Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prepare for authenticated media freeze #17433

Merged
merged 8 commits into from
Jul 22, 2024
Merged

Prepare for authenticated media freeze #17433

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
99840b3
add column `authenticated` to tables `local_media_repository` and `re…
H-Shay Jul 10, 2024
7569c77
add config options to set and enforce authenticated media
H-Shay Jul 10, 2024
f5ec081
get and set authenticated status when storing/fetching local/remote m…
H-Shay Jul 10, 2024
87ae2c2
disallow authenticated media over unauthenticated endpoints if config…
H-Shay Jul 10, 2024
0c787b4
tests
H-Shay Jul 11, 2024
11cfc0a
newsfragment
H-Shay Jul 11, 2024
bfee314
requested changes
H-Shay Jul 16, 2024
f532149
request doc changes
H-Shay Jul 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions synapse/config/repository.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,11 @@ def read_config(self, config: JsonDict, **kwargs: Any) -> None:
remote_media_lifetime
)

self.authenticate_new_media = config.get("authenticate_new_media", False)
self.enforce_authenticated_media = config.get(
"enforce_authenticated_media", False
Copy link
Contributor Author

@H-Shay H-Shay Jul 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two questions:

  1. Should this be one config option? Something like enable_authenticated_media?
  2. Should this option be documented in the config manual, since we are going to switch it on default and strongly encourage it's use - perhaps documenting it will make it seem more optional than we'd like?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think documenting any config option (except experimental ones) is worth doing, even if you discourage changing it and outline the plans for the default value of the option. May also be worth saying when the option is expected to be removed (which I imagine we will do?)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, agreed. I'm sure there will be some people that will need to fiddle with the config options (e.g. those using custom clients), so having them documented would be good.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Should this be one config option? Something like enable_authenticated_media?

I'm in two minds a bit here. Having two gives us more flexibility, but not actually sure of the use case. The only thing that comes to mind is if we change the defaults at different times, but then I think we wouldn't want to do that at all.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also went back and forth about making it one config option, and I think in the end it makes slightly more sense to make it one, essentially for the reasons you listed - I couldn't really think of a case where the two would be set independently of each other. I am going to switch it to one - this will also make documentation clearer. If anyone comes up with a reason to switch it back let me know...

)

def generate_config_section(self, data_dir_path: str, **kwargs: Any) -> str:
assert data_dir_path is not None
media_store = os.path.join(data_dir_path, "media_store")
Expand Down
5 changes: 4 additions & 1 deletion synapse/storage/schema/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
#
#

SCHEMA_VERSION = 85 # remember to update the list below when updating
SCHEMA_VERSION = 86 # remember to update the list below when updating
"""Represents the expectations made by the codebase about the database schema

This should be incremented whenever the codebase changes its requirements on the
Expand Down Expand Up @@ -139,6 +139,9 @@

Changes in SCHEMA_VERSION = 85
- Add a column `suspended` to the `users` table

Changes in SCHEMA_VERSION = 86
- Add a column `authenticated` to the tables `local_media_repository` and `remote_media_cache`
"""


Expand Down
16 changes: 16 additions & 0 deletions synapse/storage/schema/main/delta/86/01_authenticate_media.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
--
H-Shay marked this conversation as resolved.
Show resolved Hide resolved
-- This file is licensed under the Affero General Public License (AGPL) version 3.
--
-- Copyright (C) 2024 New Vector, Ltd
--
-- This program is free software: you can redistribute it and/or modify
-- it under the terms of the GNU Affero General Public License as
-- published by the Free Software Foundation, either version 3 of the
-- License, or (at your option) any later version.
--
-- See the GNU Affero General Public License for more details:
-- <https://www.gnu.org/licenses/agpl-3.0.html>.


ALTER TABLE remote_media_cache ADD COLUMN authenticated BOOLEAN;
ALTER TABLE local_media_repository ADD COLUMN authenticated BOOLEAN;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we have a DEFAULT value here, and make it NOT NULL?

It would be nice to add a comment describing the semantics of the value here, even briefly. If it's a nullable column, that should be described too, which is why I'm tempted to suggest making this NOT NULL.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess the default could be False, although the code essentially assumes any media item for which this column isn't True is unauthenticated so I think the null works (but is probably unclear, as you are pointing out)- setting the default might make that clearer. Essentially all existing media in the table should be either null or False once the column is added, but I can make that clearer.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that setting a DEFAULT means that the table needs to get rewritten to insert the new values, which takes a while. Leaving it as NULLABLE is somewhat annoying but by far the easiest.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't the case anymore since Postgres 11: https://www.dbi-services.com/blog/postgresql-11-instant-add-column-with-a-non-null-default-value/

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤯