kaslo/synapse
1
0
Fork 0
Code Packages Releases 124 Wiki Activity
Files
matrix-org-hotfixes
synapse/tests/storage/test_invite_rule.py
Richard van der Hoff c928347779 Implement MSC4380: Invite blocking (#19203) 
MSC4380 aims to be a simplified implementation of MSC4155; the hope is
that we can get it specced and rolled out rapidly, so that we can
resolve the fact that `matrix.org` has enabled MSC4155.

The implementation leans heavily on what's already there for MSC4155.

It has its own `experimental_features` flag. If both MSC4155 and MSC4380
are enabled, and a user has both configurations set, then we prioritise
the MSC4380 one.

Contributed wearing my 🎩 Spec Core Team hat.
2025-11-26 16:12:14 +00:00

172 lines
6.5 KiB
Python
Raw Permalink Blame History

from synapse.storage.invite_rule import (
AllowAllInviteRulesConfig,
InviteRule,
MSC4155InviteRulesConfig,
)
from synapse.types import UserID
from tests import unittest
regular_user = UserID.from_string("@test:example.org")
allowed_user = UserID.from_string("@allowed:allow.example.org")
blocked_user = UserID.from_string("@blocked:block.example.org")
ignored_user = UserID.from_string("@ignored:ignore.example.org")
class InviteFilterTestCase(unittest.TestCase):
def test_allow_all(self) -> None:
"""Permit by default"""
config = AllowAllInviteRulesConfig()
self.assertEqual(
config.get_invite_rule(regular_user.to_string()), InviteRule.ALLOW
)
def test_ignore_invalid(self) -> None:
"""Invalid strings are ignored"""
config = MSC4155InviteRulesConfig({"blocked_users": ["not a user"]})
self.assertEqual(
config.get_invite_rule(blocked_user.to_string()), InviteRule.ALLOW
)
def test_user_blocked(self) -> None:
"""Permit all, except explicitly blocked users"""
config = MSC4155InviteRulesConfig({"blocked_users": [blocked_user.to_string()]})
self.assertEqual(
config.get_invite_rule(blocked_user.to_string()), InviteRule.BLOCK
)
self.assertEqual(
config.get_invite_rule(regular_user.to_string()), InviteRule.ALLOW
)
def test_user_ignored(self) -> None:
"""Permit all, except explicitly ignored users"""
config = MSC4155InviteRulesConfig({"ignored_users": [ignored_user.to_string()]})
self.assertEqual(
config.get_invite_rule(ignored_user.to_string()), InviteRule.IGNORE
)
self.assertEqual(
config.get_invite_rule(regular_user.to_string()), InviteRule.ALLOW
)
def test_user_precedence(self) -> None:
"""Always take allowed over ignored, ignored over blocked, and then block."""
config = MSC4155InviteRulesConfig(
{
"allowed_users": [allowed_user.to_string()],
"ignored_users": [allowed_user.to_string(), ignored_user.to_string()],
"blocked_users": [
allowed_user.to_string(),
ignored_user.to_string(),
blocked_user.to_string(),
],
}
)
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.ALLOW
)
self.assertEqual(
config.get_invite_rule(ignored_user.to_string()), InviteRule.IGNORE
)
self.assertEqual(
config.get_invite_rule(blocked_user.to_string()), InviteRule.BLOCK
)
def test_server_blocked(self) -> None:
"""Block all users on the server except those allowed."""
user_on_same_server = UserID("blocked", allowed_user.domain)
config = MSC4155InviteRulesConfig(
{
"allowed_users": [allowed_user.to_string()],
"blocked_servers": [allowed_user.domain],
}
)
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.ALLOW
)
self.assertEqual(
config.get_invite_rule(user_on_same_server.to_string()), InviteRule.BLOCK
)
def test_server_ignored(self) -> None:
"""Ignore all users on the server except those allowed."""
user_on_same_server = UserID("ignored", allowed_user.domain)
config = MSC4155InviteRulesConfig(
{
"allowed_users": [allowed_user.to_string()],
"ignored_servers": [allowed_user.domain],
}
)
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.ALLOW
)
self.assertEqual(
config.get_invite_rule(user_on_same_server.to_string()), InviteRule.IGNORE
)
def test_server_allow(self) -> None:
"""Allow all from a server except explictly blocked or ignored users."""
blocked_user_on_same_server = UserID("blocked", allowed_user.domain)
ignored_user_on_same_server = UserID("ignored", allowed_user.domain)
allowed_user_on_same_server = UserID("another", allowed_user.domain)
config = MSC4155InviteRulesConfig(
{
"ignored_users": [ignored_user_on_same_server.to_string()],
"blocked_users": [blocked_user_on_same_server.to_string()],
"allowed_servers": [allowed_user.to_string()],
}
)
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.ALLOW
)
self.assertEqual(
config.get_invite_rule(allowed_user_on_same_server.to_string()),
InviteRule.ALLOW,
)
self.assertEqual(
config.get_invite_rule(blocked_user_on_same_server.to_string()),
InviteRule.BLOCK,
)
self.assertEqual(
config.get_invite_rule(ignored_user_on_same_server.to_string()),
InviteRule.IGNORE,
)
def test_server_precedence(self) -> None:
"""Always take allowed over ignored, ignored over blocked, and then block."""
config = MSC4155InviteRulesConfig(
{
"allowed_servers": [allowed_user.domain],
"ignored_servers": [allowed_user.domain, ignored_user.domain],
"blocked_servers": [
allowed_user.domain,
ignored_user.domain,
blocked_user.domain,
],
}
)
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.ALLOW
)
self.assertEqual(
config.get_invite_rule(ignored_user.to_string()), InviteRule.IGNORE
)
self.assertEqual(
config.get_invite_rule(blocked_user.to_string()), InviteRule.BLOCK
)
def test_server_glob(self) -> None:
"""Test that glob patterns match"""
config = MSC4155InviteRulesConfig({"blocked_servers": ["*.example.org"]})
self.assertEqual(
config.get_invite_rule(allowed_user.to_string()), InviteRule.BLOCK
)
self.assertEqual(
config.get_invite_rule(ignored_user.to_string()), InviteRule.BLOCK
)
self.assertEqual(
config.get_invite_rule(blocked_user.to_string()), InviteRule.BLOCK
)
self.assertEqual(
config.get_invite_rule(regular_user.to_string()), InviteRule.ALLOW
)
View Git Blame Copy Permalink