Merge pull request #5481 from matrix-org/babolivier/third_party_rules_3pid

Port "Add third party rules hook for 3PID invites" to dinsic
This commit is contained in:
Brendan Abolivier 2019-06-17 18:35:54 +01:00 committed by GitHub
commit 5a28504c08
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 1 deletions

1
changelog.d/5477.feature Normal file
View File

@ -0,0 +1 @@
Allow server admins to define implementations of extra rules for allowing or denying incoming events.

View File

@ -35,7 +35,10 @@ class ThirdPartyEventRules(object):
module, config = hs.config.third_party_event_rules module, config = hs.config.third_party_event_rules
if module is not None: if module is not None:
self.third_party_rules = module(config=config) self.third_party_rules = module(
config=config,
http_client=hs.get_simple_http_client(),
)
@defer.inlineCallbacks @defer.inlineCallbacks
def check_event_allowed(self, event, context): def check_event_allowed(self, event, context):
@ -81,3 +84,31 @@ class ThirdPartyEventRules(object):
yield self.third_party_rules.on_create_room( yield self.third_party_rules.on_create_room(
requester, config, is_requester_admin requester, config, is_requester_admin
) )
@defer.inlineCallbacks
def check_threepid_can_be_invited(self, medium, address, room_id):
"""Check if a provided 3PID can be invited in the given room.
Args:
medium (str): The 3PID's medium.
address (str): The 3PID's address.
room_id (str): The room we want to invite the threepid to.
Returns:
defer.Deferred[bool], True if the 3PID can be invited, False if not.
"""
if self.third_party_rules is None:
defer.returnValue(True)
state_ids = yield self.store.get_filtered_current_state_ids(room_id)
room_state_events = yield self.store.get_events(state_ids.values())
state_events = {}
for key, event_id in state_ids.items():
state_events[key] = room_state_events[event_id]
ret = yield self.third_party_rules.check_threepid_can_be_invited(
medium, address, state_events,
)
defer.returnValue(ret)

View File

@ -69,6 +69,7 @@ class RoomMemberHandler(object):
self.clock = hs.get_clock() self.clock = hs.get_clock()
self.spam_checker = hs.get_spam_checker() self.spam_checker = hs.get_spam_checker()
self.third_party_event_rules = hs.get_third_party_event_rules()
self._server_notices_mxid = self.config.server_notices_mxid self._server_notices_mxid = self.config.server_notices_mxid
self.rewrite_identity_server_urls = self.config.rewrite_identity_server_urls self.rewrite_identity_server_urls = self.config.rewrite_identity_server_urls
self._enable_lookup = hs.config.enable_3pid_lookup self._enable_lookup = hs.config.enable_3pid_lookup
@ -774,6 +775,15 @@ class RoomMemberHandler(object):
# can't just rely on the standard ratelimiting of events. # can't just rely on the standard ratelimiting of events.
yield self.base_handler.ratelimit(requester) yield self.base_handler.ratelimit(requester)
can_invite = yield self.third_party_event_rules.check_threepid_can_be_invited(
medium, address, room_id,
)
if not can_invite:
raise SynapseError(
403, "This third-party identifier can not be invited in this room",
Codes.FORBIDDEN,
)
invitee = yield self._lookup_3pid( invitee = yield self._lookup_3pid(
id_server, medium, address id_server, medium, address
) )