mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2025-01-19 11:41:34 -05:00
Add configs to make profile data more private (#9203)
Add off-by-default configuration settings to: - disable putting an invitee's profile info in invite events - disable profile lookup via federation Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
This commit is contained in:
parent
84a7191410
commit
9bc74743d5
1
changelog.d/9203.feature
Normal file
1
changelog.d/9203.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add some configuration settings to make users' profile data more private.
|
@ -101,6 +101,14 @@ pid_file: DATADIR/homeserver.pid
|
|||||||
#
|
#
|
||||||
#limit_profile_requests_to_users_who_share_rooms: true
|
#limit_profile_requests_to_users_who_share_rooms: true
|
||||||
|
|
||||||
|
# Uncomment to prevent a user's profile data from being retrieved and
|
||||||
|
# displayed in a room until they have joined it. By default, a user's
|
||||||
|
# profile data is included in an invite event, regardless of the values
|
||||||
|
# of the above two settings, and whether or not the users share a server.
|
||||||
|
# Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#include_profile_data_on_invite: false
|
||||||
|
|
||||||
# If set to 'true', removes the need for authentication to access the server's
|
# If set to 'true', removes the need for authentication to access the server's
|
||||||
# public rooms directory through the client API, meaning that anyone can
|
# public rooms directory through the client API, meaning that anyone can
|
||||||
# query the room directory. Defaults to 'false'.
|
# query the room directory. Defaults to 'false'.
|
||||||
@ -699,6 +707,12 @@ acme:
|
|||||||
# - matrix.org
|
# - matrix.org
|
||||||
# - example.com
|
# - example.com
|
||||||
|
|
||||||
|
# Uncomment to disable profile lookup over federation. By default, the
|
||||||
|
# Federation API allows other homeservers to obtain profile data of any user
|
||||||
|
# on this homeserver. Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#allow_profile_lookup_over_federation: false
|
||||||
|
|
||||||
|
|
||||||
## Caching ##
|
## Caching ##
|
||||||
|
|
||||||
|
@ -41,6 +41,10 @@ class FederationConfig(Config):
|
|||||||
)
|
)
|
||||||
self.federation_metrics_domains = set(federation_metrics_domains)
|
self.federation_metrics_domains = set(federation_metrics_domains)
|
||||||
|
|
||||||
|
self.allow_profile_lookup_over_federation = config.get(
|
||||||
|
"allow_profile_lookup_over_federation", True
|
||||||
|
)
|
||||||
|
|
||||||
def generate_config_section(self, config_dir_path, server_name, **kwargs):
|
def generate_config_section(self, config_dir_path, server_name, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
## Federation ##
|
## Federation ##
|
||||||
@ -66,6 +70,12 @@ class FederationConfig(Config):
|
|||||||
#federation_metrics_domains:
|
#federation_metrics_domains:
|
||||||
# - matrix.org
|
# - matrix.org
|
||||||
# - example.com
|
# - example.com
|
||||||
|
|
||||||
|
# Uncomment to disable profile lookup over federation. By default, the
|
||||||
|
# Federation API allows other homeservers to obtain profile data of any user
|
||||||
|
# on this homeserver. Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#allow_profile_lookup_over_federation: false
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
@ -263,6 +263,12 @@ class ServerConfig(Config):
|
|||||||
False,
|
False,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# Whether to retrieve and display profile data for a user when they
|
||||||
|
# are invited to a room
|
||||||
|
self.include_profile_data_on_invite = config.get(
|
||||||
|
"include_profile_data_on_invite", True
|
||||||
|
)
|
||||||
|
|
||||||
if "restrict_public_rooms_to_local_users" in config and (
|
if "restrict_public_rooms_to_local_users" in config and (
|
||||||
"allow_public_rooms_without_auth" in config
|
"allow_public_rooms_without_auth" in config
|
||||||
or "allow_public_rooms_over_federation" in config
|
or "allow_public_rooms_over_federation" in config
|
||||||
@ -848,6 +854,14 @@ class ServerConfig(Config):
|
|||||||
#
|
#
|
||||||
#limit_profile_requests_to_users_who_share_rooms: true
|
#limit_profile_requests_to_users_who_share_rooms: true
|
||||||
|
|
||||||
|
# Uncomment to prevent a user's profile data from being retrieved and
|
||||||
|
# displayed in a room until they have joined it. By default, a user's
|
||||||
|
# profile data is included in an invite event, regardless of the values
|
||||||
|
# of the above two settings, and whether or not the users share a server.
|
||||||
|
# Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#include_profile_data_on_invite: false
|
||||||
|
|
||||||
# If set to 'true', removes the need for authentication to access the server's
|
# If set to 'true', removes the need for authentication to access the server's
|
||||||
# public rooms directory through the client API, meaning that anyone can
|
# public rooms directory through the client API, meaning that anyone can
|
||||||
# query the room directory. Defaults to 'false'.
|
# query the room directory. Defaults to 'false'.
|
||||||
|
@ -484,10 +484,9 @@ class FederationQueryServlet(BaseFederationServlet):
|
|||||||
|
|
||||||
# This is when we receive a server-server Query
|
# This is when we receive a server-server Query
|
||||||
async def on_GET(self, origin, content, query, query_type):
|
async def on_GET(self, origin, content, query, query_type):
|
||||||
return await self.handler.on_query_request(
|
args = {k.decode("utf8"): v[0].decode("utf-8") for k, v in query.items()}
|
||||||
query_type,
|
args["origin"] = origin
|
||||||
{k.decode("utf8"): v[0].decode("utf-8") for k, v in query.items()},
|
return await self.handler.on_query_request(query_type, args)
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class FederationMakeJoinServlet(BaseFederationServlet):
|
class FederationMakeJoinServlet(BaseFederationServlet):
|
||||||
|
@ -387,6 +387,12 @@ class EventCreationHandler:
|
|||||||
|
|
||||||
self.room_invite_state_types = self.hs.config.room_invite_state_types
|
self.room_invite_state_types = self.hs.config.room_invite_state_types
|
||||||
|
|
||||||
|
self.membership_types_to_include_profile_data_in = (
|
||||||
|
{Membership.JOIN, Membership.INVITE}
|
||||||
|
if self.hs.config.include_profile_data_on_invite
|
||||||
|
else {Membership.JOIN}
|
||||||
|
)
|
||||||
|
|
||||||
self.send_event = ReplicationSendEventRestServlet.make_client(hs)
|
self.send_event = ReplicationSendEventRestServlet.make_client(hs)
|
||||||
|
|
||||||
# This is only used to get at ratelimit function, and maybe_kick_guest_users
|
# This is only used to get at ratelimit function, and maybe_kick_guest_users
|
||||||
@ -500,7 +506,7 @@ class EventCreationHandler:
|
|||||||
membership = builder.content.get("membership", None)
|
membership = builder.content.get("membership", None)
|
||||||
target = UserID.from_string(builder.state_key)
|
target = UserID.from_string(builder.state_key)
|
||||||
|
|
||||||
if membership in {Membership.JOIN, Membership.INVITE}:
|
if membership in self.membership_types_to_include_profile_data_in:
|
||||||
# If event doesn't include a display name, add one.
|
# If event doesn't include a display name, add one.
|
||||||
profile = self.profile_handler
|
profile = self.profile_handler
|
||||||
content = builder.content
|
content = builder.content
|
||||||
|
@ -310,6 +310,16 @@ class ProfileHandler(BaseHandler):
|
|||||||
await self._update_join_states(requester, target_user)
|
await self._update_join_states(requester, target_user)
|
||||||
|
|
||||||
async def on_profile_query(self, args: JsonDict) -> JsonDict:
|
async def on_profile_query(self, args: JsonDict) -> JsonDict:
|
||||||
|
"""Handles federation profile query requests.
|
||||||
|
"""
|
||||||
|
|
||||||
|
if not self.hs.config.allow_profile_lookup_over_federation:
|
||||||
|
raise SynapseError(
|
||||||
|
403,
|
||||||
|
"Profile lookup over federation is disabled on this homeserver",
|
||||||
|
Codes.FORBIDDEN,
|
||||||
|
)
|
||||||
|
|
||||||
user = UserID.from_string(args["user_id"])
|
user = UserID.from_string(args["user_id"])
|
||||||
if not self.hs.is_mine(user):
|
if not self.hs.is_mine(user):
|
||||||
raise SynapseError(400, "User is not hosted on this homeserver")
|
raise SynapseError(400, "User is not hosted on this homeserver")
|
||||||
|
@ -213,8 +213,9 @@ class ReplicationGetQueryRestServlet(ReplicationEndpoint):
|
|||||||
content = parse_json_object_from_request(request)
|
content = parse_json_object_from_request(request)
|
||||||
|
|
||||||
args = content["args"]
|
args = content["args"]
|
||||||
|
args["origin"] = content["origin"]
|
||||||
|
|
||||||
logger.info("Got %r query", query_type)
|
logger.info("Got %r query from %s", query_type, args["origin"])
|
||||||
|
|
||||||
result = await self.registry.on_query(query_type, args)
|
result = await self.registry.on_query(query_type, args)
|
||||||
|
|
||||||
|
@ -161,7 +161,11 @@ class ProfileTestCase(unittest.HomeserverTestCase):
|
|||||||
|
|
||||||
response = self.get_success(
|
response = self.get_success(
|
||||||
self.query_handlers["profile"](
|
self.query_handlers["profile"](
|
||||||
{"user_id": "@caroline:test", "field": "displayname"}
|
{
|
||||||
|
"user_id": "@caroline:test",
|
||||||
|
"field": "displayname",
|
||||||
|
"origin": "servername.tld",
|
||||||
|
}
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user