Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-10-01 01:36:05 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dinsic' into matthew/derive-mxid-from-3pid

Browse Source
This commit is contained in:
Matthew Hodgson 2018-05-03 23:39:08 +01:00
commit 383c4ae59c
3 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
synapse/config/registration.py
View File

@ -37,6 +37,9 @@ class RegistrationConfig(Config):
"check_is_for_allowed_local_3pids", None "check_is_for_allowed_local_3pids", None
) )
self.allow_invited_3pids = config.get("allow_invited_3pids", False) self.allow_invited_3pids = config.get("allow_invited_3pids", False)
self.disable_3pid_changes = config.get("disable_3pid_changes", False)
self.registration_shared_secret = config.get("registration_shared_secret") self.registration_shared_secret = config.get("registration_shared_secret")
self.register_mxid_from_3pid = config.get("register_mxid_from_3pid") self.register_mxid_from_3pid = config.get("register_mxid_from_3pid")
@ -50,6 +53,9 @@ class RegistrationConfig(Config):
self.auto_join_rooms = config.get("auto_join_rooms", []) self.auto_join_rooms = config.get("auto_join_rooms", [])
self.disable_set_displayname = config.get("disable_set_displayname", False)
self.disable_set_avatar_url = config.get("disable_set_avatar_url", False)
self.replicate_user_profiles_to = config.get("replicate_user_profiles_to", []) self.replicate_user_profiles_to = config.get("replicate_user_profiles_to", [])
if not isinstance(self.replicate_user_profiles_to, list): if not isinstance(self.replicate_user_profiles_to, list):
self.replicate_user_profiles_to = [self.replicate_user_profiles_to, ] self.replicate_user_profiles_to = [self.replicate_user_profiles_to, ]
@ -97,6 +103,11 @@ class RegistrationConfig(Config):
# - medium: msisdn # - medium: msisdn
# pattern: "\\+44" # pattern: "\\+44"
# If true, stop users from trying to change the 3PIDs associated with
# their accounts.
#
# disable_3pid_changes: False
# If set, allows registration by anyone who also has the shared # If set, allows registration by anyone who also has the shared
# secret, even if registration is otherwise disabled. # secret, even if registration is otherwise disabled.
registration_shared_secret: "%(registration_shared_secret)s" registration_shared_secret: "%(registration_shared_secret)s"
@ -126,10 +137,19 @@ class RegistrationConfig(Config):
# cross-homeserver user directories. # cross-homeserver user directories.
# replicate_user_profiles_to: example.com # replicate_user_profiles_to: example.com
# If enabled, don't let users set their own display names/avatars
# other than for the very first time (unless they are a server admin).
# Useful when provisioning users based on the contents of a 3rd party
# directory and to avoid ambiguities.
#
# disable_set_displayname: False
# disable_set_avatar_url: False
# Users who register on this homeserver will automatically be joined # Users who register on this homeserver will automatically be joined
# to these rooms # to these rooms
#auto_join_rooms: #auto_join_rooms:
# - "#example:example.com" # - "#example:example.com"
""" % locals() """ % locals()
def add_arguments(self, parser): def add_arguments(self, parser):

12
synapse/handlers/profile.py
View File

@ -105,7 +105,7 @@ class ProfileHandler(BaseHandler):
} for r in batch_rows } for r in batch_rows
} }
url = "https://%s/_matrix/federation/v1/replicate_profiles" % (host,) url = "https://%s/_matrix/identity/api/v1/replicate_profiles" % (host,)
body = { body = {
"batchnum": batchnum, "batchnum": batchnum,
"batch": batch, "batch": batch,
@ -215,6 +215,11 @@ class ProfileHandler(BaseHandler):
if not by_admin and target_user != requester.user: if not by_admin and target_user != requester.user:
raise AuthError(400, "Cannot set another user's displayname") raise AuthError(400, "Cannot set another user's displayname")
if not by_admin and self.hs.config.disable_set_displayname:
profile = yield self.store.get_profileinfo(target_user.localpart)
if profile.display_name:
raise SynapseError(400, "Changing displayname is disabled on this server")
if new_displayname == '': if new_displayname == '':
new_displayname = None new_displayname = None
@ -277,6 +282,11 @@ class ProfileHandler(BaseHandler):
if not by_admin and target_user != requester.user: if not by_admin and target_user != requester.user:
raise AuthError(400, "Cannot set another user's avatar_url") raise AuthError(400, "Cannot set another user's avatar_url")
if not by_admin and self.hs.config.disable_set_avatar_url:
profile = yield self.store.get_profileinfo(target_user.localpart)
if profile.avatar_url:
raise SynapseError(400, "Changing avatar url is disabled on this server")
if len(self.hs.config.replicate_user_profiles_to) > 0: if len(self.hs.config.replicate_user_profiles_to) > 0:
cur_batchnum = yield self.store.get_latest_profile_replication_batch_number() cur_batchnum = yield self.store.get_latest_profile_replication_batch_number()
new_batchnum = 0 if cur_batchnum is None else cur_batchnum + 1 new_batchnum = 0 if cur_batchnum is None else cur_batchnum + 1

6
synapse/rest/client/v2_alpha/account.py
View File

@ -314,6 +314,9 @@ class ThreepidRestServlet(RestServlet):
def on_POST(self, request): def on_POST(self, request):
yield run_on_reactor() yield run_on_reactor()
if self.hs.config.disable_3pid_changes:
raise SynapseError(400, "3PID changes disabled on this server")
body = parse_json_object_from_request(request) body = parse_json_object_from_request(request)
threePidCreds = body.get('threePidCreds') threePidCreds = body.get('threePidCreds')
@ -367,6 +370,9 @@ class ThreepidDeleteRestServlet(RestServlet):
def on_POST(self, request): def on_POST(self, request):
yield run_on_reactor() yield run_on_reactor()
if self.hs.config.disable_3pid_changes:
raise SynapseError(400, "3PID changes disabled on this server")
body = parse_json_object_from_request(request) body = parse_json_object_from_request(request)
required = ['medium', 'address'] required = ['medium', 'address']