block non-admins from publishing to room directory

2023-12-11 20:06:34 -08:00 · 2023-12-11 20:06:34 -08:00 · e34f406cfd
parent 483d22afc3
commit e34f406cfd
2 changed files with 13 additions and 1 deletions
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@ -871,7 +871,9 @@ class RoomCreationHandler:

        # The spec says rooms should default to private visibility if
        # `visibility` is not specified.
-        visibility = config.get("visibility", "private")
+        #visibility = config.get("visibility", "private")
+        # temporarily block publishing rooms to directory - patch date 12/12/23
+        visibility = "private"
        is_public = visibility == "public"

        self._validate_room_config(config, visibility)
--- a/synapse/rest/client/directory.py
+++ b/synapse/rest/client/directory.py
@ -159,6 +159,16 @@ class ClientDirectoryListServer(RestServlet):

        content = parse_and_validate_json_object_from_request(request, self.PutBody)

+        # temporarily block publishing rooms to public directory for non-admins
+        # patch date 12/12/23
+        if content.visibility == "public":
+            is_admin = await self.is_server_admin(requester)
+            if not is_admin:
+                raise AuthError(
+                    403,
+                    "Publishing rooms to the room list is temporarily disabled.",
+                )
+
        await self.directory_handler.edit_published_room_list(
            requester, room_id, content.visibility
        )