Replace also_allow_user with a global config option

Basically reverts 088977f67607186da8e14232f9f17fa22ccc16c9.

This way is more suitable for self-hosting where there's no gateway to
manage the query parameter.

README.md

@@ -29,6 +29,7 @@ use the specific release tags.
   filtered away (e.g. `org.matrix.dummy_event` and `m.room.aliases`).
 * Config option to allow specific users to use timestamp massaging without
   being appservice users.
+* Config option to allow appservices to use MSC2716 batch sending as any local user.
 * Removed bad pusher URL validation.
 * webp images are thumbnailed to webp instead of jpeg to avoid losing
   transparency.
@@ -53,4 +54,6 @@ meow:
    # List of users who can use timestamp massaging without being appservices
    timestamp_override:
    - "@you:example.com"
+   # Whether appservices should be allowed to use MSC2716 batch sending as any local user.
+   appservice_batch_send_any: false
 ```

synapse/api/auth.py

@@ -244,7 +244,7 @@ class Auth:
             raise MissingClientTokenError()
 
     async def validate_appservice_can_control_user_id(
-        self, app_service: ApplicationService, user_id: str, also_allow_user: Optional[str] = None
+        self, app_service: ApplicationService, user_id: str, allow_any: bool = False
     ) -> None:
         """Validates that the app service is allowed to control
         the given user.
@@ -252,7 +252,7 @@ class Auth:
         Args:
             app_service: The app service that controls the user
             user_id: The author MXID that the app service is controlling
-            also_allow_user: An additional user ID that the appservice can temporarily control
+            allow_any: Allow the appservice to control any local user
 
         Raises:
             AuthError: If the application service is not allowed to control the user
@@ -264,7 +264,7 @@ class Auth:
         if app_service.sender == user_id:
             pass
         # Check to make sure the app service is allowed to control the user
-        elif not app_service.is_interested_in_user(user_id) and user_id != also_allow_user:
+        elif not app_service.is_interested_in_user(user_id) and not allow_any:
             raise AuthError(
                 403,
                 "Application service cannot masquerade as this user (%s)." % user_id,

synapse/config/_base.pyi

@@ -17,6 +17,7 @@ from synapse.config import (
     jwt,
     key,
     logger,
+    meow,
     metrics,
     modules,
     oidc,
@@ -65,6 +66,7 @@ class RootConfig:
     voip: voip.VoipConfig
     registration: registration.RegistrationConfig
     account_validity: account_validity.AccountValidityConfig
+    meow: meow.MeowConfig
     metrics: metrics.MetricsConfig
     api: api.ApiConfig
     appservice: appservice.AppServiceConfig

synapse/config/experimental.py

@@ -35,8 +35,6 @@ class ExperimentalConfig(Config):
         # MSC2716 (backfill existing history)
         self.msc2716_enabled: bool = experimental.get("msc2716_enabled", False)
 
-        self.msc2716_also_allow_user: bool = experimental.get("com.beeper.msc2716_also_allow_user", False)
-
         # MSC2285 (hidden read receipts)
         self.msc2285_enabled: bool = experimental.get("msc2285_enabled", False)
 

synapse/config/meow.py

@@ -29,6 +29,7 @@ class MeowConfig(Config):
         self.filter_override = set(meow_config.get("filter_override", []))
         self.timestamp_override = set(meow_config.get("timestamp_override", []))
         self.admin_api_register_invalid = meow_config.get("admin_api_register_invalid", True)
+        self.appservice_batch_send_any = meow_config.get("appservice_batch_send_any", False)
 
     def generate_config_section(self, config_dir_path, server_name, **kwargs):
         return """
@@ -46,4 +47,6 @@ class MeowConfig(Config):
         #   - "@you:example.com"
         #   # Whether or not the admin API should be able to register invalid user IDs.
         #   admin_api_register_invalid: true
+        #   # Whether appservices should be allowed to use MSC2716 batch sending as any local user.
+        #   appservice_batch_send_any: false
         """

synapse/handlers/room_batch.py

@@ -1,5 +1,5 @@
 import logging
-from typing import TYPE_CHECKING, List, Tuple, Optional
+from typing import TYPE_CHECKING, List, Tuple
 
 from synapse.api.constants import EventContentFields, EventTypes
 from synapse.appservice import ApplicationService
@@ -25,6 +25,7 @@ class RoomBatchHandler:
         self.event_creation_handler = hs.get_event_creation_handler()
         self.room_member_handler = hs.get_room_member_handler()
         self.auth = hs.get_auth()
+        self.allow_send_any = self.hs.config.meow.appservice_batch_send_any
 
     async def inherit_depth_from_prev_ids(self, prev_event_ids: List[str]) -> int:
         """Finds the depth which would sort it after the most-recent
@@ -107,7 +108,7 @@ class RoomBatchHandler:
         return insertion_event
 
     async def create_requester_for_user_id_from_app_service(
-        self, user_id: str, app_service: ApplicationService, also_allow_user: Optional[str] = None,
+        self, user_id: str, app_service: ApplicationService
     ) -> Requester:
         """Creates a new requester for the given user_id
         and validates that the app service is allowed to control
@@ -116,13 +117,13 @@ class RoomBatchHandler:
         Args:
             user_id: The author MXID that the app service is controlling
             app_service: The app service that controls the user
-            also_allow_user: An additional user ID that the appservice can temporarily control
 
         Returns:
             Requester object
         """
 
-        await self.auth.validate_appservice_can_control_user_id(app_service, user_id, also_allow_user)
+        await self.auth.validate_appservice_can_control_user_id(app_service, user_id,
+                                                                allow_any=self.allow_send_any)
 
         return create_requester(user_id, app_service=app_service)
 
@@ -160,7 +161,6 @@ class RoomBatchHandler:
         room_id: str,
         initial_auth_event_ids: List[str],
         app_service_requester: Requester,
-        also_allow_user: Optional[str],
     ) -> List[str]:
         """Takes all `state_events_at_start` event dictionaries and creates/persists
         them as floating state events which don't resolve into the current room state.
@@ -175,7 +175,6 @@ class RoomBatchHandler:
                 added to the list of auth events for the next state event
                 created.
             app_service_requester: The requester of an application service.
-            also_allow_user: An additional user ID that the appservice can temporarily control
 
         Returns:
             List of state event ID's we just persisted
@@ -217,8 +216,7 @@ class RoomBatchHandler:
                 membership = event_dict["content"].get("membership", None)
                 event_id, _ = await self.room_member_handler.update_membership(
                     await self.create_requester_for_user_id_from_app_service(
-                        state_event["sender"], app_service_requester.app_service,
-                        also_allow_user,
+                        state_event["sender"], app_service_requester.app_service
                     ),
                     target=UserID.from_string(event_dict["state_key"]),
                     room_id=room_id,
@@ -240,8 +238,7 @@ class RoomBatchHandler:
                     _,
                 ) = await self.event_creation_handler.create_and_send_nonmember_event(
                     await self.create_requester_for_user_id_from_app_service(
-                        state_event["sender"], app_service_requester.app_service,
-                        also_allow_user,
+                        state_event["sender"], app_service_requester.app_service
                     ),
                     event_dict,
                     outlier=True,
@@ -268,7 +265,6 @@ class RoomBatchHandler:
         inherited_depth: int,
         auth_event_ids: List[str],
         app_service_requester: Requester,
-        also_allow_user: Optional[str],
     ) -> List[str]:
         """Create and persists all events provided sequentially. Handles the
         complexity of creating events in chronological order so they can
@@ -289,7 +285,6 @@ class RoomBatchHandler:
             auth_event_ids: Define which events allow you to create the given
                 event in the room.
             app_service_requester: The requester of an application service.
-            also_allow_user: An additional user ID that the appservice can temporarily control
 
         Returns:
             List of persisted event IDs
@@ -321,7 +316,7 @@ class RoomBatchHandler:
 
             event, context = await self.event_creation_handler.create_event(
                 await self.create_requester_for_user_id_from_app_service(
-                    ev["sender"], app_service_requester.app_service, also_allow_user,
+                    ev["sender"], app_service_requester.app_service
                 ),
                 event_dict,
                 prev_event_ids=event_dict.get("prev_events"),
@@ -362,7 +357,7 @@ class RoomBatchHandler:
         for (event, context) in reversed(events_to_persist):
             await self.event_creation_handler.handle_new_client_event(
                 await self.create_requester_for_user_id_from_app_service(
-                    event["sender"], app_service_requester.app_service, also_allow_user,
+                    event["sender"], app_service_requester.app_service
                 ),
                 event=event,
                 context=context,
@@ -379,7 +374,6 @@ class RoomBatchHandler:
         inherited_depth: int,
         auth_event_ids: List[str],
         app_service_requester: Requester,
-        also_allow_user: Optional[str],
     ) -> Tuple[List[str], str]:
         """
         Handles creating and persisting all of the historical events as well
@@ -399,7 +393,6 @@ class RoomBatchHandler:
             auth_event_ids: Define which events allow you to create the given
                 event in the room.
             app_service_requester: The requester of an application service.
-            also_allow_user: An additional user ID that the appservice can temporarily control
 
         Returns:
             Tuple containing a list of created events and the next_batch_id
@@ -447,7 +440,6 @@ class RoomBatchHandler:
             inherited_depth=inherited_depth,
             auth_event_ids=auth_event_ids,
             app_service_requester=app_service_requester,
-            also_allow_user=also_allow_user,
         )
 
         return event_ids, next_batch_id

synapse/rest/client/room_batch.py

@@ -80,7 +80,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
         self.auth = hs.get_auth()
         self.room_batch_handler = hs.get_room_batch_handler()
         self.txns = HttpTransactionCache(hs)
-        self.enable_also_allow_user = hs.config.experimental.msc2716_also_allow_user
 
     async def on_POST(
         self, request: SynapseRequest, room_id: str
@@ -101,8 +100,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
             request.args, "prev_event_id"
         )
         batch_id_from_query = parse_string(request, "batch_id")
-        also_allow_from_query = (parse_string(request, "com.beeper.also_allow_user")
-                                 if self.enable_also_allow_user else None)
 
         if prev_event_ids_from_query is None:
             raise SynapseError(
@@ -143,7 +140,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
                 room_id=room_id,
                 initial_auth_event_ids=auth_event_ids,
                 app_service_requester=requester,
-                also_allow_user=also_allow_from_query,
             )
         )
         # Update our ongoing auth event ID list with all of the new state we
@@ -214,7 +210,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
             inherited_depth=inherited_depth,
             auth_event_ids=auth_event_ids,
             app_service_requester=requester,
-            also_allow_user=also_allow_from_query,
         )
 
         insertion_event_id = event_ids[0]