Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Add some configuration settings to make profile data more private #9203

Merged
merged 1 commit into from
Feb 19, 2021
Merged

Add some configuration settings to make profile data more private #9203

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/9203.feature
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add some configuration settings to make users' profile data more private.
14 changes: 14 additions & 0 deletions docs/sample_config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,14 @@ pid_file: DATADIR/homeserver.pid
#
#limit_profile_requests_to_users_who_share_rooms: true

# Uncomment to prevent a user's profile data from being retrieved and
# displayed in a room until they have joined it. By default, a user's
# profile data is included in an invite event, regardless of the values
# of the above two settings, and whether or not the users share a server.
# Defaults to 'true'.
#
#include_profile_data_on_invite: false

# If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
Expand Down Expand Up @@ -699,6 +707,12 @@ acme:
# - matrix.org
# - example.com

# Uncomment to disable profile lookup over federation. By default, the
# Federation API allows other homeservers to obtain profile data of any user
# on this homeserver. Defaults to 'true'.
#
#allow_profile_lookup_over_federation: false


## Caching ##

Expand Down
10 changes: 10 additions & 0 deletions synapse/config/federation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,10 @@ def read_config(self, config, **kwargs):
)
self.federation_metrics_domains = set(federation_metrics_domains)

self.allow_profile_lookup_over_federation = config.get(
"allow_profile_lookup_over_federation", True
)

def generate_config_section(self, config_dir_path, server_name, **kwargs):
return """\
## Federation ##
Expand All @@ -66,6 +70,12 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs):
#federation_metrics_domains:
# - matrix.org
# - example.com

# Uncomment to disable profile lookup over federation. By default, the
# Federation API allows other homeservers to obtain profile data of any user
# on this homeserver. Defaults to 'true'.
#
#allow_profile_lookup_over_federation: false
"""


Expand Down
14 changes: 14 additions & 0 deletions synapse/config/server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,12 @@ def read_config(self, config, **kwargs):
"limit_profile_requests_to_users_who_share_rooms", False,
)

# Whether to retrieve and display profile data for a user when they
# are invited to a room
self.include_profile_data_on_invite = config.get(
"include_profile_data_on_invite", True
)

if "restrict_public_rooms_to_local_users" in config and (
"allow_public_rooms_without_auth" in config
or "allow_public_rooms_over_federation" in config
Expand Down Expand Up @@ -779,6 +785,14 @@ def generate_config_section(
#
#limit_profile_requests_to_users_who_share_rooms: true

# Uncomment to prevent a user's profile data from being retrieved and
# displayed in a room until they have joined it. By default, a user's
# profile data is included in an invite event, regardless of the values
# of the above two settings, and whether or not the users share a server.
# Defaults to 'true'.
#
#include_profile_data_on_invite: false

# If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
Expand Down
7 changes: 3 additions & 4 deletions synapse/federation/transport/server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -480,10 +480,9 @@ class FederationQueryServlet(BaseFederationServlet):

# This is when we receive a server-server Query
async def on_GET(self, origin, content, query, query_type):
return await self.handler.on_query_request(
query_type,
{k.decode("utf8"): v[0].decode("utf-8") for k, v in query.items()},
)
args = {k.decode("utf8"): v[0].decode("utf-8") for k, v in query.items()}
args["origin"] = origin
return await self.handler.on_query_request(query_type, args)


class FederationMakeJoinServlet(BaseFederationServlet):
Expand Down
8 changes: 7 additions & 1 deletion synapse/handlers/message.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -381,6 +381,12 @@ def __init__(self, hs: "HomeServer"):

self.room_invite_state_types = self.hs.config.room_invite_state_types

self.membership_types_to_include_profile_data_in = (
{Membership.JOIN, Membership.INVITE}
if self.hs.config.include_profile_data_on_invite
else {Membership.JOIN}
)

self.send_event = ReplicationSendEventRestServlet.make_client(hs)

# This is only used to get at ratelimit function, and maybe_kick_guest_users
Expand Down Expand Up @@ -494,7 +500,7 @@ async def create_event(
membership = builder.content.get("membership", None)
target = UserID.from_string(builder.state_key)

if membership in {Membership.JOIN, Membership.INVITE}:
if membership in self.membership_types_to_include_profile_data_in:
# If event doesn't include a display name, add one.
profile = self.profile_handler
content = builder.content
Expand Down
10 changes: 10 additions & 0 deletions synapse/handlers/profile.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -309,6 +309,16 @@ async def set_avatar_url(
await self._update_join_states(requester, target_user)

async def on_profile_query(self, args: JsonDict) -> JsonDict:
"""Handles federation profile query requests.
"""

if not self.hs.config.allow_profile_lookup_over_federation:
raise SynapseError(
403,
"Profile lookup over federation is disabled on this homeserver",
Codes.FORBIDDEN,
)

user = UserID.from_string(args["user_id"])
if not self.hs.is_mine(user):
raise SynapseError(400, "User is not hosted on this homeserver")
Expand Down
3 changes: 2 additions & 1 deletion synapse/replication/http/federation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,8 +213,9 @@ async def _handle_request(self, request, query_type):
content = parse_json_object_from_request(request)

args = content["args"]
args["origin"] = content["origin"]

logger.info("Got %r query", query_type)
logger.info("Got %r query from %s", query_type, args["origin"])

result = await self.registry.on_query(query_type, args)

Expand Down
6 changes: 5 additions & 1 deletion tests/handlers/test_profile.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,11 @@ def test_incoming_fed_query(self):

response = yield defer.ensureDeferred(
self.query_handlers["profile"](
{"user_id": "@caroline:test", "field": "displayname"}
{
"user_id": "@caroline:test",
"field": "displayname",
"origin": "servername.tld",
}
)
)

Expand Down