mirror of
https://github.com/girlbossceo/conduwuit.git
synced 2024-11-27 02:45:27 +00:00
options to control public room directory visibility
Signed-off-by: girlbossceo <june@girlboss.ceo>
This commit is contained in:
parent
76c00283de
commit
81e8df3102
|
@ -55,3 +55,12 @@ trusted_servers = ["matrix.org"]
|
|||
|
||||
address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
|
||||
#address = "0.0.0.0" # If Conduit is running in a container, make sure the reverse proxy (ie. Traefik) can reach it.
|
||||
|
||||
# Set this to true to allow your server's public room directory to be federated.
|
||||
# Set this to false to protect against /publicRooms spiders, but will forbid external users from viewing your server's public room directory.
|
||||
# If federation is disabled entirely (`allow_federation`), this is inherently false.
|
||||
allow_public_room_directory_over_federation = false
|
||||
|
||||
# Set this to true to allow your server's public room directory to be queried without client authentication (access token) through the Client APIs.
|
||||
# Set this to false to protect against /publicRooms spiders.
|
||||
allow_public_room_directory_without_auth = false
|
|
@ -36,6 +36,17 @@ use tracing::{error, info, warn};
|
|||
pub async fn get_public_rooms_filtered_route(
|
||||
body: Ruma<get_public_rooms_filtered::v3::Request>,
|
||||
) -> Result<get_public_rooms_filtered::v3::Response> {
|
||||
if !services()
|
||||
.globals
|
||||
.config
|
||||
.allow_public_room_directory_without_auth
|
||||
{
|
||||
let _sender_user = body
|
||||
.sender_user
|
||||
.as_ref()
|
||||
.ok_or_else(|| Error::BadRequest(ErrorKind::MissingToken, "Missing access token."))?;
|
||||
}
|
||||
|
||||
get_public_rooms_filtered_helper(
|
||||
body.server.as_deref(),
|
||||
body.limit,
|
||||
|
@ -54,6 +65,17 @@ pub async fn get_public_rooms_filtered_route(
|
|||
pub async fn get_public_rooms_route(
|
||||
body: Ruma<get_public_rooms::v3::Request>,
|
||||
) -> Result<get_public_rooms::v3::Response> {
|
||||
if !services()
|
||||
.globals
|
||||
.config
|
||||
.allow_public_room_directory_without_auth
|
||||
{
|
||||
let _sender_user = body
|
||||
.sender_user
|
||||
.as_ref()
|
||||
.ok_or_else(|| Error::BadRequest(ErrorKind::MissingToken, "Missing access token."))?;
|
||||
}
|
||||
|
||||
let response = get_public_rooms_filtered_helper(
|
||||
body.server.as_deref(),
|
||||
body.limit,
|
||||
|
|
|
@ -621,6 +621,13 @@ pub async fn get_public_rooms_filtered_route(
|
|||
return Err(Error::bad_config("Federation is disabled."));
|
||||
}
|
||||
|
||||
if !services()
|
||||
.globals
|
||||
.allow_public_room_directory_over_federation()
|
||||
{
|
||||
return Err(Error::bad_config("Room directory is not public."));
|
||||
}
|
||||
|
||||
let response = client_server::get_public_rooms_filtered_helper(
|
||||
None,
|
||||
body.limit,
|
||||
|
@ -648,6 +655,13 @@ pub async fn get_public_rooms_route(
|
|||
return Err(Error::bad_config("Federation is disabled."));
|
||||
}
|
||||
|
||||
if !services()
|
||||
.globals
|
||||
.allow_public_room_directory_over_federation()
|
||||
{
|
||||
return Err(Error::bad_config("Room directory is not public."));
|
||||
}
|
||||
|
||||
let response = client_server::get_public_rooms_filtered_helper(
|
||||
None,
|
||||
body.limit,
|
||||
|
|
|
@ -51,6 +51,10 @@ pub struct Config {
|
|||
pub allow_encryption: bool,
|
||||
#[serde(default = "false_fn")]
|
||||
pub allow_federation: bool,
|
||||
#[serde(default = "false_fn")]
|
||||
pub allow_public_room_directory_over_federation: bool,
|
||||
#[serde(default = "false_fn")]
|
||||
pub allow_public_room_directory_without_auth: bool,
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_room_creation: bool,
|
||||
#[serde(default = "true_fn")]
|
||||
|
@ -150,6 +154,14 @@ impl fmt::Display for Config {
|
|||
("Allow encryption", &self.allow_encryption.to_string()),
|
||||
("Allow federation", &self.allow_federation.to_string()),
|
||||
("Allow room creation", &self.allow_room_creation.to_string()),
|
||||
(
|
||||
"Allow public room directory over federation",
|
||||
&self.allow_public_room_directory_over_federation.to_string(),
|
||||
),
|
||||
(
|
||||
"Allow public room directory without authentication",
|
||||
&self.allow_public_room_directory_without_auth.to_string(),
|
||||
),
|
||||
(
|
||||
"JWT secret",
|
||||
match self.jwt_secret {
|
||||
|
|
|
@ -299,6 +299,14 @@ impl Service {
|
|||
self.config.allow_federation
|
||||
}
|
||||
|
||||
pub fn allow_public_room_directory_over_federation(&self) -> bool {
|
||||
self.config.allow_public_room_directory_over_federation
|
||||
}
|
||||
|
||||
pub fn allow_public_room_directory_without_auth(&self) -> bool {
|
||||
self.config.allow_public_room_directory_without_auth
|
||||
}
|
||||
|
||||
pub fn allow_room_creation(&self) -> bool {
|
||||
self.config.allow_room_creation
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue