synapse-invite-checker/synapse_invite_checker/invite_checker.py

import treq
import json
import time
from twisted.internet.defer import inlineCallbacks, returnValue
from synapse.module_api import ModuleApi, errors
from synapse.types import UserID
import logging

logger = logging.getLogger(__name__)

class InviteCheckerConfig:
    def __init__(self, config):
        self.use_allowlist = config.get("use_allowlist", True)
        self.use_blocklist = config.get("use_blocklist", True)
        self.blocklist_allowlist_url = config.get("blocklist_allowlist_url", None)
        self.blocklist_rooms = config.get("blocklist_rooms", [])  # Blocklist for room names

    @staticmethod
    def parse_config(config):
        return InviteCheckerConfig(config)

class InviteChecker:
    def __init__(self, config, api: ModuleApi):
        self.api = api
        self.config = InviteCheckerConfig.parse_config(config)

        self.use_allowlist = self.config.use_allowlist
        self.use_blocklist = self.config.use_blocklist

        self.cache_expiry_time = 60
        self.cache_timestamp = 0
        self.blocklist = set()
        self.allowlist = set()
        self.allow_all_invites_on_error = False

        self.room_id_cache = {}
        self.blocklist_room_ids = set()

        self.api.register_spam_checker_callbacks(user_may_invite=self.user_may_invite)
        logger.info("InviteChecker initialized")

    @inlineCallbacks
    def fetch_json(self, url):
        logger.info(f"Fetching JSON data from: {url}")
        try:
            response = yield treq.get(url)
            if response.code == 200:
                try:
                    content = yield response.content()
                    data = json.loads(content.decode('utf-8'))
                    logger.debug(f"Received JSON data: {data}")
                    returnValue(data)
                except Exception as json_error:
                    logger.error(f"Failed to decode JSON data: {json_error}")
                    returnValue(None)
            else:
                logger.error(f"Failed to fetch JSON data. Status code: {response.code}")
                returnValue(None)
        except Exception as e:
            logger.error(f"Error while fetching JSON: {str(e)}")
            returnValue(None)

    @inlineCallbacks
    def update_blocklist_allowlist(self):
        """Fetch and update the blocklist, allowlist, and blocklisted room IDs from the URLs."""
        logger.info("Updating blocklist, allowlist, and room blocklist")
        
        json_data = yield self.fetch_json(self.config.blocklist_allowlist_url)

        if json_data:
            self.allow_all_invites_on_error = False
            self.use_allowlist = json_data.get('use_allowlist', True)
            self.use_blocklist = json_data.get('use_blocklist', True)
            self.blocklist = set(json_data.get('blocklist', []))
            self.allowlist = set(json_data.get('allowlist', []))
            self.blocklist_room_ids_json = set(json_data.get('blocklist_rooms', []))
            self.blocklist_room_ids  = set()
            for room_entry in self.blocklist_room_ids_json:
                if room_entry.startswith('!'):
                    # If it's a room ID, add it directly to the blocklist
                    logger.info(f"Blocklisting room ID directly: {room_entry}")
                    self.blocklist_room_ids.add(room_entry)
                else:
                    try:
                        # If it's a room alias, resolve it to a room ID
                        room_id = yield self.resolve_room_id(room_entry)
                        if room_id:
                            logger.info(f"Blocklisting room: {room_entry} -> {room_id}")
                            self.blocklist_room_ids.add(room_id)
                        else:
                            logger.error(f"Failed to blocklist room: {room_entry}")
                    except Exception as e:
                        logger.error(f"Failed to blocklist room: {room_entry}. Error: {str(e)}")


    @inlineCallbacks
    def get_blocklist_allowlist(self):
        current_time = time.time()

        if current_time - self.cache_timestamp > self.cache_expiry_time:
            yield self.update_blocklist_allowlist()

        if self.allow_all_invites_on_error:
            logger.info("Skipping allowlist/blocklist checks because of previous JSON fetch failure.")
            returnValue((set(), set(), set()))

        returnValue((self.blocklist, self.allowlist, self.blocklist_room_ids))

    @inlineCallbacks
    def user_may_invite(self, inviter: str, invitee: str, room_id: str):
        logger.info(f"Checking invite from {inviter} to {invitee} for room {room_id}")

        if self.allow_all_invites_on_error:
            logger.info(f"Allowing invite from {inviter} to {invitee} due to previous JSON fetch failure.")
            returnValue("NOT_SPAM")

        blocklist, allowlist, blocklist_room_ids = yield self.get_blocklist_allowlist()
        inviter_domain = UserID.from_string(inviter).domain

        logger.info(f"Blocklist: {blocklist}, Allowlist: {allowlist}, Blocklist Room IDs: {blocklist_room_ids}")

        if room_id in blocklist_room_ids:
            logger.info(f"Invite blocked: room {room_id} is blocklisted")
            returnValue(errors.Codes.FORBIDDEN)

        if self.use_allowlist:
            logger.info(f"Allowlist enabled. Checking domain: {inviter_domain}")
            if inviter_domain in allowlist:
                logger.info(f"Invite allowed: {inviter_domain} is in the allowlist")
                returnValue("NOT_SPAM")

        if self.use_blocklist:
            logger.info(f"Blocklist enabled. Checking domain: {inviter_domain}")
            if inviter_domain in blocklist:
                logger.info(f"Invite blocked: {inviter_domain} is in the blocklist")
                returnValue(errors.Codes.FORBIDDEN)

        if self.use_allowlist and inviter_domain not in allowlist:
            logger.info(f"Invite blocked: {inviter_domain} is not in the allowlist")
            returnValue(errors.Codes.FORBIDDEN)

        logger.info(f"Invite allowed by default: {inviter_domain}")
        returnValue("NOT_SPAM")
initial 2024-09-14 17:12:42 +00:00			`import treq`
small fixes 2024-09-14 18:17:43 +00:00			`import json`
remove dependecies 2024-09-14 18:37:38 +00:00			`import time`
initial 2024-09-14 17:12:42 +00:00			`from twisted.internet.defer import inlineCallbacks, returnValue`
			`from synapse.module_api import ModuleApi, errors`
			`from synapse.types import UserID`
			`import logging`

			`logger = logging.getLogger(__name__)`

			`class InviteCheckerConfig:`
			`def __init__(self, config):`
small fixes 2024-09-14 18:17:43 +00:00			`self.use_allowlist = config.get("use_allowlist", True)`
			`self.use_blocklist = config.get("use_blocklist", True)`
			`self.blocklist_allowlist_url = config.get("blocklist_allowlist_url", None)`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`self.blocklist_rooms = config.get("blocklist_rooms", []) # Blocklist for room names`
initial 2024-09-14 17:12:42 +00:00
			`@staticmethod`
			`def parse_config(config):`
			`return InviteCheckerConfig(config)`

			`class InviteChecker:`
			`def __init__(self, config, api: ModuleApi):`
			`self.api = api`
			`self.config = InviteCheckerConfig.parse_config(config)`

small fixes 2024-09-14 18:17:43 +00:00			`self.use_allowlist = self.config.use_allowlist`
			`self.use_blocklist = self.config.use_blocklist`
initial 2024-09-14 17:12:42 +00:00
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`self.cache_expiry_time = 60`
			`self.cache_timestamp = 0`
small fixes 2024-09-14 18:17:43 +00:00			`self.blocklist = set()`
			`self.allowlist = set()`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`self.allow_all_invites_on_error = False`

			`self.room_id_cache = {}`
			`self.blocklist_room_ids = set()`
initial 2024-09-14 17:12:42 +00:00
			`self.api.register_spam_checker_callbacks(user_may_invite=self.user_may_invite)`
			`logger.info("InviteChecker initialized")`

			`@inlineCallbacks`
			`def fetch_json(self, url):`
small fixes 2024-09-14 18:17:43 +00:00			`logger.info(f"Fetching JSON data from: {url}")`
initial 2024-09-14 17:12:42 +00:00			`try:`
			`response = yield treq.get(url)`
			`if response.code == 200:`
small fixes 2024-09-14 18:17:43 +00:00			`try:`
			`content = yield response.content()`
			`data = json.loads(content.decode('utf-8'))`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`logger.debug(f"Received JSON data: {data}")`
small fixes 2024-09-14 18:17:43 +00:00			`returnValue(data)`
			`except Exception as json_error:`
			`logger.error(f"Failed to decode JSON data: {json_error}")`
			`returnValue(None)`
initial 2024-09-14 17:12:42 +00:00			`else:`
			`logger.error(f"Failed to fetch JSON data. Status code: {response.code}")`
			`returnValue(None)`
			`except Exception as e:`
			`logger.error(f"Error while fetching JSON: {str(e)}")`
			`returnValue(None)`

			`@inlineCallbacks`
small fixes 2024-09-14 18:17:43 +00:00			`def update_blocklist_allowlist(self):`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`"""Fetch and update the blocklist, allowlist, and blocklisted room IDs from the URLs."""`
			`logger.info("Updating blocklist, allowlist, and room blocklist")`
initial 2024-09-14 17:12:42 +00:00
small fixes 2024-09-14 18:17:43 +00:00			`json_data = yield self.fetch_json(self.config.blocklist_allowlist_url)`
initial 2024-09-14 17:12:42 +00:00
			`if json_data:`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`self.allow_all_invites_on_error = False`
small fixes 2024-09-14 18:17:43 +00:00			`self.use_allowlist = json_data.get('use_allowlist', True)`
			`self.use_blocklist = json_data.get('use_blocklist', True)`
			`self.blocklist = set(json_data.get('blocklist', []))`
			`self.allowlist = set(json_data.get('allowlist', []))`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`self.blocklist_room_ids_json = set(json_data.get('blocklist_rooms', []))`
			`self.blocklist_room_ids = set()`
			`for room_entry in self.blocklist_room_ids_json:`
			`if room_entry.startswith('!'):`
			`# If it's a room ID, add it directly to the blocklist`
			`logger.info(f"Blocklisting room ID directly: {room_entry}")`
			`self.blocklist_room_ids.add(room_entry)`
			`else:`
			`try:`
			`# If it's a room alias, resolve it to a room ID`
			`room_id = yield self.resolve_room_id(room_entry)`
			`if room_id:`
			`logger.info(f"Blocklisting room: {room_entry} -> {room_id}")`
			`self.blocklist_room_ids.add(room_id)`
			`else:`
			`logger.error(f"Failed to blocklist room: {room_entry}")`
			`except Exception as e:`
			`logger.error(f"Failed to blocklist room: {room_entry}. Error: {str(e)}")`
initial 2024-09-14 17:12:42 +00:00

			`@inlineCallbacks`
small fixes 2024-09-14 18:17:43 +00:00			`def get_blocklist_allowlist(self):`
remove dependecies 2024-09-14 18:37:38 +00:00			`current_time = time.time()`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00
remove dependecies 2024-09-14 18:37:38 +00:00			`if current_time - self.cache_timestamp > self.cache_expiry_time:`
			`yield self.update_blocklist_allowlist()`

initial 2024-09-14 17:12:42 +00:00			`if self.allow_all_invites_on_error:`
small fixes 2024-09-14 18:17:43 +00:00			`logger.info("Skipping allowlist/blocklist checks because of previous JSON fetch failure.")`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`returnValue((set(), set(), set()))`
initial 2024-09-14 17:12:42 +00:00
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`returnValue((self.blocklist, self.allowlist, self.blocklist_room_ids))`
initial 2024-09-14 17:12:42 +00:00
			`@inlineCallbacks`
			`def user_may_invite(self, inviter: str, invitee: str, room_id: str):`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`logger.info(f"Checking invite from {inviter} to {invitee} for room {room_id}")`
initial 2024-09-14 17:12:42 +00:00
			`if self.allow_all_invites_on_error:`
			`logger.info(f"Allowing invite from {inviter} to {invitee} due to previous JSON fetch failure.")`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`returnValue("NOT_SPAM")`
initial 2024-09-14 17:12:42 +00:00
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`blocklist, allowlist, blocklist_room_ids = yield self.get_blocklist_allowlist()`
initial 2024-09-14 17:12:42 +00:00			`inviter_domain = UserID.from_string(inviter).domain`

support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`logger.info(f"Blocklist: {blocklist}, Allowlist: {allowlist}, Blocklist Room IDs: {blocklist_room_ids}")`

			`if room_id in blocklist_room_ids:`
			`logger.info(f"Invite blocked: room {room_id} is blocklisted")`
			`returnValue(errors.Codes.FORBIDDEN)`

small fixes 2024-09-14 18:17:43 +00:00			`if self.use_allowlist:`
remove dependecies 2024-09-14 18:37:38 +00:00			`logger.info(f"Allowlist enabled. Checking domain: {inviter_domain}")`
small fixes 2024-09-14 18:17:43 +00:00			`if inviter_domain in allowlist:`
			`logger.info(f"Invite allowed: {inviter_domain} is in the allowlist")`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`returnValue("NOT_SPAM")`
small fixes 2024-09-14 18:17:43 +00:00
			`if self.use_blocklist:`
remove dependecies 2024-09-14 18:37:38 +00:00			`logger.info(f"Blocklist enabled. Checking domain: {inviter_domain}")`
small fixes 2024-09-14 18:17:43 +00:00			`if inviter_domain in blocklist:`
			`logger.info(f"Invite blocked: {inviter_domain} is in the blocklist")`
support blocking rooms to be invited to 2024-09-14 19:44:46 +00:00			`returnValue(errors.Codes.FORBIDDEN)`
small fixes 2024-09-14 18:17:43 +00:00
			`if self.use_allowlist and inviter_domain not in allowlist:`
			`logger.info(f"Invite blocked: {inviter_domain} is not in the allowlist")`
initial 2024-09-14 17:12:42 +00:00			`returnValue(errors.Codes.FORBIDDEN)`

			`logger.info(f"Invite allowed by default: {inviter_domain}")`
			`returnValue("NOT_SPAM")`