anonymousland-synapse/tests/storage
David Robertson 4f00432ce1
Fix potential leak of per-room profiles when the user dir is rebuilt. (#10981)
There are two steps to rebuilding the user directory:

1. a scan over rooms, followed by
2. a scan over local users.

The former reads avatars and display names from the `room_memberships`
table and therefore contains potentially private avatars and
display names. The latter reads from the the `profiles` table which only
contains public data; moreover it will overwrite any private profiles
that the rooms scan may have written to the user directory. This means
that the rebuild could leak private user while the rebuild was in
progress, only to later cover up the leaks once the rebuild had completed.

This change skips over local users when writing user_directory rows
when scanning rooms. Doing so means that it'll take longer for a rebuild
to make local users searchable, which is unfortunate. I think a future
PR can improve this by swapping the order of the two steps above. (And
indeed there's more to do here, e.g. copying from `profiles` without
going via Python.)

Small tidy-ups while I'm here:

* Remove duplicated code from test_initial. This was meant to be pulled into `purge_and_rebuild_user_dir`.
* Move `is_public` before updating sharing tables. No functional change; it's still before the first read of `is_public`.
* Don't bother creating a set from dict keys. Slightly nicer and makes the code simpler.

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2021-10-05 18:35:25 +01:00
..
databases Populate rooms.creator field for easy lookup (#10697) 2021-09-01 16:27:58 +01:00
__init__.py Reference Matrix Home Server 2014-08-12 15:10:52 +01:00
test__base.py Remove various bits of compatibility code for Python <3.6 (#9879) 2021-04-27 13:13:07 +01:00
test_account_data.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_appservice.py Use direct references for configuration variables (part 4). (#10893) 2021-09-23 12:03:01 -04:00
test_background_update.py Use inline type hints in tests/ (#10350) 2021-07-13 11:52:58 +01:00
test_base.py update black to 21.6b0 (#10197) 2021-06-17 15:20:06 +01:00
test_cleanup_extrems.py Use direct references for some configuration variables (part 3) (#10885) 2021-09-23 07:13:34 -04:00
test_client_ips.py Fix error in get_user_ip_and_agents when fetching from the database (#10968) 2021-10-01 17:22:13 +01:00
test_database.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_devices.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_directory.py [pyupgrade] tests/ (#10347) 2021-07-13 11:43:15 +01:00
test_e2e_room_keys.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_end_to_end_keys.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_event_chain.py Flatten the synapse.rest.client package (#10600) 2021-08-17 11:57:58 +00:00
test_event_federation.py Prune inbound federation queues if they get too long (#10390) 2021-08-02 13:37:25 +00:00
test_event_metrics.py Fix (final) Bugbear violations (#9838) 2021-04-20 11:50:49 +01:00
test_event_push_actions.py Skip handling of push actions for outlier events (#10780) 2021-09-08 15:18:35 +01:00
test_events.py Flatten the synapse.rest.client package (#10600) 2021-08-17 11:57:58 +00:00
test_id_generators.py Use inline type hints in tests/ (#10350) 2021-07-13 11:52:58 +01:00
test_keys.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_main.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_monthly_active_users.py Use direct references for configuration variables (part 6). (#10916) 2021-09-29 06:44:15 -04:00
test_profile.py [pyupgrade] tests/ (#10347) 2021-07-13 11:43:15 +01:00
test_purge.py Flatten the synapse.rest.client package (#10600) 2021-08-17 11:57:58 +00:00
test_redaction.py Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
test_registration.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_room_search.py Treat "\u0000" as "\u0020" for the purposes of message search (message indexing) (#10820) 2021-09-22 08:25:26 -07:00
test_room.py [pyupgrade] tests/ (#10347) 2021-07-13 11:43:15 +01:00
test_roommember.py Flatten the synapse.rest.client package (#10600) 2021-08-17 11:57:58 +00:00
test_state.py Make StateFilter frozen so we can hash it (#10816) 2021-09-14 16:35:53 +01:00
test_transactions.py Don't hammer the database for destination retry timings every ~5mins (#10036) 2021-05-21 17:57:08 +01:00
test_txn_limit.py Fix codestyle CI from #10440 (#10511) 2021-08-02 15:50:22 +00:00
test_user_directory.py Fix potential leak of per-room profiles when the user dir is rebuilt. (#10981) 2021-10-05 18:35:25 +01:00