@@ -49,7 +49,7 @@ def filter_events_for_client(
4949 events ,
5050 is_peeking = False ,
5151 always_include_ids = frozenset (),
52- apply_retention_policies = True ,
52+ filter_send_to_client = True ,
5353):
5454 """
5555 Check which events a user is allowed to see. If the user can see the event but its
@@ -65,10 +65,9 @@ def filter_events_for_client(
6565 events
6666 always_include_ids (set(event_id)): set of event ids to specifically
6767 include (unless sender is ignored)
68- apply_retention_policies (bool): Whether to filter out events that's older than
69- allowed by the room's retention policy. Useful when this function is called
70- to e.g. check whether a user should be allowed to see the state at a given
71- event rather than to know if it should send an event to a user's client(s).
68+ filter_send_to_client (bool): Whether we're checking an event that's going to be
69+ sent to a client. This might not always be the case since this function can
70+ also be called to check whether a user can see the state at a given point.
7271
7372 Returns:
7473 Deferred[list[synapse.events.EventBase]]
@@ -96,7 +95,7 @@ def filter_events_for_client(
9695
9796 erased_senders = yield storage .main .are_users_erased ((e .sender for e in events ))
9897
99- if apply_retention_policies :
98+ if filter_send_to_client :
10099 room_ids = {e .room_id for e in events }
101100 retention_policies = {}
102101
@@ -119,30 +118,36 @@ def allowed(event):
119118
120119 the original event if they can see it as normal.
121120 """
122- if event .type == "org.matrix.dummy_event" :
123- return None
124-
125- if not event .is_state () and event .sender in ignore_list :
126- return None
127-
128- # Until MSC2261 has landed we can't redact malicious alias events, so for
129- # now we temporarily filter out m.room.aliases entirely to mitigate
130- # abuse, while we spec a better solution to advertising aliases
131- # on rooms.
132- if event .type == EventTypes .Aliases :
133- return None
134-
135- # Don't try to apply the room's retention policy if the event is a state event, as
136- # MSC1763 states that retention is only considered for non-state events.
137- if apply_retention_policies and not event .is_state ():
138- retention_policy = retention_policies [event .room_id ]
139- max_lifetime = retention_policy .get ("max_lifetime" )
140-
141- if max_lifetime is not None :
142- oldest_allowed_ts = storage .main .clock .time_msec () - max_lifetime
143-
144- if event .origin_server_ts < oldest_allowed_ts :
145- return None
121+ # Only run some checks if these events aren't about to be sent to clients. This is
122+ # because, if this is not the case, we're probably only checking if the users can
123+ # see events in the room at that point in the DAG, and that shouldn't be decided
124+ # on those checks.
125+ if filter_send_to_client :
126+ if event .type == "org.matrix.dummy_event" :
127+ return None
128+
129+ if not event .is_state () and event .sender in ignore_list :
130+ return None
131+
132+ # Until MSC2261 has landed we can't redact malicious alias events, so for
133+ # now we temporarily filter out m.room.aliases entirely to mitigate
134+ # abuse, while we spec a better solution to advertising aliases
135+ # on rooms.
136+ if event .type == EventTypes .Aliases :
137+ return None
138+
139+ # Don't try to apply the room's retention policy if the event is a state
140+ # event, as MSC1763 states that retention is only considered for non-state
141+ # events.
142+ if not event .is_state ():
143+ retention_policy = retention_policies [event .room_id ]
144+ max_lifetime = retention_policy .get ("max_lifetime" )
145+
146+ if max_lifetime is not None :
147+ oldest_allowed_ts = storage .main .clock .time_msec () - max_lifetime
148+
149+ if event .origin_server_ts < oldest_allowed_ts :
150+ return None
146151
147152 if event .event_id in always_include_ids :
148153 return event
0 commit comments