Add a spamchecker method to allow or deny 3pid invites (#10894)

This is in the context of creating new module callbacks that modules in https://github.com/matrix-org/synapse-dinsic can use, in an effort to reconcile the spam checker API in synapse-dinsic with the one in mainline. Note that a module callback already exists for 3pid invites (https://matrix-org.github.io/synapse/develop/modules/third_party_rules_callbacks.html#check_threepid_can_be_invited) but it doesn't check whether the sender of the invite is allowed to send it.
2025-08-03 09:16:02 -04:00 · 2021-10-06 17:18:13 +02:00 · 2021-10-06 17:18:13 +02:00 · 4e51621064
commit 4e51621064
parent f4b1a9a527
5 changed files with 153 additions and 0 deletions
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@ -1299,10 +1299,22 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
        if invitee:
            # Note that update_membership with an action of "invite" can raise
            # a ShadowBanError, but this was done above already.
+            # We don't check the invite against the spamchecker(s) here (through
+            # user_may_invite) because we'll do it further down the line anyway (in
+            # update_membership_locked).
            _, stream_id = await self.update_membership(
                requester, UserID.from_string(invitee), room_id, "invite", txn_id=txn_id
            )
        else:
+            # Check if the spamchecker(s) allow this invite to go through.
+            if not await self.spam_checker.user_may_send_3pid_invite(
+                inviter_userid=requester.user.to_string(),
+                medium=medium,
+                address=address,
+                room_id=room_id,
+            ):
+                raise SynapseError(403, "Cannot send threepid invite")
+
            stream_id = await self._make_and_store_3pid_invite(
                requester,
                id_server,