From 3353f4c04af5cd1ea7271a237baacf52a0c1ef6c Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 17:52:10 -0600 Subject: [PATCH 01/14] Bring auto-accept invite logic into synapse --- .../configuration/config_documentation.md | 26 + synapse/app/_base.py | 6 + synapse/config/_base.pyi | 2 + synapse/config/auto_accept_invites.py | 43 ++ synapse/config/homeserver.py | 2 + synapse/events/auto_accept_invites.py | 185 +++++ synapse/handlers/federation.py | 1 + synapse/handlers/message.py | 2 + synapse/notifier.py | 1 + tests/events/test_auto_accept_invites.py | 694 ++++++++++++++++++ tests/rest/client/utils.py | 2 + tests/server.py | 6 + 12 files changed, 970 insertions(+) create mode 100644 synapse/config/auto_accept_invites.py create mode 100644 synapse/events/auto_accept_invites.py create mode 100644 tests/events/test_auto_accept_invites.py diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index 0c582d0387b..181de0106ef 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -4554,3 +4554,29 @@ background_updates: min_batch_size: 10 default_batch_size: 50 ``` +--- +## Auto Accept Invites +Configuration settings related to automatically accepting invites. + +--- +### `auto_accept_invites` + +Automatically accepting invites controls whether users are presented with an invite request or if they +are instead automatically joined to a room when receiving an invite. Set the `enabled` sub-option to true to +enable auto-accepting invites. Defaults to false. +This setting has the following sub-options: +* `enabled`: Whether to run the auto-accept invites logic. Defaults to false. Set to true to change the default. +* `only_for_direct_messages`: Whether invites should be automatically accepted for all room types, or only + for direct messages. Defaults to false. Set to true to change the default. +* `only_from_local_users`: Whether invites should be automatically accepted from all users, or only from users + on this homeserver. Defaults to false. Set to true to change the default. +* `worker_to_run_on`: Which worker to run this module on. Defaults to None (running on the main process). + +Example configuration: +```yaml +auto_accept_invites: + enabled: true + only_for_direct_messages: true + only_from_local_users: true + worker_to_run_on: "worker_1" +``` diff --git a/synapse/app/_base.py b/synapse/app/_base.py index 3182608f73e..67e0df14595 100644 --- a/synapse/app/_base.py +++ b/synapse/app/_base.py @@ -68,6 +68,7 @@ from synapse.config.homeserver import HomeServerConfig from synapse.config.server import ListenerConfig, ManholeConfig, TCPListenerConfig from synapse.crypto import context_factory +from synapse.events.auto_accept_invites import InviteAutoAccepter from synapse.events.presence_router import load_legacy_presence_router from synapse.handlers.auth import load_legacy_password_auth_providers from synapse.http.site import SynapseSite @@ -582,6 +583,11 @@ def run_sighup(*args: Any, **kwargs: Any) -> None: m = module(config, module_api) logger.info("Loaded module %s", m) + if hs.config.auto_accept_invites.enabled: + # Start the local auto_accept_invites module. + m = InviteAutoAccepter(hs.config.auto_accept_invites, module_api) + logger.info("Loaded local module %s", m) + load_legacy_spam_checkers(hs) load_legacy_third_party_event_rules(hs) load_legacy_presence_router(hs) diff --git a/synapse/config/_base.pyi b/synapse/config/_base.pyi index fc51aed2345..d9cb0da38bb 100644 --- a/synapse/config/_base.pyi +++ b/synapse/config/_base.pyi @@ -23,6 +23,7 @@ from synapse.config import ( # noqa: F401 api, appservice, auth, + auto_accept_invites, background_updates, cache, captcha, @@ -120,6 +121,7 @@ class RootConfig: federation: federation.FederationConfig retention: retention.RetentionConfig background_updates: background_updates.BackgroundUpdateConfig + auto_accept_invites: auto_accept_invites.AutoAcceptInvitesConfig config_classes: List[Type["Config"]] = ... config_files: List[str] diff --git a/synapse/config/auto_accept_invites.py b/synapse/config/auto_accept_invites.py new file mode 100644 index 00000000000..40b23e9c2f1 --- /dev/null +++ b/synapse/config/auto_accept_invites.py @@ -0,0 +1,43 @@ +# +# This file is licensed under the Affero General Public License (AGPL) version 3. +# +# Copyright (C) 2024 New Vector, Ltd +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# See the GNU Affero General Public License for more details: +# . +# +# Originally licensed under the Apache License, Version 2.0: +# . +# +# [This file includes modifications made by New Vector Limited] +# +# +from typing import Any + +from synapse.types import JsonDict + +from ._base import Config + + +class AutoAcceptInvitesConfig(Config): + section = "auto_accept_invites" + + def read_config(self, config: JsonDict, **kwargs: Any) -> None: + auto_accept_invites_config = config.get("auto_accept_invites") or {} + + self.enabled = auto_accept_invites_config.get("enabled", False) + + self.accept_invites_only_for_direct_messages = auto_accept_invites_config.get( + "only_for_direct_messages", False + ) + + self.accept_invites_only_from_local_users = auto_accept_invites_config.get( + "only_from_local_users", False + ) + + self.worker_to_run_on = auto_accept_invites_config.get("worker_to_run_on", None) diff --git a/synapse/config/homeserver.py b/synapse/config/homeserver.py index 72e93ed04f8..e36c0bd6aef 100644 --- a/synapse/config/homeserver.py +++ b/synapse/config/homeserver.py @@ -23,6 +23,7 @@ from .api import ApiConfig from .appservice import AppServiceConfig from .auth import AuthConfig +from .auto_accept_invites import AutoAcceptInvitesConfig from .background_updates import BackgroundUpdateConfig from .cache import CacheConfig from .captcha import CaptchaConfig @@ -105,4 +106,5 @@ class HomeServerConfig(RootConfig): RedisConfig, ExperimentalConfig, BackgroundUpdateConfig, + AutoAcceptInvitesConfig, ] diff --git a/synapse/events/auto_accept_invites.py b/synapse/events/auto_accept_invites.py new file mode 100644 index 00000000000..5e87abc74a6 --- /dev/null +++ b/synapse/events/auto_accept_invites.py @@ -0,0 +1,185 @@ +# +# This file is licensed under the Affero General Public License (AGPL) version 3. +# +# Copyright 2021 The Matrix.org Foundation C.I.C +# Copyright (C) 2024 New Vector, Ltd +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# See the GNU Affero General Public License for more details: +# . +# +# Originally licensed under the Apache License, Version 2.0: +# . +# +# [This file includes modifications made by New Vector Limited] +# +# +import logging +from typing import Any, Dict, Tuple + +from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig +from synapse.module_api import EventBase, ModuleApi, run_as_background_process + +logger = logging.getLogger(__name__) +ACCOUNT_DATA_DIRECT_MESSAGE_LIST = "m.direct" + + +class InviteAutoAccepter: + def __init__(self, config: AutoAcceptInvitesConfig, api: ModuleApi): + # Keep a reference to the Module API. + self._api = api + self._config = config + + should_run_on_this_worker = config.worker_to_run_on == self._api.worker_name + + if not should_run_on_this_worker: + logger.info( + "Not accepting invites on this worker (configured: %r, here: %r)", + config.worker_to_run_on, + self._api.worker_name, + ) + return + + logger.info( + "Accepting invites on this worker (here: %r)", self._api.worker_name + ) + + # Register the callback. + self._api.register_third_party_rules_callbacks( + on_new_event=self.on_new_event, + ) + + async def on_new_event(self, event: EventBase, *args: Any) -> None: + """Listens for new events, and if the event is an invite for a local user then + automatically accepts it. + + Args: + event: The incoming event. + """ + # Check if the event is an invite for a local user. + is_invite_for_local_user = ( + event.type == "m.room.member" + and event.is_state() + and event.membership == "invite" + and self._api.is_mine(event.state_key) + ) + + # Only accept invites for direct messages if the configuration mandates it. + is_direct_message = event.content.get("is_direct", False) + logger.info("Is Direct: %r", is_direct_message) + is_allowed_by_direct_message_rules = ( + not self._config.accept_invites_only_for_direct_messages + or is_direct_message is True + ) + + # Only accept invites from remote users if the configuration mandates it. + is_from_local_user = self._api.is_mine(event.sender) + is_allowed_by_local_user_rules = ( + not self._config.accept_invites_only_from_local_users + or is_from_local_user is True + ) + + if ( + is_invite_for_local_user + and is_allowed_by_direct_message_rules + and is_allowed_by_local_user_rules + ): + # Make the user join the room. We run this as a background process to circumvent a race condition + # that occurs when responding to invites over federation (see https://github.com/matrix-org/synapse-auto-accept-invite/issues/12) + run_as_background_process( + "retry_make_join", + self._retry_make_join, + event.state_key, + event.state_key, + event.room_id, + "join", + bg_start_span=False, + ) + + if is_direct_message: + # Mark this room as a direct message! + await self._mark_room_as_direct_message( + event.state_key, event.sender, event.room_id + ) + + async def _mark_room_as_direct_message( + self, user_id: str, dm_user_id: str, room_id: str + ) -> None: + """ + Marks a room (`room_id`) as a direct message with the counterparty `dm_user_id` + from the perspective of the user `user_id`. + """ + + # This is a dict of User IDs to tuples of Room IDs + # (get_global will return a frozendict of tuples as it freezes the data, + # but we should accept either frozen or unfrozen variants.) + # Be careful: we convert the outer frozendict into a dict here, + # but the contents of the dict are still frozen (tuples in lieu of lists, + # etc.) + dm_map: Dict[str, Tuple[str, ...]] = dict( + await self._api.account_data_manager.get_global( + user_id, ACCOUNT_DATA_DIRECT_MESSAGE_LIST + ) + or {} + ) + + if dm_user_id not in dm_map: + dm_map[dm_user_id] = (room_id,) + else: + dm_rooms_for_user = dm_map[dm_user_id] + if not isinstance(dm_rooms_for_user, (tuple, list)): + # Don't mangle the data if we don't understand it. + logger.warning( + "Not marking room as DM for auto-accepted invitation; " + "dm_map[%r] is a %s not a list.", + type(dm_rooms_for_user), + dm_user_id, + ) + return + + dm_map[dm_user_id] = tuple(dm_rooms_for_user) + (room_id,) + + await self._api.account_data_manager.put_global( + user_id, ACCOUNT_DATA_DIRECT_MESSAGE_LIST, dm_map + ) + + async def _retry_make_join( + self, sender: str, target: str, room_id: str, new_membership: str + ) -> None: + """ + A function to retry sending the `make_join` request with an increasing backoff. This is + implemented to work around a race condition when receiving invites over federation. + + Args: + sender: the user performing the membership change + target: the for whom the membership is changing + room_id: room id of the room to join to + new_membership: the type of membership event (in this case will be "join") + """ + + sleep = 0 + retries = 0 + join_event = None + + while retries < 5: + try: + await self._api.sleep(sleep) + join_event = await self._api.update_room_membership( + sender=sender, + target=target, + room_id=room_id, + new_membership=new_membership, + ) + except Exception as e: + logger.info( + f"Update_room_membership raised the following exception: {e}" + ) + sleep = 2**retries + retries += 1 + + if join_event is not None: + break diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index 299588e4768..d6708602b65 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -1117,6 +1117,7 @@ async def on_invite_request( [(event, context)] ) try: + # TODO: Devon - should add auto-accept-invite logic here? await self._federation_event_handler.persist_events_and_notify( event.room_id, [(event, context)] ) diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py index ccaa5508ff0..a1b7cb424b7 100644 --- a/synapse/handlers/message.py +++ b/synapse/handlers/message.py @@ -1954,6 +1954,8 @@ async def persist_and_notify_client_events( async def _notify() -> None: try: + # TODO: Devon - should auto-accept invites here (or slightly above when + # checking if invie) await self.notifier.on_new_room_events( events_and_pos, max_stream_token, extra_users=extra_users ) diff --git a/synapse/notifier.py b/synapse/notifier.py index 7c1cd3b5f2f..aeb88370bff 100644 --- a/synapse/notifier.py +++ b/synapse/notifier.py @@ -374,6 +374,7 @@ async def notify_new_room_events( the client streams. """ for event_entry, event_id in event_entries: + # TODO: Devon - Add module call for auto-accept invites here self.pending_new_room_events.append(event_entry) await self._third_party_rules.on_new_event(event_id) diff --git a/tests/events/test_auto_accept_invites.py b/tests/events/test_auto_accept_invites.py new file mode 100644 index 00000000000..68f56fef726 --- /dev/null +++ b/tests/events/test_auto_accept_invites.py @@ -0,0 +1,694 @@ +# +# This file is licensed under the Affero General Public License (AGPL) version 3. +# +# Copyright 2021 The Matrix.org Foundation C.I.C +# Copyright (C) 2024 New Vector, Ltd +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# See the GNU Affero General Public License for more details: +# . +# +# Originally licensed under the Apache License, Version 2.0: +# . +# +# [This file includes modifications made by New Vector Limited] +# +# +import asyncio +from asyncio import Future +from typing import Any, Awaitable, Dict, List, Optional, Tuple, TypeVar, cast +from unittest.mock import Mock + +import attr + +from twisted.test.proto_helpers import MemoryReactor + +from synapse.api.constants import EventTypes +from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig +from synapse.events.auto_accept_invites import InviteAutoAccepter +from synapse.federation.federation_base import event_from_pdu_json +from synapse.handlers.sync import JoinedSyncResult +from synapse.module_api import ModuleApi +from synapse.rest import admin +from synapse.rest.client import login, room +from synapse.server import HomeServer +from synapse.types import StreamToken, create_requester +from synapse.util import Clock + +from tests.handlers.test_sync import generate_sync_config +from tests.unittest import ( + FederatingHomeserverTestCase, + HomeserverTestCase, + TestCase, + override_config, +) + + +class AutoAcceptInvitesTestCase(FederatingHomeserverTestCase): + """ + Integration test cases for auto-accepting invites. + """ + + servlets = [ + admin.register_servlets, + login.register_servlets, + room.register_servlets, + ] + + def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer: + hs = self.setup_test_homeserver() + self.handler = hs.get_federation_handler() + self.store = hs.get_datastores().main + return hs + + def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None: + self.sync_handler = self.hs.get_sync_handler() + self.module_api = hs.get_module_api() + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + }, + } + ) + def test_simple_accept_invite(self) -> None: + """Test that a user automatically joins a room when invited, if the + module is enabled. + """ + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as( + inviting_user_id, + tok=inviting_user_tok, + ) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + + @override_config( + { + "auto_accept_invites": { + "enabled": False, + }, + } + ) + def test_simple_dont_accept_invite(self) -> None: + """Test that a user does not automatically join a room when invited, + if the module is not enabled. + """ + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as(inviting_user_id, tok=inviting_user_tok) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 0) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + }, + } + ) + def test_simple_accept_invite_direct_message(self) -> None: + """Test that a user automatically joins a room when invited, even if the invite + is for a direct message room. + """ + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as( + inviting_user_id, + tok=inviting_user_tok, + ) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + extra_data={"is_direct": True}, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + }, + } + ) + def test_invite_from_remote_user(self) -> None: + """Test that an invite from a remote user results in the invited user + automatically joining the room. + """ + # A remote user who sends the invite + remote_server = "otherserver" + remote_user = "@otheruser:" + remote_server + + # A local user who creates the room + creator_user_id = self.register_user("creator", "pass") + creator_user_tok = self.login("creator", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + room_id = self.helper.create_room_as( + room_creator=creator_user_id, tok=creator_user_tok + ) + room_version = self.get_success(self.store.get_room_version(room_id)) + + invite_event = event_from_pdu_json( + { + "type": EventTypes.Member, + "content": {"membership": "invite"}, + "room_id": room_id, + "sender": remote_user, + "state_key": invited_user_id, + "depth": 32, + "prev_events": [], + "auth_events": [], + "origin_server_ts": self.clock.time_msec(), + }, + room_version, + ) + self.get_success( + self.handler.on_invite_request( + remote_server, + invite_event, + invite_event.room_version, + ) + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + "only_for_direct_messages": True, + }, + } + ) + def test_accept_invite_direct_message_if_only_enabled_for_direct_messages( + self, + ) -> None: + """Tests that, if the module is configured to only accept DM invites, invites to DM rooms are still + automatically accepted. + """ + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as( + inviting_user_id, + tok=inviting_user_tok, + ) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + extra_data={"is_direct": True}, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + "only_for_direct_messages": True, + }, + } + ) + def test_ignore_invite_if_only_enabled_for_direct_messages(self) -> None: + """Tests that, if the module is configured to only accept DM invites, invites to non-DM rooms are ignored.""" + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as( + inviting_user_id, + tok=inviting_user_tok, + ) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + extra_data={"is_direct": False}, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 0) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + "only_from_local_users": True, + }, + } + ) + def test_accept_invite_local_user_if_only_enabled_for_local_users(self) -> None: + """Tests that, if the module is configured to only accept invites from local users, invites + from local users are still automatically accepted. + """ + # A local user who sends an invite + inviting_user_id = self.register_user("inviter", "pass") + inviting_user_tok = self.login("inviter", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + # Create a room and send an invite to the other user + room_id = self.helper.create_room_as(inviting_user_id, tok=inviting_user_tok) + + self.helper.invite( + room_id, + inviting_user_id, + invited_user_id, + tok=inviting_user_tok, + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + + @override_config( + { + "auto_accept_invites": { + "enabled": True, + "only_from_local_users": True, + }, + } + ) + def test_ignore_invite_if_only_enabled_from_local_users(self) -> None: + """Tests that, if the module is configured to only accept invites from local users, + invites from non-local users are ignored. + """ + # A remote user who sends the invite + remote_server = "otherserver" + remote_user = "@otheruser:" + remote_server + + # A local user who creates the room + creator_user_id = self.register_user("creator", "pass") + creator_user_tok = self.login("creator", "pass") + + # A local user who receives an invite + invited_user_id = self.register_user("invitee", "pass") + self.login("invitee", "pass") + + room_id = self.helper.create_room_as( + room_creator=creator_user_id, tok=creator_user_tok + ) + room_version = self.get_success(self.store.get_room_version(room_id)) + + invite_event = event_from_pdu_json( + { + "type": EventTypes.Member, + "content": {"membership": "invite"}, + "room_id": room_id, + "sender": remote_user, + "state_key": invited_user_id, + "depth": 32, + "prev_events": [], + "auth_events": [], + "origin_server_ts": self.clock.time_msec(), + }, + room_version, + ) + self.get_success( + self.handler.on_invite_request( + remote_server, + invite_event, + invite_event.room_version, + ) + ) + + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, sync_token = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 0) + + +def sync_join( + testcase: HomeserverTestCase, + user_id: str, + since_token: Optional[StreamToken] = None, +) -> Tuple[List[JoinedSyncResult], StreamToken]: + """Perform a sync request for the given user and return the user join updates + they've received, as well as the next_batch token. + + This method assumes testcase.sync_handler points to the homeserver's sync handler. + + Args: + testcase: The testcase that is currently being run. + user_id: The ID of the user to generate a sync response for. + since_token: An optional token to indicate from at what point to sync from. + + Returns: + A tuple containing a list of join updates, and the sync response's + next_batch token. + """ + requester = create_requester(user_id) + sync_config = generate_sync_config(requester.user.to_string()) + sync_result = testcase.get_success( + testcase.hs.get_sync_handler().wait_for_sync_for_user( + requester, sync_config, since_token + ) + ) + + return sync_result.joined, sync_result.next_batch + + +class InviteAutoAccepterInternalTestCase(TestCase): + """ + Test cases which exercise the internals of the InviteAutoAccepter. + """ + + def setUp(self) -> None: + self.module = create_module() + self.user_id = "@peter:test" + self.invitee = "@lesley:test" + self.remote_invitee = "@thomas:remote" + + # We know our module API is a mock, but mypy doesn't. + self.mocked_update_membership: Mock = self.module._api.update_room_membership # type: ignore[assignment] + + async def test_accept_invite_with_failures(self) -> None: + """Tests that receiving an invite for a local user makes the module attempt to + make the invitee join the room. This test verifies that it works if the call to + update membership returns exceptions before successfully completing and returning an event. + """ + invite = MockEvent( + sender="@inviter:test", + state_key="@invitee:test", + type="m.room.member", + content={"membership": "invite"}, + ) + + join_event = MockEvent( + sender="someone", + state_key="someone", + type="m.room.member", + content={"membership": "join"}, + ) + # the first two calls raise an exception while the third call is successful + self.mocked_update_membership.side_effect = [ + Exception(), + Exception(), + make_awaitable(join_event), + ] + + # Stop mypy from complaining that we give on_new_event a MockEvent rather than an + # EventBase. + await self.module.on_new_event(event=invite) # type: ignore[arg-type] + + await self.retry_assertions( + self.mocked_update_membership, + 3, + sender=invite.state_key, + target=invite.state_key, + room_id=invite.room_id, + new_membership="join", + ) + + async def test_accept_invite_failures(self) -> None: + """Tests that receiving an invite for a local user makes the module attempt to + make the invitee join the room. This test verifies that if the update_membership call + fails consistently, _retry_make_join will break the loop after the set number of retries and + execution will continue. + """ + invite = MockEvent( + sender=self.user_id, + state_key=self.invitee, + type="m.room.member", + content={"membership": "invite"}, + ) + self.mocked_update_membership.side_effect = Exception() + + # Stop mypy from complaining that we give on_new_event a MockEvent rather than an + # EventBase. + await self.module.on_new_event(event=invite) # type: ignore[arg-type] + + await self.retry_assertions( + self.mocked_update_membership, + 5, + sender=invite.state_key, + target=invite.state_key, + room_id=invite.room_id, + new_membership="join", + ) + + async def test_not_state(self) -> None: + """Tests that receiving an invite that's not a state event does nothing.""" + invite = MockEvent( + sender=self.user_id, type="m.room.member", content={"membership": "invite"} + ) + + # Stop mypy from complaining that we give on_new_event a MockEvent rather than an + # EventBase. + await self.module.on_new_event(event=invite) # type: ignore[arg-type] + + self.mocked_update_membership.assert_not_called() + + async def test_not_invite(self) -> None: + """Tests that receiving a membership update that's not an invite does nothing.""" + invite = MockEvent( + sender=self.user_id, + state_key=self.user_id, + type="m.room.member", + content={"membership": "join"}, + ) + + # Stop mypy from complaining that we give on_new_event a MockEvent rather than an + # EventBase. + await self.module.on_new_event(event=invite) # type: ignore[arg-type] + + self.mocked_update_membership.assert_not_called() + + async def test_not_membership(self) -> None: + """Tests that receiving a state event that's not a membership update does + nothing. + """ + invite = MockEvent( + sender=self.user_id, + state_key=self.user_id, + type="org.matrix.test", + content={"foo": "bar"}, + ) + + # Stop mypy from complaining that we give on_new_event a MockEvent rather than an + # EventBase. + await self.module.on_new_event(event=invite) # type: ignore[arg-type] + + self.mocked_update_membership.assert_not_called() + + def test_config_parse(self) -> None: + """Tests that a correct configuration parses.""" + config = { + "auto_accept_invites": { + "enabled": True, + "only_for_direct_messages": True, + "only_from_local_users": True, + } + } + parsed_config = AutoAcceptInvitesConfig() + parsed_config.read_config(config) + + self.assertTrue(parsed_config.enabled) + self.assertTrue(parsed_config.accept_invites_only_for_direct_messages) + self.assertTrue(parsed_config.accept_invites_only_from_local_users) + + def test_runs_on_only_one_worker(self) -> None: + """ + Tests that the module only runs on the specified worker. + """ + # By default, we run on the main process... + main_module = create_module(worker_name=None) + cast( + Mock, main_module._api.register_third_party_rules_callbacks + ).assert_called_once() + + # ...and not on other workers (like synchrotrons)... + sync_module = create_module(worker_name="synchrotron42") + cast( + Mock, sync_module._api.register_third_party_rules_callbacks + ).assert_not_called() + + # ...unless we configured them to be the designated worker. + specified_module = create_module( + config_override={ + "auto_accept_invites": {"worker_to_run_on": "account_data1"} + }, + worker_name="account_data1", + ) + cast( + Mock, specified_module._api.register_third_party_rules_callbacks + ).assert_called_once() + + async def retry_assertions( + self, mock: Mock, call_count: int, **kwargs: Any + ) -> None: + """ + This is a hacky way to ensure that the assertions are not called before the other coroutine + has a chance to call `update_room_membership`. It catches the exception caused by a failure, + and sleeps the thread before retrying, up until 5 tries. + + Args: + call_count: the number of times the mock should have been called + mock: the mocked function we want to assert on + kwargs: keyword arguments to assert that the mock was called with + """ + + i = 0 + while i < 5: + try: + # Check that the mocked method is called the expected amount of times and with the right + # arguments to attempt to make the user join the room. + mock.assert_called_with(**kwargs) + self.assertEqual(call_count, mock.call_count) + break + except AssertionError as e: + i += 1 + if i == 5: + # we've used up the tries, force the test to fail as we've already caught the exception + self.fail(e) + await asyncio.sleep(1) + + +@attr.s(auto_attribs=True) +class MockEvent: + """Mocks an event. Only exposes properties the module uses.""" + + sender: str + type: str + content: Dict[str, Any] + room_id: str = "!someroom" + state_key: Optional[str] = None + + def is_state(self) -> bool: + """Checks if the event is a state event by checking if it has a state key.""" + return self.state_key is not None + + @property + def membership(self) -> str: + """Extracts the membership from the event. Should only be called on an event + that's a membership event, and will raise a KeyError otherwise. + """ + membership: str = self.content["membership"] + return membership + + +T = TypeVar("T") +TV = TypeVar("TV") + + +async def make_awaitable(value: T) -> T: + return value + + +def make_multiple_awaitable(result: TV) -> Awaitable[TV]: + """ + Makes an awaitable, suitable for mocking an `async` function. + This uses Futures as they can be awaited multiple times so can be returned + to multiple callers. + """ + future: Future[TV] = Future() + future.set_result(result) + return future + + +def create_module( + config_override: Dict[str, Any] = {}, worker_name: Optional[str] = None +) -> InviteAutoAccepter: + # Create a mock based on the ModuleApi spec, but override some mocked functions + # because some capabilities are needed for running the tests. + module_api = Mock(spec=ModuleApi) + module_api.is_mine.side_effect = lambda a: a.split(":")[1] == "test" + module_api.worker_name = worker_name + module_api.sleep.return_value = make_multiple_awaitable(None) + + config = AutoAcceptInvitesConfig() + config.read_config(config_override) + + return InviteAutoAccepter(config, module_api) diff --git a/tests/rest/client/utils.py b/tests/rest/client/utils.py index fe00afe1986..7362bde7ab8 100644 --- a/tests/rest/client/utils.py +++ b/tests/rest/client/utils.py @@ -170,6 +170,7 @@ def invite( targ: Optional[str] = None, expect_code: int = HTTPStatus.OK, tok: Optional[str] = None, + extra_data: Optional[dict] = None, ) -> JsonDict: return self.change_membership( room=room, @@ -178,6 +179,7 @@ def invite( tok=tok, membership=Membership.INVITE, expect_code=expect_code, + extra_data=extra_data, ) def join( diff --git a/tests/server.py b/tests/server.py index 434be3d22c6..f3a917f835b 100644 --- a/tests/server.py +++ b/tests/server.py @@ -85,6 +85,7 @@ from synapse.config.database import DatabaseConnectionConfig from synapse.config.homeserver import HomeServerConfig +from synapse.events.auto_accept_invites import InviteAutoAccepter from synapse.events.presence_router import load_legacy_presence_router from synapse.handlers.auth import load_legacy_password_auth_providers from synapse.http.site import SynapseRequest @@ -1156,6 +1157,11 @@ async def validate_hash(p: str, h: str) -> bool: for module, module_config in hs.config.modules.loaded_modules: module(config=module_config, api=module_api) + if hs.config.auto_accept_invites.enabled: + # Start the local auto_accept_invites module. + m = InviteAutoAccepter(hs.config.auto_accept_invites, module_api) + logger.info("Loaded local module %s", m) + load_legacy_spam_checkers(hs) load_legacy_third_party_event_rules(hs) load_legacy_presence_router(hs) From 3be3fb745f42dbc9fd29af9c2dec46afa686ccc1 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 18:01:38 -0600 Subject: [PATCH 02/14] Remove TODO comments --- synapse/handlers/federation.py | 1 - synapse/handlers/message.py | 2 -- synapse/notifier.py | 1 - 3 files changed, 4 deletions(-) diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index d6708602b65..299588e4768 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -1117,7 +1117,6 @@ async def on_invite_request( [(event, context)] ) try: - # TODO: Devon - should add auto-accept-invite logic here? await self._federation_event_handler.persist_events_and_notify( event.room_id, [(event, context)] ) diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py index a1b7cb424b7..ccaa5508ff0 100644 --- a/synapse/handlers/message.py +++ b/synapse/handlers/message.py @@ -1954,8 +1954,6 @@ async def persist_and_notify_client_events( async def _notify() -> None: try: - # TODO: Devon - should auto-accept invites here (or slightly above when - # checking if invie) await self.notifier.on_new_room_events( events_and_pos, max_stream_token, extra_users=extra_users ) diff --git a/synapse/notifier.py b/synapse/notifier.py index aeb88370bff..7c1cd3b5f2f 100644 --- a/synapse/notifier.py +++ b/synapse/notifier.py @@ -374,7 +374,6 @@ async def notify_new_room_events( the client streams. """ for event_entry, event_id in event_entries: - # TODO: Devon - Add module call for auto-accept invites here self.pending_new_room_events.append(event_entry) await self._third_party_rules.on_new_event(event_id) From f6122713f8a5aacdde04c913e41a1ad21e2f6db1 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 18:08:28 -0600 Subject: [PATCH 03/14] Add note to docs about not running same time as module --- docs/usage/configuration/config_documentation.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index 181de0106ef..ca7b6598563 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -4572,6 +4572,9 @@ This setting has the following sub-options: on this homeserver. Defaults to false. Set to true to change the default. * `worker_to_run_on`: Which worker to run this module on. Defaults to None (running on the main process). +NOTE: Care should be taken not to enable this setting if the `synapse_auto_accept_invite` module is enabled and installed. +The two modules will compete to perform the same task and may result in undesired behaviour. + Example configuration: ```yaml auto_accept_invites: From 657baecf20e195ebaf1c839f5e7d00f88e177744 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 18:12:49 -0600 Subject: [PATCH 04/14] Add changelog entry --- changelog.d/17147.feature | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/17147.feature diff --git a/changelog.d/17147.feature b/changelog.d/17147.feature new file mode 100644 index 00000000000..e4a214a2e7e --- /dev/null +++ b/changelog.d/17147.feature @@ -0,0 +1 @@ +Bring auto-accept invite logic into Synapse. From 0906a34001cac0c07162f51cfdb7a7ffb2c4aebd Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 18:30:49 -0600 Subject: [PATCH 05/14] Replace unreachable check with assert --- synapse/events/auto_accept_invites.py | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/synapse/events/auto_accept_invites.py b/synapse/events/auto_accept_invites.py index 5e87abc74a6..12ba0568e3f 100644 --- a/synapse/events/auto_accept_invites.py +++ b/synapse/events/auto_accept_invites.py @@ -131,15 +131,7 @@ async def _mark_room_as_direct_message( dm_map[dm_user_id] = (room_id,) else: dm_rooms_for_user = dm_map[dm_user_id] - if not isinstance(dm_rooms_for_user, (tuple, list)): - # Don't mangle the data if we don't understand it. - logger.warning( - "Not marking room as DM for auto-accepted invitation; " - "dm_map[%r] is a %s not a list.", - type(dm_rooms_for_user), - dm_user_id, - ) - return + assert isinstance(dm_rooms_for_user, (tuple, list)) dm_map[dm_user_id] = tuple(dm_rooms_for_user) + (room_id,) From 0bdcf0d179600401a7b5a32f056e97b63d32af68 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Thu, 2 May 2024 18:45:24 -0600 Subject: [PATCH 06/14] Remove mutable default from test --- tests/events/test_auto_accept_invites.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/events/test_auto_accept_invites.py b/tests/events/test_auto_accept_invites.py index 68f56fef726..b126d17650e 100644 --- a/tests/events/test_auto_accept_invites.py +++ b/tests/events/test_auto_accept_invites.py @@ -679,7 +679,7 @@ def make_multiple_awaitable(result: TV) -> Awaitable[TV]: def create_module( - config_override: Dict[str, Any] = {}, worker_name: Optional[str] = None + config_override: Optional[Dict[str, Any]] = None, worker_name: Optional[str] = None ) -> InviteAutoAccepter: # Create a mock based on the ModuleApi spec, but override some mocked functions # because some capabilities are needed for running the tests. @@ -688,6 +688,9 @@ def create_module( module_api.worker_name = worker_name module_api.sleep.return_value = make_multiple_awaitable(None) + if config_override is None: + config_override = {} + config = AutoAcceptInvitesConfig() config.read_config(config_override) From a50d304aa33592e5c3df53fe8b78195fb38a34c0 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Fri, 3 May 2024 15:02:33 -0600 Subject: [PATCH 07/14] Fix unrelated linter errors... --- synapse/handlers/profile.py | 13 +++++++++---- synapse/handlers/sso.py | 2 +- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py index e51e282a9f7..d66a6701ae0 100644 --- a/synapse/handlers/profile.py +++ b/synapse/handlers/profile.py @@ -20,7 +20,7 @@ # import logging import random -from typing import TYPE_CHECKING, Optional, Union +from typing import TYPE_CHECKING, List, Optional, Union from synapse.api.errors import ( AuthError, @@ -64,8 +64,10 @@ def __init__(self, hs: "HomeServer"): self.user_directory_handler = hs.get_user_directory_handler() self.request_ratelimiter = hs.get_request_ratelimiter() - self.max_avatar_size = hs.config.server.max_avatar_size - self.allowed_avatar_mimetypes = hs.config.server.allowed_avatar_mimetypes + self.max_avatar_size: Optional[int] = hs.config.server.max_avatar_size + self.allowed_avatar_mimetypes: Optional[List[str]] = ( + hs.config.server.allowed_avatar_mimetypes + ) self._is_mine_server_name = hs.is_mine_server_name @@ -338,7 +340,10 @@ async def check_avatar_size_and_mime_type(self, mxc: str) -> bool: if self.max_avatar_size: # Ensure avatar does not exceed max allowed avatar size - if media_info.media_length > self.max_avatar_size: + if ( + media_info.media_length + and media_info.media_length > self.max_avatar_size + ): logger.warning( "Forbidding avatar change to %s: %d bytes is above the allowed size " "limit", diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py index f275d4f35a1..ee74289b6c4 100644 --- a/synapse/handlers/sso.py +++ b/synapse/handlers/sso.py @@ -817,7 +817,7 @@ def is_allowed_mime_type(content_type: str) -> bool: server_name = profile["avatar_url"].split("/")[-2] media_id = profile["avatar_url"].split("/")[-1] if self._is_mine_server_name(server_name): - media = await self._media_repo.store.get_local_media(media_id) + media = await self._media_repo.store.get_local_media(media_id) # type: ignore[has-type] if media is not None and upload_name == media.upload_name: logger.info("skipping saving the user avatar") return True From 9698bf4aed40fee0081de63929c07e7a34b7defc Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Tue, 7 May 2024 13:41:24 -0600 Subject: [PATCH 08/14] Small tweaks from review --- .../configuration/config_documentation.md | 12 +++---- synapse/config/auto_accept_invites.py | 2 +- synapse/events/auto_accept_invites.py | 28 +++++++++++++--- tests/events/test_auto_accept_invites.py | 33 ++++++++++++++----- 4 files changed, 56 insertions(+), 19 deletions(-) diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index ca7b6598563..24120d6625a 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -4565,15 +4565,15 @@ Automatically accepting invites controls whether users are presented with an inv are instead automatically joined to a room when receiving an invite. Set the `enabled` sub-option to true to enable auto-accepting invites. Defaults to false. This setting has the following sub-options: -* `enabled`: Whether to run the auto-accept invites logic. Defaults to false. Set to true to change the default. +* `enabled`: Whether to run the auto-accept invites logic. Defaults to false. * `only_for_direct_messages`: Whether invites should be automatically accepted for all room types, or only - for direct messages. Defaults to false. Set to true to change the default. -* `only_from_local_users`: Whether invites should be automatically accepted from all users, or only from users - on this homeserver. Defaults to false. Set to true to change the default. -* `worker_to_run_on`: Which worker to run this module on. Defaults to None (running on the main process). + for direct messages. Defaults to false. +* `only_from_local_users`: Whether to only automatically accept invites from users on this homeserver. Defaults to false. +* `worker_to_run_on`: Which worker to run this module on. This must match the "worker_name". NOTE: Care should be taken not to enable this setting if the `synapse_auto_accept_invite` module is enabled and installed. -The two modules will compete to perform the same task and may result in undesired behaviour. +The two modules will compete to perform the same task and may result in undesired behaviour. For example, multiple join +events could be generated from a single invite. Example configuration: ```yaml diff --git a/synapse/config/auto_accept_invites.py b/synapse/config/auto_accept_invites.py index 40b23e9c2f1..d90e13a5107 100644 --- a/synapse/config/auto_accept_invites.py +++ b/synapse/config/auto_accept_invites.py @@ -40,4 +40,4 @@ def read_config(self, config: JsonDict, **kwargs: Any) -> None: "only_from_local_users", False ) - self.worker_to_run_on = auto_accept_invites_config.get("worker_to_run_on", None) + self.worker_to_run_on = auto_accept_invites_config.get("worker_to_run_on") diff --git a/synapse/events/auto_accept_invites.py b/synapse/events/auto_accept_invites.py index 12ba0568e3f..76630a5b261 100644 --- a/synapse/events/auto_accept_invites.py +++ b/synapse/events/auto_accept_invites.py @@ -19,8 +19,10 @@ # # import logging +from http import HTTPStatus from typing import Any, Dict, Tuple +from synapse.api.errors import SynapseError from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig from synapse.module_api import EventBase, ModuleApi, run_as_background_process @@ -34,6 +36,10 @@ def __init__(self, config: AutoAcceptInvitesConfig, api: ModuleApi): self._api = api self._config = config + if not self._config.enabled: + logger.info("Not starting InviteAutoAccepter as it is not enabled") + return + should_run_on_this_worker = config.worker_to_run_on == self._api.worker_name if not should_run_on_this_worker: @@ -70,7 +76,6 @@ async def on_new_event(self, event: EventBase, *args: Any) -> None: # Only accept invites for direct messages if the configuration mandates it. is_direct_message = event.content.get("is_direct", False) - logger.info("Is Direct: %r", is_direct_message) is_allowed_by_direct_message_rules = ( not self._config.accept_invites_only_for_direct_messages or is_direct_message is True @@ -112,6 +117,11 @@ async def _mark_room_as_direct_message( """ Marks a room (`room_id`) as a direct message with the counterparty `dm_user_id` from the perspective of the user `user_id`. + + Args: + user_id: the user for whom the membership is changing + dm_user_id: the user performing the membership change + room_id: room id of the room the user is invited to """ # This is a dict of User IDs to tuples of Room IDs @@ -148,7 +158,7 @@ async def _retry_make_join( Args: sender: the user performing the membership change - target: the for whom the membership is changing + target: the user for whom the membership is changing room_id: room id of the room to join to new_membership: the type of membership event (in this case will be "join") """ @@ -166,10 +176,20 @@ async def _retry_make_join( room_id=room_id, new_membership=new_membership, ) + except SynapseError as e: + if e.code == HTTPStatus.FORBIDDEN: + logger.debug( + f"Update_room_membership was forbidden. This can sometimes be expected for remote invites. Exception: {e}" + ) + else: + logger.warn( + f"Update_room_membership raised the following unexpected (SynapseError) exception: {e}" + ) except Exception as e: - logger.info( - f"Update_room_membership raised the following exception: {e}" + logger.warn( + f"Update_room_membership raised the following unexpected exception: {e}" ) + finally: sleep = 2**retries retries += 1 diff --git a/tests/events/test_auto_accept_invites.py b/tests/events/test_auto_accept_invites.py index b126d17650e..97a17e63d7a 100644 --- a/tests/events/test_auto_accept_invites.py +++ b/tests/events/test_auto_accept_invites.py @@ -20,6 +20,7 @@ # import asyncio from asyncio import Future +from http import HTTPStatus from typing import Any, Awaitable, Dict, List, Optional, Tuple, TypeVar, cast from unittest.mock import Mock @@ -28,6 +29,7 @@ from twisted.test.proto_helpers import MemoryReactor from synapse.api.constants import EventTypes +from synapse.api.errors import SynapseError from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig from synapse.events.auto_accept_invites import InviteAutoAccepter from synapse.federation.federation_base import event_from_pdu_json @@ -91,6 +93,7 @@ def test_simple_accept_invite(self) -> None: # Create a room and send an invite to the other user room_id = self.helper.create_room_as( inviting_user_id, + is_public=False, tok=inviting_user_tok, ) @@ -128,7 +131,9 @@ def test_simple_dont_accept_invite(self) -> None: self.login("invitee", "pass") # Create a room and send an invite to the other user - room_id = self.helper.create_room_as(inviting_user_id, tok=inviting_user_tok) + room_id = self.helper.create_room_as( + inviting_user_id, is_public=False, tok=inviting_user_tok + ) self.helper.invite( room_id, @@ -163,6 +168,7 @@ def test_simple_accept_invite_direct_message(self) -> None: # Create a room and send an invite to the other user room_id = self.helper.create_room_as( inviting_user_id, + is_public=False, tok=inviting_user_tok, ) @@ -263,6 +269,7 @@ def test_accept_invite_direct_message_if_only_enabled_for_direct_messages( # Create a room and send an invite to the other user room_id = self.helper.create_room_as( inviting_user_id, + is_public=False, tok=inviting_user_tok, ) @@ -302,6 +309,7 @@ def test_ignore_invite_if_only_enabled_for_direct_messages(self) -> None: # Create a room and send an invite to the other user room_id = self.helper.create_room_as( inviting_user_id, + is_public=False, tok=inviting_user_tok, ) @@ -338,7 +346,9 @@ def test_accept_invite_local_user_if_only_enabled_for_local_users(self) -> None: self.login("invitee", "pass") # Create a room and send an invite to the other user - room_id = self.helper.create_room_as(inviting_user_id, tok=inviting_user_tok) + room_id = self.helper.create_room_as( + inviting_user_id, is_public=False, tok=inviting_user_tok + ) self.helper.invite( room_id, @@ -379,7 +389,7 @@ def test_ignore_invite_if_only_enabled_from_local_users(self) -> None: self.login("invitee", "pass") room_id = self.helper.create_room_as( - room_creator=creator_user_id, tok=creator_user_tok + room_creator=creator_user_id, is_public=False, tok=creator_user_tok ) room_version = self.get_success(self.store.get_room_version(room_id)) @@ -474,8 +484,8 @@ async def test_accept_invite_with_failures(self) -> None: ) # the first two calls raise an exception while the third call is successful self.mocked_update_membership.side_effect = [ - Exception(), - Exception(), + SynapseError(HTTPStatus.FORBIDDEN, "Forbidden"), + SynapseError(HTTPStatus.FORBIDDEN, "Forbidden"), make_awaitable(join_event), ] @@ -504,7 +514,9 @@ async def test_accept_invite_failures(self) -> None: type="m.room.member", content={"membership": "invite"}, ) - self.mocked_update_membership.side_effect = Exception() + self.mocked_update_membership.side_effect = SynapseError( + HTTPStatus.FORBIDDEN, "Forbidden" + ) # Stop mypy from complaining that we give on_new_event a MockEvent rather than an # EventBase. @@ -584,7 +596,9 @@ def test_runs_on_only_one_worker(self) -> None: Tests that the module only runs on the specified worker. """ # By default, we run on the main process... - main_module = create_module(worker_name=None) + main_module = create_module( + config_override={"auto_accept_invites": {"enabled": True}}, worker_name=None + ) cast( Mock, main_module._api.register_third_party_rules_callbacks ).assert_called_once() @@ -598,7 +612,10 @@ def test_runs_on_only_one_worker(self) -> None: # ...unless we configured them to be the designated worker. specified_module = create_module( config_override={ - "auto_accept_invites": {"worker_to_run_on": "account_data1"} + "auto_accept_invites": { + "enabled": True, + "worker_to_run_on": "account_data1", + } }, worker_name="account_data1", ) From f07a1127a72f4ede1d855d531383f7b4184f4975 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Tue, 7 May 2024 14:18:15 -0600 Subject: [PATCH 09/14] Parameterize auto-accept invites tests --- tests/events/test_auto_accept_invites.py | 258 +++++++++-------------- 1 file changed, 94 insertions(+), 164 deletions(-) diff --git a/tests/events/test_auto_accept_invites.py b/tests/events/test_auto_accept_invites.py index 97a17e63d7a..9f867d46ec3 100644 --- a/tests/events/test_auto_accept_invites.py +++ b/tests/events/test_auto_accept_invites.py @@ -25,6 +25,7 @@ from unittest.mock import Mock import attr +from parameterized import parameterized from twisted.test.proto_helpers import MemoryReactor @@ -71,6 +72,12 @@ def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None: self.sync_handler = self.hs.get_sync_handler() self.module_api = hs.get_module_api() + @parameterized.expand( + [ + [False], + [True], + ] + ) @override_config( { "auto_accept_invites": { @@ -78,7 +85,7 @@ def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None: }, } ) - def test_simple_accept_invite(self) -> None: + def test_auto_accept_invites(self, direct_room: bool) -> None: """Test that a user automatically joins a room when invited, if the module is enabled. """ @@ -102,10 +109,11 @@ def test_simple_accept_invite(self) -> None: inviting_user_id, invited_user_id, tok=inviting_user_tok, + extra_data={"is_direct": direct_room}, ) # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) + join_updates, _ = sync_join(self, invited_user_id) self.assertEqual(len(join_updates), 1) join_update: JoinedSyncResult = join_updates[0] @@ -118,7 +126,7 @@ def test_simple_accept_invite(self) -> None: }, } ) - def test_simple_dont_accept_invite(self) -> None: + def test_module_not_enabled(self) -> None: """Test that a user does not automatically join a room when invited, if the module is not enabled. """ @@ -142,51 +150,10 @@ def test_simple_dont_accept_invite(self) -> None: tok=inviting_user_tok, ) - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) + # Check that the invite receiving user has not automatically joined the room when syncing + join_updates, _ = sync_join(self, invited_user_id) self.assertEqual(len(join_updates), 0) - @override_config( - { - "auto_accept_invites": { - "enabled": True, - }, - } - ) - def test_simple_accept_invite_direct_message(self) -> None: - """Test that a user automatically joins a room when invited, even if the invite - is for a direct message room. - """ - # A local user who sends an invite - inviting_user_id = self.register_user("inviter", "pass") - inviting_user_tok = self.login("inviter", "pass") - - # A local user who receives an invite - invited_user_id = self.register_user("invitee", "pass") - self.login("invitee", "pass") - - # Create a room and send an invite to the other user - room_id = self.helper.create_room_as( - inviting_user_id, - is_public=False, - tok=inviting_user_tok, - ) - - self.helper.invite( - room_id, - inviting_user_id, - invited_user_id, - tok=inviting_user_tok, - extra_data={"is_direct": True}, - ) - - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) - self.assertEqual(len(join_updates), 1) - - join_update: JoinedSyncResult = join_updates[0] - self.assertEqual(join_update.room_id, room_id) - @override_config( { "auto_accept_invites": { @@ -238,12 +205,18 @@ def test_invite_from_remote_user(self) -> None: ) # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) + join_updates, _ = sync_join(self, invited_user_id) self.assertEqual(len(join_updates), 1) join_update: JoinedSyncResult = join_updates[0] self.assertEqual(join_update.room_id, room_id) + @parameterized.expand( + [ + [False, False], + [True, True], + ] + ) @override_config( { "auto_accept_invites": { @@ -252,11 +225,13 @@ def test_invite_from_remote_user(self) -> None: }, } ) - def test_accept_invite_direct_message_if_only_enabled_for_direct_messages( + def test_accept_invite_direct_message( self, + direct_room: bool, + expect_auto_join: bool, ) -> None: """Tests that, if the module is configured to only accept DM invites, invites to DM rooms are still - automatically accepted. + automatically accepted. Otherwise they are rejected. """ # A local user who sends an invite inviting_user_id = self.register_user("inviter", "pass") @@ -278,53 +253,27 @@ def test_accept_invite_direct_message_if_only_enabled_for_direct_messages( inviting_user_id, invited_user_id, tok=inviting_user_tok, - extra_data={"is_direct": True}, + extra_data={"is_direct": direct_room}, ) - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) - self.assertEqual(len(join_updates), 1) - - join_update: JoinedSyncResult = join_updates[0] - self.assertEqual(join_update.room_id, room_id) - - @override_config( - { - "auto_accept_invites": { - "enabled": True, - "only_for_direct_messages": True, - }, - } + if expect_auto_join: + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, _ = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + else: + # Check that the invite receiving user has not automatically joined the room when syncing + join_updates, _ = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 0) + + @parameterized.expand( + [ + [False, True], + [True, False], + ] ) - def test_ignore_invite_if_only_enabled_for_direct_messages(self) -> None: - """Tests that, if the module is configured to only accept DM invites, invites to non-DM rooms are ignored.""" - # A local user who sends an invite - inviting_user_id = self.register_user("inviter", "pass") - inviting_user_tok = self.login("inviter", "pass") - - # A local user who receives an invite - invited_user_id = self.register_user("invitee", "pass") - self.login("invitee", "pass") - - # Create a room and send an invite to the other user - room_id = self.helper.create_room_as( - inviting_user_id, - is_public=False, - tok=inviting_user_tok, - ) - - self.helper.invite( - room_id, - inviting_user_id, - invited_user_id, - tok=inviting_user_tok, - extra_data={"is_direct": False}, - ) - - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) - self.assertEqual(len(join_updates), 0) - @override_config( { "auto_accept_invites": { @@ -333,13 +282,15 @@ def test_ignore_invite_if_only_enabled_for_direct_messages(self) -> None: }, } ) - def test_accept_invite_local_user_if_only_enabled_for_local_users(self) -> None: + def test_accept_invite_local_user( + self, remote_inviter: bool, expect_auto_join: bool + ) -> None: """Tests that, if the module is configured to only accept invites from local users, invites - from local users are still automatically accepted. + from local users are still automatically accepted. Otherwise they are rejected. """ # A local user who sends an invite - inviting_user_id = self.register_user("inviter", "pass") - inviting_user_tok = self.login("inviter", "pass") + creator_user_id = self.register_user("inviter", "pass") + creator_user_tok = self.login("inviter", "pass") # A local user who receives an invite invited_user_id = self.register_user("invitee", "pass") @@ -347,77 +298,56 @@ def test_accept_invite_local_user_if_only_enabled_for_local_users(self) -> None: # Create a room and send an invite to the other user room_id = self.helper.create_room_as( - inviting_user_id, is_public=False, tok=inviting_user_tok + creator_user_id, is_public=False, tok=creator_user_tok ) - self.helper.invite( - room_id, - inviting_user_id, - invited_user_id, - tok=inviting_user_tok, - ) - - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) - self.assertEqual(len(join_updates), 1) - - join_update: JoinedSyncResult = join_updates[0] - self.assertEqual(join_update.room_id, room_id) - - @override_config( - { - "auto_accept_invites": { - "enabled": True, - "only_from_local_users": True, - }, - } - ) - def test_ignore_invite_if_only_enabled_from_local_users(self) -> None: - """Tests that, if the module is configured to only accept invites from local users, - invites from non-local users are ignored. - """ - # A remote user who sends the invite - remote_server = "otherserver" - remote_user = "@otheruser:" + remote_server - - # A local user who creates the room - creator_user_id = self.register_user("creator", "pass") - creator_user_tok = self.login("creator", "pass") - - # A local user who receives an invite - invited_user_id = self.register_user("invitee", "pass") - self.login("invitee", "pass") - - room_id = self.helper.create_room_as( - room_creator=creator_user_id, is_public=False, tok=creator_user_tok - ) - room_version = self.get_success(self.store.get_room_version(room_id)) - - invite_event = event_from_pdu_json( - { - "type": EventTypes.Member, - "content": {"membership": "invite"}, - "room_id": room_id, - "sender": remote_user, - "state_key": invited_user_id, - "depth": 32, - "prev_events": [], - "auth_events": [], - "origin_server_ts": self.clock.time_msec(), - }, - room_version, - ) - self.get_success( - self.handler.on_invite_request( - remote_server, - invite_event, - invite_event.room_version, + if remote_inviter: + room_version = self.get_success(self.store.get_room_version(room_id)) + + # A remote user who sends the invite + remote_server = "otherserver" + remote_user = "@otheruser:" + remote_server + + invite_event = event_from_pdu_json( + { + "type": EventTypes.Member, + "content": {"membership": "invite"}, + "room_id": room_id, + "sender": remote_user, + "state_key": invited_user_id, + "depth": 32, + "prev_events": [], + "auth_events": [], + "origin_server_ts": self.clock.time_msec(), + }, + room_version, + ) + self.get_success( + self.handler.on_invite_request( + remote_server, + invite_event, + invite_event.room_version, + ) + ) + else: + self.helper.invite( + room_id, + creator_user_id, + invited_user_id, + tok=creator_user_tok, ) - ) - # Check that the invite receiving user has automatically joined the room when syncing - join_updates, sync_token = sync_join(self, invited_user_id) - self.assertEqual(len(join_updates), 0) + if expect_auto_join: + # Check that the invite receiving user has automatically joined the room when syncing + join_updates, _ = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 1) + + join_update: JoinedSyncResult = join_updates[0] + self.assertEqual(join_update.room_id, room_id) + else: + # Check that the invite receiving user has not automatically joined the room when syncing + join_updates, _ = sync_join(self, invited_user_id) + self.assertEqual(len(join_updates), 0) def sync_join( From 6db79fcbf2af3fa70d31dfe7c528c9bd87bbc563 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Tue, 7 May 2024 15:23:38 -0600 Subject: [PATCH 10/14] Revert "Fix unrelated linter errors..." This reverts commit a50d304aa33592e5c3df53fe8b78195fb38a34c0. --- synapse/handlers/profile.py | 13 ++++--------- synapse/handlers/sso.py | 2 +- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py index d66a6701ae0..e51e282a9f7 100644 --- a/synapse/handlers/profile.py +++ b/synapse/handlers/profile.py @@ -20,7 +20,7 @@ # import logging import random -from typing import TYPE_CHECKING, List, Optional, Union +from typing import TYPE_CHECKING, Optional, Union from synapse.api.errors import ( AuthError, @@ -64,10 +64,8 @@ def __init__(self, hs: "HomeServer"): self.user_directory_handler = hs.get_user_directory_handler() self.request_ratelimiter = hs.get_request_ratelimiter() - self.max_avatar_size: Optional[int] = hs.config.server.max_avatar_size - self.allowed_avatar_mimetypes: Optional[List[str]] = ( - hs.config.server.allowed_avatar_mimetypes - ) + self.max_avatar_size = hs.config.server.max_avatar_size + self.allowed_avatar_mimetypes = hs.config.server.allowed_avatar_mimetypes self._is_mine_server_name = hs.is_mine_server_name @@ -340,10 +338,7 @@ async def check_avatar_size_and_mime_type(self, mxc: str) -> bool: if self.max_avatar_size: # Ensure avatar does not exceed max allowed avatar size - if ( - media_info.media_length - and media_info.media_length > self.max_avatar_size - ): + if media_info.media_length > self.max_avatar_size: logger.warning( "Forbidding avatar change to %s: %d bytes is above the allowed size " "limit", diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py index ee74289b6c4..f275d4f35a1 100644 --- a/synapse/handlers/sso.py +++ b/synapse/handlers/sso.py @@ -817,7 +817,7 @@ def is_allowed_mime_type(content_type: str) -> bool: server_name = profile["avatar_url"].split("/")[-2] media_id = profile["avatar_url"].split("/")[-1] if self._is_mine_server_name(server_name): - media = await self._media_repo.store.get_local_media(media_id) # type: ignore[has-type] + media = await self._media_repo.store.get_local_media(media_id) if media is not None and upload_name == media.upload_name: logger.info("skipping saving the user avatar") return True From 396909f203f7f4adfae774070304e61b958c7e42 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Tue, 7 May 2024 16:05:21 -0600 Subject: [PATCH 11/14] Add back linter ignore --- synapse/handlers/sso.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py index f275d4f35a1..ee74289b6c4 100644 --- a/synapse/handlers/sso.py +++ b/synapse/handlers/sso.py @@ -817,7 +817,7 @@ def is_allowed_mime_type(content_type: str) -> bool: server_name = profile["avatar_url"].split("/")[-2] media_id = profile["avatar_url"].split("/")[-1] if self._is_mine_server_name(server_name): - media = await self._media_repo.store.get_local_media(media_id) + media = await self._media_repo.store.get_local_media(media_id) # type: ignore[has-type] if media is not None and upload_name == media.upload_name: logger.info("skipping saving the user avatar") return True From 821a74bfc12bde14db78ad1c1c0c0b539bad6fb9 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Wed, 8 May 2024 10:17:37 -0600 Subject: [PATCH 12/14] Address review comments --- synapse/events/auto_accept_invites.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/synapse/events/auto_accept_invites.py b/synapse/events/auto_accept_invites.py index 76630a5b261..d88ec51d9d1 100644 --- a/synapse/events/auto_accept_invites.py +++ b/synapse/events/auto_accept_invites.py @@ -22,12 +22,12 @@ from http import HTTPStatus from typing import Any, Dict, Tuple +from synapse.api.constants import AccountDataTypes, EventTypes, Membership from synapse.api.errors import SynapseError from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig from synapse.module_api import EventBase, ModuleApi, run_as_background_process logger = logging.getLogger(__name__) -ACCOUNT_DATA_DIRECT_MESSAGE_LIST = "m.direct" class InviteAutoAccepter: @@ -37,7 +37,6 @@ def __init__(self, config: AutoAcceptInvitesConfig, api: ModuleApi): self._config = config if not self._config.enabled: - logger.info("Not starting InviteAutoAccepter as it is not enabled") return should_run_on_this_worker = config.worker_to_run_on == self._api.worker_name @@ -68,9 +67,9 @@ async def on_new_event(self, event: EventBase, *args: Any) -> None: """ # Check if the event is an invite for a local user. is_invite_for_local_user = ( - event.type == "m.room.member" + event.type == EventTypes.Member and event.is_state() - and event.membership == "invite" + and event.membership == Membership.INVITE and self._api.is_mine(event.state_key) ) @@ -132,7 +131,7 @@ async def _mark_room_as_direct_message( # etc.) dm_map: Dict[str, Tuple[str, ...]] = dict( await self._api.account_data_manager.get_global( - user_id, ACCOUNT_DATA_DIRECT_MESSAGE_LIST + user_id, AccountDataTypes.DIRECT ) or {} ) @@ -146,7 +145,7 @@ async def _mark_room_as_direct_message( dm_map[dm_user_id] = tuple(dm_rooms_for_user) + (room_id,) await self._api.account_data_manager.put_global( - user_id, ACCOUNT_DATA_DIRECT_MESSAGE_LIST, dm_map + user_id, AccountDataTypes.DIRECT, dm_map ) async def _retry_make_join( @@ -189,9 +188,9 @@ async def _retry_make_join( logger.warn( f"Update_room_membership raised the following unexpected exception: {e}" ) - finally: - sleep = 2**retries - retries += 1 + + sleep = 2**retries + retries += 1 if join_event is not None: break From 8874e58d1abfcd3f338f720ef760c5af3a7af28a Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Fri, 17 May 2024 09:41:39 -0600 Subject: [PATCH 13/14] Fix tests with latest develop changes --- tests/events/test_auto_accept_invites.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/tests/events/test_auto_accept_invites.py b/tests/events/test_auto_accept_invites.py index 9f867d46ec3..7fb4d4fa902 100644 --- a/tests/events/test_auto_accept_invites.py +++ b/tests/events/test_auto_accept_invites.py @@ -34,7 +34,7 @@ from synapse.config.auto_accept_invites import AutoAcceptInvitesConfig from synapse.events.auto_accept_invites import InviteAutoAccepter from synapse.federation.federation_base import event_from_pdu_json -from synapse.handlers.sync import JoinedSyncResult +from synapse.handlers.sync import JoinedSyncResult, SyncRequestKey, SyncVersion from synapse.module_api import ModuleApi from synapse.rest import admin from synapse.rest.client import login, room @@ -350,6 +350,15 @@ def test_accept_invite_local_user( self.assertEqual(len(join_updates), 0) +_request_key = 0 + + +def generate_request_key() -> SyncRequestKey: + global _request_key + _request_key += 1 + return ("request_key", _request_key) + + def sync_join( testcase: HomeserverTestCase, user_id: str, @@ -373,7 +382,11 @@ def sync_join( sync_config = generate_sync_config(requester.user.to_string()) sync_result = testcase.get_success( testcase.hs.get_sync_handler().wait_for_sync_for_user( - requester, sync_config, since_token + requester, + sync_config, + SyncVersion.SYNC_V2, + generate_request_key(), + since_token, ) ) From 41c851ca99d4fb3c0350fd00fbea29b9c774c193 Mon Sep 17 00:00:00 2001 From: Devon Hudson Date: Tue, 21 May 2024 13:41:53 -0600 Subject: [PATCH 14/14] Update changelog entry to point at docs. --- changelog.d/17147.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.d/17147.feature b/changelog.d/17147.feature index e4a214a2e7e..7c2cdb6bdf4 100644 --- a/changelog.d/17147.feature +++ b/changelog.d/17147.feature @@ -1 +1 @@ -Bring auto-accept invite logic into Synapse. +Add the ability to auto-accept invites on the behalf of users. See the [`auto_accept_invites`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites) config option for details.