2014-08-12 10:10:52 -04:00
|
|
|
# -*- coding: utf-8 -*-
|
2016-01-06 23:26:29 -05:00
|
|
|
# Copyright 2014-2016 OpenMarket Ltd
|
2014-08-12 10:10:52 -04:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
2014-08-12 22:14:34 -04:00
|
|
|
|
2016-07-26 11:46:53 -04:00
|
|
|
import logging
|
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
from twisted.internet import defer
|
|
|
|
|
2018-08-03 14:08:05 -04:00
|
|
|
from synapse.api.errors import (
|
|
|
|
AuthError,
|
|
|
|
CodeMessageException,
|
|
|
|
Codes,
|
|
|
|
StoreError,
|
|
|
|
SynapseError,
|
|
|
|
)
|
2018-07-25 05:34:48 -04:00
|
|
|
from synapse.metrics.background_process_metrics import run_as_background_process
|
2017-08-25 06:21:34 -04:00
|
|
|
from synapse.types import UserID, get_domain_from_id
|
2018-07-09 02:09:20 -04:00
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
from ._base import BaseHandler
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
2018-08-22 05:13:40 -04:00
|
|
|
class BaseProfileHandler(BaseHandler):
|
|
|
|
"""Handles fetching and updating user profile information.
|
|
|
|
|
|
|
|
BaseProfileHandler can be instantiated directly on workers and will
|
|
|
|
delegate to master when necessary. The master process should use the
|
|
|
|
subclass MasterProfileHandler
|
|
|
|
"""
|
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
def __init__(self, hs):
|
2018-08-22 05:13:40 -04:00
|
|
|
super(BaseProfileHandler, self).__init__(hs)
|
2017-08-25 06:21:34 -04:00
|
|
|
|
2018-03-13 09:26:52 -04:00
|
|
|
self.federation = hs.get_federation_client()
|
2018-03-12 12:17:08 -04:00
|
|
|
hs.get_federation_registry().register_query_handler(
|
2014-08-13 12:12:50 -04:00
|
|
|
"profile", self.on_profile_query
|
|
|
|
)
|
2014-08-12 10:10:52 -04:00
|
|
|
|
2017-11-29 13:27:05 -05:00
|
|
|
self.user_directory_handler = hs.get_user_directory_handler()
|
|
|
|
|
2017-08-25 06:21:34 -04:00
|
|
|
@defer.inlineCallbacks
|
|
|
|
def get_profile(self, user_id):
|
|
|
|
target_user = UserID.from_string(user_id)
|
2019-05-08 13:26:56 -04:00
|
|
|
|
2017-08-25 06:21:34 -04:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 14:08:05 -04:00
|
|
|
try:
|
|
|
|
displayname = yield self.store.get_profile_displayname(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
avatar_url = yield self.store.get_profile_avatar_url(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2017-08-25 06:21:34 -04:00
|
|
|
|
|
|
|
defer.returnValue({
|
|
|
|
"displayname": displayname,
|
|
|
|
"avatar_url": avatar_url,
|
|
|
|
})
|
|
|
|
else:
|
|
|
|
try:
|
|
|
|
result = yield self.federation.make_query(
|
|
|
|
destination=target_user.domain,
|
|
|
|
query_type="profile",
|
|
|
|
args={
|
|
|
|
"user_id": user_id,
|
|
|
|
},
|
|
|
|
ignore_backoff=True,
|
|
|
|
)
|
|
|
|
defer.returnValue(result)
|
|
|
|
except CodeMessageException as e:
|
|
|
|
if e.code != 404:
|
|
|
|
logger.exception("Failed to get displayname")
|
|
|
|
raise
|
|
|
|
|
2017-08-25 11:23:58 -04:00
|
|
|
@defer.inlineCallbacks
|
|
|
|
def get_profile_from_cache(self, user_id):
|
|
|
|
"""Get the profile information from our local cache. If the user is
|
|
|
|
ours then the profile information will always be corect. Otherwise,
|
|
|
|
it may be out of date/missing.
|
|
|
|
"""
|
|
|
|
target_user = UserID.from_string(user_id)
|
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 14:08:05 -04:00
|
|
|
try:
|
|
|
|
displayname = yield self.store.get_profile_displayname(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
avatar_url = yield self.store.get_profile_avatar_url(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2017-08-25 11:23:58 -04:00
|
|
|
|
|
|
|
defer.returnValue({
|
|
|
|
"displayname": displayname,
|
|
|
|
"avatar_url": avatar_url,
|
|
|
|
})
|
|
|
|
else:
|
|
|
|
profile = yield self.store.get_from_remote_profile_cache(user_id)
|
|
|
|
defer.returnValue(profile or {})
|
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
@defer.inlineCallbacks
|
2014-08-13 12:14:42 -04:00
|
|
|
def get_displayname(self, target_user):
|
2014-12-02 05:42:28 -05:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 14:08:05 -04:00
|
|
|
try:
|
|
|
|
displayname = yield self.store.get_profile_displayname(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2014-08-12 10:10:52 -04:00
|
|
|
|
|
|
|
defer.returnValue(displayname)
|
2014-08-13 12:14:42 -04:00
|
|
|
else:
|
2014-08-12 10:10:52 -04:00
|
|
|
try:
|
2014-08-13 12:12:50 -04:00
|
|
|
result = yield self.federation.make_query(
|
2014-08-12 10:10:52 -04:00
|
|
|
destination=target_user.domain,
|
2014-08-13 12:12:50 -04:00
|
|
|
query_type="profile",
|
|
|
|
args={
|
|
|
|
"user_id": target_user.to_string(),
|
|
|
|
"field": "displayname",
|
2017-03-23 07:10:36 -04:00
|
|
|
},
|
|
|
|
ignore_backoff=True,
|
2014-08-12 10:10:52 -04:00
|
|
|
)
|
|
|
|
except CodeMessageException as e:
|
|
|
|
if e.code != 404:
|
|
|
|
logger.exception("Failed to get displayname")
|
|
|
|
raise
|
2018-10-03 06:34:30 -04:00
|
|
|
|
|
|
|
defer.returnValue(result["displayname"])
|
2014-08-12 10:10:52 -04:00
|
|
|
|
|
|
|
@defer.inlineCallbacks
|
2016-10-04 16:30:51 -04:00
|
|
|
def set_displayname(self, target_user, requester, new_displayname, by_admin=False):
|
2019-03-26 13:48:30 -04:00
|
|
|
"""Set the displayname of a user
|
|
|
|
|
|
|
|
Args:
|
|
|
|
target_user (UserID): the user whose displayname is to be changed.
|
|
|
|
requester (Requester): The user attempting to make this change.
|
|
|
|
new_displayname (str): The displayname to give this user.
|
|
|
|
by_admin (bool): Whether this change was made by an administrator.
|
|
|
|
"""
|
2014-12-02 05:42:28 -05:00
|
|
|
if not self.hs.is_mine(target_user):
|
2014-08-12 10:10:52 -04:00
|
|
|
raise SynapseError(400, "User is not hosted on this Home Server")
|
|
|
|
|
2016-10-04 16:30:51 -04:00
|
|
|
if not by_admin and target_user != requester.user:
|
2014-08-12 10:10:52 -04:00
|
|
|
raise AuthError(400, "Cannot set another user's displayname")
|
|
|
|
|
2015-05-14 09:19:10 -04:00
|
|
|
if new_displayname == '':
|
|
|
|
new_displayname = None
|
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
yield self.store.set_profile_displayname(
|
|
|
|
target_user.localpart, new_displayname
|
|
|
|
)
|
|
|
|
|
2017-12-04 09:58:39 -05:00
|
|
|
if self.hs.config.user_directory_search_all_users:
|
2018-08-17 10:24:16 -04:00
|
|
|
profile = yield self.store.get_profileinfo(target_user.localpart)
|
|
|
|
yield self.user_directory_handler.handle_local_profile_change(
|
|
|
|
target_user.to_string(), profile
|
|
|
|
)
|
2017-11-29 13:27:05 -05:00
|
|
|
|
2017-11-03 13:25:04 -04:00
|
|
|
yield self._update_join_states(requester, target_user)
|
2014-09-17 10:05:09 -04:00
|
|
|
|
2014-08-12 10:10:52 -04:00
|
|
|
@defer.inlineCallbacks
|
2014-08-13 12:14:42 -04:00
|
|
|
def get_avatar_url(self, target_user):
|
2014-12-02 05:42:28 -05:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 14:08:05 -04:00
|
|
|
try:
|
|
|
|
avatar_url = yield self.store.get_profile_avatar_url(
|
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2014-08-12 10:10:52 -04:00
|
|
|
defer.returnValue(avatar_url)
|
2014-08-13 12:14:42 -04:00
|
|
|
else:
|
2014-08-12 10:10:52 -04:00
|
|
|
try:
|
2014-08-13 12:12:50 -04:00
|
|
|
result = yield self.federation.make_query(
|
|
|
|
destination=target_user.domain,
|
|
|
|
query_type="profile",
|
|
|
|
args={
|
|
|
|
"user_id": target_user.to_string(),
|
|
|
|
"field": "avatar_url",
|
2017-03-23 07:10:36 -04:00
|
|
|
},
|
|
|
|
ignore_backoff=True,
|
2014-08-12 10:10:52 -04:00
|
|
|
)
|
|
|
|
except CodeMessageException as e:
|
|
|
|
if e.code != 404:
|
|
|
|
logger.exception("Failed to get avatar_url")
|
|
|
|
raise
|
|
|
|
|
|
|
|
defer.returnValue(result["avatar_url"])
|
|
|
|
|
|
|
|
@defer.inlineCallbacks
|
2016-10-04 16:30:51 -04:00
|
|
|
def set_avatar_url(self, target_user, requester, new_avatar_url, by_admin=False):
|
2014-08-12 10:10:52 -04:00
|
|
|
"""target_user is the user whose avatar_url is to be changed;
|
|
|
|
auth_user is the user attempting to make this change."""
|
2014-12-02 05:42:28 -05:00
|
|
|
if not self.hs.is_mine(target_user):
|
2014-08-12 10:10:52 -04:00
|
|
|
raise SynapseError(400, "User is not hosted on this Home Server")
|
|
|
|
|
2016-10-04 16:30:51 -04:00
|
|
|
if not by_admin and target_user != requester.user:
|
2014-08-12 10:10:52 -04:00
|
|
|
raise AuthError(400, "Cannot set another user's avatar_url")
|
|
|
|
|
|
|
|
yield self.store.set_profile_avatar_url(
|
|
|
|
target_user.localpart, new_avatar_url
|
|
|
|
)
|
|
|
|
|
2018-08-17 10:24:16 -04:00
|
|
|
if self.hs.config.user_directory_search_all_users:
|
2017-11-29 13:27:05 -05:00
|
|
|
profile = yield self.store.get_profileinfo(target_user.localpart)
|
|
|
|
yield self.user_directory_handler.handle_local_profile_change(
|
2017-12-04 10:11:38 -05:00
|
|
|
target_user.to_string(), profile
|
2017-11-29 13:27:05 -05:00
|
|
|
)
|
|
|
|
|
2017-11-03 13:25:04 -04:00
|
|
|
yield self._update_join_states(requester, target_user)
|
2014-09-17 10:05:09 -04:00
|
|
|
|
2014-08-13 12:12:50 -04:00
|
|
|
@defer.inlineCallbacks
|
|
|
|
def on_profile_query(self, args):
|
2015-01-23 06:47:15 -05:00
|
|
|
user = UserID.from_string(args["user_id"])
|
2014-12-02 05:42:28 -05:00
|
|
|
if not self.hs.is_mine(user):
|
2014-08-13 12:12:50 -04:00
|
|
|
raise SynapseError(400, "User is not hosted on this Home Server")
|
|
|
|
|
|
|
|
just_field = args.get("field", None)
|
|
|
|
|
|
|
|
response = {}
|
2018-08-03 14:08:05 -04:00
|
|
|
try:
|
|
|
|
if just_field is None or just_field == "displayname":
|
|
|
|
response["displayname"] = yield self.store.get_profile_displayname(
|
|
|
|
user.localpart
|
|
|
|
)
|
2014-08-13 12:12:50 -04:00
|
|
|
|
2018-08-03 14:08:05 -04:00
|
|
|
if just_field is None or just_field == "avatar_url":
|
|
|
|
response["avatar_url"] = yield self.store.get_profile_avatar_url(
|
|
|
|
user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2014-08-13 12:12:50 -04:00
|
|
|
|
|
|
|
defer.returnValue(response)
|
2014-09-17 10:05:09 -04:00
|
|
|
|
|
|
|
@defer.inlineCallbacks
|
2017-11-03 13:25:04 -04:00
|
|
|
def _update_join_states(self, requester, target_user):
|
|
|
|
if not self.hs.is_mine(target_user):
|
2014-09-17 10:05:09 -04:00
|
|
|
return
|
|
|
|
|
2017-08-25 09:45:20 -04:00
|
|
|
yield self.ratelimit(requester)
|
2014-12-19 12:36:33 -05:00
|
|
|
|
2017-03-16 07:51:46 -04:00
|
|
|
room_ids = yield self.store.get_rooms_for_user(
|
2017-11-03 13:25:04 -04:00
|
|
|
target_user.to_string(),
|
2014-09-17 10:05:09 -04:00
|
|
|
)
|
|
|
|
|
2017-03-16 07:51:46 -04:00
|
|
|
for room_id in room_ids:
|
2018-03-01 05:54:37 -05:00
|
|
|
handler = self.hs.get_room_member_handler()
|
2015-03-06 11:24:05 -05:00
|
|
|
try:
|
2017-11-03 13:25:04 -04:00
|
|
|
# Assume the target_user isn't a guest,
|
|
|
|
# because we don't let guests set profile or avatar data.
|
2016-02-15 12:14:34 -05:00
|
|
|
yield handler.update_membership(
|
|
|
|
requester,
|
2017-11-03 13:25:04 -04:00
|
|
|
target_user,
|
2017-03-16 07:51:46 -04:00
|
|
|
room_id,
|
2016-02-15 12:14:34 -05:00
|
|
|
"join", # We treat a profile update like a join.
|
2016-02-16 06:52:46 -05:00
|
|
|
ratelimit=False, # Try to hide that these events aren't atomic.
|
2016-02-15 12:14:34 -05:00
|
|
|
)
|
2015-03-06 11:24:05 -05:00
|
|
|
except Exception as e:
|
|
|
|
logger.warn(
|
|
|
|
"Failed to update join event for room %s - %s",
|
2018-09-27 07:38:50 -04:00
|
|
|
room_id, str(e)
|
2015-03-06 11:24:05 -05:00
|
|
|
)
|
2017-08-25 06:21:34 -04:00
|
|
|
|
2019-05-08 13:26:56 -04:00
|
|
|
@defer.inlineCallbacks
|
|
|
|
def check_profile_query_allowed(self, target_user, requester=None):
|
|
|
|
"""Checks whether a profile query is allowed. If the
|
|
|
|
'require_auth_for_profile_requests' config flag is set to True and a
|
|
|
|
'requester' is provided, the query is only allowed if the two users
|
|
|
|
share a room.
|
|
|
|
|
|
|
|
Args:
|
|
|
|
target_user (UserID): The owner of the queried profile.
|
|
|
|
requester (None|UserID): The user querying for the profile.
|
|
|
|
|
|
|
|
Raises:
|
|
|
|
SynapseError(403): The two users share no room, or ne user couldn't
|
|
|
|
be found to be in any room the server is in, and therefore the query
|
|
|
|
is denied.
|
|
|
|
"""
|
|
|
|
# Implementation of MSC1301: don't allow looking up profiles if the
|
|
|
|
# requester isn't in the same room as the target. We expect requester to
|
|
|
|
# be None when this function is called outside of a profile query, e.g.
|
|
|
|
# when building a membership event. In this case, we must allow the
|
|
|
|
# lookup.
|
|
|
|
if not self.hs.config.require_auth_for_profile_requests or not requester:
|
|
|
|
return
|
|
|
|
|
|
|
|
try:
|
|
|
|
requester_rooms = yield self.store.get_rooms_for_user(
|
|
|
|
requester.to_string()
|
|
|
|
)
|
|
|
|
target_user_rooms = yield self.store.get_rooms_for_user(
|
|
|
|
target_user.to_string(),
|
|
|
|
)
|
|
|
|
|
|
|
|
# Check if the room lists have no elements in common.
|
|
|
|
if requester_rooms.isdisjoint(target_user_rooms):
|
|
|
|
raise SynapseError(403, "Profile isn't available", Codes.FORBIDDEN)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
# This likely means that one of the users doesn't exist,
|
|
|
|
# so we act as if we couldn't find the profile.
|
|
|
|
raise SynapseError(403, "Profile isn't available", Codes.FORBIDDEN)
|
|
|
|
raise
|
|
|
|
|
2018-08-17 06:43:16 -04:00
|
|
|
|
2018-08-22 05:13:40 -04:00
|
|
|
class MasterProfileHandler(BaseProfileHandler):
|
2018-08-17 06:43:16 -04:00
|
|
|
PROFILE_UPDATE_MS = 60 * 1000
|
|
|
|
PROFILE_UPDATE_EVERY_MS = 24 * 60 * 60 * 1000
|
|
|
|
|
|
|
|
def __init__(self, hs):
|
|
|
|
super(MasterProfileHandler, self).__init__(hs)
|
|
|
|
|
2018-08-22 05:11:21 -04:00
|
|
|
assert hs.config.worker_app is None
|
|
|
|
|
2018-08-17 06:43:16 -04:00
|
|
|
self.clock.looping_call(
|
|
|
|
self._start_update_remote_profile_cache, self.PROFILE_UPDATE_MS,
|
|
|
|
)
|
|
|
|
|
2018-07-25 05:34:48 -04:00
|
|
|
def _start_update_remote_profile_cache(self):
|
2018-07-26 06:44:26 -04:00
|
|
|
return run_as_background_process(
|
2018-07-25 05:34:48 -04:00
|
|
|
"Update remote profile", self._update_remote_profile_cache,
|
|
|
|
)
|
|
|
|
|
|
|
|
@defer.inlineCallbacks
|
2017-08-25 06:21:34 -04:00
|
|
|
def _update_remote_profile_cache(self):
|
2017-08-25 09:45:20 -04:00
|
|
|
"""Called periodically to check profiles of remote users we haven't
|
2017-08-25 06:21:34 -04:00
|
|
|
checked in a while.
|
|
|
|
"""
|
|
|
|
entries = yield self.store.get_remote_profile_cache_entries_that_expire(
|
|
|
|
last_checked=self.clock.time_msec() - self.PROFILE_UPDATE_EVERY_MS
|
|
|
|
)
|
|
|
|
|
|
|
|
for user_id, displayname, avatar_url in entries:
|
2017-08-25 09:45:20 -04:00
|
|
|
is_subscribed = yield self.store.is_subscribed_remote_profile_for_user(
|
2017-08-25 06:21:34 -04:00
|
|
|
user_id,
|
|
|
|
)
|
2017-08-25 09:45:20 -04:00
|
|
|
if not is_subscribed:
|
2017-08-25 06:21:34 -04:00
|
|
|
yield self.store.maybe_delete_remote_profile_cache(user_id)
|
|
|
|
continue
|
|
|
|
|
|
|
|
try:
|
|
|
|
profile = yield self.federation.make_query(
|
|
|
|
destination=get_domain_from_id(user_id),
|
|
|
|
query_type="profile",
|
|
|
|
args={
|
|
|
|
"user_id": user_id,
|
|
|
|
},
|
|
|
|
ignore_backoff=True,
|
|
|
|
)
|
2017-10-23 10:52:32 -04:00
|
|
|
except Exception:
|
2017-08-25 06:21:34 -04:00
|
|
|
logger.exception("Failed to get avatar_url")
|
|
|
|
|
|
|
|
yield self.store.update_remote_profile_cache(
|
|
|
|
user_id, displayname, avatar_url
|
|
|
|
)
|
|
|
|
continue
|
|
|
|
|
|
|
|
new_name = profile.get("displayname")
|
|
|
|
new_avatar = profile.get("avatar_url")
|
|
|
|
|
|
|
|
# We always hit update to update the last_check timestamp
|
|
|
|
yield self.store.update_remote_profile_cache(
|
|
|
|
user_id, new_name, new_avatar
|
|
|
|
)
|