From 1591eddaea779d2805afb1acc102630a8e580f0d Mon Sep 17 00:00:00 2001 From: Caleb James DeLisle Date: Fri, 23 Jun 2017 13:01:04 +0200 Subject: [PATCH] Add configuration parameter to allow redaction of content from push messages for google/apple devices --- synapse/config/homeserver.py | 3 ++- synapse/config/pushconfig.py | 40 ++++++++++++++++++++++++++++++++++++ synapse/push/httppusher.py | 2 +- 3 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 synapse/config/pushconfig.py diff --git a/synapse/config/homeserver.py b/synapse/config/homeserver.py index 0f890fc04..327c7e4fc 100644 --- a/synapse/config/homeserver.py +++ b/synapse/config/homeserver.py @@ -33,6 +33,7 @@ from .jwt import JWTConfig from .password_auth_providers import PasswordAuthProviderConfig from .emailconfig import EmailConfig from .workers import WorkerConfig +from .pushconfig import PushConfig class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig, @@ -40,7 +41,7 @@ class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig, VoipConfig, RegistrationConfig, MetricsConfig, ApiConfig, AppServiceConfig, KeyConfig, SAML2Config, CasConfig, JWTConfig, PasswordConfig, EmailConfig, - WorkerConfig, PasswordAuthProviderConfig,): + WorkerConfig, PasswordAuthProviderConfig, PushConfig,): pass diff --git a/synapse/config/pushconfig.py b/synapse/config/pushconfig.py new file mode 100644 index 000000000..afe8aba0a --- /dev/null +++ b/synapse/config/pushconfig.py @@ -0,0 +1,40 @@ +# -*- coding: utf-8 -*- +# Copyright 2015, 2016 OpenMarket Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file can't be called email.py because if it is, we cannot: +import email.utils + +from ._base import Config + + +class PushConfig(Config): + def read_config(self, config): + self.push_redact_content = False + + push_config = config.get("email", {}) + self.push_redact_content = push_config.get("redact_content", False) + + def default_config(self, config_dir_path, server_name, **kwargs): + return """ + # Control how push messages are sent to google/apple to notifications. + # Normally every message is posted to a push server hosted by matrix.org + # which is registered with google and apple in order to allow push + # notifications to be sent to mobile devices. + # Setting redact_content to true will make the push messages contain no + # message content which will provide increased privacy. + # + #push: + # redact_content: false + """ diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py index c0f8176e3..f3f872895 100644 --- a/synapse/push/httppusher.py +++ b/synapse/push/httppusher.py @@ -275,7 +275,7 @@ class HttpPusher(object): if event.type == 'm.room.member': d['notification']['membership'] = event.content['membership'] d['notification']['user_is_target'] = event.state_key == self.user_id - if 'content' in event: + if not hs.config.push_redact_content and 'content' in event: d['notification']['content'] = event.content # We no longer send aliases separately, instead, we send the human