test, + # general code should never have a reason to do so ... + self._rlsn = self.server_notices_sender._server_notices[1] + if not isinstance(self._rlsn, ResourceLimitsServerNotices): + raise Exception("Failed to find reference to ResourceLimitsServerNotices") + + self._rlsn._store.user_last_seen_monthly_active = Mock( + return_value=defer.succeed(1000) + ) + self._send_notice = self._rlsn._server_notices_manager.send_notice + self._rlsn._server_notices_manager.send_notice = Mock() + self._send_notice = self._rlsn._server_notices_manager.send_notice + + self._rlsn._limit_usage_by_mau = True + self.user_id = "user_id" + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_flag_off(self): + """Tests cases where the flags indicate nothing to do""" + # test hs disabled case + self._hs_disabled = True + + yield self._rlsn.maybe_send_server_notice_to_user("user_id") + + self._send_notice.assert_not_called() + # Test when mau limiting disabled + self._hs_disabled = False + self._rlsn._limit_usage_by_mau = False + yield self._rlsn.maybe_send_server_notice_to_user("user_id") + + self._send_notice.assert_not_called() + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_remove_blocked_notice(self): + """Test when user has blocked notice, but should have it removed""" + + self._rlsn._notified_of_blocking.add(self.user_id) + self._rlsn.auth.check_auth_blocking = Mock() + + yield self._rlsn.maybe_send_server_notice_to_user(self.user_id) + # "remove warning" obviously aweful, but test will start failing when code + # actually sends a real event, and then it can be updated + + self._send_notice.assert_called_once_with(self.user_id, "remove warning") + self.assertFalse(self.user_id in self._rlsn._notified_of_blocking) + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_remove_blocked_notice_noop(self): + """Test when user has blocked notice, but notice ought to be there (NOOP)""" + self._rlsn._notified_of_blocking.add(self.user_id) + self._rlsn.auth.check_auth_blocking = Mock( + side_effect=AuthError(403, 'foo') + ) + + yield self._rlsn.maybe_send_server_notice_to_user("user_id") + + self._send_notice.assert_not_called() + self.assertTrue(self.user_id in self._rlsn._notified_of_blocking) + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_add_blocked_notice(self): + """Test when user does not have blocked notice, but should have one""" + + self._rlsn.auth.check_auth_blocking = Mock(side_effect=AuthError(403, 'foo')) + yield self._rlsn.maybe_send_server_notice_to_user("user_id") + + # "add warning" obviously awful, but test will start failing when code + # actually sends a real event, and then it can be updated + self._send_notice.assert_called_once_with(self.user_id, "add warning") + self.assertTrue(self.user_id in self._rlsn._notified_of_blocking) + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_add_blocked_notice_noop(self): + """Test when user does not have blocked notice, nor should they (NOOP)""" + + self._rlsn.auth.check_auth_blocking = Mock() + + yield self._rlsn.maybe_send_server_notice_to_user(self.user_id) + + self._send_notice.assert_not_called() + self.assertFalse(self.user_id in self._rlsn._notified_of_blocking) + + @defer.inlineCallbacks + def test_maybe_send_server_notice_to_user_not_in_mau_cohort(self): + + """Test when user is not part of the MAU cohort - this should not ever + happen - but ... + """ + + self._rlsn.auth.check_auth_blocking = Mock() + self._rlsn._store.user_last_seen_monthly_active = Mock( + return_value=defer.succeed(None) + ) + yield self._rlsn.maybe_send_server_notice_to_user(self.user_id) + + self._send_notice.assert_not_called() + self.assertFalse(self.user_id in self._rlsn._notified_of_blocking) |