Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Spam checking: add the invitee to user_may_invite #2502

Merged
merged 1 commit into from
Oct 5, 2017
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions synapse/events/spamcheck.py
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ def check_event_for_spam(self, event):

return self.spam_checker.check_event_for_spam(event)

def user_may_invite(self, userid, room_id):
def user_may_invite(self, inviter_userid, invitee_userid, room_id):
"""Checks if a given user may send an invite

If this method returns false, the invite will be rejected.
Expand All @@ -60,7 +60,7 @@ def user_may_invite(self, userid, room_id):
if self.spam_checker is None:
return True

return self.spam_checker.user_may_invite(userid, room_id)
return self.spam_checker.user_may_invite(inviter_userid, invitee_userid, room_id)

def user_may_create_room(self, userid):
"""Checks if a given user may create a room
Expand Down
12 changes: 7 additions & 5 deletions synapse/handlers/federation.py
Original file line number Diff line number Diff line change
Expand Up @@ -1071,16 +1071,21 @@ def on_invite_request(self, origin, pdu):
"""
event = pdu

if event.state_key is None:
raise SynapseError(400, "The invite event did not have a state key")

is_blocked = yield self.store.is_room_blocked(event.room_id)
if is_blocked:
raise SynapseError(403, "This room has been blocked on this server")

if self.hs.config.block_non_admin_invites:
raise SynapseError(403, "This server does not accept room invites")

if not self.spam_checker.user_may_invite(event.sender, event.room_id):
if not self.spam_checker.user_may_invite(
event.sender, event.state_key, event.room_id,
):
raise SynapseError(
403, "This user is not permitted to send invites to this server"
403, "This user is not permitted to send invites to this server/user"
)

membership = event.content.get("membership")
Expand All @@ -1091,9 +1096,6 @@ def on_invite_request(self, origin, pdu):
if sender_domain != origin:
raise SynapseError(400, "The invite event was not from the server sending it")

if event.state_key is None:
raise SynapseError(400, "The invite event did not have a state key")

if not self.is_mine_id(event.state_key):
raise SynapseError(400, "The invite event must be for this server")

Expand Down
2 changes: 1 addition & 1 deletion synapse/handlers/room_member.py
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ def _update_membership(
block_invite = True

if not self.spam_checker.user_may_invite(
requester.user.to_string(), room_id,
requester.user.to_string(), target.to_string(), room_id,
):
logger.info("Blocking invite due to spam checker")
block_invite = True
Expand Down