spam check room publishing

matrix-org · Oct 4, 2017 · d8ce68b · d8ce68b
1 parent 78d4ced
commit d8ce68b
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/synapse/events/spamcheck.py b/synapse/events/spamcheck.py
@@ -85,6 +85,7 @@ def user_may_create_room_alias(self, userid, room_alias):
 
         Args:
             userid (string): The sender's user ID
+            room_alias (string): The alias to be created
 
         Returns:
             bool: True if the user may create a room alias, otherwise False
@@ -93,3 +94,20 @@ def user_may_create_room_alias(self, userid, room_alias):
             return True
 
         return self.spam_checker.user_may_create_room_alias(userid, room_alias)
+
+    def user_may_publish_room(self, userid, room_id):
+        """Checks if a given user may publish a room to the directory
+
+        If this method returns false, the publish request will be rejected.
+
+        Args:
+            userid (string): The sender's user ID
+            room_id (string): The ID of the room that would be published
+
+        Returns:
+            bool: True if the user may publish the room, otherwise False
+        """
+        if self.spam_checker is None:
+            return True
+
+        return self.spam_checker.user_may_publish_room(userid, room_id)
diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py
@@ -334,6 +334,14 @@ def edit_published_room_list(self, requester, room_id, visibility):
         room_id (str)
         visibility (str): "public" or "private"
         """
+        if not self.spam_checker.user_may_publish_room(
+            requester.user.to_string(), room_id
+        ):
+            raise AuthError(
+                403,
+                "This user is not permitted to publish rooms to the room list"
+            )
+
         if requester.is_guest:
             raise AuthError(403, "Guests cannot edit the published room list")