2016-01-07 05:26:29 +01:00
|
|
|
# Copyright 2014-2016 OpenMarket Ltd
|
2014-08-12 16:10:52 +02:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
2016-07-26 17:46:53 +02:00
|
|
|
import logging
|
2020-08-26 14:49:01 +02:00
|
|
|
import random
|
2020-10-21 12:44:31 +02:00
|
|
|
from typing import TYPE_CHECKING, Optional
|
2016-07-26 17:46:53 +02:00
|
|
|
|
2018-08-03 20:08:05 +02:00
|
|
|
from synapse.api.errors import (
|
|
|
|
AuthError,
|
|
|
|
Codes,
|
2019-06-07 11:29:35 +02:00
|
|
|
HttpResponseException,
|
|
|
|
RequestSendFailed,
|
2018-08-03 20:08:05 +02:00
|
|
|
StoreError,
|
|
|
|
SynapseError,
|
|
|
|
)
|
2020-10-20 17:29:38 +02:00
|
|
|
from synapse.metrics.background_process_metrics import wrap_as_background_process
|
2020-10-21 12:44:31 +02:00
|
|
|
from synapse.types import (
|
|
|
|
JsonDict,
|
|
|
|
Requester,
|
|
|
|
UserID,
|
|
|
|
create_requester,
|
|
|
|
get_domain_from_id,
|
|
|
|
)
|
2018-07-09 08:09:20 +02:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
if TYPE_CHECKING:
|
2021-03-23 12:12:48 +01:00
|
|
|
from synapse.server import HomeServer
|
2020-10-21 12:44:31 +02:00
|
|
|
|
2014-08-12 16:10:52 +02:00
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
2019-08-24 23:33:43 +02:00
|
|
|
MAX_DISPLAYNAME_LEN = 256
|
2019-06-01 11:42:33 +02:00
|
|
|
MAX_AVATAR_URL_LEN = 1000
|
|
|
|
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2021-10-08 13:44:43 +02:00
|
|
|
class ProfileHandler:
|
2018-08-22 11:13:40 +02:00
|
|
|
"""Handles fetching and updating user profile information.
|
|
|
|
|
2020-10-13 14:20:32 +02:00
|
|
|
ProfileHandler can be instantiated directly on workers and will
|
|
|
|
delegate to master when necessary.
|
2018-08-22 11:13:40 +02:00
|
|
|
"""
|
|
|
|
|
2020-10-13 14:20:32 +02:00
|
|
|
PROFILE_UPDATE_MS = 60 * 1000
|
|
|
|
PROFILE_UPDATE_EVERY_MS = 24 * 60 * 60 * 1000
|
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
def __init__(self, hs: "HomeServer"):
|
2021-10-08 13:44:43 +02:00
|
|
|
self.store = hs.get_datastore()
|
|
|
|
self.clock = hs.get_clock()
|
|
|
|
self.hs = hs
|
2017-08-25 12:21:34 +02:00
|
|
|
|
2018-03-13 14:26:52 +01:00
|
|
|
self.federation = hs.get_federation_client()
|
2018-03-12 17:17:08 +01:00
|
|
|
hs.get_federation_registry().register_query_handler(
|
2014-08-13 18:12:50 +02:00
|
|
|
"profile", self.on_profile_query
|
|
|
|
)
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2017-11-29 19:27:05 +01:00
|
|
|
self.user_directory_handler = hs.get_user_directory_handler()
|
2021-10-08 13:44:43 +02:00
|
|
|
self.request_ratelimiter = hs.get_request_ratelimiter()
|
2017-11-29 19:27:05 +01:00
|
|
|
|
2021-09-13 19:07:12 +02:00
|
|
|
if hs.config.worker.run_background_tasks:
|
2020-10-13 14:20:32 +02:00
|
|
|
self.clock.looping_call(
|
2020-10-20 17:29:38 +02:00
|
|
|
self._update_remote_profile_cache, self.PROFILE_UPDATE_MS
|
2020-10-13 14:20:32 +02:00
|
|
|
)
|
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
async def get_profile(self, user_id: str) -> JsonDict:
|
2017-08-25 12:21:34 +02:00
|
|
|
target_user = UserID.from_string(user_id)
|
2019-05-08 19:26:56 +02:00
|
|
|
|
2017-08-25 12:21:34 +02:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 20:08:05 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
displayname = await self.store.get_profile_displayname(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
2020-07-17 13:08:30 +02:00
|
|
|
avatar_url = await self.store.get_profile_avatar_url(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2017-08-25 12:21:34 +02:00
|
|
|
|
2019-07-23 15:00:55 +02:00
|
|
|
return {"displayname": displayname, "avatar_url": avatar_url}
|
2017-08-25 12:21:34 +02:00
|
|
|
else:
|
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
result = await self.federation.make_query(
|
2017-08-25 12:21:34 +02:00
|
|
|
destination=target_user.domain,
|
|
|
|
query_type="profile",
|
2019-06-20 11:32:02 +02:00
|
|
|
args={"user_id": user_id},
|
2017-08-25 12:21:34 +02:00
|
|
|
ignore_backoff=True,
|
|
|
|
)
|
2019-07-23 15:00:55 +02:00
|
|
|
return result
|
2019-06-07 11:29:35 +02:00
|
|
|
except RequestSendFailed as e:
|
2020-06-16 14:51:47 +02:00
|
|
|
raise SynapseError(502, "Failed to fetch profile") from e
|
2019-06-07 11:29:35 +02:00
|
|
|
except HttpResponseException as e:
|
2020-10-26 14:55:21 +01:00
|
|
|
if e.code < 500 and e.code != 404:
|
|
|
|
# Other codes are not allowed in c2s API
|
|
|
|
logger.info(
|
|
|
|
"Server replied with wrong response: %s %s", e.code, e.msg
|
|
|
|
)
|
|
|
|
|
|
|
|
raise SynapseError(502, "Failed to fetch profile")
|
2019-06-07 11:29:35 +02:00
|
|
|
raise e.to_synapse_error()
|
2017-08-25 12:21:34 +02:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
async def get_profile_from_cache(self, user_id: str) -> JsonDict:
|
2017-08-25 17:23:58 +02:00
|
|
|
"""Get the profile information from our local cache. If the user is
|
2020-10-23 18:38:40 +02:00
|
|
|
ours then the profile information will always be correct. Otherwise,
|
2017-08-25 17:23:58 +02:00
|
|
|
it may be out of date/missing.
|
|
|
|
"""
|
|
|
|
target_user = UserID.from_string(user_id)
|
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 20:08:05 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
displayname = await self.store.get_profile_displayname(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
2020-07-17 13:08:30 +02:00
|
|
|
avatar_url = await self.store.get_profile_avatar_url(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2017-08-25 17:23:58 +02:00
|
|
|
|
2019-07-23 15:00:55 +02:00
|
|
|
return {"displayname": displayname, "avatar_url": avatar_url}
|
2017-08-25 17:23:58 +02:00
|
|
|
else:
|
2020-07-17 13:08:30 +02:00
|
|
|
profile = await self.store.get_from_remote_profile_cache(user_id)
|
2019-07-23 15:00:55 +02:00
|
|
|
return profile or {}
|
2017-08-25 17:23:58 +02:00
|
|
|
|
2020-10-26 19:17:31 +01:00
|
|
|
async def get_displayname(self, target_user: UserID) -> Optional[str]:
|
2014-12-02 11:42:28 +01:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 20:08:05 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
displayname = await self.store.get_profile_displayname(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2019-07-23 15:00:55 +02:00
|
|
|
return displayname
|
2014-08-13 18:14:42 +02:00
|
|
|
else:
|
2014-08-12 16:10:52 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
result = await self.federation.make_query(
|
2014-08-12 16:10:52 +02:00
|
|
|
destination=target_user.domain,
|
2014-08-13 18:12:50 +02:00
|
|
|
query_type="profile",
|
2019-06-20 11:32:02 +02:00
|
|
|
args={"user_id": target_user.to_string(), "field": "displayname"},
|
2017-03-23 12:10:36 +01:00
|
|
|
ignore_backoff=True,
|
2014-08-12 16:10:52 +02:00
|
|
|
)
|
2019-06-07 11:29:35 +02:00
|
|
|
except RequestSendFailed as e:
|
2020-06-16 14:51:47 +02:00
|
|
|
raise SynapseError(502, "Failed to fetch profile") from e
|
2019-06-07 11:29:35 +02:00
|
|
|
except HttpResponseException as e:
|
|
|
|
raise e.to_synapse_error()
|
2018-10-03 12:34:30 +02:00
|
|
|
|
2021-01-06 13:29:03 +01:00
|
|
|
return result.get("displayname")
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2020-05-01 16:15:36 +02:00
|
|
|
async def set_displayname(
|
2020-10-21 12:44:31 +02:00
|
|
|
self,
|
|
|
|
target_user: UserID,
|
|
|
|
requester: Requester,
|
|
|
|
new_displayname: str,
|
|
|
|
by_admin: bool = False,
|
|
|
|
) -> None:
|
2019-03-26 18:48:30 +01:00
|
|
|
"""Set the displayname of a user
|
|
|
|
|
|
|
|
Args:
|
2020-10-21 12:44:31 +02:00
|
|
|
target_user: the user whose displayname is to be changed.
|
|
|
|
requester: The user attempting to make this change.
|
|
|
|
new_displayname: The displayname to give this user.
|
|
|
|
by_admin: Whether this change was made by an administrator.
|
2019-03-26 18:48:30 +01:00
|
|
|
"""
|
2014-12-02 11:42:28 +01:00
|
|
|
if not self.hs.is_mine(target_user):
|
2019-11-12 14:08:12 +01:00
|
|
|
raise SynapseError(400, "User is not hosted on this homeserver")
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2016-10-04 22:30:51 +02:00
|
|
|
if not by_admin and target_user != requester.user:
|
2014-08-12 16:10:52 +02:00
|
|
|
raise AuthError(400, "Cannot set another user's displayname")
|
|
|
|
|
2021-10-04 13:18:54 +02:00
|
|
|
if not by_admin and not self.hs.config.registration.enable_set_displayname:
|
2020-05-01 16:15:36 +02:00
|
|
|
profile = await self.store.get_profileinfo(target_user.localpart)
|
2020-03-27 20:15:23 +01:00
|
|
|
if profile.display_name:
|
|
|
|
raise SynapseError(
|
|
|
|
400,
|
|
|
|
"Changing display name is disabled on this server",
|
|
|
|
Codes.FORBIDDEN,
|
|
|
|
)
|
|
|
|
|
2020-09-01 19:02:41 +02:00
|
|
|
if not isinstance(new_displayname, str):
|
2020-11-02 19:01:09 +01:00
|
|
|
raise SynapseError(
|
|
|
|
400, "'displayname' must be a string", errcode=Codes.INVALID_PARAM
|
|
|
|
)
|
2020-09-01 19:02:41 +02:00
|
|
|
|
2019-06-01 11:42:33 +02:00
|
|
|
if len(new_displayname) > MAX_DISPLAYNAME_LEN:
|
|
|
|
raise SynapseError(
|
2019-06-20 11:32:02 +02:00
|
|
|
400, "Displayname is too long (max %i)" % (MAX_DISPLAYNAME_LEN,)
|
2019-06-01 11:42:33 +02:00
|
|
|
)
|
|
|
|
|
2021-07-16 19:22:36 +02:00
|
|
|
displayname_to_set: Optional[str] = new_displayname
|
2019-06-20 11:32:02 +02:00
|
|
|
if new_displayname == "":
|
2020-10-21 12:44:31 +02:00
|
|
|
displayname_to_set = None
|
2015-05-14 15:19:10 +02:00
|
|
|
|
2020-02-21 18:44:03 +01:00
|
|
|
# If the admin changes the display name of a user, the requesting user cannot send
|
|
|
|
# the join event to update the displayname in the rooms.
|
|
|
|
# This must be done by the target user himself.
|
|
|
|
if by_admin:
|
2020-11-17 11:51:25 +01:00
|
|
|
requester = create_requester(
|
2021-02-16 23:32:34 +01:00
|
|
|
target_user,
|
|
|
|
authenticated_entity=requester.authenticated_entity,
|
2020-11-17 11:51:25 +01:00
|
|
|
)
|
2020-02-21 18:44:03 +01:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
await self.store.set_profile_displayname(
|
|
|
|
target_user.localpart, displayname_to_set
|
|
|
|
)
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2021-09-21 14:02:34 +02:00
|
|
|
profile = await self.store.get_profileinfo(target_user.localpart)
|
|
|
|
await self.user_directory_handler.handle_local_profile_change(
|
|
|
|
target_user.to_string(), profile
|
|
|
|
)
|
2017-11-29 19:27:05 +01:00
|
|
|
|
2020-05-01 16:15:36 +02:00
|
|
|
await self._update_join_states(requester, target_user)
|
2014-09-17 16:05:09 +02:00
|
|
|
|
2020-10-26 19:17:31 +01:00
|
|
|
async def get_avatar_url(self, target_user: UserID) -> Optional[str]:
|
2014-12-02 11:42:28 +01:00
|
|
|
if self.hs.is_mine(target_user):
|
2018-08-03 20:08:05 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
avatar_url = await self.store.get_profile_avatar_url(
|
2018-08-03 20:08:05 +02:00
|
|
|
target_user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2019-07-23 15:00:55 +02:00
|
|
|
return avatar_url
|
2014-08-13 18:14:42 +02:00
|
|
|
else:
|
2014-08-12 16:10:52 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
result = await self.federation.make_query(
|
2014-08-13 18:12:50 +02:00
|
|
|
destination=target_user.domain,
|
|
|
|
query_type="profile",
|
2019-06-20 11:32:02 +02:00
|
|
|
args={"user_id": target_user.to_string(), "field": "avatar_url"},
|
2017-03-23 12:10:36 +01:00
|
|
|
ignore_backoff=True,
|
2014-08-12 16:10:52 +02:00
|
|
|
)
|
2019-06-07 11:29:35 +02:00
|
|
|
except RequestSendFailed as e:
|
2020-06-16 14:51:47 +02:00
|
|
|
raise SynapseError(502, "Failed to fetch profile") from e
|
2019-06-07 11:29:35 +02:00
|
|
|
except HttpResponseException as e:
|
|
|
|
raise e.to_synapse_error()
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2021-01-06 13:29:03 +01:00
|
|
|
return result.get("avatar_url")
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2020-05-01 16:15:36 +02:00
|
|
|
async def set_avatar_url(
|
2020-10-21 12:44:31 +02:00
|
|
|
self,
|
|
|
|
target_user: UserID,
|
|
|
|
requester: Requester,
|
|
|
|
new_avatar_url: str,
|
|
|
|
by_admin: bool = False,
|
2021-09-20 14:56:23 +02:00
|
|
|
) -> None:
|
2020-08-26 14:49:01 +02:00
|
|
|
"""Set a new avatar URL for a user.
|
|
|
|
|
|
|
|
Args:
|
2020-10-21 12:44:31 +02:00
|
|
|
target_user: the user whose avatar URL is to be changed.
|
|
|
|
requester: The user attempting to make this change.
|
|
|
|
new_avatar_url: The avatar URL to give this user.
|
|
|
|
by_admin: Whether this change was made by an administrator.
|
2020-08-26 14:49:01 +02:00
|
|
|
"""
|
2014-12-02 11:42:28 +01:00
|
|
|
if not self.hs.is_mine(target_user):
|
2019-11-12 14:08:12 +01:00
|
|
|
raise SynapseError(400, "User is not hosted on this homeserver")
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2016-10-04 22:30:51 +02:00
|
|
|
if not by_admin and target_user != requester.user:
|
2014-08-12 16:10:52 +02:00
|
|
|
raise AuthError(400, "Cannot set another user's avatar_url")
|
|
|
|
|
2021-10-04 13:18:54 +02:00
|
|
|
if not by_admin and not self.hs.config.registration.enable_set_avatar_url:
|
2020-05-01 16:15:36 +02:00
|
|
|
profile = await self.store.get_profileinfo(target_user.localpart)
|
2020-03-27 20:15:23 +01:00
|
|
|
if profile.avatar_url:
|
|
|
|
raise SynapseError(
|
|
|
|
400, "Changing avatar is disabled on this server", Codes.FORBIDDEN
|
|
|
|
)
|
|
|
|
|
2020-09-01 19:02:41 +02:00
|
|
|
if not isinstance(new_avatar_url, str):
|
2020-11-02 19:01:09 +01:00
|
|
|
raise SynapseError(
|
|
|
|
400, "'avatar_url' must be a string", errcode=Codes.INVALID_PARAM
|
|
|
|
)
|
2020-09-01 19:02:41 +02:00
|
|
|
|
2019-06-01 11:42:33 +02:00
|
|
|
if len(new_avatar_url) > MAX_AVATAR_URL_LEN:
|
|
|
|
raise SynapseError(
|
2019-06-20 11:32:02 +02:00
|
|
|
400, "Avatar URL is too long (max %i)" % (MAX_AVATAR_URL_LEN,)
|
2019-06-01 11:42:33 +02:00
|
|
|
)
|
|
|
|
|
2021-07-16 19:22:36 +02:00
|
|
|
avatar_url_to_set: Optional[str] = new_avatar_url
|
2021-01-12 22:30:15 +01:00
|
|
|
if new_avatar_url == "":
|
|
|
|
avatar_url_to_set = None
|
|
|
|
|
2020-02-21 18:44:03 +01:00
|
|
|
# Same like set_displayname
|
|
|
|
if by_admin:
|
2020-11-17 11:51:25 +01:00
|
|
|
requester = create_requester(
|
|
|
|
target_user, authenticated_entity=requester.authenticated_entity
|
|
|
|
)
|
2020-02-21 18:44:03 +01:00
|
|
|
|
2021-01-12 22:30:15 +01:00
|
|
|
await self.store.set_profile_avatar_url(
|
|
|
|
target_user.localpart, avatar_url_to_set
|
|
|
|
)
|
2014-08-12 16:10:52 +02:00
|
|
|
|
2021-09-21 14:02:34 +02:00
|
|
|
profile = await self.store.get_profileinfo(target_user.localpart)
|
|
|
|
await self.user_directory_handler.handle_local_profile_change(
|
|
|
|
target_user.to_string(), profile
|
|
|
|
)
|
2017-11-29 19:27:05 +01:00
|
|
|
|
2020-05-01 16:15:36 +02:00
|
|
|
await self._update_join_states(requester, target_user)
|
2014-09-17 16:05:09 +02:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
async def on_profile_query(self, args: JsonDict) -> JsonDict:
|
2021-02-19 14:19:54 +01:00
|
|
|
"""Handles federation profile query requests."""
|
2021-02-19 10:50:41 +01:00
|
|
|
|
2021-09-23 18:03:01 +02:00
|
|
|
if not self.hs.config.federation.allow_profile_lookup_over_federation:
|
2021-02-19 10:50:41 +01:00
|
|
|
raise SynapseError(
|
|
|
|
403,
|
|
|
|
"Profile lookup over federation is disabled on this homeserver",
|
|
|
|
Codes.FORBIDDEN,
|
|
|
|
)
|
|
|
|
|
2015-01-23 12:47:15 +01:00
|
|
|
user = UserID.from_string(args["user_id"])
|
2014-12-02 11:42:28 +01:00
|
|
|
if not self.hs.is_mine(user):
|
2019-11-12 14:08:12 +01:00
|
|
|
raise SynapseError(400, "User is not hosted on this homeserver")
|
2014-08-13 18:12:50 +02:00
|
|
|
|
|
|
|
just_field = args.get("field", None)
|
|
|
|
|
|
|
|
response = {}
|
2018-08-03 20:08:05 +02:00
|
|
|
try:
|
|
|
|
if just_field is None or just_field == "displayname":
|
2020-07-17 13:08:30 +02:00
|
|
|
response["displayname"] = await self.store.get_profile_displayname(
|
2018-08-03 20:08:05 +02:00
|
|
|
user.localpart
|
|
|
|
)
|
2014-08-13 18:12:50 +02:00
|
|
|
|
2018-08-03 20:08:05 +02:00
|
|
|
if just_field is None or just_field == "avatar_url":
|
2020-07-17 13:08:30 +02:00
|
|
|
response["avatar_url"] = await self.store.get_profile_avatar_url(
|
2018-08-03 20:08:05 +02:00
|
|
|
user.localpart
|
|
|
|
)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
raise SynapseError(404, "Profile was not found", Codes.NOT_FOUND)
|
|
|
|
raise
|
2014-08-13 18:12:50 +02:00
|
|
|
|
2019-07-23 15:00:55 +02:00
|
|
|
return response
|
2014-09-17 16:05:09 +02:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
async def _update_join_states(
|
|
|
|
self, requester: Requester, target_user: UserID
|
|
|
|
) -> None:
|
2017-11-03 18:25:04 +01:00
|
|
|
if not self.hs.is_mine(target_user):
|
2014-09-17 16:05:09 +02:00
|
|
|
return
|
|
|
|
|
2021-10-08 13:44:43 +02:00
|
|
|
await self.request_ratelimiter.ratelimit(requester)
|
2014-12-19 18:36:33 +01:00
|
|
|
|
2020-08-26 14:49:01 +02:00
|
|
|
# Do not actually update the room state for shadow-banned users.
|
|
|
|
if requester.shadow_banned:
|
|
|
|
# We randomly sleep a bit just to annoy the requester.
|
|
|
|
await self.clock.sleep(random.randint(1, 10))
|
|
|
|
return
|
|
|
|
|
2020-05-01 16:15:36 +02:00
|
|
|
room_ids = await self.store.get_rooms_for_user(target_user.to_string())
|
2014-09-17 16:05:09 +02:00
|
|
|
|
2017-03-16 12:51:46 +01:00
|
|
|
for room_id in room_ids:
|
2018-03-01 11:54:37 +01:00
|
|
|
handler = self.hs.get_room_member_handler()
|
2015-03-06 17:24:05 +01:00
|
|
|
try:
|
2017-11-03 18:25:04 +01:00
|
|
|
# Assume the target_user isn't a guest,
|
|
|
|
# because we don't let guests set profile or avatar data.
|
2020-05-01 16:15:36 +02:00
|
|
|
await handler.update_membership(
|
2016-02-15 18:14:34 +01:00
|
|
|
requester,
|
2017-11-03 18:25:04 +01:00
|
|
|
target_user,
|
2017-03-16 12:51:46 +01:00
|
|
|
room_id,
|
2016-02-15 18:14:34 +01:00
|
|
|
"join", # We treat a profile update like a join.
|
2016-02-16 12:52:46 +01:00
|
|
|
ratelimit=False, # Try to hide that these events aren't atomic.
|
2016-02-15 18:14:34 +01:00
|
|
|
)
|
2015-03-06 17:24:05 +01:00
|
|
|
except Exception as e:
|
2019-10-31 11:23:24 +01:00
|
|
|
logger.warning(
|
2019-06-20 11:32:02 +02:00
|
|
|
"Failed to update join event for room %s - %s", room_id, str(e)
|
2015-03-06 17:24:05 +01:00
|
|
|
)
|
2017-08-25 12:21:34 +02:00
|
|
|
|
2020-10-21 12:44:31 +02:00
|
|
|
async def check_profile_query_allowed(
|
|
|
|
self, target_user: UserID, requester: Optional[UserID] = None
|
|
|
|
) -> None:
|
2019-05-08 19:26:56 +02:00
|
|
|
"""Checks whether a profile query is allowed. If the
|
|
|
|
'require_auth_for_profile_requests' config flag is set to True and a
|
|
|
|
'requester' is provided, the query is only allowed if the two users
|
|
|
|
share a room.
|
|
|
|
|
|
|
|
Args:
|
2020-10-21 12:44:31 +02:00
|
|
|
target_user: The owner of the queried profile.
|
|
|
|
requester: The user querying for the profile.
|
2019-05-08 19:26:56 +02:00
|
|
|
|
|
|
|
Raises:
|
|
|
|
SynapseError(403): The two users share no room, or ne user couldn't
|
|
|
|
be found to be in any room the server is in, and therefore the query
|
|
|
|
is denied.
|
|
|
|
"""
|
2019-12-16 17:11:55 +01:00
|
|
|
|
2019-05-08 19:26:56 +02:00
|
|
|
# Implementation of MSC1301: don't allow looking up profiles if the
|
|
|
|
# requester isn't in the same room as the target. We expect requester to
|
|
|
|
# be None when this function is called outside of a profile query, e.g.
|
|
|
|
# when building a membership event. In this case, we must allow the
|
|
|
|
# lookup.
|
2019-12-16 17:11:55 +01:00
|
|
|
if (
|
2021-09-29 12:44:15 +02:00
|
|
|
not self.hs.config.server.limit_profile_requests_to_users_who_share_rooms
|
2019-12-16 17:11:55 +01:00
|
|
|
or not requester
|
|
|
|
):
|
2019-05-08 19:26:56 +02:00
|
|
|
return
|
|
|
|
|
2019-07-08 18:31:00 +02:00
|
|
|
# Always allow the user to query their own profile.
|
|
|
|
if target_user.to_string() == requester.to_string():
|
|
|
|
return
|
|
|
|
|
2019-05-08 19:26:56 +02:00
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
requester_rooms = await self.store.get_rooms_for_user(requester.to_string())
|
|
|
|
target_user_rooms = await self.store.get_rooms_for_user(
|
2019-06-20 11:32:02 +02:00
|
|
|
target_user.to_string()
|
2019-05-08 19:26:56 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
# Check if the room lists have no elements in common.
|
|
|
|
if requester_rooms.isdisjoint(target_user_rooms):
|
|
|
|
raise SynapseError(403, "Profile isn't available", Codes.FORBIDDEN)
|
|
|
|
except StoreError as e:
|
|
|
|
if e.code == 404:
|
|
|
|
# This likely means that one of the users doesn't exist,
|
|
|
|
# so we act as if we couldn't find the profile.
|
|
|
|
raise SynapseError(403, "Profile isn't available", Codes.FORBIDDEN)
|
|
|
|
raise
|
|
|
|
|
2020-10-20 17:29:38 +02:00
|
|
|
@wrap_as_background_process("Update remote profile")
|
2021-09-20 14:56:23 +02:00
|
|
|
async def _update_remote_profile_cache(self) -> None:
|
2017-08-25 15:45:20 +02:00
|
|
|
"""Called periodically to check profiles of remote users we haven't
|
2017-08-25 12:21:34 +02:00
|
|
|
checked in a while.
|
|
|
|
"""
|
2020-07-17 13:08:30 +02:00
|
|
|
entries = await self.store.get_remote_profile_cache_entries_that_expire(
|
2017-08-25 12:21:34 +02:00
|
|
|
last_checked=self.clock.time_msec() - self.PROFILE_UPDATE_EVERY_MS
|
|
|
|
)
|
|
|
|
|
|
|
|
for user_id, displayname, avatar_url in entries:
|
2020-07-17 13:08:30 +02:00
|
|
|
is_subscribed = await self.store.is_subscribed_remote_profile_for_user(
|
2019-06-20 11:32:02 +02:00
|
|
|
user_id
|
2017-08-25 12:21:34 +02:00
|
|
|
)
|
2017-08-25 15:45:20 +02:00
|
|
|
if not is_subscribed:
|
2020-07-17 13:08:30 +02:00
|
|
|
await self.store.maybe_delete_remote_profile_cache(user_id)
|
2017-08-25 12:21:34 +02:00
|
|
|
continue
|
|
|
|
|
|
|
|
try:
|
2020-07-17 13:08:30 +02:00
|
|
|
profile = await self.federation.make_query(
|
2017-08-25 12:21:34 +02:00
|
|
|
destination=get_domain_from_id(user_id),
|
|
|
|
query_type="profile",
|
2019-06-20 11:32:02 +02:00
|
|
|
args={"user_id": user_id},
|
2017-08-25 12:21:34 +02:00
|
|
|
ignore_backoff=True,
|
|
|
|
)
|
2017-10-23 16:52:32 +02:00
|
|
|
except Exception:
|
2017-08-25 12:21:34 +02:00
|
|
|
logger.exception("Failed to get avatar_url")
|
|
|
|
|
2020-07-17 13:08:30 +02:00
|
|
|
await self.store.update_remote_profile_cache(
|
2017-08-25 12:21:34 +02:00
|
|
|
user_id, displayname, avatar_url
|
|
|
|
)
|
|
|
|
continue
|
|
|
|
|
|
|
|
new_name = profile.get("displayname")
|
2021-10-27 18:27:23 +02:00
|
|
|
if not isinstance(new_name, str):
|
|
|
|
new_name = None
|
2017-08-25 12:21:34 +02:00
|
|
|
new_avatar = profile.get("avatar_url")
|
2021-10-27 18:27:23 +02:00
|
|
|
if not isinstance(new_avatar, str):
|
|
|
|
new_avatar = None
|
2017-08-25 12:21:34 +02:00
|
|
|
|
|
|
|
# We always hit update to update the last_check timestamp
|
2020-07-17 13:08:30 +02:00
|
|
|
await self.store.update_remote_profile_cache(user_id, new_name, new_avatar)
|