# -*- coding: utf-8 -*- # Copyright 2017 New Vector Ltd # Copyright 2019 The Matrix.org Foundation C.I.C. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. import inspect import logging from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple, Union from synapse.rest.media.v1._base import FileInfo from synapse.rest.media.v1.media_storage import ReadableFileWrapper from synapse.spam_checker_api import RegistrationBehaviour from synapse.types import Collection from synapse.util.async_helpers import maybe_awaitable if TYPE_CHECKING: import synapse.events import synapse.server logger = logging.getLogger(__name__) class SpamChecker: def __init__(self, hs: "synapse.server.HomeServer"): self.spam_checkers = [] # type: List[Any] api = hs.get_module_api() for module, config in hs.config.spam_checkers: # Older spam checkers don't accept the `api` argument, so we # try and detect support. spam_args = inspect.getfullargspec(module) if "api" in spam_args.args: self.spam_checkers.append(module(config=config, api=api)) else: self.spam_checkers.append(module(config=config)) async def check_event_for_spam( self, event: "synapse.events.EventBase" ) -> Union[bool, str]: """Checks if a given event is considered "spammy" by this server. If the server considers an event spammy, then it will be rejected if sent by a local user. If it is sent by a user on another server, then users receive a blank event. Args: event: the event to be checked Returns: True or a string if the event is spammy. If a string is returned it will be used as the error message returned to the user. """ for spam_checker in self.spam_checkers: if await maybe_awaitable(spam_checker.check_event_for_spam(event)): return True return False async def user_may_invite( self, inviter_userid: str, invitee_userid: Optional[str], third_party_invite: Optional[Dict], room_id: str, new_room: bool, published_room: bool, ) -> bool: """Checks if a given user may send an invite If this method returns false, the invite will be rejected. Args: inviter_userid: invitee_userid: The user ID of the invitee. Is None if this is a third party invite and the 3PID is not bound to a user ID. third_party_invite: If a third party invite then is a dict containing the medium and address of the invitee. room_id: new_room: Whether the user is being invited to the room as part of a room creation, if so the invitee would have been included in the call to `user_may_create_room`. published_room: Whether the room the user is being invited to has been published in the local homeserver's public room directory. Returns: True if the user may send an invite, otherwise False """ for spam_checker in self.spam_checkers: if ( await maybe_awaitable( spam_checker.user_may_invite( inviter_userid, invitee_userid, third_party_invite, room_id, new_room, published_room, ) ) is False ): return False return True async def user_may_create_room( self, userid: str, invite_list: List[str], third_party_invite_list: List[Dict], cloning: bool, ) -> bool: """Checks if a given user may create a room If this method returns false, the creation request will be rejected. Args: userid: The ID of the user attempting to create a room invite_list: List of user IDs that would be invited to the new room. third_party_invite_list: List of third party invites for the new room. cloning: Whether the user is cloning an existing room, e.g. upgrading a room. Returns: True if the user may create a room, otherwise False """ for spam_checker in self.spam_checkers: if ( await maybe_awaitable( spam_checker.user_may_create_room( userid, invite_list, third_party_invite_list, cloning ) ) is False ): return False return True async def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool: """Checks if a given user may create a room alias If this method returns false, the association request will be rejected. Args: userid: The ID of the user attempting to create a room alias room_alias: The alias to be created Returns: True if the user may create a room alias, otherwise False """ for spam_checker in self.spam_checkers: if ( await maybe_awaitable( spam_checker.user_may_create_room_alias(userid, room_alias) ) is False ): return False return True async def user_may_publish_room(self, userid: str, room_id: str) -> bool: """Checks if a given user may publish a room to the directory If this method returns false, the publish request will be rejected. Args: userid: The user ID attempting to publish the room room_id: The ID of the room that would be published Returns: True if the user may publish the room, otherwise False """ for spam_checker in self.spam_checkers: if ( await maybe_awaitable( spam_checker.user_may_publish_room(userid, room_id) ) is False ): return False return True def user_may_join_room(self, userid: str, room_id: str, is_invited: bool): """Checks if a given users is allowed to join a room. Not called when a user creates a room. Args: userid: room_id: is_invited: Whether the user is invited into the room Returns: bool: Whether the user may join the room """ for spam_checker in self.spam_checkers: if spam_checker.user_may_join_room(userid, room_id, is_invited) is False: return False return True async def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool: """Checks if a user ID or display name are considered "spammy" by this server. If the server considers a username spammy, then it will not be included in user directory results. Args: user_profile: The user information to check, it contains the keys: * user_id * display_name * avatar_url Returns: True if the user is spammy. """ for spam_checker in self.spam_checkers: # For backwards compatibility, only run if the method exists on the # spam checker checker = getattr(spam_checker, "check_username_for_spam", None) if checker: # Make a copy of the user profile object to ensure the spam checker # cannot modify it. if await maybe_awaitable(checker(user_profile.copy())): return True return False async def check_registration_for_spam( self, email_threepid: Optional[dict], username: Optional[str], request_info: Collection[Tuple[str, str]], auth_provider_id: Optional[str] = None, ) -> RegistrationBehaviour: """Checks if we should allow the given registration request. Args: email_threepid: The email threepid used for registering, if any username: The request user name, if any request_info: List of tuples of user agent and IP that were used during the registration process. auth_provider_id: The SSO IdP the user used, e.g "oidc", "saml", "cas". If any. Note this does not include users registered via a password provider. Returns: Enum for how the request should be handled """ for spam_checker in self.spam_checkers: # For backwards compatibility, only run if the method exists on the # spam checker checker = getattr(spam_checker, "check_registration_for_spam", None) if checker: # Provide auth_provider_id if the function supports it checker_args = inspect.signature(checker) if len(checker_args.parameters) == 4: d = checker( email_threepid, username, request_info, auth_provider_id, ) elif len(checker_args.parameters) == 3: d = checker(email_threepid, username, request_info) else: logger.error( "Invalid signature for %s.check_registration_for_spam. Denying registration", spam_checker.__module__, ) return RegistrationBehaviour.DENY behaviour = await maybe_awaitable(d) assert isinstance(behaviour, RegistrationBehaviour) if behaviour != RegistrationBehaviour.ALLOW: return behaviour return RegistrationBehaviour.ALLOW async def check_media_file_for_spam( self, file_wrapper: ReadableFileWrapper, file_info: FileInfo ) -> bool: """Checks if a piece of newly uploaded media should be blocked. This will be called for local uploads, downloads of remote media, each thumbnail generated for those, and web pages/images used for URL previews. Note that care should be taken to not do blocking IO operations in the main thread. For example, to get the contents of a file a module should do:: async def check_media_file_for_spam( self, file: ReadableFileWrapper, file_info: FileInfo ) -> bool: buffer = BytesIO() await file.write_chunks_to(buffer.write) if buffer.getvalue() == b"Hello World": return True return False Args: file: An object that allows reading the contents of the media. file_info: Metadata about the file. Returns: True if the media should be blocked or False if it should be allowed. """ for spam_checker in self.spam_checkers: # For backwards compatibility, only run if the method exists on the # spam checker checker = getattr(spam_checker, "check_media_file_for_spam", None) if checker: spam = await maybe_awaitable(checker(file_wrapper, file_info)) if spam: return True return False