block non-admins from publishing to room directory

synapse/handlers/room.py

@@ -871,7 +871,9 @@ class RoomCreationHandler:
 
         # The spec says rooms should default to private visibility if
         # `visibility` is not specified.
-        visibility = config.get("visibility", "private")
+        #visibility = config.get("visibility", "private")
+        # temporarily block publishing rooms to directory - patch date 12/12/23
+        visibility = "private"
         is_public = visibility == "public"
 
         self._validate_room_config(config, visibility)

synapse/rest/client/directory.py

@@ -159,6 +159,16 @@ class ClientDirectoryListServer(RestServlet):
 
         content = parse_and_validate_json_object_from_request(request, self.PutBody)
 
+        # temporarily block publishing rooms to public directory for non-admins
+        # patch date 12/12/23
+        if content.visibility == "public":
+            is_admin = await self.is_server_admin(requester)
+            if not is_admin:
+                raise AuthError(
+                    403,
+                    "Publishing rooms to the room list is temporarily disabled.",
+                )
+
         await self.directory_handler.edit_published_room_list(
             requester, room_id, content.visibility
         )