A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Overview

Synapse Domain Rule Checker

A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Installation

From the virtual environment that you use for Synapse, install this module with:

pip install synapse-domain-rule-checker

(If you run into issues, you may need to upgrade pip first, e.g. by running pip install --upgrade pip)

Then alter your homeserver configuration, adding to your modules configuration:

modules:
  - module: synapse_domain_rule_checker.DomainRuleChecker
    config:
      # A mapping describing which servers a server can invite into a room.
      # Default is any server can invite any other server.
      domain_mapping:
        "inviter_domain": [ "invitee_domain_permitted", "other_domain_permitted" ]
        "other_inviter_domain": [ "invitee_domain_permitted" ]

      # Whether an invite should be allowed through if the inviting server doesn't appear
      # in the domain_mapping.
      # Required.
      can_invite_if_not_in_domain_mapping: false

      # Whether a user on this server needs to be invited to be allowed into a room,
      # regardless of the room's settings.
      # Defaults to false.
      can_only_join_rooms_with_invite: false

      # Whether a user on this server can only invite when creating a room.
      # Default is false.
      can_only_invite_during_room_creation: false

      # List of servers that can't be invited to rooms that have been published to the
      # public room directory. This setting only really works in a closed federation in
      # which every server agrees on the list.
      # Defaults to all servers being allowed.
      domains_prevented_from_being_invited_to_published_rooms: []

      # Whether a local user can invite another user using a third-party identifier (e.g.
      # an email address).
      # Defaults to true.
      can_invite_by_third_party_id: true

Note that you need to consider invites between two local users when defining values for domain_mapping and domains_prevented_from_being_invited_to_published_rooms.

Development

In a virtual environment with pip ≥ 21.1, run

pip install -e .[dev]

To run the unit tests, you can either use:

tox -e py

or

trial tests

To run the linters and mypy type checker, use ./scripts-dev/lint.sh.

Releasing

The exact steps for releasing will vary; but this is an approach taken by the Synapse developers (assuming a Unix-like shell):

  1. Set a shell variable to the version you are releasing (this just makes subsequent steps easier):

    version=X.Y.Z
  2. Update setup.cfg so that the version is correct.

  3. Stage the changed files and commit.

    git add -u
    git commit -m v$version -n
  4. Push your changes.

    git push
  5. When ready, create a signed tag for the release:

    git tag -s v$version

    Base the tag message on the changelog.

  6. Push the tag.

    git push origin tag v$version
  7. Create a source distribution and upload it to PyPI:

    python -m build
    twine upload dist/synapse_domain_rule_checker-$version*
You might also like...
Similarity checking of sign languages
Similarity checking of sign languages

Similarity checking of sign languages This repository checks for similarity betw

Heisenbridge a bouncer-style Matrix IRC bridge

Heisenbridge brings IRC to Matrix by creating an environment where every user connects to each network individually like they would with a traditional IRC bouncer

A dot matrix rendered using braille characters.
A dot matrix rendered using braille characters.

⣿ dotmatrix A dot matrix rendered using braille characters. Description This library provides class called Matrix which represents a dot matrix that c

A Python wrapper for Matrix Synapse admin API

Synapse-admin-api-python A Python wrapper for Matrix Synapse admin API. Versioning This library now supports up to Synapse 1.45.0, any Admin API intro

A Github Action for sending messages to a Matrix Room.
A Github Action for sending messages to a Matrix Room.

matrix-commit A Github Action for sending messages to a Matrix Room. Screenshot: Example Usage: # .github/workflows/matrix-commit.yml on: push:

Module for remote in-memory Python package/module loading through HTTP/S

httpimport Python's missing feature! The feature has been suggested in Python Mailing List Remote, in-memory Python package/module importing through H

Transform a Google Drive server into a VFX pipeline ready server
Transform a Google Drive server into a VFX pipeline ready server

Google Drive VFX Server VFX Pipeline About The Project Quick tutorial to setup a Google Drive Server for multiple machines access, and VFX Pipeline on

A new mini-batch framework for optimal transport in deep generative models, deep domain adaptation, approximate Bayesian computation, color transfer, and gradient flow.

BoMb-OT Python3 implementation of the papers On Transportation of Mini-batches: A Hierarchical Approach and Improving Mini-batch Optimal Transport via

Run python scripts and pass data between multiple python and node processes using this npm module

Run python scripts and pass data between multiple python and node processes using this npm module. process-communication has a event based architecture for interacting with python data and errors inside nodejs.

Comments
  • can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation should only check local invites against room creation, or remote invites coming through the federation are also rejected.

    Fix #2 .

    opened by MatMaul 0
  • Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    When setting can_only_invite_during_room_creation: true, users of the homeserver can not be invited, at all (locally or from federation).

    To Reproduce

    1. On homeserver A, set can_only_invite_during_room_creation: true
    2. On homeserver B, set can_only_invite_during_room_creation: false
    3. From userB on homeserver B invite userA on homeserverA.
    4. Invitation fails with error SynapseError: 403 - This user is not permitted to send invites to this server/user

    Expected behavior Invitation from homeserverB is not impacted by setting on homeserverA.

    Z-Time-Tracked 
    opened by guillaumevillemont 0
  • Assume rooms with no state aren't new when processing invites

    Assume rooms with no state aren't new when processing invites

    Currently we assume we always have state for a room we're processing an invite for. This is not always true, e.g. if we're receiving an invite over federation and we're not already in the room.

    This reproduces the behaviour of the module before it got split out of synapse-dinsic, except at that time we considered all invites received over federation as being in a new room.

    I've also sneaked in a quick optimisation to avoid hitting the DB to check if a room is new when we don't actually care about it.

    opened by babolivier 0
Releases(v1.0.1)
Owner
matrix.org
A new basis for open, interoperable, decentralised real-time communication
matrix.org
Custom python interface to xstan (a modified (cmd)stan)

Custom python interface to xstan (a modified (cmd)stan) Use at your own risk, currently everything is very brittle and will probably be changed in the

2 Dec 16, 2021
Developed a website to analyze and generate report of students based on the curriculum that represents student’s academic performance.

Developed a website to analyze and generate report of students based on the curriculum that represents student’s academic performance. We have developed the system such that, it will automatically pa

VIJETA CHAVHAN 3 Nov 08, 2022
Using graph_nets for pion classification and energy regression. Contributions from LLNL and LBNL

nbdev template Use this template to more easily create your nbdev project. If you are using an older version of this template, and want to upgrade to

3 Nov 23, 2022
Choice Coin 633 Dec 23, 2022
⏰ Shutdown Timer is an application that you can shutdown, restart, logoff, and hibernate your computer with a timer.

Shutdown Timer is a an application that you can shutdown, restart, logoff, and hibernate your computer with a timer. After choosing an action from the

Mehmet Güdük 5 Jun 27, 2022
chiarose(XCR) based on chia(XCH) source code fork, open source public chain

chia-rosechain 一个无耻的小活动 | A shameless little event 如果您喜欢这个项目,请点击star 将赠送您520朵玫瑰,可以去 facebook 留下您的(xcr)地址,和github用户名。 If you like this project, please

ddou123 376 Dec 14, 2022
Convert ldapdomaindump to Bloodhound

ldd2bh Usage usage: ldd2bh.py [-h] [-i INPUT_FOLDER] [-o OUTPUT_FOLDER] [-a] [-u] [-c] [-g] [-d] Convert ldapdomaindump to Bloodhoun

64 Oct 30, 2022
Safely pass trusted data to untrusted environments and back.

ItsDangerous ... so better sign this Various helpers to pass data to untrusted environments and to get it back safe and sound. Data is cryptographical

The Pallets Projects 2.6k Jan 01, 2023
A QGIS integration plugin for Kart repositories

QGIS Kart Plugin A plugin to work with Kart repositories Installation The Kart plugin is available in the QGIS Plugins server. To install the latest v

Koordinates 27 Jan 04, 2023
Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links.

Broken Link Finder Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links. Inspired by InitRoot's link

Red Section 10 Sep 11, 2021
Q-Tracker is originally a High School Project created by Admins of Cirus Lab.

Q-Tracker is originally a High School Project created by Admins of Cirus Lab. It's completly coded in python along with mysql.(Tkinter For GUI)

Adithya Krishnan 2 Nov 14, 2022
It's like Forth but in Python

It's like Forth but written in Python. But I don't actually know for sure since I never programmed in Forth, I only heard that it's some sort of stack-based programming language. Porth is also stack-

Tsoding 619 Dec 21, 2022
TinyBar - Tiny MacOS menu bar utility to track price dynamics for assets on TinyMan.org

📃 About A simple MacOS menu bar app to display current coins from most popular Liquidity Pools on TinyMan.org

Al 8 Dec 23, 2022
Kubernetes-native workflow automation platform for complex, mission-critical data and ML processes at scale. It has been battle-tested at Lyft, Spotify, Freenome, and others and is truly open-source.

Flyte Flyte is a workflow automation platform for complex, mission-critical data, and ML processes at scale Home Page · Quick Start · Documentation ·

Flyte 3k Jan 01, 2023
Demo repository for Saltconf21 talk - Testing strategies for Salt states

Saltconf21 testing strategies Demonstration repository for my Saltconf21 talk "Strategies for testing Salt states" Talk recording Slides and demos Get

Barney Sowood 3 Mar 31, 2022
Fonts used to be an install-and-forget thing, but many of are now updated regularly.

Your font manager. Fonts used to be an install-and-forget thing, but many of are now updated regularly. fontman helps you keep track of the fonts you

Nico Schlömer 20 Feb 07, 2022
A Curated Collection of Awesome Python Scripts

A Curated Collection of Awesome Python Scripts that will make you go wow. This repository will help you in getting those green squares. Hop in and enjoy the journey of open source. 🚀

Prathima Kadari 248 Dec 31, 2022
Ramadhan countdown - Simple daily reminder about upcoming Ramadhan

Ramadhan Countdown Bot Simple bot for displaying daily reminder about Islamic pr

Abdurrahman Shofy Adianto 1 Feb 06, 2022
A inspector to be able to view and edit Qt style sheet while an application is running

Qt Style Sheet Inspector An inspector widget to view and modify the style sheet of a Qt app at runtime. Usage In order to use the inspector widget on

ESSS 46 Dec 10, 2022
Write a program that works out whether if a given year is a leap year

Leap Year 💪 This is a Difficult Challenge 💪 Instructions Write a program that works out whether if a given year is a leap year. A normal year has 36

Rodrigo Santos 0 Jun 22, 2022