Don't MAU limit AS ghost users

2020-12-17 12:04:14 +00:00 · 2020-12-17 12:04:14 +00:00 · 7932d4e9f7
parent 9b26a4ac87
commit 7932d4e9f7
1 changed files with 7 additions and 0 deletions
--- a/synapse/api/auth_blocking.py
+++ b/synapse/api/auth_blocking.py
@ -36,6 +36,7 @@ class AuthBlocking:
        self._limit_usage_by_mau = hs.config.limit_usage_by_mau
        self._mau_limits_reserved_threepids = hs.config.mau_limits_reserved_threepids
        self._server_name = hs.hostname
+        self._track_appservice_user_ips = hs.config.appservice.track_appservice_user_ips

    async def check_auth_blocking(
        self,
@ -76,6 +77,12 @@ class AuthBlocking:
                # We never block the server from doing actions on behalf of
                # users.
                return
+            elif requester.app_service and not self._track_appservice_user_ips:
+                # If we're authenticated as an appservice then we only block
+                # auth if `track_appservice_user_ips` is set, as that option
+                # implicitly means that application services are part of MAU
+                # limits.
+                return

        # Never fail an auth check for the server notices users or support user
        # This can be a problem where event creation is prohibited due to blocking