From 75be68fa618d2f450c19e4180f160e069bfcb533 Mon Sep 17 00:00:00 2001 From: strawberry Date: Thu, 24 Oct 2024 22:19:18 -0400 Subject: [PATCH] add config option to control sending admin notices of alerts Signed-off-by: strawberry --- conduwuit-example.toml | 8 +++ src/api/client/account.rs | 94 +++++++++++++++++++++--------------- src/api/client/directory.rs | 30 +++++++----- src/api/client/membership.rs | 34 +++++++------ src/api/client/room.rs | 30 +++++++----- src/core/config/mod.rs | 8 +++ 6 files changed, 128 insertions(+), 76 deletions(-) diff --git a/conduwuit-example.toml b/conduwuit-example.toml index 6142705d..b532d381 100644 --- a/conduwuit-example.toml +++ b/conduwuit-example.toml @@ -351,6 +351,14 @@ allow_profile_lookup_federation_requests = true # defaults to true #admin_escape_commands = true +# Controls whether admin room notices like account registrations, password changes, account deactivations, +# room directory publications, etc will be sent to the admin room. +# +# Update notices and normal admin command responses will still be sent. +# +# defaults to true +#admin_room_notices = true + ### Misc diff --git a/src/api/client/account.rs b/src/api/client/account.rs index b87eb400..cee86f80 100644 --- a/src/api/client/account.rs +++ b/src/api/client/account.rs @@ -310,21 +310,27 @@ pub(crate) async fn register_route( if body.appservice_info.is_none() && !is_guest { if !device_display_name.is_empty() { info!("New user \"{user_id}\" registered on this server with device display name: {device_display_name}"); - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "New user \"{user_id}\" registered on this server from IP {client} and device display name \ - \"{device_display_name}\"" - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "New user \"{user_id}\" registered on this server from IP {client} and device display name \ + \"{device_display_name}\"" + ))) + .await; + } } else { info!("New user \"{user_id}\" registered on this server."); - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "New user \"{user_id}\" registered on this server from IP {client}" - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "New user \"{user_id}\" registered on this server from IP {client}" + ))) + .await; + } } } @@ -333,20 +339,26 @@ pub(crate) async fn register_route( info!("New guest user \"{user_id}\" registered on this server."); if !device_display_name.is_empty() { - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "Guest user \"{user_id}\" with device display name \"{device_display_name}\" registered on this \ - server from IP {client}" - ))) - .await; + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "Guest user \"{user_id}\" with device display name \"{device_display_name}\" registered on \ + this server from IP {client}" + ))) + .await; + } } else { - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "Guest user \"{user_id}\" with no device display name registered on this server from IP {client}", - ))) - .await; + #[allow(clippy::collapsible_else_if)] + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "Guest user \"{user_id}\" with no device display name registered on this server from IP \ + {client}", + ))) + .await; + } } } @@ -481,12 +493,15 @@ pub(crate) async fn change_password_route( } info!("User {sender_user} changed their password."); - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "User {sender_user} changed their password." - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "User {sender_user} changed their password." + ))) + .await; + } Ok(change_password::v3::Response {}) } @@ -572,12 +587,15 @@ pub(crate) async fn deactivate_route( full_user_deactivate(&services, sender_user, all_joined_rooms).await?; info!("User {sender_user} deactivated their account."); - services - .admin - .send_message(RoomMessageEventContent::notice_plain(format!( - "User {sender_user} deactivated their account." - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::notice_plain(format!( + "User {sender_user} deactivated their account." + ))) + .await; + } Ok(deactivate::v3::Response { id_server_unbind_result: ThirdPartyIdRemovalStatus::NoSupport, diff --git a/src/api/client/directory.rs b/src/api/client/directory.rs index 423f2bde..602f876a 100644 --- a/src/api/client/directory.rs +++ b/src/api/client/directory.rs @@ -146,14 +146,17 @@ pub(crate) async fn set_room_visibility_route( \"lockdown_public_room_directory\" is enabled", body.room_id ); - services - .admin - .send_text(&format!( - "Non-admin user {sender_user} tried to publish {0} to the room directory while \ - \"lockdown_public_room_directory\" is enabled", - body.room_id - )) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_text(&format!( + "Non-admin user {sender_user} tried to publish {0} to the room directory while \ + \"lockdown_public_room_directory\" is enabled", + body.room_id + )) + .await; + } return Err(Error::BadRequest( ErrorKind::forbidden(), @@ -162,10 +165,13 @@ pub(crate) async fn set_room_visibility_route( } services.rooms.directory.set_public(&body.room_id)?; - services - .admin - .send_text(&format!("{sender_user} made {} public to the room directory", body.room_id)) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_text(&format!("{sender_user} made {} public to the room directory", body.room_id)) + .await; + } info!("{sender_user} made {0} public to the room directory", body.room_id); }, room::Visibility::Private => services.rooms.directory.set_not_public(&body.room_id)?, diff --git a/src/api/client/membership.rs b/src/api/client/membership.rs index b3b3c80e..470db669 100644 --- a/src/api/client/membership.rs +++ b/src/api/client/membership.rs @@ -71,13 +71,16 @@ async fn banned_room_check( if services.globals.config.auto_deactivate_banned_room_attempts { warn!("Automatically deactivating user {user_id} due to attempted banned room join"); - services - .admin - .send_message(RoomMessageEventContent::text_plain(format!( - "Automatically deactivating user {user_id} due to attempted banned room join from IP \ - {client_ip}" - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::text_plain(format!( + "Automatically deactivating user {user_id} due to attempted banned room join from IP \ + {client_ip}" + ))) + .await; + } let all_joined_rooms: Vec = services .rooms @@ -108,13 +111,16 @@ async fn banned_room_check( if services.globals.config.auto_deactivate_banned_room_attempts { warn!("Automatically deactivating user {user_id} due to attempted banned room join"); - services - .admin - .send_message(RoomMessageEventContent::text_plain(format!( - "Automatically deactivating user {user_id} due to attempted banned room join from IP \ - {client_ip}" - ))) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_message(RoomMessageEventContent::text_plain(format!( + "Automatically deactivating user {user_id} due to attempted banned room join from IP \ + {client_ip}" + ))) + .await; + } let all_joined_rooms: Vec = services .rooms diff --git a/src/api/client/room.rs b/src/api/client/room.rs index 0a75787d..0112e76d 100644 --- a/src/api/client/room.rs +++ b/src/api/client/room.rs @@ -103,14 +103,17 @@ pub(crate) async fn create_room_route( \"lockdown_public_room_directory\" is enabled", &room_id ); - services - .admin - .send_text(&format!( - "Non-admin user {sender_user} tried to publish {0} to the room directory while \ - \"lockdown_public_room_directory\" is enabled", - &room_id - )) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_text(&format!( + "Non-admin user {sender_user} tried to publish {0} to the room directory while \ + \"lockdown_public_room_directory\" is enabled", + &room_id + )) + .await; + } return Err!(Request(Forbidden("Publishing rooms to the room directory is not allowed"))); } @@ -473,10 +476,13 @@ pub(crate) async fn create_room_route( if body.visibility == room::Visibility::Public { services.rooms.directory.set_public(&room_id)?; - services - .admin - .send_text(&format!("{sender_user} made {} public to the room directory", &room_id)) - .await; + + if services.globals.config.admin_room_notices { + services + .admin + .send_text(&format!("{sender_user} made {} public to the room directory", &room_id)) + .await; + } info!("{sender_user} made {0} public to the room directory", &room_id); } diff --git a/src/core/config/mod.rs b/src/core/config/mod.rs index bb520d06..d5ed845b 100644 --- a/src/core/config/mod.rs +++ b/src/core/config/mod.rs @@ -377,6 +377,13 @@ pub struct Config { #[serde(default)] pub test: BTreeSet, + /// Controls whether admin room notices like account registrations, password + /// changes, account deactivations, room directory publications, etc will + /// be sent to the admin room. Update notices and normal admin command + /// responses will still be sent. + #[serde(default = "true_fn")] + pub admin_room_notices: bool, + #[serde(flatten)] #[allow(clippy::zero_sized_map_values)] // this is a catchall, the map shouldn't be zero at runtime catchall: BTreeMap, @@ -867,6 +874,7 @@ impl fmt::Display for Config { .map_or("", |url| url.as_str()), ); line("Enable the tokio-console", &self.tokio_console.to_string()); + line("Admin room notices", &self.admin_room_notices.to_string()); Ok(()) }