Support for server ACLs (#1261)

* First pass at server ACLs (not efficient)

* Use transaction origin, update whitelist

* Fix federation API test

It's sufficient for us to return nothing in response to current state, so that the server ACL check returns no ACLs.

* More efficient server ACLs - hopefully

* Fix queries

* Fix queries

* Avoid panics by nil pointers

* Bug fixes

* Fix state event type

* Fix mutex

* Update logging

* Ignore port when matching servername

* Use read mutex

* Fix bugs

* Fix sync API test

* Comments

* Add tests, tweaks to behaviour

* Fix test output

currentstateserver/consumers/roomserver.go

@@ -19,6 +19,7 @@ import (
 	"encoding/json"
 
 	"github.com/Shopify/sarama"
+	"github.com/matrix-org/dendrite/currentstateserver/acls"
 	"github.com/matrix-org/dendrite/currentstateserver/storage"
 	"github.com/matrix-org/dendrite/internal"
 	"github.com/matrix-org/dendrite/roomserver/api"
@@ -30,9 +31,10 @@ import (
 type OutputRoomEventConsumer struct {
 	rsConsumer *internal.ContinualConsumer
 	db         storage.Database
+	acls       *acls.ServerACLs
 }
 
-func NewOutputRoomEventConsumer(topicName string, kafkaConsumer sarama.Consumer, store storage.Database) *OutputRoomEventConsumer {
+func NewOutputRoomEventConsumer(topicName string, kafkaConsumer sarama.Consumer, store storage.Database, acls *acls.ServerACLs) *OutputRoomEventConsumer {
 	consumer := &internal.ContinualConsumer{
 		Topic:          topicName,
 		Consumer:       kafkaConsumer,
@@ -41,6 +43,7 @@ func NewOutputRoomEventConsumer(topicName string, kafkaConsumer sarama.Consumer,
 	s := &OutputRoomEventConsumer{
 		rsConsumer: consumer,
 		db:         store,
+		acls:       acls,
 	}
 	consumer.ProcessMessage = s.onMessage
 
@@ -76,6 +79,10 @@ func (c *OutputRoomEventConsumer) onNewRoomEvent(
 ) error {
 	ev := msg.Event
 
+	if ev.Type() == "m.room.server_acl" && ev.StateKeyEquals("") {
+		defer c.acls.OnServerACLUpdate(&ev.Event)
+	}
+
 	addsStateEvents := msg.AddsState()
 
 	ev, err := c.updateStateEvent(ev)