feat: Add more granular controls for policy server calling (#1127)

Adds two new toggles to the configuration, the first of which allows disabling the policy server checks entirely, and the second of which allows disabling checking events created locally. They're both enabled by default for maximum PS efficacy but allowing them to be disabled allows people who frequently cannot contact policy servers, for example those in censored countries, to be able to still use rooms with pace, allows single-user/trusted-only homeservers to disable the preliminary check on their own events, and also gives an escape hatch in case an issue like #1060 happens again, especially with MSCs not in FCP being moving targets. In future, I think we should gate all MSC implementations behind config flags, even if they default to on. Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1127 Reviewed-by: Jade Ellis <jade@ellis.link> Co-authored-by: timedout <git@nexy7574.co.uk> Co-committed-by: timedout <git@nexy7574.co.uk>
2025-10-16 22:45:23 +00:00 · 2025-10-16 22:45:23 +00:00 · d189004d65
commit d189004d65
parent 26b700bf51
3 changed files with 39 additions and 0 deletions
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@ -1497,6 +1497,19 @@
 #
 #block_non_admin_invites = false

+# Enable or disable making requests to MSC4284 Policy Servers.
+# It is recommended you keep this enabled unless you experience frequent
+# connectivity issues, such as in a restricted networking environment.
+#
+#enable_msc4284_policy_servers = true
+
+# Enable running locally generated events through configured MSC4284
+# policy servers. You may wish to disable this if your server is
+# single-user for a slight speed benefit in some rooms, but otherwise
+# should leave it enabled.
+#
+#policy_server_check_own_events = true
+
 # Allow admins to enter commands in rooms other than "#admins" (admin
 # room) by prefixing your message with "\!admin" or "\\!admin" followed up
 # a normal continuwuity admin command. The reply will be publicly visible
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@ -1710,6 +1710,19 @@ pub struct Config {
 	#[serde(default)]
 	pub block_non_admin_invites: bool,

+	/// Enable or disable making requests to MSC4284 Policy Servers.
+	/// It is recommended you keep this enabled unless you experience frequent
+	/// connectivity issues, such as in a restricted networking environment.
+	#[serde(default = "true_fn")]
+	pub enable_msc4284_policy_servers: bool,
+
+	/// Enable running locally generated events through configured MSC4284
+	/// policy servers. You may wish to disable this if your server is
+	/// single-user for a slight speed benefit in some rooms, but otherwise
+	/// should leave it enabled.
+	#[serde(default = "true_fn")]
+	pub policy_server_check_own_events: bool,
+
 	/// Allow admins to enter commands in rooms other than "#admins" (admin
 	/// room) by prefixing your message with "\!admin" or "\\!admin" followed up
 	/// a normal continuwuity admin command. The reply will be publicly visible
--- a/src/service/rooms/event_handler/policy_server.rs
+++ b/src/service/rooms/event_handler/policy_server.rs
@ -31,6 +31,19 @@ pub async fn ask_policy_server(
 	pdu_json: &CanonicalJsonObject,
 	room_id: &RoomId,
 ) -> Result<bool> {
+	if !self.services.server.config.enable_msc4284_policy_servers {
+		return Ok(true); // don't ever contact policy servers
+	}
+	if self.services.server.config.policy_server_check_own_events
+		&& pdu.origin.is_some()
+		&& self
+			.services
+			.server
+			.is_ours(pdu.origin.as_ref().unwrap().as_str())
+	{
+		return Ok(true); // don't contact policy servers for locally generated events
+	}
+
 	if *pdu.event_type() == StateEventType::RoomPolicy.into() {
 		debug!(
 			room_id = %room_id,