diff --git a/CHANGES.md b/CHANGES.md
index 0bce84f400..37b650a848 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,12 @@
+Synapse 1.10.1 (2020-02-17)
+===========================
+
+Bugfixes
+--------
+
+- Fix a bug introduced in Synapse 1.10.0 which would cause room state to be cleared in the database if Synapse was upgraded direct from 1.2.1 or earlier to 1.10.0. ([\#6924](https://github.com/matrix-org/synapse/issues/6924))
+
+
Synapse 1.10.0 (2020-02-12)
===========================
diff --git a/changelog.d/6834.misc b/changelog.d/6834.misc
new file mode 100644
index 0000000000..79acebe516
--- /dev/null
+++ b/changelog.d/6834.misc
@@ -0,0 +1 @@
+Change the default power levels of invites, tombstones and server ACLs for new rooms.
\ No newline at end of file
diff --git a/changelog.d/6888.feature b/changelog.d/6888.feature
new file mode 100644
index 0000000000..1b7ac0c823
--- /dev/null
+++ b/changelog.d/6888.feature
@@ -0,0 +1 @@
+The result of a user directory search can now be filtered via the spam checker.
diff --git a/changelog.d/6904.removal b/changelog.d/6904.removal
new file mode 100644
index 0000000000..a5cc0c3605
--- /dev/null
+++ b/changelog.d/6904.removal
@@ -0,0 +1 @@
+Stop sending alias events during adding / removing aliases. Check alt_aliases in the latest canonical aliases event when deleting an alias.
diff --git a/changelog.d/6915.misc b/changelog.d/6915.misc
new file mode 100644
index 0000000000..3a181ef243
--- /dev/null
+++ b/changelog.d/6915.misc
@@ -0,0 +1 @@
+Add type hints to the spam checker module.
diff --git a/changelog.d/6918.docker b/changelog.d/6918.docker
new file mode 100644
index 0000000000..cc2db5e071
--- /dev/null
+++ b/changelog.d/6918.docker
@@ -0,0 +1 @@
+The deprecated "generate-config-on-the-fly" mode is no longer supported.
diff --git a/changelog.d/6919.misc b/changelog.d/6919.misc
new file mode 100644
index 0000000000..aa2cd89998
--- /dev/null
+++ b/changelog.d/6919.misc
@@ -0,0 +1 @@
+Convert the directory handler tests to use HomeserverTestCase.
diff --git a/changelog.d/6920.misc b/changelog.d/6920.misc
new file mode 100644
index 0000000000..d333add990
--- /dev/null
+++ b/changelog.d/6920.misc
@@ -0,0 +1 @@
+Add a warning about indentation to generated configuration files.
diff --git a/changelog.d/6921.docker b/changelog.d/6921.docker
new file mode 100644
index 0000000000..152e723339
--- /dev/null
+++ b/changelog.d/6921.docker
@@ -0,0 +1 @@
+Databases created using the compose file in contrib/docker will now always have correct encoding and locale settings. Contributed by Fridtjof Mund.
diff --git a/contrib/docker/docker-compose.yml b/contrib/docker/docker-compose.yml
index 2b044baf78..5df29379c8 100644
--- a/contrib/docker/docker-compose.yml
+++ b/contrib/docker/docker-compose.yml
@@ -56,6 +56,9 @@ services:
environment:
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=changeme
+ # ensure the database gets created correctly
+ # https://github.com/matrix-org/synapse/blob/master/docs/postgres.md#set-up-database
+ - POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=C --lc-ctype=C"
volumes:
# You may store the database tables in a local folder..
- ./schemas:/var/lib/postgresql/data
diff --git a/debian/changelog b/debian/changelog
index cdc3b1a5c2..90314d36af 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+matrix-synapse-py3 (1.10.1) stable; urgency=medium
+
+ * New synapse release 1.10.1.
+
+ -- Synapse Packaging team <packages@matrix.org> Mon, 17 Feb 2020 16:27:28 +0000
+
matrix-synapse-py3 (1.10.0) stable; urgency=medium
* New synapse release 1.10.0.
diff --git a/docker/README.md b/docker/README.md
index 9f112a01d0..8c337149ca 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -110,12 +110,12 @@ argument to `docker run`.
## Legacy dynamic configuration file support
-For backwards-compatibility only, the docker image supports creating a dynamic
-configuration file based on environment variables. This is now deprecated, but
-is enabled when the `SYNAPSE_SERVER_NAME` variable is set (and `generate` is
-not given).
+The docker image used to support creating a dynamic configuration file based
+on environment variables. This is no longer supported, and an error will be
+raised if you try to run synapse without a config file.
-To migrate from a dynamic configuration file to a static one, run the docker
+It is, however, possible to generate a static configuration file based on
+the environment variables that were previously used. To do this, run the docker
container once with the environment variables set, and `migrate_config`
command line option. For example:
@@ -127,15 +127,20 @@ docker run -it --rm \
matrixdotorg/synapse:latest migrate_config
```
-This will generate the same configuration file as the legacy mode used, but
-will store it in `/data/homeserver.yaml` instead of a temporary location. You
-can then use it as shown above at [Running synapse](#running-synapse).
+This will generate the same configuration file as the legacy mode used, and
+will store it in `/data/homeserver.yaml`. You can then use it as shown above at
+[Running synapse](#running-synapse).
+
+Note that the defaults used in this configuration file may be different to
+those when generating a new config file with `generate`: for example, TLS is
+enabled by default in this mode. You are encouraged to inspect the generated
+configuration file and edit it to ensure it meets your needs.
## Building the image
If you need to build the image from a Synapse checkout, use the following `docker
build` command from the repo's root:
-
+
```
docker build -t matrixdotorg/synapse -f docker/Dockerfile .
```
diff --git a/docker/start.py b/docker/start.py
index 97fd247f8f..2a25c9380e 100755
--- a/docker/start.py
+++ b/docker/start.py
@@ -188,11 +188,6 @@ def main(args, environ):
else:
ownership = "{}:{}".format(desired_uid, desired_gid)
- log(
- "Container running as UserID %s:%s, ENV (or defaults) requests %s:%s"
- % (os.getuid(), os.getgid(), desired_uid, desired_gid)
- )
-
if ownership is None:
log("Will not perform chmod/su-exec as UserID already matches request")
@@ -213,38 +208,30 @@ def main(args, environ):
if mode is not None:
error("Unknown execution mode '%s'" % (mode,))
- if "SYNAPSE_SERVER_NAME" in environ:
- # backwards-compatibility generate-a-config-on-the-fly mode
- if "SYNAPSE_CONFIG_PATH" in environ:
+ config_dir = environ.get("SYNAPSE_CONFIG_DIR", "/data")
+ config_path = environ.get("SYNAPSE_CONFIG_PATH", config_dir + "/homeserver.yaml")
+
+ if not os.path.exists(config_path):
+ if "SYNAPSE_SERVER_NAME" in environ:
error(
- "SYNAPSE_SERVER_NAME can only be combined with SYNAPSE_CONFIG_PATH "
- "in `generate` or `migrate_config` mode. To start synapse using a "
- "config file, unset the SYNAPSE_SERVER_NAME environment variable."
+ """\
+Config file '%s' does not exist.
+
+The synapse docker image no longer supports generating a config file on-the-fly
+based on environment variables. You can migrate to a static config file by
+running with 'migrate_config'. See the README for more details.
+"""
+ % (config_path,)
)
- config_path = "/compiled/homeserver.yaml"
- log(
- "Generating config file '%s' on-the-fly from environment variables.\n"
- "Note that this mode is deprecated. You can migrate to a static config\n"
- "file by running with 'migrate_config'. See the README for more details."
+ error(
+ "Config file '%s' does not exist. You should either create a new "
+ "config file by running with the `generate` argument (and then edit "
+ "the resulting file before restarting) or specify the path to an "
+ "existing config file with the SYNAPSE_CONFIG_PATH variable."
% (config_path,)
)
- generate_config_from_template("/compiled", config_path, environ, ownership)
- else:
- config_dir = environ.get("SYNAPSE_CONFIG_DIR", "/data")
- config_path = environ.get(
- "SYNAPSE_CONFIG_PATH", config_dir + "/homeserver.yaml"
- )
- if not os.path.exists(config_path):
- error(
- "Config file '%s' does not exist. You should either create a new "
- "config file by running with the `generate` argument (and then edit "
- "the resulting file before restarting) or specify the path to an "
- "existing config file with the SYNAPSE_CONFIG_PATH variable."
- % (config_path,)
- )
-
log("Starting synapse with config file " + config_path)
args = ["python", "-m", synapse_worker, "--config-path", config_path]
diff --git a/docs/.sample_config_header.yaml b/docs/.sample_config_header.yaml
index e001ef5983..35a591d042 100644
--- a/docs/.sample_config_header.yaml
+++ b/docs/.sample_config_header.yaml
@@ -1,4 +1,4 @@
-# The config is maintained as an up-to-date snapshot of the default
+# This file is maintained as an up-to-date snapshot of the default
# homeserver.yaml configuration generated by Synapse.
#
# It is intended to act as a reference for the default configuration,
@@ -10,3 +10,5 @@
# homeserver.yaml. Instead, if you are starting from scratch, please generate
# a fresh config using Synapse by following the instructions in INSTALL.md.
+################################################################################
+
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 8e8cf513b0..93236daddc 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -1,4 +1,4 @@
-# The config is maintained as an up-to-date snapshot of the default
+# This file is maintained as an up-to-date snapshot of the default
# homeserver.yaml configuration generated by Synapse.
#
# It is intended to act as a reference for the default configuration,
@@ -10,6 +10,16 @@
# homeserver.yaml. Instead, if you are starting from scratch, please generate
# a fresh config using Synapse by following the instructions in INSTALL.md.
+################################################################################
+
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+
## Server ##
# The domain name of the server, with optional explicit port.
diff --git a/docs/spam_checker.md b/docs/spam_checker.md
index 97ff17f952..5b5f5000b7 100644
--- a/docs/spam_checker.md
+++ b/docs/spam_checker.md
@@ -54,6 +54,9 @@ class ExampleSpamChecker:
def user_may_publish_room(self, userid, room_id):
return True # allow publishing of all rooms
+
+ def check_username_for_spam(self, user_profile):
+ return False # allow all usernames
```
## Configuration
diff --git a/synapse/__init__.py b/synapse/__init__.py
index 9d285fca38..8313f177d2 100644
--- a/synapse/__init__.py
+++ b/synapse/__init__.py
@@ -36,7 +36,7 @@ try:
except ImportError:
pass
-__version__ = "1.10.0"
+__version__ = "1.10.1"
if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
# We import here so that we don't have to install a bunch of deps when
diff --git a/synapse/config/_base.py b/synapse/config/_base.py
index 08619404bb..ba846042c4 100644
--- a/synapse/config/_base.py
+++ b/synapse/config/_base.py
@@ -53,6 +53,18 @@ Missing mandatory `server_name` config option.
"""
+CONFIG_FILE_HEADER = """\
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+
+"""
+
+
def path_exists(file_path):
"""Check if a file exists
@@ -344,7 +356,7 @@ class RootConfig(object):
str: the yaml config file
"""
- return "\n\n".join(
+ return CONFIG_FILE_HEADER + "\n\n".join(
dedent(conf)
for conf in self.invoke_all(
"generate_config_section",
@@ -574,8 +586,8 @@ class RootConfig(object):
if not path_exists(config_dir_path):
os.makedirs(config_dir_path)
with open(config_path, "w") as config_file:
- config_file.write("# vim:ft=yaml\n\n")
config_file.write(config_str)
+ config_file.write("\n\n# vim:ft=yaml")
config_dict = yaml.safe_load(config_str)
obj.generate_missing_files(config_dict, config_dir_path)
diff --git a/synapse/events/spamcheck.py b/synapse/events/spamcheck.py
index 5a907718d6..a23b6b7b61 100644
--- a/synapse/events/spamcheck.py
+++ b/synapse/events/spamcheck.py
@@ -15,12 +15,17 @@
# limitations under the License.
import inspect
+from typing import Dict
from synapse.spam_checker_api import SpamCheckerApi
+MYPY = False
+if MYPY:
+ import synapse.server
+
class SpamChecker(object):
- def __init__(self, hs):
+ def __init__(self, hs: "synapse.server.HomeServer"):
self.spam_checker = None
module = None
@@ -40,7 +45,7 @@ class SpamChecker(object):
else:
self.spam_checker = module(config=config)
- def check_event_for_spam(self, event):
+ def check_event_for_spam(self, event: "synapse.events.EventBase") -> bool:
"""Checks if a given event is considered "spammy" by this server.
If the server considers an event spammy, then it will be rejected if
@@ -48,26 +53,30 @@ class SpamChecker(object):
users receive a blank event.
Args:
- event (synapse.events.EventBase): the event to be checked
+ event: the event to be checked
Returns:
- bool: True if the event is spammy.
+ True if the event is spammy.
"""
if self.spam_checker is None:
return False
return self.spam_checker.check_event_for_spam(event)
- def user_may_invite(self, inviter_userid, invitee_userid, room_id):
+ def user_may_invite(
+ self, inviter_userid: str, invitee_userid: str, room_id: str
+ ) -> bool:
"""Checks if a given user may send an invite
If this method returns false, the invite will be rejected.
Args:
- userid (string): The sender's user ID
+ inviter_userid: The user ID of the sender of the invitation
+ invitee_userid: The user ID targeted in the invitation
+ room_id: The room ID
Returns:
- bool: True if the user may send an invite, otherwise False
+ True if the user may send an invite, otherwise False
"""
if self.spam_checker is None:
return True
@@ -76,52 +85,78 @@ class SpamChecker(object):
inviter_userid, invitee_userid, room_id
)
- def user_may_create_room(self, userid):
+ def user_may_create_room(self, userid: str) -> bool:
"""Checks if a given user may create a room
If this method returns false, the creation request will be rejected.
Args:
- userid (string): The sender's user ID
+ userid: The ID of the user attempting to create a room
Returns:
- bool: True if the user may create a room, otherwise False
+ True if the user may create a room, otherwise False
"""
if self.spam_checker is None:
return True
return self.spam_checker.user_may_create_room(userid)
- def user_may_create_room_alias(self, userid, room_alias):
+ def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool:
"""Checks if a given user may create a room alias
If this method returns false, the association request will be rejected.
Args:
- userid (string): The sender's user ID
- room_alias (string): The alias to be created
+ userid: The ID of the user attempting to create a room alias
+ room_alias: The alias to be created
Returns:
- bool: True if the user may create a room alias, otherwise False
+ True if the user may create a room alias, otherwise False
"""
if self.spam_checker is None:
return True
return self.spam_checker.user_may_create_room_alias(userid, room_alias)
- def user_may_publish_room(self, userid, room_id):
+ def user_may_publish_room(self, userid: str, room_id: str) -> bool:
"""Checks if a given user may publish a room to the directory
If this method returns false, the publish request will be rejected.
Args:
- userid (string): The sender's user ID
- room_id (string): The ID of the room that would be published
+ userid: The user ID attempting to publish the room
+ room_id: The ID of the room that would be published
Returns:
- bool: True if the user may publish the room, otherwise False
+ True if the user may publish the room, otherwise False
"""
if self.spam_checker is None:
return True
return self.spam_checker.user_may_publish_room(userid, room_id)
+
+ def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool:
+ """Checks if a user ID or display name are considered "spammy" by this server.
+
+ If the server considers a username spammy, then it will not be included in
+ user directory results.
+
+ Args:
+ user_profile: The user information to check, it contains the keys:
+ * user_id
+ * display_name
+ * avatar_url
+
+ Returns:
+ True if the user is spammy.
+ """
+ if self.spam_checker is None:
+ return False
+
+ # For backwards compatibility, if the method does not exist on the spam checker, fallback to not interfering.
+ checker = getattr(self.spam_checker, "check_username_for_spam", None)
+ if not checker:
+ return False
+ # Make a copy of the user profile object to ensure the spam checker
+ # cannot modify it.
+ return checker(user_profile.copy())
diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py
index 8c5980cb0c..f718388884 100644
--- a/synapse/handlers/directory.py
+++ b/synapse/handlers/directory.py
@@ -81,13 +81,7 @@ class DirectoryHandler(BaseHandler):
@defer.inlineCallbacks
def create_association(
- self,
- requester,
- room_alias,
- room_id,
- servers=None,
- send_event=True,
- check_membership=True,
+ self, requester, room_alias, room_id, servers=None, check_membership=True,
):
"""Attempt to create a new alias
@@ -97,7 +91,6 @@ class DirectoryHandler(BaseHandler):
room_id (str)
servers (list[str]|None): List of servers that others servers
should try and join via
- send_event (bool): Whether to send an updated m.room.aliases event
check_membership (bool): Whether to check if the user is in the room
before the alias can be set (if the server's config requires it).
@@ -150,16 +143,9 @@ class DirectoryHandler(BaseHandler):
)
yield self._create_association(room_alias, room_id, servers, creator=user_id)
- if send_event:
- try:
- yield self.send_room_alias_update_event(requester, room_id)
- except AuthError as e:
- # sending the aliases event may fail due to the user not having
- # permission in the room; this is permitted.
- logger.info("Skipping updating aliases event due to auth error %s", e)
@defer.inlineCallbacks
- def delete_association(self, requester, room_alias, send_event=True):
+ def delete_association(self, requester, room_alias):
"""Remove an alias from the directory
(this is only meant for human users; AS users should call
@@ -168,9 +154,6 @@ class DirectoryHandler(BaseHandler):
Args:
requester (Requester):
room_alias (RoomAlias):
- send_event (bool): Whether to send an updated m.room.aliases event.
- Note that, if we delete the canonical alias, we will always attempt
- to send an m.room.canonical_alias event
Returns:
Deferred[unicode]: room id that the alias used to point to
@@ -206,9 +189,6 @@ class DirectoryHandler(BaseHandler):
room_id = yield self._delete_association(room_alias)
try:
- if send_event:
- yield self.send_room_alias_update_event(requester, room_id)
-
yield self._update_canonical_alias(
requester, requester.user.to_string(), room_id, room_alias
)
@@ -319,25 +299,50 @@ class DirectoryHandler(BaseHandler):
@defer.inlineCallbacks
def _update_canonical_alias(self, requester, user_id, room_id, room_alias):
+ """
+ Send an updated canonical alias event if the removed alias was set as
+ the canonical alias or listed in the alt_aliases field.
+ """
alias_event = yield self.state.get_current_state(
room_id, EventTypes.CanonicalAlias, ""
)
- alias_str = room_alias.to_string()
- if not alias_event or alias_event.content.get("alias", "") != alias_str:
+ # There is no canonical alias, nothing to do.
+ if not alias_event:
return
- yield self.event_creation_handler.create_and_send_nonmember_event(
- requester,
- {
- "type": EventTypes.CanonicalAlias,
- "state_key": "",
- "room_id": room_id,
- "sender": user_id,
- "content": {},
- },
- ratelimit=False,
- )
+ # Obtain a mutable version of the event content.
+ content = dict(alias_event.content)
+ send_update = False
+
+ # Remove the alias property if it matches the removed alias.
+ alias_str = room_alias.to_string()
+ if alias_event.content.get("alias", "") == alias_str:
+ send_update = True
+ content.pop("alias", "")
+
+ # Filter alt_aliases for the removed alias.
+ alt_aliases = content.pop("alt_aliases", None)
+ # If the aliases are not a list (or not found) do not attempt to modify
+ # the list.
+ if isinstance(alt_aliases, list):
+ send_update = True
+ alt_aliases = [alias for alias in alt_aliases if alias != alias_str]
+ if alt_aliases:
+ content["alt_aliases"] = alt_aliases
+
+ if send_update:
+ yield self.event_creation_handler.create_and_send_nonmember_event(
+ requester,
+ {
+ "type": EventTypes.CanonicalAlias,
+ "state_key": "",
+ "room_id": room_id,
+ "sender": user_id,
+ "content": content,
+ },
+ ratelimit=False,
+ )
@defer.inlineCallbacks
def get_association_from_room_alias(self, room_alias):
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py
index ab07edd2fc..49ec2f48bc 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -64,18 +64,21 @@ class RoomCreationHandler(BaseHandler):
"history_visibility": "shared",
"original_invitees_have_ops": False,
"guest_can_join": True,
+ "power_level_content_override": {"invite": 0},
},
RoomCreationPreset.TRUSTED_PRIVATE_CHAT: {
"join_rules": JoinRules.INVITE,
"history_visibility": "shared",
"original_invitees_have_ops": True,
"guest_can_join": True,
+ "power_level_content_override": {"invite": 0},
},
RoomCreationPreset.PUBLIC_CHAT: {
"join_rules": JoinRules.PUBLIC,
"history_visibility": "shared",
"original_invitees_have_ops": False,
"guest_can_join": False,
+ "power_level_content_override": {},
},
}
@@ -475,9 +478,7 @@ class RoomCreationHandler(BaseHandler):
for alias_str in aliases:
alias = RoomAlias.from_string(alias_str)
try:
- yield directory_handler.delete_association(
- requester, alias, send_event=False
- )
+ yield directory_handler.delete_association(requester, alias)
removed_aliases.append(alias_str)
except SynapseError as e:
logger.warning("Unable to remove alias %s from old room: %s", alias, e)
@@ -508,7 +509,6 @@ class RoomCreationHandler(BaseHandler):
RoomAlias.from_string(alias),
new_room_id,
servers=(self.hs.hostname,),
- send_event=False,
check_membership=False,
)
logger.info("Moved alias %s to new room", alias)
@@ -661,7 +661,6 @@ class RoomCreationHandler(BaseHandler):
room_id=room_id,
room_alias=room_alias,
servers=[self.hs.hostname],
- send_event=False,
check_membership=False,
)
@@ -829,19 +828,24 @@ class RoomCreationHandler(BaseHandler):
# This will be reudundant on pre-MSC2260 rooms, since the
# aliases event is special-cased.
EventTypes.Aliases: 0,
+ EventTypes.Tombstone: 100,
+ EventTypes.ServerACL: 100,
},
"events_default": 0,
"state_default": 50,
"ban": 50,
"kick": 50,
"redact": 50,
- "invite": 0,
+ "invite": 50,
}
if config["original_invitees_have_ops"]:
for invitee in invite_list:
power_level_content["users"][invitee] = 100
+ # Power levels overrides are defined per chat preset
+ power_level_content.update(config["power_level_content_override"])
+
if power_level_content_override:
power_level_content.update(power_level_content_override)
diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py
index 81aa58dc8c..722760c59d 100644
--- a/synapse/handlers/user_directory.py
+++ b/synapse/handlers/user_directory.py
@@ -52,6 +52,7 @@ class UserDirectoryHandler(StateDeltasHandler):
self.is_mine_id = hs.is_mine_id
self.update_user_directory = hs.config.update_user_directory
self.search_all_users = hs.config.user_directory_search_all_users
+ self.spam_checker = hs.get_spam_checker()
# The current position in the current_state_delta stream
self.pos = None
@@ -65,7 +66,7 @@ class UserDirectoryHandler(StateDeltasHandler):
# we start populating the user directory
self.clock.call_later(0, self.notify_new_event)
- def search_users(self, user_id, search_term, limit):
+ async def search_users(self, user_id, search_term, limit):
"""Searches for users in directory
Returns:
@@ -82,7 +83,16 @@ class UserDirectoryHandler(StateDeltasHandler):
]
}
"""
- return self.store.search_user_dir(user_id, search_term, limit)
+ results = await self.store.search_user_dir(user_id, search_term, limit)
+
+ # Remove any spammy users from the results.
+ results["results"] = [
+ user
+ for user in results["results"]
+ if not self.spam_checker.check_username_for_spam(user)
+ ]
+
+ return results
def notify_new_event(self):
"""Called when there may be more deltas to process
diff --git a/synapse/spam_checker_api/__init__.py b/synapse/spam_checker_api/__init__.py
index efcc10f808..9b78924d96 100644
--- a/synapse/spam_checker_api/__init__.py
+++ b/synapse/spam_checker_api/__init__.py
@@ -18,6 +18,10 @@ from twisted.internet import defer
from synapse.storage.state import StateFilter
+MYPY = False
+if MYPY:
+ import synapse.server
+
logger = logging.getLogger(__name__)
@@ -26,18 +30,18 @@ class SpamCheckerApi(object):
access to rooms and other relevant information.
"""
- def __init__(self, hs):
+ def __init__(self, hs: "synapse.server.HomeServer"):
self.hs = hs
self._store = hs.get_datastore()
@defer.inlineCallbacks
- def get_state_events_in_room(self, room_id, types):
+ def get_state_events_in_room(self, room_id: str, types: tuple) -> defer.Deferred:
"""Gets state events for the given room.
Args:
- room_id (string): The room ID to get state events in.
- types (tuple): The event type and state key (using None
+ room_id: The room ID to get state events in.
+ types: The event type and state key (using None
to represent 'any') of the room state to acquire.
Returns:
diff --git a/synapse/storage/data_stores/main/schema/delta/57/delete_old_current_state_events.sql b/synapse/storage/data_stores/main/schema/delta/57/delete_old_current_state_events.sql
index a133d87a19..aec06c8261 100644
--- a/synapse/storage/data_stores/main/schema/delta/57/delete_old_current_state_events.sql
+++ b/synapse/storage/data_stores/main/schema/delta/57/delete_old_current_state_events.sql
@@ -15,5 +15,8 @@
-- Add background update to go and delete current state events for rooms the
-- server is no longer in.
-INSERT into background_updates (update_name, progress_json)
- VALUES ('delete_old_current_state_events', '{}');
+--
+-- this relies on the 'membership' column of current_state_events, so make sure
+-- that's populated first!
+INSERT into background_updates (update_name, progress_json, depends_on)
+ VALUES ('delete_old_current_state_events', '{}', 'current_state_events_membership');
diff --git a/tests/handlers/test_directory.py b/tests/handlers/test_directory.py
index 91c7a17070..27b916aed4 100644
--- a/tests/handlers/test_directory.py
+++ b/tests/handlers/test_directory.py
@@ -18,25 +18,19 @@ from mock import Mock
from twisted.internet import defer
+import synapse.api.errors
+from synapse.api.constants import EventTypes
from synapse.config.room_directory import RoomDirectoryConfig
-from synapse.handlers.directory import DirectoryHandler
-from synapse.rest.client.v1 import directory, room
-from synapse.types import RoomAlias
+from synapse.rest.client.v1 import directory, login, room
+from synapse.types import RoomAlias, create_requester
from tests import unittest
-from tests.utils import setup_test_homeserver
-class DirectoryHandlers(object):
- def __init__(self, hs):
- self.directory_handler = DirectoryHandler(hs)
-
-
-class DirectoryTestCase(unittest.TestCase):
+class DirectoryTestCase(unittest.HomeserverTestCase):
""" Tests the directory service. """
- @defer.inlineCallbacks
- def setUp(self):
+ def make_homeserver(self, reactor, clock):
self.mock_federation = Mock()
self.mock_registry = Mock()
@@ -47,14 +41,12 @@ class DirectoryTestCase(unittest.TestCase):
self.mock_registry.register_query_handler = register_query_handler
- hs = yield setup_test_homeserver(
- self.addCleanup,
+ hs = self.setup_test_homeserver(
http_client=None,
resource_for_federation=Mock(),
federation_client=self.mock_federation,
federation_registry=self.mock_registry,
)
- hs.handlers = DirectoryHandlers(hs)
self.handler = hs.get_handlers().directory_handler
@@ -64,23 +56,25 @@ class DirectoryTestCase(unittest.TestCase):
self.your_room = RoomAlias.from_string("#your-room:test")
self.remote_room = RoomAlias.from_string("#another:remote")
- @defer.inlineCallbacks
+ return hs
+
def test_get_local_association(self):
- yield self.store.create_room_alias_association(
- self.my_room, "!8765qwer:test", ["test"]
+ self.get_success(
+ self.store.create_room_alias_association(
+ self.my_room, "!8765qwer:test", ["test"]
+ )
)
- result = yield self.handler.get_association(self.my_room)
+ result = self.get_success(self.handler.get_association(self.my_room))
self.assertEquals({"room_id": "!8765qwer:test", "servers": ["test"]}, result)
- @defer.inlineCallbacks
def test_get_remote_association(self):
self.mock_federation.make_query.return_value = defer.succeed(
{"room_id": "!8765qwer:test", "servers": ["test", "remote"]}
)
- result = yield self.handler.get_association(self.remote_room)
+ result = self.get_success(self.handler.get_association(self.remote_room))
self.assertEquals(
{"room_id": "!8765qwer:test", "servers": ["test", "remote"]}, result
@@ -93,19 +87,168 @@ class DirectoryTestCase(unittest.TestCase):
ignore_backoff=True,
)
- @defer.inlineCallbacks
+ def test_delete_alias_not_allowed(self):
+ room_id = "!8765qwer:test"
+ self.get_success(
+ self.store.create_room_alias_association(self.my_room, room_id, ["test"])
+ )
+
+ self.get_failure(
+ self.handler.delete_association(
+ create_requester("@user:test"), self.my_room
+ ),
+ synapse.api.errors.AuthError,
+ )
+
+ def test_delete_alias(self):
+ room_id = "!8765qwer:test"
+ user_id = "@user:test"
+ self.get_success(
+ self.store.create_room_alias_association(
+ self.my_room, room_id, ["test"], user_id
+ )
+ )
+
+ result = self.get_success(
+ self.handler.delete_association(create_requester(user_id), self.my_room)
+ )
+ self.assertEquals(room_id, result)
+
+ # The alias should not be found.
+ self.get_failure(
+ self.handler.get_association(self.my_room), synapse.api.errors.SynapseError
+ )
+
def test_incoming_fed_query(self):
- yield self.store.create_room_alias_association(
- self.your_room, "!8765asdf:test", ["test"]
+ self.get_success(
+ self.store.create_room_alias_association(
+ self.your_room, "!8765asdf:test", ["test"]
+ )
)
- response = yield self.query_handlers["directory"](
- {"room_alias": "#your-room:test"}
+ response = self.get_success(
+ self.handler.on_directory_query({"room_alias": "#your-room:test"})
)
self.assertEquals({"room_id": "!8765asdf:test", "servers": ["test"]}, response)
+class CanonicalAliasTestCase(unittest.HomeserverTestCase):
+ """Test modifications of the canonical alias when delete aliases.
+ """
+
+ servlets = [
+ synapse.rest.admin.register_servlets,
+ login.register_servlets,
+ room.register_servlets,
+ directory.register_servlets,
+ ]
+
+ def prepare(self, reactor, clock, hs):
+ self.store = hs.get_datastore()
+ self.handler = hs.get_handlers().directory_handler
+ self.state_handler = hs.get_state_handler()
+
+ # Create user
+ self.admin_user = self.register_user("admin", "pass", admin=True)
+ self.admin_user_tok = self.login("admin", "pass")
+
+ # Create a test room
+ self.room_id = self.helper.create_room_as(
+ self.admin_user, tok=self.admin_user_tok
+ )
+
+ self.test_alias = "#test:test"
+ self.room_alias = RoomAlias.from_string(self.test_alias)
+
+ # Create a new alias to this room.
+ self.get_success(
+ self.store.create_room_alias_association(
+ self.room_alias, self.room_id, ["test"], self.admin_user
+ )
+ )
+
+ def test_remove_alias(self):
+ """Removing an alias that is the canonical alias should remove it there too."""
+ # Set this new alias as the canonical alias for this room
+ self.helper.send_state(
+ self.room_id,
+ "m.room.canonical_alias",
+ {"alias": self.test_alias, "alt_aliases": [self.test_alias]},
+ tok=self.admin_user_tok,
+ )
+
+ data = self.get_success(
+ self.state_handler.get_current_state(
+ self.room_id, EventTypes.CanonicalAlias, ""
+ )
+ )
+ self.assertEqual(data["content"]["alias"], self.test_alias)
+ self.assertEqual(data["content"]["alt_aliases"], [self.test_alias])
+
+ # Finally, delete the alias.
+ self.get_success(
+ self.handler.delete_association(
+ create_requester(self.admin_user), self.room_alias
+ )
+ )
+
+ data = self.get_success(
+ self.state_handler.get_current_state(
+ self.room_id, EventTypes.CanonicalAlias, ""
+ )
+ )
+ self.assertNotIn("alias", data["content"])
+ self.assertNotIn("alt_aliases", data["content"])
+
+ def test_remove_other_alias(self):
+ """Removing an alias listed as in alt_aliases should remove it there too."""
+ # Create a second alias.
+ other_test_alias = "#test2:test"
+ other_room_alias = RoomAlias.from_string(other_test_alias)
+ self.get_success(
+ self.store.create_room_alias_association(
+ other_room_alias, self.room_id, ["test"], self.admin_user
+ )
+ )
+
+ # Set the alias as the canonical alias for this room.
+ self.helper.send_state(
+ self.room_id,
+ "m.room.canonical_alias",
+ {
+ "alias": self.test_alias,
+ "alt_aliases": [self.test_alias, other_test_alias],
+ },
+ tok=self.admin_user_tok,
+ )
+
+ data = self.get_success(
+ self.state_handler.get_current_state(
+ self.room_id, EventTypes.CanonicalAlias, ""
+ )
+ )
+ self.assertEqual(data["content"]["alias"], self.test_alias)
+ self.assertEqual(
+ data["content"]["alt_aliases"], [self.test_alias, other_test_alias]
+ )
+
+ # Delete the second alias.
+ self.get_success(
+ self.handler.delete_association(
+ create_requester(self.admin_user), other_room_alias
+ )
+ )
+
+ data = self.get_success(
+ self.state_handler.get_current_state(
+ self.room_id, EventTypes.CanonicalAlias, ""
+ )
+ )
+ self.assertEqual(data["content"]["alias"], self.test_alias)
+ self.assertEqual(data["content"]["alt_aliases"], [self.test_alias])
+
+
class TestCreateAliasACL(unittest.HomeserverTestCase):
user_id = "@test:test"
diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py
index 26071059d2..0a4765fff4 100644
--- a/tests/handlers/test_user_directory.py
+++ b/tests/handlers/test_user_directory.py
@@ -147,6 +147,98 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):
s = self.get_success(self.handler.search_users(u1, "user3", 10))
self.assertEqual(len(s["results"]), 0)
+ def test_spam_checker(self):
+ """
+ A user which fails to the spam checks will not appear in search results.
+ """
+ u1 = self.register_user("user1", "pass")
+ u1_token = self.login(u1, "pass")
+ u2 = self.register_user("user2", "pass")
+ u2_token = self.login(u2, "pass")
+
+ # We do not add users to the directory until they join a room.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 0)
+
+ room = self.helper.create_room_as(u1, is_public=False, tok=u1_token)
+ self.helper.invite(room, src=u1, targ=u2, tok=u1_token)
+ self.helper.join(room, user=u2, tok=u2_token)
+
+ # Check we have populated the database correctly.
+ shares_private = self.get_users_who_share_private_rooms()
+ public_users = self.get_users_in_public_rooms()
+
+ self.assertEqual(
+ self._compress_shared(shares_private), set([(u1, u2, room), (u2, u1, room)])
+ )
+ self.assertEqual(public_users, [])
+
+ # We get one search result when searching for user2 by user1.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 1)
+
+ # Configure a spam checker that does not filter any users.
+ spam_checker = self.hs.get_spam_checker()
+
+ class AllowAll(object):
+ def check_username_for_spam(self, user_profile):
+ # Allow all users.
+ return False
+
+ spam_checker.spam_checker = AllowAll()
+
+ # The results do not change:
+ # We get one search result when searching for user2 by user1.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 1)
+
+ # Configure a spam checker that filters all users.
+ class BlockAll(object):
+ def check_username_for_spam(self, user_profile):
+ # All users are spammy.
+ return True
+
+ spam_checker.spam_checker = BlockAll()
+
+ # User1 now gets no search results for any of the other users.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 0)
+
+ def test_legacy_spam_checker(self):
+ """
+ A spam checker without the expected method should be ignored.
+ """
+ u1 = self.register_user("user1", "pass")
+ u1_token = self.login(u1, "pass")
+ u2 = self.register_user("user2", "pass")
+ u2_token = self.login(u2, "pass")
+
+ # We do not add users to the directory until they join a room.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 0)
+
+ room = self.helper.create_room_as(u1, is_public=False, tok=u1_token)
+ self.helper.invite(room, src=u1, targ=u2, tok=u1_token)
+ self.helper.join(room, user=u2, tok=u2_token)
+
+ # Check we have populated the database correctly.
+ shares_private = self.get_users_who_share_private_rooms()
+ public_users = self.get_users_in_public_rooms()
+
+ self.assertEqual(
+ self._compress_shared(shares_private), set([(u1, u2, room), (u2, u1, room)])
+ )
+ self.assertEqual(public_users, [])
+
+ # Configure a spam checker.
+ spam_checker = self.hs.get_spam_checker()
+ # The spam checker doesn't need any methods, so create a bare object.
+ spam_checker.spam_checker = object()
+
+ # We get one search result when searching for user2 by user1.
+ s = self.get_success(self.handler.search_users(u1, "user2", 10))
+ self.assertEqual(len(s["results"]), 1)
+
def _compress_shared(self, shared):
"""
Compress a list of users who share rooms dicts to a list of tuples.
diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py
index e3af280ba6..fb681a1db9 100644
--- a/tests/rest/client/v1/test_rooms.py
+++ b/tests/rest/client/v1/test_rooms.py
@@ -1612,7 +1612,9 @@ class ContextTestCase(unittest.HomeserverTestCase):
def prepare(self, reactor, clock, homeserver):
self.user_id = self.register_user("user", "password")
self.tok = self.login("user", "password")
- self.room_id = self.helper.create_room_as(self.user_id, tok=self.tok)
+ self.room_id = self.helper.create_room_as(
+ self.user_id, tok=self.tok, is_public=False
+ )
self.other_user_id = self.register_user("user2", "password")
self.other_tok = self.login("user2", "password")
diff --git a/tox.ini b/tox.ini
index f8229eba88..b9132a3177 100644
--- a/tox.ini
+++ b/tox.ini
@@ -179,6 +179,7 @@ extras = all
commands = mypy \
synapse/api \
synapse/config/ \
+ synapse/events/spamcheck.py \
synapse/federation/sender \
synapse/federation/transport \
synapse/handlers/sync.py \
|
