Skip to content

Add support for MSC4155 Invite filtering #18288

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 43 commits into from
Jun 5, 2025
Merged

Add support for MSC4155 Invite filtering #18288

merged 43 commits into from
Jun 5, 2025

Conversation

Half-Shot
Copy link
Member

@Half-Shot Half-Shot commented Mar 27, 2025
edited
Loading

This implements matrix-org/matrix-spec-proposals#4155, which adds support for a new account data type that blocks an invite based on some conditions in the event contents.

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct
    (run the linters)

@Half-Shot Half-Shot changed the title Implementation of MSC4155 Add support for MSC4155 Invite filtering Mar 27, 2025
@Half-Shot Half-Shot mentioned this pull request Mar 27, 2025
Open
@Half-Shot Half-Shot mentioned this pull request Mar 27, 2025
Merged
4 tasks
@Half-Shot Half-Shot marked this pull request as ready for review March 31, 2025 12:56
@Half-Shot Half-Shot requested a review from a team as a code owner March 31, 2025 12:56
anoadragon453
anoadragon453 requested changes May 13, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good start! Apologies for the long turn-around time on reviews.

Could you also write some Complement tests for this? Given it's related to an MSC, it'd be good to have homeserver-level integration tests for it, assuming it eventually passes FCP.

synapse/storage/databases/main/account_data.py Outdated
Comment on lines 1081 to 1092
"""
Get the invite configuration for the current user.

If experimental MSC3391 support is enabled, any entries with an empty
content body are excluded; as this means they have been deleted.

Args:
user_id: The user to get the account_data for.

Returns:
The global account_data.
"""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This docstring needs to be updated.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How strict are we on providing args and returns here. Both are fairly self explanatory?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently we do it even for self-explanatory arguments, though we'll write:

Args:
    user_id:

whether that's necessary is another conversation, but that's the current convention.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done and done for public APIs

@Half-Shot Half-Shot force-pushed the hs/msc4155-invite-filtering branch from a248274 to 729567f Compare May 22, 2025 05:57
@Half-Shot Half-Shot mentioned this pull request May 29, 2025
Merged
1 task
Half-Shot
Half-Shot commented Jun 2, 2025
View reviewed changes
Half-Shot
Half-Shot commented Jun 2, 2025
View reviewed changes
Half-Shot
Half-Shot commented Jun 3, 2025
View reviewed changes
anoadragon453
anoadragon453 requested changes Jun 4, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few more things, but we're getting close now! Thanks for being persistent with this one.

@Half-Shot Half-Shot requested a review from anoadragon453 June 4, 2025 11:09
anoadragon453
anoadragon453 approved these changes Jun 4, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM now, thanks!

Edit: Sytest failures appear to be unrelated to this PR.

@Half-Shot
Copy link
Member Author

@anoadragon453 just FYI you'll be clicking merge because I lack perms :)

Half-Shot
Half-Shot commented Jun 5, 2025
View reviewed changes
synapse/api/errors.py
@@ -137,6 +137,9 @@ class Codes(str, Enum):
PROFILE_TOO_LARGE = "M_PROFILE_TOO_LARGE"
KEY_TOO_LARGE = "M_KEY_TOO_LARGE"

# Part of MSC4155
INVITE_BLOCKED = "ORG.MATRIX.MSC4155.M_INVITE_BLOCKED"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noting last minute introduction of error code as per spec change. https://github.com/matrix-org/matrix-spec-proposals/pull/4155/files#diff-fc221ff9830147ac4cac04ecf91ccdde962f4706c40cbd700fb99859b28afc54R62

@reivilibre reivilibre merged commit 8010377 into element-hq:develop Jun 5, 2025
39 checks passed
Michael-Ixo pushed a commit to ixoworld/synapse that referenced this pull request Jun 25, 2025
@MichaelPretorius
Merge tag 'v1.132.0' into ixo
92e62a9 
- Improvements to generate config documentation from JSON Schema file. ([\element-hq#18522](element-hq#18522))

- Add support for [MSC4155](matrix-org/matrix-spec-proposals#4155) Invite Filtering. ([\element-hq#18288](element-hq#18288))
- Add experimental `user_may_send_state_event` module API callback. ([\element-hq#18455](element-hq#18455))
- Add experimental `get_media_config_for_user` and `is_user_allowed_to_upload_media_of_size` module API callbacks that allow overriding of media repository maximum upload size. ([\element-hq#18457](element-hq#18457))
- Add experimental `get_ratelimit_override_for_user` module API callback that allows overriding of per-user ratelimits. ([\element-hq#18458](element-hq#18458))
- Pass `room_config` argument to `user_may_create_room` spam checker module callback. ([\element-hq#18486](element-hq#18486))
- Support configuration of default and extra user types. ([\element-hq#18456](element-hq#18456))
- Successful requests to `/_matrix/app/v1/ping` will now force Synapse to reattempt delivering transactions to appservices. ([\element-hq#18521](element-hq#18521))
- Support the import of the `RatelimitOverride` type from `synapse.module_api` in modules and rename `messages_per_second` to `per_second`. ([\element-hq#18513](element-hq#18513))

- Remove destinations from sending if not whitelisted. ([\element-hq#18484](element-hq#18484))
- Fixed room summary API incorrectly returning that a room is private in the room summary response when the join rule is omitted by the remote server. Contributed by @nexy7574. ([\element-hq#18493](element-hq#18493))
- Prevent users from adding themselves to their own user ignore list. ([\element-hq#18508](element-hq#18508))

- Generate config documentation from JSON Schema file. ([\element-hq#17892](element-hq#17892))
- Mention `CAP_NET_BIND_SERVICE` as an alternative to running Synapse as root in order to bind to a privileged port. ([\element-hq#18408](element-hq#18408))
- Surface hidden Admin API documentation regarding fetching of scheduled tasks. ([\element-hq#18516](element-hq#18516))
- Mark the new module APIs in this release as experimental. ([\element-hq#18536](element-hq#18536))

- Mark dehydrated devices in the [List All User Devices Admin API](https://element-hq.github.io/synapse/latest/admin_api/user_admin_api.html#list-all-devices). ([\element-hq#18252](element-hq#18252))
- Reduce disk wastage by cleaning up `received_transactions` older than 1 day, rather than 30 days. ([\element-hq#18310](element-hq#18310))
- Distinguish all vs local events being persisted in the "Event Send Time Quantiles" graph (Grafana). ([\element-hq#18510](element-hq#18510))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jul 17, 2025
chat/matrix-synapse: Update to 1.134.0
58bfe11 
Builds on NetBSD 10 amd64, and builds/tests-ok on NetBSD 9 amd64 using
dependencies from 2025Q2.

NB: A security update to synapse is scheduled for July 22.  Consult
  https://matrix.org/blog/2025/07/security-predisclosure/
for further details.

Those running synapse in production may wish to update to 1.134.0 to
reduce the magnitude of change when updating to the July 22 version
(although that will be a big update regardless).  Note that the usual
pkgsrc pre-commit test is upgrading from the current pkgsrc version
and briefly checking operation.  Therefore, not upgrading has a
theoretical risk of encountering a 1.127.1 to 1.135.0 update bug when
1.127.1 to 134.0 and 1.134.0 to 1.135.0 are ok.

# Synapse 1.134.0 (2025-07-15)

- Support for [MSC4235](matrix-org/matrix-spec-proposals#4235): `via` query param for hierarchy endpoint. Contributed by Krishan (@kfiven). ([\#18070](element-hq/synapse#18070))
- Add `forget_forced_upon_leave` capability as per [MSC4267](matrix-org/matrix-spec-proposals#4267). ([\#18196](element-hq/synapse#18196))
- Add `federated_user_may_invite` spam checker callback which receives the entire invite event. Contributed by @tulir @ Beeper. ([\#18241](element-hq/synapse#18241))

# Synapse 1.133.0 (2025-07-01)

- Add support for the [MSC4260 user report API](matrix-org/matrix-spec-proposals#4260). ([\#18120](element-hq/synapse#18120))

# Synapse 1.132.0 (2025-06-17)

- Add support for [MSC4155](matrix-org/matrix-spec-proposals#4155) Invite Filtering. ([\#18288](element-hq/synapse#18288))
- Add experimental `user_may_send_state_event` module API callback. ([\#18455](element-hq/synapse#18455))
- Add experimental `get_media_config_for_user` and `is_user_allowed_to_upload_media_of_size` module API callbacks that allow overriding of media repository maximum upload size. ([\#18457](element-hq/synapse#18457))
- Add experimental `get_ratelimit_override_for_user` module API callback that allows overriding of per-user ratelimits. ([\#18458](element-hq/synapse#18458))
- Pass `room_config` argument to `user_may_create_room` spam checker module callback. ([\#18486](element-hq/synapse#18486))
- Support configuration of default and extra user types. ([\#18456](element-hq/synapse#18456))
- Successful requests to `/_matrix/app/v1/ping` will now force Synapse to reattempt delivering transactions to appservices. ([\#18521](element-hq/synapse#18521))
- Support the import of the `RatelimitOverride` type from `synapse.module_api` in modules and rename `messages_per_second` to `per_second`. ([\#18513](element-hq/synapse#18513))

# Synapse 1.131.0 (2025-06-03)

- Add `msc4263_limit_key_queries_to_users_who_share_rooms` config option as per [MSC4263](matrix-org/matrix-spec-proposals#4263). ([\#18180](element-hq/synapse#18180))
- Add option to allow registrations that begin with `_`. Contributed by `_` (@hex5f). ([\#18262](element-hq/synapse#18262))
- Include room ID in response to the [Room Deletion Status Admin API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#status-of-deleting-rooms). ([\#18318](element-hq/synapse#18318))
- Add support for calling Policy Servers ([MSC4284](matrix-org/matrix-spec-proposals#4284)) to mark events as spam. ([\#18387](element-hq/synapse#18387))

# Synapse 1.130.0 (2025-05-20)

- Add an Admin API endpoint `GET /_synapse/admin/v1/scheduled_tasks`  to fetch scheduled tasks. ([\#18214](element-hq/synapse#18214))
- Add config option `user_directory.exclude_remote_users` which, when enabled, excludes remote users from user directory search results. ([\#18300](element-hq/synapse#18300))
- Add support for handling `GET /devices/` on workers. ([\#18355](element-hq/synapse#18355))


# Synapse 1.129.0 (2025-05-06)

- Add `passthrough_authorization_parameters` in OIDC configuration to allow passing parameters to the authorization grant URL. ([\#18232](element-hq/synapse#18232))
- Add `total_event_count`, `total_message_count`, and `total_e2ee_event_count` fields to the homeserver usage statistics. ([\#18260](element-hq/synapse#18260))

# Synapse 1.128.0 (2025-04-08)

- Add an access token introspection cache to make Matrix Authentication Service integration ([MSC3861](matrix-org/matrix-spec-proposals#3861)) more efficient. ([\#18231](element-hq/synapse#18231))
- Add background job to clear unreferenced state groups. ([\#18254](element-hq/synapse#18254))
- Hashes of media files are now tracked by Synapse. Media quarantines will now apply to all files with the same hash. ([\#18277](element-hq/synapse#18277), [\#18302](element-hq/synapse#18302), [\#18296](element-hq/synapse#18296))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jul 18, 2025
@coypoop
Pullup ticket #6991 - requested by gdt
9806d2e 
chat/matrix-synapse: Update package in anticipation of security fix

Revisions pulled up:
- chat/matrix-synapse/Makefile                                  1.112
- chat/matrix-synapse/PLIST                                     1.59
- chat/matrix-synapse/cargo-depends.mk                          1.27
- chat/matrix-synapse/distinfo                                  1.80

---
   Module Name:    pkgsrc
   Committed By:   gdt
   Date:           Thu Jul 17 11:24:44 UTC 2025

   Modified Files:
           pkgsrc/chat/matrix-synapse: Makefile PLIST cargo-depends.mk distinfo

   Log Message:
   chat/matrix-synapse: Update to 1.134.0

   Builds on NetBSD 10 amd64, and builds/tests-ok on NetBSD 9 amd64 using
   dependencies from 2025Q2.

   NB: A security update to synapse is scheduled for July 22.  Consult
     https://matrix.org/blog/2025/07/security-predisclosure/
   for further details.

   Those running synapse in production may wish to update to 1.134.0 to
   reduce the magnitude of change when updating to the July 22 version
   (although that will be a big update regardless).  Note that the usual
   pkgsrc pre-commit test is upgrading from the current pkgsrc version
   and briefly checking operation.  Therefore, not upgrading has a
   theoretical risk of encountering a 1.127.1 to 1.135.0 update bug when
   1.127.1 to 134.0 and 1.134.0 to 1.135.0 are ok.

   # Synapse 1.134.0 (2025-07-15)

   - Support for [MSC4235](matrix-org/matrix-spec-proposals#4235): `via` query param for hierarchy endpoint. Contributed by Krishan (@kfiven).
   ([\#18070](element-hq/synapse#18070))
   - Add `forget_forced_upon_leave` capability as per [MSC4267](matrix-org/matrix-spec-proposals#4267). ([\#18196](element-hq/synapse#18196))
   - Add `federated_user_may_invite` spam checker callback which receives the entire invite event. Contributed by @tulir @ Beeper. ([\#18241](element-hq/synapse#18241))

   # Synapse 1.133.0 (2025-07-01)

   - Add support for the [MSC4260 user report API](matrix-org/matrix-spec-proposals#4260). ([\#18120](element-hq/synapse#18120))

   # Synapse 1.132.0 (2025-06-17)

   - Add support for [MSC4155](matrix-org/matrix-spec-proposals#4155) Invite Filtering. ([\#18288](element-hq/synapse#18288))
   - Add experimental `user_may_send_state_event` module API callback. ([\#18455](element-hq/synapse#18455))
   - Add experimental `get_media_config_for_user` and `is_user_allowed_to_upload_media_of_size` module API callbacks that allow overriding of media repository maximum upload size.
   ([\#18457](element-hq/synapse#18457))
   - Add experimental `get_ratelimit_override_for_user` module API callback that allows overriding of per-user ratelimits. ([\#18458](element-hq/synapse#18458))
   - Pass `room_config` argument to `user_may_create_room` spam checker module callback. ([\#18486](element-hq/synapse#18486))
   - Support configuration of default and extra user types. ([\#18456](element-hq/synapse#18456))
   - Successful requests to `/_matrix/app/v1/ping` will now force Synapse to reattempt delivering transactions to appservices. ([\#18521](element-hq/synapse#18521))
   - Support the import of the `RatelimitOverride` type from `synapse.module_api` in modules and rename `messages_per_second` to `per_second`.
   ([\#18513](element-hq/synapse#18513))

   # Synapse 1.131.0 (2025-06-03)

   - Add `msc4263_limit_key_queries_to_users_who_share_rooms` config option as per [MSC4263](matrix-org/matrix-spec-proposals#4263).
   ([\#18180](element-hq/synapse#18180))
   - Add option to allow registrations that begin with `_`. Contributed by `_` (@hex5f). ([\#18262](element-hq/synapse#18262))
   - Include room ID in response to the [Room Deletion Status Admin API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#status-of-deleting-rooms).
   ([\#18318](element-hq/synapse#18318))
   - Add support for calling Policy Servers ([MSC4284](matrix-org/matrix-spec-proposals#4284)) to mark events as spam.
   ([\#18387](element-hq/synapse#18387))

   # Synapse 1.130.0 (2025-05-20)

   - Add an Admin API endpoint `GET /_synapse/admin/v1/scheduled_tasks`  to fetch scheduled tasks. ([\#18214](element-hq/synapse#18214))
   - Add config option `user_directory.exclude_remote_users` which, when enabled, excludes remote users from user directory search results. ([\#18300](element-hq/synapse#18300))
   - Add support for handling `GET /devices/` on workers. ([\#18355](element-hq/synapse#18355))

   # Synapse 1.129.0 (2025-05-06)

   - Add `passthrough_authorization_parameters` in OIDC configuration to allow passing parameters to the authorization grant URL. ([\#18232](element-hq/synapse#18232))
   - Add `total_event_count`, `total_message_count`, and `total_e2ee_event_count` fields to the homeserver usage statistics. ([\#18260](element-hq/synapse#18260))

   # Synapse 1.128.0 (2025-04-08)

   - Add an access token introspection cache to make Matrix Authentication Service integration ([MSC3861](matrix-org/matrix-spec-proposals#3861)) more efficient.
   ([\#18231](element-hq/synapse#18231))
   - Add background job to clear unreferenced state groups. ([\#18254](element-hq/synapse#18254))
   - Hashes of media files are now tracked by Synapse. Media quarantines will now apply to all files with the same hash. ([\#18277](element-hq/synapse#18277),
   [\#18302](element-hq/synapse#18302), [\#18296](element-hq/synapse#18296))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turt2live turt2live turt2live left review comments

@anoadragon453 anoadragon453 anoadragon453 approved these changes

@reivilibre reivilibre reivilibre approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Half-Shot @turt2live @anoadragon453 @reivilibre