A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Related tags

Miscellaneoussynapse-domain-rule-checker
Overview

Synapse Domain Rule Checker

A module to prevent invites and joins to Matrix rooms by checking the involved server(s)' domain.

Installation

From the virtual environment that you use for Synapse, install this module with:

pip install synapse-domain-rule-checker

(If you run into issues, you may need to upgrade pip first, e.g. by running pip install --upgrade pip)

Then alter your homeserver configuration, adding to your modules configuration:

modules:
  - module: synapse_domain_rule_checker.DomainRuleChecker
    config:
      # A mapping describing which servers a server can invite into a room.
      # Default is any server can invite any other server.
      domain_mapping:
        "inviter_domain": [ "invitee_domain_permitted", "other_domain_permitted" ]
        "other_inviter_domain": [ "invitee_domain_permitted" ]

      # Whether an invite should be allowed through if the inviting server doesn't appear
      # in the domain_mapping.
      # Required.
      can_invite_if_not_in_domain_mapping: false

      # Whether a user on this server needs to be invited to be allowed into a room,
      # regardless of the room's settings.
      # Defaults to false.
      can_only_join_rooms_with_invite: false

      # Whether a user on this server can only invite when creating a room.
      # Default is false.
      can_only_invite_during_room_creation: false

      # List of servers that can't be invited to rooms that have been published to the
      # public room directory. This setting only really works in a closed federation in
      # which every server agrees on the list.
      # Defaults to all servers being allowed.
      domains_prevented_from_being_invited_to_published_rooms: []

      # Whether a local user can invite another user using a third-party identifier (e.g.
      # an email address).
      # Defaults to true.
      can_invite_by_third_party_id: true

Note that you need to consider invites between two local users when defining values for domain_mapping and domains_prevented_from_being_invited_to_published_rooms.

Development

In a virtual environment with pip ≥ 21.1, run

pip install -e .[dev]

To run the unit tests, you can either use:

tox -e py

or

trial tests

To run the linters and mypy type checker, use ./scripts-dev/lint.sh.

Releasing

The exact steps for releasing will vary; but this is an approach taken by the Synapse developers (assuming a Unix-like shell):

  1. Set a shell variable to the version you are releasing (this just makes subsequent steps easier):

    version=X.Y.Z

  2. Update setup.cfg so that the version is correct.

  3. Stage the changed files and commit.

    git add -u
git commit -m v$version -n

  4. Push your changes.

    git push

  5. When ready, create a signed tag for the release:

    git tag -s v$version

    Base the tag message on the changelog.

  6. Push the tag.

    git push origin tag v$version

  7. Create a source distribution and upload it to PyPI:

    python -m build
twine upload dist/synapse_domain_rule_checker-$version*
You might also like...
Similarity checking of sign languages
Similarity checking of sign languages

Similarity checking of sign languages This repository checks for similarity betw

Tonni Das Jui 1 May 13, 2022
Heisenbridge a bouncer-style Matrix IRC bridge

Heisenbridge brings IRC to Matrix by creating an environment where every user connects to each network individually like they would with a traditional IRC bouncer

Toni Spets 152 Dec 28, 2022
A dot matrix rendered using braille characters.
A dot matrix rendered using braille characters.

⣿ dotmatrix A dot matrix rendered using braille characters. Description This library provides class called Matrix which represents a dot matrix that c

Tim Fischer 25 Dec 12, 2022
A Python wrapper for Matrix Synapse admin API

Synapse-admin-api-python A Python wrapper for Matrix Synapse admin API. Versioning This library now supports up to Synapse 1.45.0, any Admin API intro

Knugi 9 Sep 28, 2022
A Github Action for sending messages to a Matrix Room.
A Github Action for sending messages to a Matrix Room.

matrix-commit A Github Action for sending messages to a Matrix Room. Screenshot: Example Usage: # .github/workflows/matrix-commit.yml on: push:

null 3 Sep 11, 2022
Module for remote in-memory Python package/module loading through HTTP/S

httpimport Python's missing feature! The feature has been suggested in Python Mailing List Remote, in-memory Python package/module importing through H

John Torakis 220 Dec 17, 2022
Transform a Google Drive server into a VFX pipeline ready server
Transform a Google Drive server into a VFX pipeline ready server

Google Drive VFX Server VFX Pipeline About The Project Quick tutorial to setup a Google Drive Server for multiple machines access, and VFX Pipeline on

Valentin Beaumont 17 Jun 27, 2022
A new mini-batch framework for optimal transport in deep generative models, deep domain adaptation, approximate Bayesian computation, color transfer, and gradient flow.

BoMb-OT Python3 implementation of the papers On Transportation of Mini-batches: A Hierarchical Approach and Improving Mini-batch Optimal Transport via

Khai Ba Nguyen 18 Nov 14, 2022
Run python scripts and pass data between multiple python and node processes using this npm module

Run python scripts and pass data between multiple python and node processes using this npm module. process-communication has a event based architecture for interacting with python data and errors inside nodejs.

Tyler Laceby 2 Aug 6, 2021
Comments
  • can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation: only apply to local invites

    can_only_invite_during_room_creation should only check local invites against room creation, or remote invites coming through the federation are also rejected.

    Fix #2 .

    opened by MatMaul 0
  • Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    Unable to invite users from homeserver with `can_only_invite_during_room_creation` at True

    When setting can_only_invite_during_room_creation: true, users of the homeserver can not be invited, at all (locally or from federation).

    To Reproduce

    1. On homeserver A, set can_only_invite_during_room_creation: true
    2. On homeserver B, set can_only_invite_during_room_creation: false
    3. From userB on homeserver B invite userA on homeserverA.
    4. Invitation fails with error SynapseError: 403 - This user is not permitted to send invites to this server/user

    Expected behavior Invitation from homeserverB is not impacted by setting on homeserverA.

    Z-Time-Tracked 
    opened by guillaumevillemont 0
  • Assume rooms with no state aren't new when processing invites

    Assume rooms with no state aren't new when processing invites

    Currently we assume we always have state for a room we're processing an invite for. This is not always true, e.g. if we're receiving an invite over federation and we're not already in the room.

    This reproduces the behaviour of the module before it got split out of synapse-dinsic, except at that time we considered all invites received over federation as being in a new room.

    I've also sneaked in a quick optimisation to avoid hitting the DB to check if a room is new when we don't actually care about it.

    opened by babolivier 0
Releases(v1.0.1)
Owner
matrix.org
A new basis for open, interoperable, decentralised real-time communication
matrix.org
GitHub Repository
Compress .dds file in ggpk to boost fps. This is a python rewrite of PoeTexureResizer.

PoeBooster Compress .dds file in ggpk to boost fps. This is a python rewrite of PoeTexureResizer. Setup Install ImageMagick-7.1.0. Download and unzip

3 Sep 30, 2022
Simple Python Gemini browser with nice formatting

gg I wasn't satisfied with any of the other available Gemini clients, so I wrote my own. Requires Python 3.9 (maybe older, I haven't checked) and opti

Sarah Taube 2 Nov 21, 2021
Hasklig - a code font with monospaced ligatures

Hasklig – Ligatures for code Programming languages are limited to relatively few characters. As a result, combined character operators surfaced quite

Ian Tuomi 5.3k Jan 03, 2023
simple password manager.

simple password manager.

1 Nov 18, 2021
Automated, progress quest-inspired procedural adventuring

Tales of an Endless Journey (TEJ) Automated, progress quest-inspired procedural adventuring What is this project? Journey is the result of many, many

8 Dec 14, 2021
A Blender addon to enable reloading linked libraries from UI.

library_reload_linked_libraries A Blender addon to enable reloading linked libraries from UI.

3 Nov 27, 2022
Force you (or your user) annotate Python function type hints.

Must-typing Force you (or your user) annotate function type hints. Notice: It's more like a joke, use it carefully. If you call must_typing in your mo

Konge 13 Feb 19, 2022
Async-first dependency injection library based on python type hints

Dependency Depression Async-first dependency injection library based on python type hints Quickstart First let's create a class we would be injecting:

Doctor 8 Oct 10, 2022
Scalene: a high-performance, high-precision CPU, GPU, and memory profiler for Python

Scalene: a high-performance CPU, GPU and memory profiler for Python by Emery Berger, Sam Stern, and Juan Altmayer Pizzorno. Scalene community Slack Ab

PLASMA @ UMass 7k Dec 30, 2022
Defichain maxi - Scripts to optimize performance on defichain rewards

defichain_maxi This script is made to optimize your defichain vault rewards by m

kuegi 75 Dec 31, 2022
Lookup for interesting stuff in SMB shares

SMBSR - what is that? Well, SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among t

Vincenzo 112 Dec 15, 2022
An extremely configurable markdown reverser for Python3.

🔄 Unmarkd A markdown reverser. Unmarkd is a BeautifulSoup-powered Markdown reverser written in Python and for Python. Why This is created as a StackS

ThatXliner 5 Jun 27, 2022
Fuzz introspector for python

Fuzz introspector High-level goals: Show fuzzing-relevant data about each function in a given project Show reachability of fuzzer(s) Integrate seamles

14 Mar 25, 2022
JurjenLang, an interpreted programming language

JurjenLang An interpreted programming language Getting started Follow these three steps on your computer to get started git clone https://github.com/J

JVerbruggen 5 May 03, 2022
PythonCalculator - A simple Calculator made in python using tkinter for GUI

PythonCalculator A simple Calculator made in python using tkinter for GUI. For P

ʀᴇxɪɴᴀᴢᴏʀ 1 Jan 01, 2022
A wrapper script to make working with ADB (Android Debug Bridge) easier

Python-ADB-Wrapper A wrapper script to make working with ADB (Android Debug Bridge) easier This project was just a simple test to see if I could wrap

18iteration 1 Nov 25, 2021
An integrated library for checking email if it is registered on social media

An integrated library for checking email if it is registered on social media

Sidra ELEzz 13 Dec 08, 2022
Run the Tianxunet software on the Xiaoyao Android simulator

Run the Tianxunet software on the Xiaoyao Android simulator, and automatically fill in the answers of English listening on the premise of having answers

1 Feb 13, 2022
Official repository for the BPF Performance Tools book

BPF Performance Tools This is the official repository of BPF (eBPF) tools from the book BPF Performance Tools: Linux and Application Observability. Th

Brendan Gregg 1.2k Dec 28, 2022
Projeto job insights - Projeto avaliativo da Trybe do Bloco 32: Introdução à Python

Termos e acordos Ao iniciar este projeto, você concorda com as diretrizes do Código de Ética e Conduta e do Manual da Pessoa Estudante da Trybe. Boas

Lucas Muffato 1 Dec 09, 2021