From 54ce81c86d163b883df67b97540426759a9f6363 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 11 Sep 2019 10:46:38 +0100
Subject: Allow use of different ratelimits for admin redactions.

This is useful to allow room admins to quickly deal with a large number
of abusive messages.
---
 synapse/config/ratelimiting.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'synapse/config/ratelimiting.py')

diff --git a/synapse/config/ratelimiting.py b/synapse/config/ratelimiting.py
index 33f31cf213..b4df6612d6 100644
--- a/synapse/config/ratelimiting.py
+++ b/synapse/config/ratelimiting.py
@@ -80,6 +80,12 @@ class RatelimitConfig(Config):
             "federation_rr_transactions_per_room_per_second", 50
         )
 
+        rc_admin_redaction = config.get("rc_admin_redaction")
+        if rc_admin_redaction:
+            self.rc_admin_redaction = RateLimitConfig(rc_admin_redaction)
+        else:
+            self.rc_admin_redaction = None
+
     def generate_config_section(self, **kwargs):
         return """\
         ## Ratelimiting ##
@@ -102,6 +108,9 @@ class RatelimitConfig(Config):
         #   - one for login that ratelimits login requests based on the account the
         #     client is attempting to log into, based on the amount of failed login
         #     attempts for this account.
+        #   - one for ratelimiting redactions by room admins. If this is not explicitly
+        #     set then it uses the same ratelimiting as per rc_message. This is useful
+        #     to allow room admins to quickly deal with abuse quickly.
         #
         # The defaults are as shown below.
         #
@@ -123,6 +132,10 @@ class RatelimitConfig(Config):
         #  failed_attempts:
         #    per_second: 0.17
         #    burst_count: 3
+        #
+        #rc_admin_redaction:
+        #  per_second: 1
+        #  burst_count: 50
 
 
         # Ratelimiting settings for incoming federation
-- 
cgit 1.4.1


From 57dd41a45b4df5d736e2f30d40926b60f367b500 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 11 Sep 2019 13:54:50 +0100
Subject: Fix comments

Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
---
 synapse/config/ratelimiting.py       | 2 +-
 synapse/handlers/_base.py            | 2 +-
 synapse/handlers/message.py          | 2 +-
 tests/rest/client/test_redactions.py | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'synapse/config/ratelimiting.py')

diff --git a/synapse/config/ratelimiting.py b/synapse/config/ratelimiting.py
index b4df6612d6..587e2862b7 100644
--- a/synapse/config/ratelimiting.py
+++ b/synapse/config/ratelimiting.py
@@ -110,7 +110,7 @@ class RatelimitConfig(Config):
         #     attempts for this account.
         #   - one for ratelimiting redactions by room admins. If this is not explicitly
         #     set then it uses the same ratelimiting as per rc_message. This is useful
-        #     to allow room admins to quickly deal with abuse quickly.
+        #     to allow room admins to deal with abuse quickly.
         #
         # The defaults are as shown below.
         #
diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index 853b72d8e7..d15c6282fb 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -105,7 +105,7 @@ class BaseHandler(object):
 
         if is_admin_redaction and self.hs.config.rc_admin_redaction:
             # If we have separate config for admin redactions we use a separate
-            # ratelimiter.
+            # ratelimiter
             allowed, time_allowed = self.admin_redaction_ratelimiter.can_do_action(
                 user_id,
                 time_now,
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index f975909416..1f8272784e 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -731,7 +731,7 @@ class EventCreationHandler(object):
         if ratelimit:
             # We check if this is a room admin redacting an event so that we
             # can apply different ratelimiting. We do this by simply checking
-            # its not a self-redaction (to avoid having to look up whether the
+            # it's not a self-redaction (to avoid having to look up whether the
             # user is actually admin or not).
             is_admin_redaction = False
             if event.type == EventTypes.Redaction:
diff --git a/tests/rest/client/test_redactions.py b/tests/rest/client/test_redactions.py
index 1b1e991c42..d2bcf256fa 100644
--- a/tests/rest/client/test_redactions.py
+++ b/tests/rest/client/test_redactions.py
@@ -197,8 +197,8 @@ class RedactionsTestCase(HomeserverTestCase):
             message_ids.append(b["event_id"])
             self.reactor.advance(10)  # To get around ratelimits
 
-        # as the moderator, send a bunch of redactions redaction
+        # as the moderator, send a bunch of redactions
         for msg_id in message_ids:
             # These should all succeed, even though this would be denied by
-            # standard message ratelimiter
+            # the standard message ratelimiter
             self._redact_event(self.mod_access_token, self.room_id, msg_id)
-- 
cgit 1.4.1