summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
Diffstat (limited to 'synapse')
-rw-r--r--synapse/config/registration.py16
-rw-r--r--synapse/handlers/profile.py8
-rw-r--r--synapse/rest/client/v2_alpha/account.py18
3 files changed, 24 insertions, 18 deletions
diff --git a/synapse/config/registration.py b/synapse/config/registration.py
index 1abc0a79af..d4897ec9b6 100644
--- a/synapse/config/registration.py
+++ b/synapse/config/registration.py
@@ -129,9 +129,9 @@ class RegistrationConfig(Config):
                 raise ConfigError("Invalid auto_join_rooms entry %s" % (room_alias,))
         self.autocreate_auto_join_rooms = config.get("autocreate_auto_join_rooms", True)
 
-        self.disable_set_displayname = config.get("disable_set_displayname", False)
-        self.disable_set_avatar_url = config.get("disable_set_avatar_url", False)
-        self.disable_3pid_changes = config.get("disable_3pid_changes", False)
+        self.enable_set_displayname = config.get("enable_set_displayname", True)
+        self.enable_set_avatar_url = config.get("enable_set_avatar_url", True)
+        self.enable_3pid_changes = config.get("enable_3pid_changes", True)
 
         self.disable_msisdn_registration = config.get(
             "disable_msisdn_registration", False
@@ -334,18 +334,18 @@ class RegistrationConfig(Config):
             #email: https://example.com     # Delegate email sending to example.com
             #msisdn: http://localhost:8090  # Delegate SMS sending to this local process
 
-        # If enabled, don't let users set their own display names/avatars
+        # If disabled, don't let users set their own display names/avatars
         # other than for the very first time (unless they are a server admin).
         # Useful when provisioning users based on the contents of a 3rd party
         # directory and to avoid ambiguities.
         #
-        #disable_set_displayname: false
-        #disable_set_avatar_url: false
+        #enable_set_displayname: true
+        #enable_set_avatar_url: true
 
-        # If true, stop users from trying to change the 3PIDs associated with
+        # If false, stop users from trying to change the 3PIDs associated with
         # their accounts.
         #
-        #disable_3pid_changes: false
+        #enable_3pid_changes: true
 
         # Users who register on this homeserver will automatically be joined
         # to these rooms
diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py
index b049dd8e26..eb85dba015 100644
--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@@ -157,11 +157,11 @@ class BaseProfileHandler(BaseHandler):
         if not by_admin and target_user != requester.user:
             raise AuthError(400, "Cannot set another user's displayname")
 
-        if not by_admin and self.hs.config.disable_set_displayname:
+        if not by_admin and not self.hs.config.enable_set_displayname:
             profile = yield self.store.get_profileinfo(target_user.localpart)
             if profile.display_name:
                 raise SynapseError(
-                    400, "Changing displayname is disabled on this server"
+                    400, "Changing display name is disabled on this server", Codes.FORBIDDEN
                 )
 
         if len(new_displayname) > MAX_DISPLAYNAME_LEN:
@@ -225,11 +225,11 @@ class BaseProfileHandler(BaseHandler):
         if not by_admin and target_user != requester.user:
             raise AuthError(400, "Cannot set another user's avatar_url")
 
-        if not by_admin and self.hs.config.disable_set_avatar_url:
+        if not by_admin and not self.hs.config.enable_set_avatar_url:
             profile = yield self.store.get_profileinfo(target_user.localpart)
             if profile.avatar_url:
                 raise SynapseError(
-                    400, "Changing avatar url is disabled on this server"
+                    400, "Changing avatar is disabled on this server", Codes.FORBIDDEN
                 )
 
         if len(new_avatar_url) > MAX_AVATAR_URL_LEN:
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
index 97bddf36d9..e40136f2f3 100644
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@@ -599,8 +599,10 @@ class ThreepidRestServlet(RestServlet):
         return 200, {"threepids": threepids}
 
     async def on_POST(self, request):
-        if self.hs.config.disable_3pid_changes:
-            raise SynapseError(400, "3PID changes disabled on this server")
+        if not self.hs.config.enable_3pid_changes:
+            raise SynapseError(
+                400, "3PID changes are disabled on this server", Codes.FORBIDDEN
+            )
 
         requester = await self.auth.get_user_by_req(request)
         user_id = requester.user.to_string()
@@ -646,8 +648,10 @@ class ThreepidAddRestServlet(RestServlet):
 
     @interactive_auth_handler
     async def on_POST(self, request):
-        if self.hs.config.disable_3pid_changes:
-            raise SynapseError(400, "3PID changes disabled on this server")
+        if not self.hs.config.enable_3pid_changes:
+            raise SynapseError(
+                400, "3PID changes are disabled on this server", Codes.FORBIDDEN
+            )
 
         requester = await self.auth.get_user_by_req(request)
         user_id = requester.user.to_string()
@@ -749,8 +753,10 @@ class ThreepidDeleteRestServlet(RestServlet):
         self.auth_handler = hs.get_auth_handler()
 
     async def on_POST(self, request):
-        if self.hs.config.disable_3pid_changes:
-            raise SynapseError(400, "3PID changes disabled on this server")
+        if not self.hs.config.enable_3pid_changes:
+            raise SynapseError(
+                400, "3PID changes are disabled on this server", Codes.FORBIDDEN
+            )
 
         body = parse_json_object_from_request(request)
         assert_params_in_dict(body, ["medium", "address"])