From e4dc7ea8ac658f66fb6c3fc2c98b7fbb48f6dd5f Mon Sep 17 00:00:00 2001 From: Devin Ragotzy Date: Fri, 29 Jan 2021 14:19:56 -0500 Subject: [PATCH] Prevent admin room from recursively spamming itself and user -> user --- src/client_server/push.rs | 5 ++- src/database/pusher.rs | 86 +++++++++++++++++++++++++-------------- src/database/rooms.rs | 3 +- src/database/sending.rs | 28 +++++++++---- 4 files changed, 81 insertions(+), 41 deletions(-) diff --git a/src/client_server/push.rs b/src/client_server/push.rs index 3a816797..e6488491 100644 --- a/src/client_server/push.rs +++ b/src/client_server/push.rs @@ -94,7 +94,10 @@ pub async fn get_pushrule_route( if let Some(rule) = rule { Ok(get_pushrule::Response { rule }.into()) } else { - Err(Error::BadRequest(ErrorKind::NotFound, "Push rule not found.").into()) + Err(Error::BadRequest( + ErrorKind::NotFound, + "Push rule not found.", + )) } } diff --git a/src/database/pusher.rs b/src/database/pusher.rs index a1a6130f..c4f5801e 100644 --- a/src/database/pusher.rs +++ b/src/database/pusher.rs @@ -182,7 +182,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.invite_for_me" => { @@ -201,7 +202,9 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()) + .await?; + break; } } } @@ -231,7 +234,9 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()) + .await?; + break; } } } @@ -255,7 +260,9 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()) + .await?; + break; } } } @@ -270,7 +277,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.roomnotif" => { @@ -307,7 +315,9 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()) + .await?; + break; } } } @@ -331,7 +341,9 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()) + .await?; + break; } } } @@ -346,7 +358,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.encrypted_room_one_to_one" => { @@ -361,7 +374,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.room_one_to_one" => { @@ -376,7 +390,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.message" => { @@ -389,7 +404,8 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } ".m.rule.encrypted" => { @@ -402,12 +418,14 @@ pub async fn send_push_notice( _ => None, }) .collect::>(); - send_notice(unread, pushers, tweaks, pdu, db).await?; + send_notice(unread, pushers, tweaks, pdu, db, rule.rule_id.as_str()).await?; + break; } } _ => {} } } + Ok(()) } @@ -417,6 +435,7 @@ async fn send_notice( tweaks: Vec, event: &PduEvent, db: &Database, + name: &str, ) -> Result<()> { let (http, _emails): (Vec<&Pusher>, _) = pushers .iter() @@ -436,10 +455,15 @@ async fn send_notice( }; let mut device = Device::new(pusher.app_id.clone(), pusher.pushkey.clone()); - device.data = Some(pusher.data.clone()); - - // this is not done if "event_id_only" is the format - device.tweaks = tweaks.clone(); + let mut data_minus_url = pusher.data.clone(); + // The url must be stripped off according to spec + data_minus_url.url = None; + device.data = Some(data_minus_url); + + // Tweaks are only added if the format is NOT event_id_only + if !event_id_only { + device.tweaks = tweaks.clone(); + } let d = &[device]; let mut notifi = Notification::new(d); @@ -459,12 +483,13 @@ async fn send_notice( } if event_id_only { - // send_request( - // &db.globals, - // &url, - // send_event_notification::v1::Request::new(notifi), - // ) - // .await?; + error!("SEND PUSH NOTICE `{}`", name); + // send_request( + // &db.globals, + // &url, + // send_event_notification::v1::Request::new(notifi), + // ) + // .await?; } else { notifi.sender = Some(&event.sender); notifi.event_type = Some(&event.kind); @@ -474,8 +499,8 @@ async fn send_notice( notifi.user_is_target = event.state_key.as_deref() == Some(event.sender.as_str()); } - let name = db.users.displayname(&event.sender)?; - notifi.sender_display_name = name.as_deref(); + let user_name = db.users.displayname(&event.sender)?; + notifi.sender_display_name = user_name.as_deref(); let room_name = db .rooms .room_state_get(&event.room_id, &EventType::RoomName, "")? @@ -486,12 +511,13 @@ async fn send_notice( .flatten(); notifi.room_name = room_name.as_deref(); - send_request( - &db.globals, - &url, - send_event_notification::v1::Request::new(notifi), - ) - .await?; + error!("SEND PUSH NOTICE Full `{}`", name); + // send_request( + // &db.globals, + // &url, + // send_event_notification::v1::Request::new(notifi), + // ) + // .await?; } } diff --git a/src/database/rooms.rs b/src/database/rooms.rs index 19554f6d..ac7d27d8 100644 --- a/src/database/rooms.rs +++ b/src/database/rooms.rs @@ -27,10 +27,9 @@ use std::{ convert::{TryFrom, TryInto}, mem, sync::Arc, - time::Duration, }; -use super::{admin::AdminCommand, sending::Sending}; +use super::admin::AdminCommand; /// The unique identifier of each state group. /// diff --git a/src/database/sending.rs b/src/database/sending.rs index 48e427e7..ce81e8c5 100644 --- a/src/database/sending.rs +++ b/src/database/sending.rs @@ -364,17 +364,33 @@ impl Sending { .filter_map(|r| r.ok()) .collect::>(); - dbg!(&pdus); - for pdu in &pdus { // Redacted events are not notification targets (we don't send push for them) if pdu.unsigned.get("redacted_because").is_some() { continue; } - for user in db.rooms.room_members(&pdu.room_id) { - dbg!(&user); + // Skip events that came from the admin room + if db + .rooms + .room_aliases(&pdu.room_id) + .any(|alias| match alias { + Ok(a) => a.as_str().starts_with("#admins:"), + _ => false, + }) + || pdu.sender.as_str().starts_with("@conduit:") + { + continue; + } + + for user in db.rooms.room_members(&pdu.room_id) { let user = user.map_err(|e| (OutgoingKind::Push(id.clone()), e))?; + + // Don't notify the user of their own events + if user == pdu.sender { + continue; + } + let pushers = db .pusher .get_pusher(&user) @@ -410,10 +426,6 @@ impl Sending { uint!(0) }; - dbg!(&pushers); - - // dbg!(&rules_for_user); - crate::database::pusher::send_push_notice( &user, unread,