From 84716d267c6d93cfe759e8da336efb3136dc1560 Mon Sep 17 00:00:00 2001
From: David Baker <dave@matrix.org>
Date: Tue, 3 Oct 2017 13:53:09 +0100
Subject: [PATCH] Allow spam checker to reject invites too

---
 synapse/handlers/federation.py  |  4 ++++
 synapse/handlers/room_member.py | 20 ++++++++++++++------
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
index 18f87cad67..32078fde3c 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -77,6 +77,7 @@ class FederationHandler(BaseHandler):
         self.action_generator = hs.get_action_generator()
         self.is_mine_id = hs.is_mine_id
         self.pusher_pool = hs.get_pusherpool()
+        self.spam_checker = hs.get_spam_checker()
 
         self.replication_layer.set_handler(self)
 
@@ -1077,6 +1078,9 @@ class FederationHandler(BaseHandler):
         if self.hs.config.block_non_admin_invites:
             raise SynapseError(403, "This server does not accept room invites")
 
+        if not self.spam_checker.user_may_invite(requester.user):
+            raise SynapseError(403, "This user is not permitted to send invites to this server")
+
         membership = event.content.get("membership")
         if event.type != EventTypes.Member or membership != Membership.INVITE:
             raise SynapseError(400, "The event was not an m.room.member invite event")
diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py
index 9a498c2d3e..61b0140e69 100644
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@@ -48,6 +48,7 @@ class RoomMemberHandler(BaseHandler):
         self.member_linearizer = Linearizer(name="member")
 
         self.clock = hs.get_clock()
+        self.spam_checker = hs.get_spam_checker()
 
         self.distributor = hs.get_distributor()
         self.distributor.declare("user_joined_room")
@@ -210,12 +211,19 @@ class RoomMemberHandler(BaseHandler):
             if is_blocked:
                 raise SynapseError(403, "This room has been blocked on this server")
 
-        if (effective_membership_state == "invite" and
-                self.hs.config.block_non_admin_invites):
-            is_requester_admin = yield self.auth.is_server_admin(
-                requester.user,
-            )
-            if not is_requester_admin:
+        if effective_membership_state == "invite":
+            block_invite = False
+            if self.hs.config.block_non_admin_invites:
+                is_requester_admin = yield self.auth.is_server_admin(
+                    requester.user,
+                )
+                if not is_requester_admin:
+                    block_invite = True
+
+            if not self.spam_checker.user_may_invite(requester.user):
+                block_invite = True
+
+            if block_invite:
                 raise SynapseError(
                     403, "Invites have been disabled on this server",
                 )