gitlord
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Code Issues 0 Releases 671 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22950 Commits
842 Branches
296 MiB
 
 
 
 
 
 
Tree: ad3f43be9a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ad3f43be9a'
${ noResults }
synapse/synapse/module_api/callbacks/spamchecker_callbacks.py

879 lines
34 KiB
Raw Blame History 

  1. # Copyright 2017 New Vector Ltd

  2. # Copyright 2019 The Matrix.org Foundation C.I.C.

  3. #

  4. # Licensed under the Apache License, Version 2.0 (the "License");

  5. # you may not use this file except in compliance with the License.

  6. # You may obtain a copy of the License at

  7. #

  8. #     http://www.apache.org/licenses/LICENSE-2.0

  9. #

  10. # Unless required by applicable law or agreed to in writing, software

  11. # distributed under the License is distributed on an "AS IS" BASIS,

  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. # See the License for the specific language governing permissions and

  14. # limitations under the License.

  15. 

  16. import inspect

  17. import logging

  18. from typing import (

  19.     TYPE_CHECKING,

  20.     Any,

  21.     Awaitable,

  22.     Callable,

  23.     Collection,

  24.     List,

  25.     Optional,

  26.     Tuple,

  27.     Union,

  28. )

  29. 

  30. # `Literal` appears with Python 3.8.

  31. from typing_extensions import Literal

  32. 

  33. import synapse

  34. from synapse.api.errors import Codes

  35. from synapse.logging.opentracing import trace

  36. from synapse.media._base import FileInfo

  37. from synapse.media.media_storage import ReadableFileWrapper

  38. from synapse.spam_checker_api import RegistrationBehaviour

  39. from synapse.types import JsonDict, RoomAlias, UserProfile

  40. from synapse.util.async_helpers import delay_cancellation, maybe_awaitable

  41. from synapse.util.metrics import Measure

  42. 

  43. if TYPE_CHECKING:

  44.     import synapse.events

  45.     import synapse.server

  46. 

  47. logger = logging.getLogger(__name__)

  48. 

  49. CHECK_EVENT_FOR_SPAM_CALLBACK = Callable[

  50.     ["synapse.events.EventBase"],

  51.     Awaitable[

  52.         Union[

  53.             str,

  54.             Codes,

  55.             # Highly experimental, not officially part of the spamchecker API, may

  56.             # disappear without warning depending on the results of ongoing

  57.             # experiments.

  58.             # Use this to return additional information as part of an error.

  59.             Tuple[Codes, JsonDict],

  60.             # Deprecated

  61.             bool,

  62.         ]

  63.     ],

  64. ]

  65. SHOULD_DROP_FEDERATED_EVENT_CALLBACK = Callable[

  66.     ["synapse.events.EventBase"],

  67.     Awaitable[Union[bool, str]],

  68. ]

  69. USER_MAY_JOIN_ROOM_CALLBACK = Callable[

  70.     [str, str, bool],

  71.     Awaitable[

  72.         Union[

  73.             Literal["NOT_SPAM"],

  74.             Codes,

  75.             # Highly experimental, not officially part of the spamchecker API, may

  76.             # disappear without warning depending on the results of ongoing

  77.             # experiments.

  78.             # Use this to return additional information as part of an error.

  79.             Tuple[Codes, JsonDict],

  80.             # Deprecated

  81.             bool,

  82.         ]

  83.     ],

  84. ]

  85. USER_MAY_INVITE_CALLBACK = Callable[

  86.     [str, str, str],

  87.     Awaitable[

  88.         Union[

  89.             Literal["NOT_SPAM"],

  90.             Codes,

  91.             # Highly experimental, not officially part of the spamchecker API, may

  92.             # disappear without warning depending on the results of ongoing

  93.             # experiments.

  94.             # Use this to return additional information as part of an error.

  95.             Tuple[Codes, JsonDict],

  96.             # Deprecated

  97.             bool,

  98.         ]

  99.     ],

  100. ]

  101. USER_MAY_SEND_3PID_INVITE_CALLBACK = Callable[

  102.     [str, str, str, str],

  103.     Awaitable[

  104.         Union[

  105.             Literal["NOT_SPAM"],

  106.             Codes,

  107.             # Highly experimental, not officially part of the spamchecker API, may

  108.             # disappear without warning depending on the results of ongoing

  109.             # experiments.

  110.             # Use this to return additional information as part of an error.

  111.             Tuple[Codes, JsonDict],

  112.             # Deprecated

  113.             bool,

  114.         ]

  115.     ],

  116. ]

  117. USER_MAY_CREATE_ROOM_CALLBACK = Callable[

  118.     [str],

  119.     Awaitable[

  120.         Union[

  121.             Literal["NOT_SPAM"],

  122.             Codes,

  123.             # Highly experimental, not officially part of the spamchecker API, may

  124.             # disappear without warning depending on the results of ongoing

  125.             # experiments.

  126.             # Use this to return additional information as part of an error.

  127.             Tuple[Codes, JsonDict],

  128.             # Deprecated

  129.             bool,

  130.         ]

  131.     ],

  132. ]

  133. USER_MAY_CREATE_ROOM_ALIAS_CALLBACK = Callable[

  134.     [str, RoomAlias],

  135.     Awaitable[

  136.         Union[

  137.             Literal["NOT_SPAM"],

  138.             Codes,

  139.             # Highly experimental, not officially part of the spamchecker API, may

  140.             # disappear without warning depending on the results of ongoing

  141.             # experiments.

  142.             # Use this to return additional information as part of an error.

  143.             Tuple[Codes, JsonDict],

  144.             # Deprecated

  145.             bool,

  146.         ]

  147.     ],

  148. ]

  149. USER_MAY_PUBLISH_ROOM_CALLBACK = Callable[

  150.     [str, str],

  151.     Awaitable[

  152.         Union[

  153.             Literal["NOT_SPAM"],

  154.             Codes,

  155.             # Highly experimental, not officially part of the spamchecker API, may

  156.             # disappear without warning depending on the results of ongoing

  157.             # experiments.

  158.             # Use this to return additional information as part of an error.

  159.             Tuple[Codes, JsonDict],

  160.             # Deprecated

  161.             bool,

  162.         ]

  163.     ],

  164. ]

  165. CHECK_USERNAME_FOR_SPAM_CALLBACK = Callable[[UserProfile], Awaitable[bool]]

  166. LEGACY_CHECK_REGISTRATION_FOR_SPAM_CALLBACK = Callable[

  167.     [

  168.         Optional[dict],

  169.         Optional[str],

  170.         Collection[Tuple[str, str]],

  171.     ],

  172.     Awaitable[RegistrationBehaviour],

  173. ]

  174. CHECK_REGISTRATION_FOR_SPAM_CALLBACK = Callable[

  175.     [

  176.         Optional[dict],

  177.         Optional[str],

  178.         Collection[Tuple[str, str]],

  179.         Optional[str],

  180.     ],

  181.     Awaitable[RegistrationBehaviour],

  182. ]

  183. CHECK_MEDIA_FILE_FOR_SPAM_CALLBACK = Callable[

  184.     [ReadableFileWrapper, FileInfo],

  185.     Awaitable[

  186.         Union[

  187.             Literal["NOT_SPAM"],

  188.             Codes,

  189.             # Highly experimental, not officially part of the spamchecker API, may

  190.             # disappear without warning depending on the results of ongoing

  191.             # experiments.

  192.             # Use this to return additional information as part of an error.

  193.             Tuple[Codes, JsonDict],

  194.             # Deprecated

  195.             bool,

  196.         ]

  197.     ],

  198. ]

  199. CHECK_LOGIN_FOR_SPAM_CALLBACK = Callable[

  200.     [

  201.         str,

  202.         Optional[str],

  203.         Optional[str],

  204.         Collection[Tuple[Optional[str], str]],

  205.         Optional[str],

  206.     ],

  207.     Awaitable[

  208.         Union[

  209.             Literal["NOT_SPAM"],

  210.             Codes,

  211.             # Highly experimental, not officially part of the spamchecker API, may

  212.             # disappear without warning depending on the results of ongoing

  213.             # experiments.

  214.             # Use this to return additional information as part of an error.

  215.             Tuple[Codes, JsonDict],

  216.         ]

  217.     ],

  218. ]

  219. 

  220. 

  221. def load_legacy_spam_checkers(hs: "synapse.server.HomeServer") -> None:

  222.     """Wrapper that loads spam checkers configured using the old configuration, and

  223.     registers the spam checker hooks they implement.

  224.     """

  225.     spam_checkers: List[Any] = []

  226.     api = hs.get_module_api()

  227.     for module, config in hs.config.spamchecker.spam_checkers:

  228.         # Older spam checkers don't accept the `api` argument, so we

  229.         # try and detect support.

  230.         spam_args = inspect.getfullargspec(module)

  231.         if "api" in spam_args.args:

  232.             spam_checkers.append(module(config=config, api=api))

  233.         else:

  234.             spam_checkers.append(module(config=config))

  235. 

  236.     # The known spam checker hooks. If a spam checker module implements a method

  237.     # which name appears in this set, we'll want to register it.

  238.     spam_checker_methods = {

  239.         "check_event_for_spam",

  240.         "user_may_invite",

  241.         "user_may_create_room",

  242.         "user_may_create_room_alias",

  243.         "user_may_publish_room",

  244.         "check_username_for_spam",

  245.         "check_registration_for_spam",

  246.         "check_media_file_for_spam",

  247.     }

  248. 

  249.     for spam_checker in spam_checkers:

  250.         # Methods on legacy spam checkers might not be async, so we wrap them around a

  251.         # wrapper that will call maybe_awaitable on the result.

  252.         def async_wrapper(f: Optional[Callable]) -> Optional[Callable[..., Awaitable]]:

  253.             # f might be None if the callback isn't implemented by the module. In this

  254.             # case we don't want to register a callback at all so we return None.

  255.             if f is None:

  256.                 return None

  257. 

  258.             wrapped_func = f

  259. 

  260.             if f.__name__ == "check_registration_for_spam":

  261.                 checker_args = inspect.signature(f)

  262.                 if len(checker_args.parameters) == 3:

  263.                     # Backwards compatibility; some modules might implement a hook that

  264.                     # doesn't expect a 4th argument. In this case, wrap it in a function

  265.                     # that gives it only 3 arguments and drops the auth_provider_id on

  266.                     # the floor.

  267.                     def wrapper(

  268.                         email_threepid: Optional[dict],

  269.                         username: Optional[str],

  270.                         request_info: Collection[Tuple[str, str]],

  271.                         auth_provider_id: Optional[str],

  272.                     ) -> Union[Awaitable[RegistrationBehaviour], RegistrationBehaviour]:

  273.                         # Assertion required because mypy can't prove we won't

  274.                         # change `f` back to `None`. See

  275.                         # https://mypy.readthedocs.io/en/latest/common_issues.html#narrowing-and-inner-functions

  276.                         assert f is not None

  277. 

  278.                         return f(

  279.                             email_threepid,

  280.                             username,

  281.                             request_info,

  282.                         )

  283. 

  284.                     wrapped_func = wrapper

  285.                 elif len(checker_args.parameters) != 4:

  286.                     raise RuntimeError(

  287.                         "Bad signature for callback check_registration_for_spam",

  288.                     )

  289. 

  290.             def run(*args: Any, **kwargs: Any) -> Awaitable:

  291.                 # Assertion required because mypy can't prove we won't change `f`

  292.                 # back to `None`. See

  293.                 # https://mypy.readthedocs.io/en/latest/common_issues.html#narrowing-and-inner-functions

  294.                 assert wrapped_func is not None

  295. 

  296.                 return maybe_awaitable(wrapped_func(*args, **kwargs))

  297. 

  298.             return run

  299. 

  300.         # Register the hooks through the module API.

  301.         hooks = {

  302.             hook: async_wrapper(getattr(spam_checker, hook, None))

  303.             for hook in spam_checker_methods

  304.         }

  305. 

  306.         api.register_spam_checker_callbacks(**hooks)

  307. 

  308. 

  309. class SpamCheckerModuleApiCallbacks:

  310.     NOT_SPAM: Literal["NOT_SPAM"] = "NOT_SPAM"

  311. 

  312.     def __init__(self, hs: "synapse.server.HomeServer") -> None:

  313.         self.clock = hs.get_clock()

  314. 

  315.         self._check_event_for_spam_callbacks: List[CHECK_EVENT_FOR_SPAM_CALLBACK] = []

  316.         self._should_drop_federated_event_callbacks: List[

  317.             SHOULD_DROP_FEDERATED_EVENT_CALLBACK

  318.         ] = []

  319.         self._user_may_join_room_callbacks: List[USER_MAY_JOIN_ROOM_CALLBACK] = []

  320.         self._user_may_invite_callbacks: List[USER_MAY_INVITE_CALLBACK] = []

  321.         self._user_may_send_3pid_invite_callbacks: List[

  322.             USER_MAY_SEND_3PID_INVITE_CALLBACK

  323.         ] = []

  324.         self._user_may_create_room_callbacks: List[USER_MAY_CREATE_ROOM_CALLBACK] = []

  325.         self._user_may_create_room_alias_callbacks: List[

  326.             USER_MAY_CREATE_ROOM_ALIAS_CALLBACK

  327.         ] = []

  328.         self._user_may_publish_room_callbacks: List[USER_MAY_PUBLISH_ROOM_CALLBACK] = []

  329.         self._check_username_for_spam_callbacks: List[

  330.             CHECK_USERNAME_FOR_SPAM_CALLBACK

  331.         ] = []

  332.         self._check_registration_for_spam_callbacks: List[

  333.             CHECK_REGISTRATION_FOR_SPAM_CALLBACK

  334.         ] = []

  335.         self._check_media_file_for_spam_callbacks: List[

  336.             CHECK_MEDIA_FILE_FOR_SPAM_CALLBACK

  337.         ] = []

  338.         self._check_login_for_spam_callbacks: List[CHECK_LOGIN_FOR_SPAM_CALLBACK] = []

  339. 

  340.     def register_callbacks(

  341.         self,

  342.         check_event_for_spam: Optional[CHECK_EVENT_FOR_SPAM_CALLBACK] = None,

  343.         should_drop_federated_event: Optional[

  344.             SHOULD_DROP_FEDERATED_EVENT_CALLBACK

  345.         ] = None,

  346.         user_may_join_room: Optional[USER_MAY_JOIN_ROOM_CALLBACK] = None,

  347.         user_may_invite: Optional[USER_MAY_INVITE_CALLBACK] = None,

  348.         user_may_send_3pid_invite: Optional[USER_MAY_SEND_3PID_INVITE_CALLBACK] = None,

  349.         user_may_create_room: Optional[USER_MAY_CREATE_ROOM_CALLBACK] = None,

  350.         user_may_create_room_alias: Optional[

  351.             USER_MAY_CREATE_ROOM_ALIAS_CALLBACK

  352.         ] = None,

  353.         user_may_publish_room: Optional[USER_MAY_PUBLISH_ROOM_CALLBACK] = None,

  354.         check_username_for_spam: Optional[CHECK_USERNAME_FOR_SPAM_CALLBACK] = None,

  355.         check_registration_for_spam: Optional[

  356.             CHECK_REGISTRATION_FOR_SPAM_CALLBACK

  357.         ] = None,

  358.         check_media_file_for_spam: Optional[CHECK_MEDIA_FILE_FOR_SPAM_CALLBACK] = None,

  359.         check_login_for_spam: Optional[CHECK_LOGIN_FOR_SPAM_CALLBACK] = None,

  360.     ) -> None:

  361.         """Register callbacks from module for each hook."""

  362.         if check_event_for_spam is not None:

  363.             self._check_event_for_spam_callbacks.append(check_event_for_spam)

  364. 

  365.         if should_drop_federated_event is not None:

  366.             self._should_drop_federated_event_callbacks.append(

  367.                 should_drop_federated_event

  368.             )

  369. 

  370.         if user_may_join_room is not None:

  371.             self._user_may_join_room_callbacks.append(user_may_join_room)

  372. 

  373.         if user_may_invite is not None:

  374.             self._user_may_invite_callbacks.append(user_may_invite)

  375. 

  376.         if user_may_send_3pid_invite is not None:

  377.             self._user_may_send_3pid_invite_callbacks.append(

  378.                 user_may_send_3pid_invite,

  379.             )

  380. 

  381.         if user_may_create_room is not None:

  382.             self._user_may_create_room_callbacks.append(user_may_create_room)

  383. 

  384.         if user_may_create_room_alias is not None:

  385.             self._user_may_create_room_alias_callbacks.append(

  386.                 user_may_create_room_alias,

  387.             )

  388. 

  389.         if user_may_publish_room is not None:

  390.             self._user_may_publish_room_callbacks.append(user_may_publish_room)

  391. 

  392.         if check_username_for_spam is not None:

  393.             self._check_username_for_spam_callbacks.append(check_username_for_spam)

  394. 

  395.         if check_registration_for_spam is not None:

  396.             self._check_registration_for_spam_callbacks.append(

  397.                 check_registration_for_spam,

  398.             )

  399. 

  400.         if check_media_file_for_spam is not None:

  401.             self._check_media_file_for_spam_callbacks.append(check_media_file_for_spam)

  402. 

  403.         if check_login_for_spam is not None:

  404.             self._check_login_for_spam_callbacks.append(check_login_for_spam)

  405. 

  406.     @trace

  407.     async def check_event_for_spam(

  408.         self, event: "synapse.events.EventBase"

  409.     ) -> Union[Tuple[Codes, JsonDict], str]:

  410.         """Checks if a given event is considered "spammy" by this server.

  411. 

  412.         If the server considers an event spammy, then it will be rejected if

  413.         sent by a local user. If it is sent by a user on another server, the

  414.         event is soft-failed.

  415. 

  416.         Args:

  417.             event: the event to be checked

  418. 

  419.         Returns:

  420.             - `NOT_SPAM` if the event is considered good (non-spammy) and should be let

  421.                 through. Other spamcheck filters may still reject it.

  422.             - A `Code` if the event is considered spammy and is rejected with a specific

  423.                 error message/code.

  424.             - A string that isn't `NOT_SPAM` if the event is considered spammy and the

  425.                 string should be used as the client-facing error message. This usage is

  426.                 generally discouraged as it doesn't support internationalization.

  427.         """

  428.         for callback in self._check_event_for_spam_callbacks:

  429.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  430.                 res = await delay_cancellation(callback(event))

  431.                 if res is False or res == self.NOT_SPAM:

  432.                     # This spam-checker accepts the event.

  433.                     # Other spam-checkers may reject it, though.

  434.                     continue

  435.                 elif res is True:

  436.                     # This spam-checker rejects the event with deprecated

  437.                     # return value `True`

  438.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  439.                 elif (

  440.                     isinstance(res, tuple)

  441.                     and len(res) == 2

  442.                     and isinstance(res[0], synapse.api.errors.Codes)

  443.                     and isinstance(res[1], dict)

  444.                 ):

  445.                     return res

  446.                 elif isinstance(res, synapse.api.errors.Codes):

  447.                     return res, {}

  448.                 elif not isinstance(res, str):

  449.                     # mypy complains that we can't reach this code because of the

  450.                     # return type in CHECK_EVENT_FOR_SPAM_CALLBACK, but we don't know

  451.                     # for sure that the module actually returns it.

  452.                     logger.warning(

  453.                         "Module returned invalid value, rejecting message as spam"

  454.                     )

  455.                     res = "This message has been rejected as probable spam"

  456.                 else:

  457.                     # The module rejected the event either with a `Codes`

  458.                     # or some other `str`. In either case, we stop here.

  459.                     pass

  460. 

  461.                 return res

  462. 

  463.         # No spam-checker has rejected the event, let it pass.

  464.         return self.NOT_SPAM

  465. 

  466.     async def should_drop_federated_event(

  467.         self, event: "synapse.events.EventBase"

  468.     ) -> Union[bool, str]:

  469.         """Checks if a given federated event is considered "spammy" by this

  470.         server.

  471. 

  472.         If the server considers an event spammy, it will be silently dropped,

  473.         and in doing so will split-brain our view of the room's DAG.

  474. 

  475.         Args:

  476.             event: the event to be checked

  477. 

  478.         Returns:

  479.             True if the event should be silently dropped

  480.         """

  481.         for callback in self._should_drop_federated_event_callbacks:

  482.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  483.                 res: Union[bool, str] = await delay_cancellation(callback(event))

  484.             if res:

  485.                 return res

  486. 

  487.         return False

  488. 

  489.     async def user_may_join_room(

  490.         self, user_id: str, room_id: str, is_invited: bool

  491.     ) -> Union[Tuple[Codes, JsonDict], Literal["NOT_SPAM"]]:

  492.         """Checks if a given users is allowed to join a room.

  493.         Not called when a user creates a room.

  494. 

  495.         Args:

  496.             userid: The ID of the user wanting to join the room

  497.             room_id: The ID of the room the user wants to join

  498.             is_invited: Whether the user is invited into the room

  499. 

  500.         Returns:

  501.             NOT_SPAM if the operation is permitted, [Codes, Dict] otherwise.

  502.         """

  503.         for callback in self._user_may_join_room_callbacks:

  504.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  505.                 res = await delay_cancellation(callback(user_id, room_id, is_invited))

  506.                 # Normalize return values to `Codes` or `"NOT_SPAM"`.

  507.                 if res is True or res is self.NOT_SPAM:

  508.                     continue

  509.                 elif res is False:

  510.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  511.                 elif isinstance(res, synapse.api.errors.Codes):

  512.                     return res, {}

  513.                 elif (

  514.                     isinstance(res, tuple)

  515.                     and len(res) == 2

  516.                     and isinstance(res[0], synapse.api.errors.Codes)

  517.                     and isinstance(res[1], dict)

  518.                 ):

  519.                     return res

  520.                 else:

  521.                     logger.warning(

  522.                         "Module returned invalid value, rejecting join as spam"

  523.                     )

  524.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  525. 

  526.         # No spam-checker has rejected the request, let it pass.

  527.         return self.NOT_SPAM

  528. 

  529.     async def user_may_invite(

  530.         self, inviter_userid: str, invitee_userid: str, room_id: str

  531.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  532.         """Checks if a given user may send an invite

  533. 

  534.         Args:

  535.             inviter_userid: The user ID of the sender of the invitation

  536.             invitee_userid: The user ID targeted in the invitation

  537.             room_id: The room ID

  538. 

  539.         Returns:

  540.             NOT_SPAM if the operation is permitted, Codes otherwise.

  541.         """

  542.         for callback in self._user_may_invite_callbacks:

  543.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  544.                 res = await delay_cancellation(

  545.                     callback(inviter_userid, invitee_userid, room_id)

  546.                 )

  547.                 # Normalize return values to `Codes` or `"NOT_SPAM"`.

  548.                 if res is True or res is self.NOT_SPAM:

  549.                     continue

  550.                 elif res is False:

  551.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  552.                 elif isinstance(res, synapse.api.errors.Codes):

  553.                     return res, {}

  554.                 elif (

  555.                     isinstance(res, tuple)

  556.                     and len(res) == 2

  557.                     and isinstance(res[0], synapse.api.errors.Codes)

  558.                     and isinstance(res[1], dict)

  559.                 ):

  560.                     return res

  561.                 else:

  562.                     logger.warning(

  563.                         "Module returned invalid value, rejecting invite as spam"

  564.                     )

  565.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  566. 

  567.         # No spam-checker has rejected the request, let it pass.

  568.         return self.NOT_SPAM

  569. 

  570.     async def user_may_send_3pid_invite(

  571.         self, inviter_userid: str, medium: str, address: str, room_id: str

  572.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  573.         """Checks if a given user may invite a given threepid into the room

  574. 

  575.         Note that if the threepid is already associated with a Matrix user ID, Synapse

  576.         will call user_may_invite with said user ID instead.

  577. 

  578.         Args:

  579.             inviter_userid: The user ID of the sender of the invitation

  580.             medium: The 3PID's medium (e.g. "email")

  581.             address: The 3PID's address (e.g. "alice@example.com")

  582.             room_id: The room ID

  583. 

  584.         Returns:

  585.             NOT_SPAM if the operation is permitted, Codes otherwise.

  586.         """

  587.         for callback in self._user_may_send_3pid_invite_callbacks:

  588.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  589.                 res = await delay_cancellation(

  590.                     callback(inviter_userid, medium, address, room_id)

  591.                 )

  592.                 # Normalize return values to `Codes` or `"NOT_SPAM"`.

  593.                 if res is True or res is self.NOT_SPAM:

  594.                     continue

  595.                 elif res is False:

  596.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  597.                 elif isinstance(res, synapse.api.errors.Codes):

  598.                     return res, {}

  599.                 elif (

  600.                     isinstance(res, tuple)

  601.                     and len(res) == 2

  602.                     and isinstance(res[0], synapse.api.errors.Codes)

  603.                     and isinstance(res[1], dict)

  604.                 ):

  605.                     return res

  606.                 else:

  607.                     logger.warning(

  608.                         "Module returned invalid value, rejecting 3pid invite as spam"

  609.                     )

  610.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  611. 

  612.         return self.NOT_SPAM

  613. 

  614.     async def user_may_create_room(

  615.         self, userid: str

  616.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  617.         """Checks if a given user may create a room

  618. 

  619.         Args:

  620.             userid: The ID of the user attempting to create a room

  621.         """

  622.         for callback in self._user_may_create_room_callbacks:

  623.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  624.                 res = await delay_cancellation(callback(userid))

  625.                 if res is True or res is self.NOT_SPAM:

  626.                     continue

  627.                 elif res is False:

  628.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  629.                 elif isinstance(res, synapse.api.errors.Codes):

  630.                     return res, {}

  631.                 elif (

  632.                     isinstance(res, tuple)

  633.                     and len(res) == 2

  634.                     and isinstance(res[0], synapse.api.errors.Codes)

  635.                     and isinstance(res[1], dict)

  636.                 ):

  637.                     return res

  638.                 else:

  639.                     logger.warning(

  640.                         "Module returned invalid value, rejecting room creation as spam"

  641.                     )

  642.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  643. 

  644.         return self.NOT_SPAM

  645. 

  646.     async def user_may_create_room_alias(

  647.         self, userid: str, room_alias: RoomAlias

  648.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  649.         """Checks if a given user may create a room alias

  650. 

  651.         Args:

  652.             userid: The ID of the user attempting to create a room alias

  653.             room_alias: The alias to be created

  654. 

  655.         """

  656.         for callback in self._user_may_create_room_alias_callbacks:

  657.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  658.                 res = await delay_cancellation(callback(userid, room_alias))

  659.                 if res is True or res is self.NOT_SPAM:

  660.                     continue

  661.                 elif res is False:

  662.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  663.                 elif isinstance(res, synapse.api.errors.Codes):

  664.                     return res, {}

  665.                 elif (

  666.                     isinstance(res, tuple)

  667.                     and len(res) == 2

  668.                     and isinstance(res[0], synapse.api.errors.Codes)

  669.                     and isinstance(res[1], dict)

  670.                 ):

  671.                     return res

  672.                 else:

  673.                     logger.warning(

  674.                         "Module returned invalid value, rejecting room create as spam"

  675.                     )

  676.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  677. 

  678.         return self.NOT_SPAM

  679. 

  680.     async def user_may_publish_room(

  681.         self, userid: str, room_id: str

  682.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  683.         """Checks if a given user may publish a room to the directory

  684. 

  685.         Args:

  686.             userid: The user ID attempting to publish the room

  687.             room_id: The ID of the room that would be published

  688.         """

  689.         for callback in self._user_may_publish_room_callbacks:

  690.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  691.                 res = await delay_cancellation(callback(userid, room_id))

  692.                 if res is True or res is self.NOT_SPAM:

  693.                     continue

  694.                 elif res is False:

  695.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  696.                 elif isinstance(res, synapse.api.errors.Codes):

  697.                     return res, {}

  698.                 elif (

  699.                     isinstance(res, tuple)

  700.                     and len(res) == 2

  701.                     and isinstance(res[0], synapse.api.errors.Codes)

  702.                     and isinstance(res[1], dict)

  703.                 ):

  704.                     return res

  705.                 else:

  706.                     logger.warning(

  707.                         "Module returned invalid value, rejecting room publication as spam"

  708.                     )

  709.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  710. 

  711.         return self.NOT_SPAM

  712. 

  713.     async def check_username_for_spam(self, user_profile: UserProfile) -> bool:

  714.         """Checks if a user ID or display name are considered "spammy" by this server.

  715. 

  716.         If the server considers a username spammy, then it will not be included in

  717.         user directory results.

  718. 

  719.         Args:

  720.             user_profile: The user information to check, it contains the keys:

  721.                 * user_id

  722.                 * display_name

  723.                 * avatar_url

  724. 

  725.         Returns:

  726.             True if the user is spammy.

  727.         """

  728.         for callback in self._check_username_for_spam_callbacks:

  729.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  730.                 # Make a copy of the user profile object to ensure the spam checker cannot

  731.                 # modify it.

  732.                 res = await delay_cancellation(callback(user_profile.copy()))

  733.             if res:

  734.                 return True

  735. 

  736.         return False

  737. 

  738.     async def check_registration_for_spam(

  739.         self,

  740.         email_threepid: Optional[dict],

  741.         username: Optional[str],

  742.         request_info: Collection[Tuple[str, str]],

  743.         auth_provider_id: Optional[str] = None,

  744.     ) -> RegistrationBehaviour:

  745.         """Checks if we should allow the given registration request.

  746. 

  747.         Args:

  748.             email_threepid: The email threepid used for registering, if any

  749.             username: The request user name, if any

  750.             request_info: List of tuples of user agent and IP that

  751.                 were used during the registration process.

  752.             auth_provider_id: The SSO IdP the user used, e.g "oidc", "saml",

  753.                 "cas". If any. Note this does not include users registered

  754.                 via a password provider.

  755. 

  756.         Returns:

  757.             Enum for how the request should be handled

  758.         """

  759. 

  760.         for callback in self._check_registration_for_spam_callbacks:

  761.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  762.                 behaviour = await delay_cancellation(

  763.                     callback(email_threepid, username, request_info, auth_provider_id)

  764.                 )

  765.             assert isinstance(behaviour, RegistrationBehaviour)

  766.             if behaviour != RegistrationBehaviour.ALLOW:

  767.                 return behaviour

  768. 

  769.         return RegistrationBehaviour.ALLOW

  770. 

  771.     @trace

  772.     async def check_media_file_for_spam(

  773.         self, file_wrapper: ReadableFileWrapper, file_info: FileInfo

  774.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  775.         """Checks if a piece of newly uploaded media should be blocked.

  776. 

  777.         This will be called for local uploads, downloads of remote media, each

  778.         thumbnail generated for those, and web pages/images used for URL

  779.         previews.

  780. 

  781.         Note that care should be taken to not do blocking IO operations in the

  782.         main thread. For example, to get the contents of a file a module

  783.         should do::

  784. 

  785.             async def check_media_file_for_spam(

  786.                 self, file: ReadableFileWrapper, file_info: FileInfo

  787.             ) -> Union[Codes, Literal["NOT_SPAM"]]:

  788.                 buffer = BytesIO()

  789.                 await file.write_chunks_to(buffer.write)

  790. 

  791.                 if buffer.getvalue() == b"Hello World":

  792.                     return synapse.module_api.NOT_SPAM

  793. 

  794.                 return Codes.FORBIDDEN

  795. 

  796. 

  797.         Args:

  798.             file: An object that allows reading the contents of the media.

  799.             file_info: Metadata about the file.

  800.         """

  801. 

  802.         for callback in self._check_media_file_for_spam_callbacks:

  803.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  804.                 res = await delay_cancellation(callback(file_wrapper, file_info))

  805.                 # Normalize return values to `Codes` or `"NOT_SPAM"`.

  806.                 if res is False or res is self.NOT_SPAM:

  807.                     continue

  808.                 elif res is True:

  809.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  810.                 elif isinstance(res, synapse.api.errors.Codes):

  811.                     return res, {}

  812.                 elif (

  813.                     isinstance(res, tuple)

  814.                     and len(res) == 2

  815.                     and isinstance(res[0], synapse.api.errors.Codes)

  816.                     and isinstance(res[1], dict)

  817.                 ):

  818.                     return res

  819.                 else:

  820.                     logger.warning(

  821.                         "Module returned invalid value, rejecting media file as spam"

  822.                     )

  823.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  824. 

  825.         return self.NOT_SPAM

  826. 

  827.     async def check_login_for_spam(

  828.         self,

  829.         user_id: str,

  830.         device_id: Optional[str],

  831.         initial_display_name: Optional[str],

  832.         request_info: Collection[Tuple[Optional[str], str]],

  833.         auth_provider_id: Optional[str] = None,

  834.     ) -> Union[Tuple[Codes, dict], Literal["NOT_SPAM"]]:

  835.         """Checks if we should allow the given registration request.

  836. 

  837.         Args:

  838.             user_id: The request user ID

  839.             request_info: List of tuples of user agent and IP that

  840.                 were used during the registration process.

  841.             auth_provider_id: The SSO IdP the user used, e.g "oidc", "saml",

  842.                 "cas". If any. Note this does not include users registered

  843.                 via a password provider.

  844. 

  845.         Returns:

  846.             Enum for how the request should be handled

  847.         """

  848. 

  849.         for callback in self._check_login_for_spam_callbacks:

  850.             with Measure(self.clock, f"{callback.__module__}.{callback.__qualname__}"):

  851.                 res = await delay_cancellation(

  852.                     callback(

  853.                         user_id,

  854.                         device_id,

  855.                         initial_display_name,

  856.                         request_info,

  857.                         auth_provider_id,

  858.                     )

  859.                 )

  860.                 # Normalize return values to `Codes` or `"NOT_SPAM"`.

  861.                 if res is self.NOT_SPAM:

  862.                     continue

  863.                 elif isinstance(res, synapse.api.errors.Codes):

  864.                     return res, {}

  865.                 elif (

  866.                     isinstance(res, tuple)

  867.                     and len(res) == 2

  868.                     and isinstance(res[0], synapse.api.errors.Codes)

  869.                     and isinstance(res[1], dict)

  870.                 ):

  871.                     return res

  872.                 else:

  873.                     logger.warning(

  874.                         "Module returned invalid value, rejecting login as spam"

  875.                     )

  876.                     return synapse.api.errors.Codes.FORBIDDEN, {}

  877. 

  878.         return self.NOT_SPAM