Merge branch 'develop' of github.com:matrix-org/synapse into neilj/server_notices_on_blocking

2018-08-17 14:04:15 +01:00 · 2018-08-17 14:04:15 +01:00 · b5f638f1f4
parent 51b17ec566 a2d872e7b3
commit b5f638f1f4
11 changed files with 34 additions and 4 deletions
--- a/changelog.d/3705.bugfix
+++ b/changelog.d/3705.bugfix
@ -0,0 +1 @@
+Support more federation endpoints on workers
--- a/changelog.d/3708.feature
+++ b/changelog.d/3708.feature
@ -0,0 +1 @@
+For resource limit blocked users, prevent writing into rooms
--- a/changelog.d/3712.misc
+++ b/changelog.d/3712.misc
@ -0,0 +1 @@
+Update admin register API documentation to reference a real user ID.
--- a/docs/admin_api/register_api.rst
+++ b/docs/admin_api/register_api.rst
@ -33,7 +33,7 @@ As an example::

  < {
     "access_token": "token_here",
-     "user_id": "@pepper_roni@test",
+     "user_id": "@pepper_roni:localhost",
     "home_server": "test",
     "device_id": "device_id_here"
    }
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@ -799,7 +799,7 @@ class Auth(object):
            current_mau = yield self.store.get_monthly_active_count()
            if current_mau >= self.hs.config.max_mau_value:
                raise AuthError(
-                    403, "Monthly Active User Limits AU Limit Exceeded",
+                    403, "Monthly Active User Limit Exceeded",
                    admin_uri=self.hs.config.admin_uri,
                    errcode=Codes.RESOURCE_LIMIT_EXCEED
                )
--- a/synapse/app/federation_reader.py
+++ b/synapse/app/federation_reader.py
@ -32,6 +32,7 @@ from synapse.http.site import SynapseSite
 from synapse.metrics import RegistryProxy
 from synapse.metrics.resource import METRICS_PREFIX, MetricsResource
 from synapse.replication.slave.storage._base import BaseSlavedStore
+from synapse.replication.slave.storage.account_data import SlavedAccountDataStore
 from synapse.replication.slave.storage.appservice import SlavedApplicationServiceStore
 from synapse.replication.slave.storage.directory import DirectoryStore
 from synapse.replication.slave.storage.events import SlavedEventStore
@ -54,6 +55,7 @@ logger = logging.getLogger("synapse.app.federation_reader")


 class FederationReaderSlavedStore(
+    SlavedAccountDataStore,
    SlavedProfileStore,
    SlavedApplicationServiceStore,
    SlavedPusherStore,
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@ -525,6 +525,7 @@ def run(hs):
    clock.looping_call(
        hs.get_datastore().reap_monthly_active_users, 1000 * 60 * 60
    )
+    hs.get_datastore().reap_monthly_active_users()

    @defer.inlineCallbacks
    def generate_monthly_active_users():
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@ -276,10 +276,14 @@ class EventCreationHandler(object):
                where *hashes* is a map from algorithm to hash.

                If None, they will be requested from the database.
-
+        Raises:
+            ResourceLimitError if server is blocked to some resource being
+            exceeded
        Returns:
            Tuple of created event (FrozenEvent), Context
        """
+        yield self.auth.check_auth_blocking(requester.user.to_string())
+
        builder = self.event_builder_factory.new(event_dict)

        self.validator.validate_new(builder)
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@ -98,9 +98,13 @@ class RoomCreationHandler(BaseHandler):
        Raises:
            SynapseError if the room ID couldn't be stored, or something went
            horribly wrong.
+            ResourceLimitError if server is blocked to some resource being
+            exceeded
        """
        user_id = requester.user.to_string()

+        self.auth.check_auth_blocking(user_id)
+
        if not self.spam_checker.user_may_create_room(user_id):
            raise SynapseError(403, "You are not permitted to create rooms")

--- a/synapse/storage/monthly_active_users.py
+++ b/synapse/storage/monthly_active_users.py
@ -96,7 +96,10 @@ class MonthlyActiveUsersStore(SQLBaseStore):
            # While Postgres does not require 'LIMIT', but also does not support
            # negative LIMIT values. So there is no way to write it that both can
            # support
-            query_args = [self.hs.config.max_mau_value]
+            safe_guard = self.hs.config.max_mau_value - len(self.reserved_users)
+            # Must be greater than zero for postgres
+            safe_guard = safe_guard if safe_guard > 0 else 0
+            query_args = [safe_guard]

            base_sql = """
                DELETE FROM monthly_active_users
--- a/tests/storage/test_monthly_active_users.py
+++ b/tests/storage/test_monthly_active_users.py
@ -75,6 +75,19 @@ class MonthlyActiveUsersTestCase(tests.unittest.TestCase):
        active_count = yield self.store.get_monthly_active_count()
        self.assertEquals(active_count, user_num)

+        # Test that regalar users are removed from the db
+        ru_count = 2
+        yield self.store.upsert_monthly_active_user("@ru1:server")
+        yield self.store.upsert_monthly_active_user("@ru2:server")
+        active_count = yield self.store.get_monthly_active_count()
+
+        self.assertEqual(active_count, user_num + ru_count)
+        self.hs.config.max_mau_value = user_num
+        yield self.store.reap_monthly_active_users()
+
+        active_count = yield self.store.get_monthly_active_count()
+        self.assertEquals(active_count, user_num)
+
    @defer.inlineCallbacks
    def test_can_insert_and_count_mau(self):
        count = yield self.store.get_monthly_active_count()
				`@ -0,0 +1 @@`
				`Support more federation endpoints on workers`
				`@ -0,0 +1 @@`
				`For resource limit blocked users, prevent writing into rooms`
				`@ -0,0 +1 @@`
				`Update admin register API documentation to reference a real user ID.`