Merge pull request #3708 from matrix-org/neilj/resource_Limit_block_event_creation

Neilj/resource limit block event creation
This commit is contained in:
Neil Johnson 2018-08-17 12:42:59 +00:00 committed by GitHub
commit a2d872e7b3
7 changed files with 29 additions and 3 deletions

1
changelog.d/3708.feature Normal file
View File

@ -0,0 +1 @@
For resource limit blocked users, prevent writing into rooms

View File

@ -799,7 +799,7 @@ class Auth(object):
current_mau = yield self.store.get_monthly_active_count() current_mau = yield self.store.get_monthly_active_count()
if current_mau >= self.hs.config.max_mau_value: if current_mau >= self.hs.config.max_mau_value:
raise AuthError( raise AuthError(
403, "Monthly Active User Limits AU Limit Exceeded", 403, "Monthly Active User Limit Exceeded",
admin_uri=self.hs.config.admin_uri, admin_uri=self.hs.config.admin_uri,
errcode=Codes.RESOURCE_LIMIT_EXCEED errcode=Codes.RESOURCE_LIMIT_EXCEED
) )

View File

@ -525,6 +525,7 @@ def run(hs):
clock.looping_call( clock.looping_call(
hs.get_datastore().reap_monthly_active_users, 1000 * 60 * 60 hs.get_datastore().reap_monthly_active_users, 1000 * 60 * 60
) )
hs.get_datastore().reap_monthly_active_users()
@defer.inlineCallbacks @defer.inlineCallbacks
def generate_monthly_active_users(): def generate_monthly_active_users():

View File

@ -276,10 +276,14 @@ class EventCreationHandler(object):
where *hashes* is a map from algorithm to hash. where *hashes* is a map from algorithm to hash.
If None, they will be requested from the database. If None, they will be requested from the database.
Raises:
ResourceLimitError if server is blocked to some resource being
exceeded
Returns: Returns:
Tuple of created event (FrozenEvent), Context Tuple of created event (FrozenEvent), Context
""" """
yield self.auth.check_auth_blocking(requester.user.to_string())
builder = self.event_builder_factory.new(event_dict) builder = self.event_builder_factory.new(event_dict)
self.validator.validate_new(builder) self.validator.validate_new(builder)

View File

@ -98,9 +98,13 @@ class RoomCreationHandler(BaseHandler):
Raises: Raises:
SynapseError if the room ID couldn't be stored, or something went SynapseError if the room ID couldn't be stored, or something went
horribly wrong. horribly wrong.
ResourceLimitError if server is blocked to some resource being
exceeded
""" """
user_id = requester.user.to_string() user_id = requester.user.to_string()
self.auth.check_auth_blocking(user_id)
if not self.spam_checker.user_may_create_room(user_id): if not self.spam_checker.user_may_create_room(user_id):
raise SynapseError(403, "You are not permitted to create rooms") raise SynapseError(403, "You are not permitted to create rooms")

View File

@ -96,7 +96,10 @@ class MonthlyActiveUsersStore(SQLBaseStore):
# While Postgres does not require 'LIMIT', but also does not support # While Postgres does not require 'LIMIT', but also does not support
# negative LIMIT values. So there is no way to write it that both can # negative LIMIT values. So there is no way to write it that both can
# support # support
query_args = [self.hs.config.max_mau_value] safe_guard = self.hs.config.max_mau_value - len(self.reserved_users)
# Must be greater than zero for postgres
safe_guard = safe_guard if safe_guard > 0 else 0
query_args = [safe_guard]
base_sql = """ base_sql = """
DELETE FROM monthly_active_users DELETE FROM monthly_active_users

View File

@ -75,6 +75,19 @@ class MonthlyActiveUsersTestCase(tests.unittest.TestCase):
active_count = yield self.store.get_monthly_active_count() active_count = yield self.store.get_monthly_active_count()
self.assertEquals(active_count, user_num) self.assertEquals(active_count, user_num)
# Test that regalar users are removed from the db
ru_count = 2
yield self.store.upsert_monthly_active_user("@ru1:server")
yield self.store.upsert_monthly_active_user("@ru2:server")
active_count = yield self.store.get_monthly_active_count()
self.assertEqual(active_count, user_num + ru_count)
self.hs.config.max_mau_value = user_num
yield self.store.reap_monthly_active_users()
active_count = yield self.store.get_monthly_active_count()
self.assertEquals(active_count, user_num)
@defer.inlineCallbacks @defer.inlineCallbacks
def test_can_insert_and_count_mau(self): def test_can_insert_and_count_mau(self):
count = yield self.store.get_monthly_active_count() count = yield self.store.get_monthly_active_count()