A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Overview

Synapse Domain Rule Checker

A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Installation

From the virtual environment that you use for Synapse, install this module with:

pip install synapse-domain-rule-checker

(If you run into issues, you may need to upgrade pip first, e.g. by running pip install --upgrade pip)

Then alter your homeserver configuration, adding to your modules configuration:

modules:
  - module: synapse_domain_rule_checker.DomainRuleChecker
    config:
      # A mapping describing which servers a server can invite into a room.
      # Default is any server can invite any other server.
      domain_mapping:
        "inviter_domain": [ "invitee_domain_permitted", "other_domain_permitted" ]
        "other_inviter_domain": [ "invitee_domain_permitted" ]

      # Whether an invite should be allowed through if the inviting server doesn't appear
      # in the domain_mapping.
      # Required.
      can_invite_if_not_in_domain_mapping: false

      # Whether a user on this server needs to be invited to be allowed into a room,
      # regardless of the room's settings.
      # Defaults to false.
      can_only_join_rooms_with_invite: false

      # Whether a user on this server can only invite when creating a room.
      # Default is false.
      can_only_invite_during_room_creation: false

      # List of servers that can't be invited to rooms that have been published to the
      # public room directory. This setting only really works in a closed federation in
      # which every server agrees on the list.
      # Defaults to all servers being allowed.
      domains_prevented_from_being_invited_to_published_rooms: []

      # Whether a local user can invite another user using a third-party identifier (e.g.
      # an email address).
      # Defaults to true.
      can_invite_by_third_party_id: true

Note that you need to consider invites between two local users when defining values for domain_mapping and domains_prevented_from_being_invited_to_published_rooms.

Development

In a virtual environment with pip ≥ 21.1, run

pip install -e .[dev]

To run the unit tests, you can either use:

tox -e py

or

trial tests

To run the linters and mypy type checker, use ./scripts-dev/lint.sh.

Releasing

The exact steps for releasing will vary; but this is an approach taken by the Synapse developers (assuming a Unix-like shell):

  1. Set a shell variable to the version you are releasing (this just makes subsequent steps easier):

    version=X.Y.Z
  2. Update setup.cfg so that the version is correct.

  3. Stage the changed files and commit.

    git add -u
    git commit -m v$version -n
  4. Push your changes.

    git push
  5. When ready, create a signed tag for the release:

    git tag -s v$version

    Base the tag message on the changelog.

  6. Push the tag.

    git push origin tag v$version
  7. Create a source distribution and upload it to PyPI:

    python -m build
    twine upload dist/synapse_domain_rule_checker-$version*
You might also like...
Similarity checking of sign languages
Similarity checking of sign languages

Similarity checking of sign languages This repository checks for similarity betw

Heisenbridge a bouncer-style Matrix IRC bridge

Heisenbridge brings IRC to Matrix by creating an environment where every user connects to each network individually like they would with a traditional IRC bouncer

A dot matrix rendered using braille characters.
A dot matrix rendered using braille characters.

⣿ dotmatrix A dot matrix rendered using braille characters. Description This library provides class called Matrix which represents a dot matrix that c

A Python wrapper for Matrix Synapse admin API

Synapse-admin-api-python A Python wrapper for Matrix Synapse admin API. Versioning This library now supports up to Synapse 1.45.0, any Admin API intro

A Github Action for sending messages to a Matrix Room.
A Github Action for sending messages to a Matrix Room.

matrix-commit A Github Action for sending messages to a Matrix Room. Screenshot: Example Usage: # .github/workflows/matrix-commit.yml on: push:

Module for remote in-memory Python package/module loading through HTTP/S

httpimport Python's missing feature! The feature has been suggested in Python Mailing List Remote, in-memory Python package/module importing through H

Transform a Google Drive server into a VFX pipeline ready server
Transform a Google Drive server into a VFX pipeline ready server

Google Drive VFX Server VFX Pipeline About The Project Quick tutorial to setup a Google Drive Server for multiple machines access, and VFX Pipeline on

A new mini-batch framework for optimal transport in deep generative models, deep domain adaptation, approximate Bayesian computation, color transfer, and gradient flow.

BoMb-OT Python3 implementation of the papers On Transportation of Mini-batches: A Hierarchical Approach and Improving Mini-batch Optimal Transport via

Run python scripts and pass data between multiple python and node processes using this npm module

Run python scripts and pass data between multiple python and node processes using this npm module. process-communication has a event based architecture for interacting with python data and errors inside nodejs.

Comments
  • can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation should only check local invites against room creation, or remote invites coming through the federation are also rejected.

    Fix #2 .

    opened by MatMaul 0
  • Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    When setting can_only_invite_during_room_creation: true, users of the homeserver can not be invited, at all (locally or from federation).

    To Reproduce

    1. On homeserver A, set can_only_invite_during_room_creation: true
    2. On homeserver B, set can_only_invite_during_room_creation: false
    3. From userB on homeserver B invite userA on homeserverA.
    4. Invitation fails with error SynapseError: 403 - This user is not permitted to send invites to this server/user

    Expected behavior Invitation from homeserverB is not impacted by setting on homeserverA.

    Z-Time-Tracked 
    opened by guillaumevillemont 0
  • Assume rooms with no state aren't new when processing invites

    Assume rooms with no state aren't new when processing invites

    Currently we assume we always have state for a room we're processing an invite for. This is not always true, e.g. if we're receiving an invite over federation and we're not already in the room.

    This reproduces the behaviour of the module before it got split out of synapse-dinsic, except at that time we considered all invites received over federation as being in a new room.

    I've also sneaked in a quick optimisation to avoid hitting the DB to check if a room is new when we don't actually care about it.

    opened by babolivier 0
Releases(v1.0.1)
Owner
matrix.org
A new basis for open, interoperable, decentralised real-time communication
matrix.org
Data derived from the OpenType specification

This package currently provides the opentypespec.tags module, which exports FEATURE_TAGS, SCRIPT_TAGS, LANGUAGE_TAGS and BASELINE_TAGS dictionaries, representing data from the Layout Tag Registry

Simon Cozens 4 Dec 01, 2022
News-app - This is a news web app for reading news from different sources and topics

News-app - This is a news web app for reading news from different sources and topics

1 Feb 02, 2022
A python package that computes an optimal motion plan for approaching a red light

redlight_approach redlight_approach is a Python package that computes an optimal motion plan during traffic light approach. RLA_demo.mov Given the par

Jonathan Roy 4 Oct 27, 2022
Animation picker for Audodesk Maya 2017 (or higher)

Dreamwall Picker Animation picker for Audodesk Maya 2017 (or higher) Authors: Lionel Brouyère, Olivier Evers This tool is a fork of Hotbox Designer (L

DreamWall 93 Dec 21, 2022
Minos-python - A framework which helps you create reactive microservices in Python

minos-python Summary [TODO] Packages minos-microservice-aggregate minos-microser

Minos Framework 380 Jan 04, 2023
NExT-Ford-aula4 - NExT Ford aula4

Questão 1: vocês deveram fazer o passo a passo de como ficará as pilhas(Stack) e

Gerson 1 Jan 06, 2022
Grammar of Scalable Linked Interactive Nucleotide Graphics

Gosling.js Gosling.js is a declarative grammar for interactive (epi)genomics visualization on the Web. ⚠️ Please be aware that the grammar of Gosling.

Gosling 126 Nov 29, 2022
A collection of resources on neural rendering.

awesome neural rendering A collection of resources on neural rendering. Contributing If you think I have missed out on something (or) have any suggest

1.8k Dec 30, 2022
Run Python code right in your Telegram messages

Run Python code right in your Telegram messages Made with Telethon library, TGPy is a tool for evaluating expressions and Telegram API scripts. Instal

29 Nov 22, 2022
Code repo for the book "Feature Engineering for Machine Learning," by Alice Zheng and Amanda Casari, O'Reilly 2018

feature-engineering-book This repo accompanies "Feature Engineering for Machine Learning," by Alice Zheng and Amanda Casari. O'Reilly, 2018. The repo

Alice Zheng 1.3k Dec 30, 2022
A casual IDOR exploiter that provides .csv files of url and status code.

IDOR-for-the-casual Do you like to IDOR? Are you a Windows hax0r? Well have I got a tool for you... A casual IDOR exploiter that provides .csv files o

Ben Wildee 2 Jan 20, 2022
Exploiting Linksys WRT54G using a vulnerability I found.

Exploiting Linksys WRT54G Exploit # Install the requirements. pip install -r requirements.txt ROUTER_HOST=192.169.1.1 ROUTER_USERNAME=admin ROUTER_P

Elon Gliksberg 31 May 29, 2022
Automates the fixing of problems reported by yamllint by parsing its output

yamlfixer yamlfixer automates the fixing of problems reported by yamllint by parsing its output. Usage This software automatically fixes some errors a

OPT Nouvelle Caledonie 26 Dec 26, 2022
A pypi package details search python module

A pypi package details search python module

Fayas Noushad 5 Nov 30, 2021
Virtual webcam that takes real webcam footage and replaces the background in order to have Virtual Backgrounds in MS Teams for Linux where the feature is unimplemented.

Background Remover The Need It's been good long while since Microsoft first released a Teams version for Linux and yet, one of Teams' coolest features

Dylan Turner 80 Dec 20, 2022
A minimal configuration for a dockerized kafka project.

Docker Kafka Quickstart A minimal configuration for a dockerized kafka project. Usage: Run this command to build kafka and zookeeper containers, and c

Nouamane Tazi 5 Jan 12, 2022
Allow you to create you own custom decentralize job management system.

ants Allow you to create you own custom decentralize job management system. Install $ git clone https://github.com/hvuhsg/ants.git Run monitor exampl

1 Feb 15, 2022
A web-based analysis toolkit for the System Usability Scale providing calculation, plotting, interpretation and contextualization utility

System Usability Scale Analysis Toolkit The System Usability Scale (SUS) Analysis Toolkit is a web-based python application that provides a compilatio

Jonas Blattgerste 3 Oct 27, 2022
The best free and open-source automated time tracker. Cross-platform, extensible, privacy-focused.

Records what you do so that you can know how you've spent your time. All in a secure way where you control the data. Website — Forum — Documentation —

ActivityWatch 7.8k Jan 09, 2023
Create N Share is a No Code solution which gives users the ability to create any type of feature rich survey forms with ease.

create n share Note : The Project Scaffold will be pushed soon. Create N Share is a No Code solution which gives users the ability to create any type

Chiraag Kakar 11 Dec 03, 2022