diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 345a3e0ecd..587fbfbe86 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -255,7 +255,7 @@ class EventCreationHandler(object):
@defer.inlineCallbacks
def create_event(self, requester, event_dict, token_id=None, txn_id=None,
- prev_events_and_hashes=None):
+ prev_events_and_hashes=None, require_consent=True):
"""
Given a dict from a client, create a new event.
@@ -276,6 +276,9 @@ class EventCreationHandler(object):
where *hashes* is a map from algorithm to hash.
If None, they will be requested from the database.
+
+ require_consent (bool): Whether to check if the requester has
+ consented to privacy policy.
Raises:
ResourceLimitError if server is blocked to some resource being
exceeded
@@ -317,7 +320,7 @@ class EventCreationHandler(object):
)
is_exempt = yield self._is_exempt_from_privacy_policy(builder, requester)
- if not is_exempt:
+ if require_consent and not is_exempt:
yield self.assert_accepted_privacy_policy(requester)
if token_id is not None:
@@ -388,17 +391,6 @@ class EventCreationHandler(object):
if self._block_events_without_consent_error is None:
return
- # exempt AS users from needing consent
- if requester.app_service is not None:
- return
-
- # Check if the user has accepted the privacy policy. We only do this if
- # the requester has an associated access_token_id, which indicates that
- # this action came from a user request rather than an automatice server
- # or admin action.
- if requester.access_token_id is None:
- return
-
user_id = requester.user.to_string()
# exempt the system notices user
|
