Add event reporting (#3340)

Part of #3216 and #3226 

There will be a follow up PR which is going to add the same admin
endpoints Synapse has, so existing tools also work for Dendrite.
This commit is contained in:
Till 2024-03-21 19:27:34 +01:00 committed by GitHub
parent de95499178
commit b9abbf7b20
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
12 changed files with 474 additions and 1 deletions

View File

@ -2346,3 +2346,92 @@ func TestCreateRoomInvite(t *testing.T) {
}
})
}
func TestReportEvent(t *testing.T) {
alice := test.NewUser(t)
bob := test.NewUser(t)
charlie := test.NewUser(t)
room := test.NewRoom(t, alice)
room.CreateAndInsert(t, charlie, spec.MRoomMember, map[string]interface{}{
"membership": "join",
}, test.WithStateKey(charlie.ID))
eventToReport := room.CreateAndInsert(t, alice, "m.room.message", map[string]interface{}{"body": "hello world"})
test.WithAllDatabases(t, func(t *testing.T, dbType test.DBType) {
cfg, processCtx, close := testrig.CreateConfig(t, dbType)
routers := httputil.NewRouters()
cm := sqlutil.NewConnectionManager(processCtx, cfg.Global.DatabaseOptions)
caches := caching.NewRistrettoCache(128*1024*1024, time.Hour, caching.DisableMetrics)
defer close()
natsInstance := jetstream.NATSInstance{}
jsctx, _ := natsInstance.Prepare(processCtx, &cfg.Global.JetStream)
defer jetstream.DeleteAllStreams(jsctx, &cfg.Global.JetStream)
// Use an actual roomserver for this
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
if err := api.SendEvents(context.Background(), rsAPI, api.KindNew, room.Events(), "test", "test", "test", nil, false); err != nil {
t.Fatalf("failed to send events: %v", err)
}
// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
alice: {},
bob: {},
charlie: {},
}
createAccessTokens(t, accessTokens, userAPI, processCtx.Context(), routers)
reqBody := map[string]any{
"reason": "baaad",
"score": -100,
}
body, err := json.Marshal(reqBody)
if err != nil {
t.Fatal(err)
}
w := httptest.NewRecorder()
var req *http.Request
t.Run("Bob is not joined and should not be able to report the event", func(t *testing.T) {
req = httptest.NewRequest(http.MethodPost, fmt.Sprintf("/_matrix/client/v3/rooms/%s/report/%s", room.ID, eventToReport.EventID()), strings.NewReader(string(body)))
req.Header.Set("Authorization", "Bearer "+accessTokens[bob].accessToken)
routers.Client.ServeHTTP(w, req)
if w.Code != http.StatusNotFound {
t.Fatalf("expected report to fail, got HTTP %d instead: %s", w.Code, w.Body.String())
}
})
t.Run("Charlie is joined but the event does not exist", func(t *testing.T) {
w = httptest.NewRecorder()
req = httptest.NewRequest(http.MethodPost, fmt.Sprintf("/_matrix/client/v3/rooms/%s/report/$doesNotExist", room.ID), strings.NewReader(string(body)))
req.Header.Set("Authorization", "Bearer "+accessTokens[charlie].accessToken)
routers.Client.ServeHTTP(w, req)
if w.Code != http.StatusNotFound {
t.Fatalf("expected report to fail, got HTTP %d instead: %s", w.Code, w.Body.String())
}
})
t.Run("Charlie is joined and allowed to report the event", func(t *testing.T) {
w = httptest.NewRecorder()
req = httptest.NewRequest(http.MethodPost, fmt.Sprintf("/_matrix/client/v3/rooms/%s/report/%s", room.ID, eventToReport.EventID()), strings.NewReader(string(body)))
req.Header.Set("Authorization", "Bearer "+accessTokens[charlie].accessToken)
routers.Client.ServeHTTP(w, req)
if w.Code != http.StatusOK {
t.Fatalf("expected report to be successful, got HTTP %d instead: %s", w.Code, w.Body.String())
}
})
})
}

View File

@ -0,0 +1,93 @@
// Copyright 2023 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package routing
import (
"net/http"
"github.com/matrix-org/dendrite/clientapi/httputil"
"github.com/matrix-org/dendrite/roomserver/api"
userAPI "github.com/matrix-org/dendrite/userapi/api"
"github.com/matrix-org/gomatrixserverlib/spec"
"github.com/matrix-org/util"
)
type reportEventRequest struct {
Reason string `json:"reason"`
Score int64 `json:"score"`
}
func ReportEvent(
req *http.Request,
device *userAPI.Device,
roomID, eventID string,
rsAPI api.ClientRoomserverAPI,
) util.JSONResponse {
defer req.Body.Close() // nolint: errcheck
deviceUserID, err := spec.NewUserID(device.UserID, true)
if err != nil {
return util.JSONResponse{
Code: http.StatusForbidden,
JSON: spec.NotFound("You don't have permission to report this event, bad userID"),
}
}
// The requesting user must be a member of the room
errRes := checkMemberInRoom(req.Context(), rsAPI, *deviceUserID, roomID)
if errRes != nil {
return util.JSONResponse{
Code: http.StatusNotFound, // Spec demands this...
JSON: spec.NotFound("The event was not found or you are not joined to the room."),
}
}
// Parse the request
report := reportEventRequest{}
if resErr := httputil.UnmarshalJSONRequest(req, &report); resErr != nil {
return *resErr
}
queryRes := &api.QueryEventsByIDResponse{}
if err = rsAPI.QueryEventsByID(req.Context(), &api.QueryEventsByIDRequest{
RoomID: roomID,
EventIDs: []string{eventID},
}, queryRes); err != nil {
return util.JSONResponse{
Code: http.StatusInternalServerError,
JSON: spec.InternalServerError{Err: err.Error()},
}
}
// No event was found or it was already redacted
if len(queryRes.Events) == 0 || queryRes.Events[0].Redacted() {
return util.JSONResponse{
Code: http.StatusNotFound,
JSON: spec.NotFound("The event was not found or you are not joined to the room."),
}
}
_, err = rsAPI.InsertReportedEvent(req.Context(), roomID, eventID, device.UserID, report.Reason, report.Score)
if err != nil {
return util.JSONResponse{
Code: http.StatusInternalServerError,
JSON: spec.InternalServerError{Err: err.Error()},
}
}
return util.JSONResponse{
Code: http.StatusOK,
JSON: struct{}{},
}
}

View File

@ -1523,4 +1523,14 @@ func Setup(
return GetJoinedMembers(req, device, vars["roomID"], rsAPI)
}),
).Methods(http.MethodGet, http.MethodOptions)
v3mux.Handle("/rooms/{roomID}/report/{eventID}",
httputil.MakeAuthAPI("report_event", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return ReportEvent(req, device, vars["roomID"], vars["eventID"], rsAPI)
}),
).Methods(http.MethodPost, http.MethodOptions)
}

View File

@ -223,6 +223,7 @@ type ClientRoomserverAPI interface {
UserRoomPrivateKeyCreator
QueryRoomHierarchyAPI
DefaultRoomVersionAPI
QueryMembershipForUser(ctx context.Context, req *QueryMembershipForUserRequest, res *QueryMembershipForUserResponse) error
QueryMembershipsForRoom(ctx context.Context, req *QueryMembershipsForRoomRequest, res *QueryMembershipsForRoomResponse) error
QueryRoomsForUser(ctx context.Context, userID spec.UserID, desiredMembership string) ([]spec.RoomID, error)
@ -264,6 +265,12 @@ type ClientRoomserverAPI interface {
RemoveRoomAlias(ctx context.Context, senderID spec.SenderID, alias string) (aliasFound bool, aliasRemoved bool, err error)
SigningIdentityFor(ctx context.Context, roomID spec.RoomID, senderID spec.UserID) (fclient.SigningIdentity, error)
InsertReportedEvent(
ctx context.Context,
roomID, eventID, reportingUserID, reason string,
score int64,
) (int64, error)
}
type UserRoomserverAPI interface {

View File

@ -340,3 +340,11 @@ func (r *RoomserverInternalAPI) SigningIdentityFor(ctx context.Context, roomID s
func (r *RoomserverInternalAPI) AssignRoomNID(ctx context.Context, roomID spec.RoomID, roomVersion gomatrixserverlib.RoomVersion) (roomNID types.RoomNID, err error) {
return r.DB.AssignRoomNID(ctx, roomID, roomVersion)
}
func (r *RoomserverInternalAPI) InsertReportedEvent(
ctx context.Context,
roomID, eventID, reportingUserID, reason string,
score int64,
) (int64, error) {
return r.DB.InsertReportedEvent(ctx, roomID, eventID, reportingUserID, reason, score)
}

View File

@ -30,6 +30,7 @@ import (
type Database interface {
UserRoomKeys
ReportedEvents
// Do we support processing input events for more than one room at a time?
SupportsConcurrentRoomInputs() bool
AssignRoomNID(ctx context.Context, roomID spec.RoomID, roomVersion gomatrixserverlib.RoomVersion) (roomNID types.RoomNID, err error)
@ -257,3 +258,11 @@ type EventDatabase interface {
) (gomatrixserverlib.PDU, gomatrixserverlib.PDU, error)
StoreEvent(ctx context.Context, event gomatrixserverlib.PDU, roomInfo *types.RoomInfo, eventTypeNID types.EventTypeNID, eventStateKeyNID types.EventStateKeyNID, authEventNIDs []types.EventNID, isRejected bool) (types.EventNID, types.StateAtEvent, error)
}
type ReportedEvents interface {
InsertReportedEvent(
ctx context.Context,
roomID, eventID, reportingUserID, reason string,
score int64,
) (int64, error)
}

View File

@ -0,0 +1,88 @@
// Copyright 2023 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package postgres
import (
"context"
"database/sql"
"time"
"github.com/matrix-org/dendrite/internal/sqlutil"
"github.com/matrix-org/dendrite/roomserver/storage/tables"
"github.com/matrix-org/dendrite/roomserver/types"
"github.com/matrix-org/gomatrixserverlib/spec"
)
const reportedEventsScheme = `
CREATE SEQUENCE IF NOT EXISTS roomserver_reported_events_id_seq;
CREATE TABLE IF NOT EXISTS roomserver_reported_events
(
id BIGINT PRIMARY KEY DEFAULT nextval('roomserver_reported_events_id_seq'),
room_nid BIGINT NOT NULL,
event_nid BIGINT NOT NULL,
reporting_user_nid INTEGER NOT NULL, -- the user reporting the event
event_sender_nid INTEGER NOT NULL, -- the user who sent the reported event
reason TEXT,
score INTEGER,
received_ts BIGINT NOT NULL
);`
const insertReportedEventSQL = `
INSERT INTO roomserver_reported_events (room_nid, event_nid, reporting_user_nid, event_sender_nid, reason, score, received_ts)
VALUES ($1, $2, $3, $4, $5, $6, $7)
RETURNING id
`
type reportedEventsStatements struct {
insertReportedEventsStmt *sql.Stmt
}
func CreateReportedEventsTable(db *sql.DB) error {
_, err := db.Exec(reportedEventsScheme)
return err
}
func PrepareReportedEventsTable(db *sql.DB) (tables.ReportedEvents, error) {
s := &reportedEventsStatements{}
return s, sqlutil.StatementList{
{&s.insertReportedEventsStmt, insertReportedEventSQL},
}.Prepare(db)
}
func (r *reportedEventsStatements) InsertReportedEvent(
ctx context.Context,
txn *sql.Tx,
roomNID types.RoomNID,
eventNID types.EventNID,
reportingUserID types.EventStateKeyNID,
eventSenderID types.EventStateKeyNID,
reason string,
score int64,
) (int64, error) {
stmt := sqlutil.TxStmt(txn, r.insertReportedEventsStmt)
var reportID int64
err := stmt.QueryRowContext(ctx,
roomNID,
eventNID,
reportingUserID,
eventSenderID,
reason,
score,
spec.AsTimestamp(time.Now()),
).Scan(&reportID)
return reportID, err
}

View File

@ -134,6 +134,9 @@ func (d *Database) create(db *sql.DB) error {
if err := CreateUserRoomKeysTable(db); err != nil {
return err
}
if err := CreateReportedEventsTable(db); err != nil {
return err
}
return nil
}
@ -199,6 +202,10 @@ func (d *Database) prepare(db *sql.DB, writer sqlutil.Writer, cache caching.Room
if err != nil {
return err
}
reportedEvents, err := PrepareReportedEventsTable(db)
if err != nil {
return err
}
d.Database = shared.Database{
DB: db,
@ -212,6 +219,7 @@ func (d *Database) prepare(db *sql.DB, writer sqlutil.Writer, cache caching.Room
EventStateKeysTable: eventStateKeys,
PrevEventsTable: prevEvents,
RedactionsTable: redactions,
ReportedEventsTable: reportedEvents,
},
Cache: cache,
Writer: writer,

View File

@ -61,6 +61,7 @@ type EventDatabase struct {
EventStateKeysTable tables.EventStateKeys
PrevEventsTable tables.PreviousEvents
RedactionsTable tables.Redactions
ReportedEventsTable tables.ReportedEvents
}
func (d *Database) SupportsConcurrentRoomInputs() bool {
@ -1882,6 +1883,59 @@ func (d *Database) SelectUserIDsForPublicKeys(ctx context.Context, publicKeys ma
return result, err
}
// InsertReportedEvent stores a reported event.
func (d *Database) InsertReportedEvent(
ctx context.Context,
roomID, eventID, reportingUserID, reason string,
score int64,
) (int64, error) {
roomInfo, err := d.roomInfo(ctx, nil, roomID)
if err != nil {
return 0, err
}
if roomInfo == nil {
return 0, fmt.Errorf("room does not exist")
}
events, err := d.eventsFromIDs(ctx, nil, roomInfo, []string{eventID}, NoFilter)
if err != nil {
return 0, err
}
if len(events) == 0 {
return 0, fmt.Errorf("unable to find requested event")
}
stateKeyNIDs, err := d.EventStateKeyNIDs(ctx, []string{reportingUserID, events[0].SenderID().ToUserID().String()})
if err != nil {
return 0, fmt.Errorf("failed to query eventStateKeyNIDs: %w", err)
}
// We expect exactly 2 stateKeyNIDs
if len(stateKeyNIDs) != 2 {
return 0, fmt.Errorf("expected 2 stateKeyNIDs, received %d", len(stateKeyNIDs))
}
var reportID int64
err = d.Writer.Do(d.DB, nil, func(txn *sql.Tx) error {
reportID, err = d.ReportedEventsTable.InsertReportedEvent(
ctx,
txn,
roomInfo.RoomNID,
events[0].EventNID,
stateKeyNIDs[reportingUserID],
stateKeyNIDs[events[0].SenderID().ToUserID().String()],
reason,
score,
)
if err != nil {
return err
}
return nil
})
return reportID, err
}
// FIXME TODO: Remove all this - horrible dupe with roomserver/state. Can't use the original impl because of circular loops
// it should live in this package!

View File

@ -0,0 +1,87 @@
// Copyright 2023 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package sqlite3
import (
"context"
"database/sql"
"time"
"github.com/matrix-org/dendrite/internal/sqlutil"
"github.com/matrix-org/dendrite/roomserver/storage/tables"
"github.com/matrix-org/dendrite/roomserver/types"
"github.com/matrix-org/gomatrixserverlib/spec"
)
const reportedEventsScheme = `
CREATE TABLE IF NOT EXISTS roomserver_reported_events
(
id INTEGER PRIMARY KEY AUTOINCREMENT,
room_nid INTEGER NOT NULL,
event_nid INTEGER NOT NULL,
reporting_user_nid INTEGER NOT NULL, -- the user reporting the event
event_sender_nid INTEGER NOT NULL, -- the user who sent the reported event
reason TEXT,
score INTEGER,
received_ts INTEGER NOT NULL
);`
const insertReportedEventSQL = `
INSERT INTO roomserver_reported_events (room_nid, event_nid, reporting_user_nid, event_sender_nid, reason, score, received_ts)
VALUES ($1, $2, $3, $4, $5, $6, $7)
RETURNING id
`
type reportedEventsStatements struct {
insertReportedEventsStmt *sql.Stmt
}
func CreateReportedEventsTable(db *sql.DB) error {
_, err := db.Exec(reportedEventsScheme)
return err
}
func PrepareReportedEventsTable(db *sql.DB) (tables.ReportedEvents, error) {
s := &reportedEventsStatements{}
return s, sqlutil.StatementList{
{&s.insertReportedEventsStmt, insertReportedEventSQL},
}.Prepare(db)
}
func (r *reportedEventsStatements) InsertReportedEvent(
ctx context.Context,
txn *sql.Tx,
roomNID types.RoomNID,
eventNID types.EventNID,
reportingUserID types.EventStateKeyNID,
eventSenderID types.EventStateKeyNID,
reason string,
score int64,
) (int64, error) {
stmt := sqlutil.TxStmt(txn, r.insertReportedEventsStmt)
var reportID int64
err := stmt.QueryRowContext(ctx,
roomNID,
eventNID,
reportingUserID,
eventSenderID,
reason,
score,
spec.AsTimestamp(time.Now()),
).Scan(&reportID)
return reportID, err
}

View File

@ -141,7 +141,9 @@ func (d *Database) create(db *sql.DB) error {
if err := CreateUserRoomKeysTable(db); err != nil {
return err
}
if err := CreateReportedEventsTable(db); err != nil {
return err
}
return nil
}
@ -206,6 +208,10 @@ func (d *Database) prepare(db *sql.DB, writer sqlutil.Writer, cache caching.Room
if err != nil {
return err
}
reportedEvents, err := PrepareReportedEventsTable(db)
if err != nil {
return err
}
d.Database = shared.Database{
DB: db,
@ -219,6 +225,7 @@ func (d *Database) prepare(db *sql.DB, writer sqlutil.Writer, cache caching.Room
EventJSONTable: eventJSON,
PrevEventsTable: prevEvents,
RedactionsTable: redactions,
ReportedEventsTable: reportedEvents,
},
Cache: cache,
Writer: writer,

View File

@ -127,6 +127,19 @@ type Invites interface {
SelectInviteActiveForUserInRoom(ctx context.Context, txn *sql.Tx, targetUserNID types.EventStateKeyNID, roomNID types.RoomNID) ([]types.EventStateKeyNID, []string, []byte, error)
}
type ReportedEvents interface {
InsertReportedEvent(
ctx context.Context,
txn *sql.Tx,
roomNID types.RoomNID,
eventNID types.EventNID,
reportingUserID types.EventStateKeyNID,
eventSenderID types.EventStateKeyNID,
reason string,
score int64,
) (int64, error)
}
type MembershipState int64
const (