mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-25 17:39:24 -05:00
Allow appservices to batch send as any local user
This commit is contained in:
parent
3ec25f27ab
commit
a7bdc4a1ed
@ -254,7 +254,7 @@ class Auth:
|
|||||||
raise MissingClientTokenError()
|
raise MissingClientTokenError()
|
||||||
|
|
||||||
async def validate_appservice_can_control_user_id(
|
async def validate_appservice_can_control_user_id(
|
||||||
self, app_service: ApplicationService, user_id: str
|
self, app_service: ApplicationService, user_id: str, allow_any: bool = False
|
||||||
) -> None:
|
) -> None:
|
||||||
"""Validates that the app service is allowed to control
|
"""Validates that the app service is allowed to control
|
||||||
the given user.
|
the given user.
|
||||||
@ -262,6 +262,7 @@ class Auth:
|
|||||||
Args:
|
Args:
|
||||||
app_service: The app service that controls the user
|
app_service: The app service that controls the user
|
||||||
user_id: The author MXID that the app service is controlling
|
user_id: The author MXID that the app service is controlling
|
||||||
|
allow_any: Allow the appservice to control any local user
|
||||||
|
|
||||||
Raises:
|
Raises:
|
||||||
AuthError: If the application service is not allowed to control the user
|
AuthError: If the application service is not allowed to control the user
|
||||||
@ -273,7 +274,7 @@ class Auth:
|
|||||||
if app_service.sender == user_id:
|
if app_service.sender == user_id:
|
||||||
pass
|
pass
|
||||||
# Check to make sure the app service is allowed to control the user
|
# Check to make sure the app service is allowed to control the user
|
||||||
elif not app_service.is_interested_in_user(user_id):
|
elif not app_service.is_interested_in_user(user_id) and not allow_any:
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
403,
|
403,
|
||||||
"Application service cannot masquerade as this user (%s)." % user_id,
|
"Application service cannot masquerade as this user (%s)." % user_id,
|
||||||
|
@ -21,6 +21,7 @@ class RoomBatchHandler:
|
|||||||
self.event_creation_handler = hs.get_event_creation_handler()
|
self.event_creation_handler = hs.get_event_creation_handler()
|
||||||
self.room_member_handler = hs.get_room_member_handler()
|
self.room_member_handler = hs.get_room_member_handler()
|
||||||
self.auth = hs.get_auth()
|
self.auth = hs.get_auth()
|
||||||
|
self.allow_send_any = self.hs.config.meow.appservice_batch_send_any
|
||||||
|
|
||||||
async def inherit_depth_from_prev_ids(self, prev_event_ids: List[str]) -> int:
|
async def inherit_depth_from_prev_ids(self, prev_event_ids: List[str]) -> int:
|
||||||
"""Finds the depth which would sort it after the most-recent
|
"""Finds the depth which would sort it after the most-recent
|
||||||
@ -118,7 +119,9 @@ class RoomBatchHandler:
|
|||||||
Requester object
|
Requester object
|
||||||
"""
|
"""
|
||||||
|
|
||||||
await self.auth.validate_appservice_can_control_user_id(app_service, user_id)
|
await self.auth.validate_appservice_can_control_user_id(
|
||||||
|
app_service, user_id, allow_any=self.allow_send_any
|
||||||
|
)
|
||||||
|
|
||||||
return create_requester(user_id, app_service=app_service)
|
return create_requester(user_id, app_service=app_service)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user