config option to allow/disallow federation profile requests
allow_profile_lookup_federation_requests Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry
June
parent
85814e96e3
commit
973fed155e
4 changed files with 30 additions and 1 deletions
|
|
@ -255,6 +255,14 @@ url_preview_check_root_domain = false
|
|||
#well_known_support_email = ""
|
||||
#well_known_support_mxid = ""
|
||||
|
||||
# Config option to allow or disallow incoming federation requests that obtain the profiles
|
||||
# of our local users from `/_matrix/federation/v1/query/profile`
|
||||
#
|
||||
# This is inherently false if `allow_federation` is disabled
|
||||
#
|
||||
# Defaults to true
|
||||
allow_profile_lookup_federation_requests = true
|
||||
|
||||
|
||||
### Misc
|
||||
|
||||
|
|
|
|||
|
|
@ -1425,16 +1425,27 @@ pub async fn get_room_information_route(
|
|||
|
||||
Ok(get_room_information::v1::Response {
|
||||
room_id,
|
||||
servers: vec![services().globals.server_name().to_owned()],
|
||||
servers: vec![services().globals.server_name().to_owned()], // TODO: add more than just us
|
||||
})
|
||||
}
|
||||
|
||||
/// # `GET /_matrix/federation/v1/query/profile`
|
||||
///
|
||||
///
|
||||
/// Gets information on a profile.
|
||||
pub async fn get_profile_information_route(
|
||||
body: Ruma<get_profile_information::v1::Request>,
|
||||
) -> Result<get_profile_information::v1::Response> {
|
||||
if !services()
|
||||
.globals
|
||||
.allow_profile_lookup_federation_requests()
|
||||
{
|
||||
return Err(Error::BadRequest(
|
||||
ErrorKind::forbidden(),
|
||||
"Profile lookup over federation is not allowed on this homeserver.",
|
||||
));
|
||||
}
|
||||
|
||||
if body.user_id.server_name() != services().globals.server_name() {
|
||||
return Err(Error::BadRequest(
|
||||
ErrorKind::InvalidParam,
|
||||
|
|
|
|||
|
|
@ -151,6 +151,8 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub allow_device_name_federation: bool,
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_profile_lookup_federation_requests: bool,
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_room_creation: bool,
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_unstable_room_versions: bool,
|
||||
|
|
@ -525,6 +527,10 @@ impl fmt::Display for Config {
|
|||
("Client typing timeout minimum", &self.typing_client_timeout_min_s.to_string()),
|
||||
("Client typing timeout maxmimum", &self.typing_client_timeout_max_s.to_string()),
|
||||
("Allow device name federation", &self.allow_device_name_federation.to_string()),
|
||||
(
|
||||
"Allow incoming profile lookup federation requests",
|
||||
&self.allow_profile_lookup_federation_requests.to_string(),
|
||||
),
|
||||
("Notification push path", &self.notification_push_path),
|
||||
("Allow room creation", &self.allow_room_creation.to_string()),
|
||||
(
|
||||
|
|
|
|||
|
|
@ -260,6 +260,10 @@ impl Service<'_> {
|
|||
|
||||
pub fn auto_join_rooms(&self) -> &[OwnedRoomId] { &self.config.auto_join_rooms }
|
||||
|
||||
pub fn allow_profile_lookup_federation_requests(&self) -> bool {
|
||||
self.config.allow_profile_lookup_federation_requests
|
||||
}
|
||||
|
||||
pub fn notification_push_path(&self) -> &String { &self.config.notification_push_path }
|
||||
|
||||
pub fn emergency_password(&self) -> &Option<String> { &self.config.emergency_password }
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue