Home Explore Help
Register Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Branch: gh-pages
Branches Tags
synapse
/
v1.77
/
consent_tracking.html

consent_tracking.html 31 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365 
  1. <!DOCTYPE HTML>
    2. 

  2. <html lang="en" class="sidebar-visible no-js light">
    3. 

  3.     <head>
    4. 

  4.         <!-- Book generated using mdBook -->
    5. 

  5.         <meta charset="UTF-8">
    6. 

  6.         <title>Consent Tracking - Synapse</title>
    7. 

  7.         <!-- Custom HTML head -->
    8. 

  8.         <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
    9. 

  9.         <meta name="description" content="">
    10. 

  10.         <meta name="viewport" content="width=device-width, initial-scale=1">
    11. 

  11.         <meta name="theme-color" content="#ffffff" />
    12. 

  12. 

  13.         <link rel="icon" href="favicon.svg">
    14. 

  14.         <link rel="shortcut icon" href="favicon.png">
    15. 

  15.         <link rel="stylesheet" href="css/variables.css">
    16. 

  16.         <link rel="stylesheet" href="css/general.css">
    17. 

  17.         <link rel="stylesheet" href="css/chrome.css">
    18. 

  18.         <link rel="stylesheet" href="css/print.css" media="print">
    19. 

  19.         <!-- Fonts -->
    20. 

  20.         <link rel="stylesheet" href="FontAwesome/css/font-awesome.css">
    21. 

  21.         <link rel="stylesheet" href="fonts/fonts.css">
    22. 

  22.         <!-- Highlight.js Stylesheets -->
    23. 

  23.         <link rel="stylesheet" href="highlight.css">
    24. 

  24.         <link rel="stylesheet" href="tomorrow-night.css">
    25. 

  25.         <link rel="stylesheet" href="ayu-highlight.css">
    26. 

  26. 

  27.         <!-- Custom theme stylesheets -->
    28. 

  28.         <link rel="stylesheet" href="docs/website_files/table-of-contents.css">
    29. 

  29.         <link rel="stylesheet" href="docs/website_files/remove-nav-buttons.css">
    30. 

  30.         <link rel="stylesheet" href="docs/website_files/indent-section-headers.css">
    31. 

  31.         <link rel="stylesheet" href="docs/website_files/version-picker.css">
    32. 

  32.     </head>
    33. 

  33.     <body>
    34. 

  34.         <!-- Provide site root to javascript -->
    35. 

  35.         <script type="text/javascript">
    36. 

  36.             var path_to_root = "";
    37. 

  37.             var default_theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? "navy" : "light";
    38. 

  38.         </script>
    39. 

  39. 

  40.         <!-- Work around some values being stored in localStorage wrapped in quotes -->
    41. 

  41.         <script type="text/javascript">
    42. 

  42.             try {
    43. 

  43.                 var theme = localStorage.getItem('mdbook-theme');
    44. 

  44.                 var sidebar = localStorage.getItem('mdbook-sidebar');
    45. 

  45.                 if (theme.startsWith('"') && theme.endsWith('"')) {
    46. 

  46.                     localStorage.setItem('mdbook-theme', theme.slice(1, theme.length - 1));
    47. 

  47.                 }
    48. 

  48.                 if (sidebar.startsWith('"') && sidebar.endsWith('"')) {
    49. 

  49.                     localStorage.setItem('mdbook-sidebar', sidebar.slice(1, sidebar.length - 1));
    50. 

  50.                 }
    51. 

  51.             } catch (e) { }
    52. 

  52.         </script>
    53. 

  53. 

  54.         <!-- Set the theme before any content is loaded, prevents flash -->
    55. 

  55.         <script type="text/javascript">
    56. 

  56.             var theme;
    57. 

  57.             try { theme = localStorage.getItem('mdbook-theme'); } catch(e) { }
    58. 

  58.             if (theme === null || theme === undefined) { theme = default_theme; }
    59. 

  59.             var html = document.querySelector('html');
    60. 

  60.             html.classList.remove('no-js')
    61. 

  61.             html.classList.remove('light')
    62. 

  62.             html.classList.add(theme);
    63. 

  63.             html.classList.add('js');
    64. 

  64.         </script>
    65. 

  65. 

  66.         <!-- Hide / unhide sidebar before it is displayed -->
    67. 

  67.         <script type="text/javascript">
    68. 

  68.             var html = document.querySelector('html');
    69. 

  69.             var sidebar = 'hidden';
    70. 

  70.             if (document.body.clientWidth >= 1080) {
    71. 

  71.                 try { sidebar = localStorage.getItem('mdbook-sidebar'); } catch(e) { }
    72. 

  72.                 sidebar = sidebar || 'visible';
    73. 

  73.             }
    74. 

  74.             html.classList.remove('sidebar-visible');
    75. 

  75.             html.classList.add("sidebar-" + sidebar);
    76. 

  76.         </script>
    77. 

  77. 

  78.         <nav id="sidebar" class="sidebar" aria-label="Table of contents">
    79. 

  79.             <div class="sidebar-scrollbox">
    80. 

  80.                 <ol class="chapter"><li class="chapter-item expanded affix "><li class="part-title">Introduction</li><li class="chapter-item expanded "><a href="welcome_and_overview.html">Welcome and Overview</a></li><li class="chapter-item expanded affix "><li class="part-title">Setup</li><li class="chapter-item expanded "><a href="setup/installation.html">Installation</a></li><li class="chapter-item expanded "><a href="postgres.html">Using Postgres</a></li><li class="chapter-item expanded "><a href="reverse_proxy.html">Configuring a Reverse Proxy</a></li><li class="chapter-item expanded "><a href="setup/forward_proxy.html">Configuring a Forward/Outbound Proxy</a></li><li class="chapter-item expanded "><a href="turn-howto.html">Configuring a Turn Server</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="setup/turn/coturn.html">coturn TURN server</a></li><li class="chapter-item expanded "><a href="setup/turn/eturnal.html">eturnal TURN server</a></li></ol></li><li class="chapter-item expanded "><a href="delegate.html">Delegation</a></li><li class="chapter-item expanded affix "><li class="part-title">Upgrading</li><li class="chapter-item expanded "><a href="upgrade.html">Upgrading between Synapse Versions</a></li><li class="chapter-item expanded affix "><li class="part-title">Usage</li><li class="chapter-item expanded "><a href="federate.html">Federation</a></li><li class="chapter-item expanded "><a href="usage/configuration/index.html">Configuration</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="usage/configuration/config_documentation.html">Configuration Manual</a></li><li class="chapter-item expanded "><a href="usage/configuration/homeserver_sample_config.html">Homeserver Sample Config File</a></li><li class="chapter-item expanded "><a href="usage/configuration/logging_sample_config.html">Logging Sample Config File</a></li><li class="chapter-item expanded "><a href="structured_logging.html">Structured Logging</a></li><li class="chapter-item expanded "><a href="templates.html">Templates</a></li><li class="chapter-item expanded "><a href="usage/configuration/user_authentication/index.html">User Authentication</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="usage/configuration/user_authentication/single_sign_on/index.html">Single-Sign On</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="openid.html">OpenID Connect</a></li><li class="chapter-item expanded "><a href="usage/configuration/user_authentication/single_sign_on/saml.html">SAML</a></li><li class="chapter-item expanded "><a href="usage/configuration/user_authentication/single_sign_on/cas.html">CAS</a></li><li class="chapter-item expanded "><a href="sso_mapping_providers.html">SSO Mapping Providers</a></li></ol></li><li class="chapter-item expanded "><a href="password_auth_providers.html">Password Auth Providers</a></li><li class="chapter-item expanded "><a href="jwt.html">JSON Web Tokens</a></li><li class="chapter-item expanded "><a href="usage/configuration/user_authentication/refresh_tokens.html">Refresh Tokens</a></li></ol></li><li class="chapter-item expanded "><a href="CAPTCHA_SETUP.html">Registration Captcha</a></li><li class="chapter-item expanded "><a href="application_services.html">Application Services</a></li><li class="chapter-item expanded "><a href="server_notices.html">Server Notices</a></li><li class="chapter-item expanded "><a href="consent_tracking.html" class="active">Consent Tracking</a></li><li class="chapter-item expanded "><a href="user_directory.html">User Directory</a></li><li class="chapter-item expanded "><a href="message_retention_policies.html">Message Retention Policies</a></li><li class="chapter-item expanded "><a href="modules/index.html">Pluggable Modules</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="modules/writing_a_module.html">Writing a module</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="modules/spam_checker_callbacks.html">Spam checker callbacks</a></li><li class="chapter-item expanded "><a href="modules/third_party_rules_callbacks.html">Third-party rules callbacks</a></li><li class="chapter-item expanded "><a href="modules/presence_router_callbacks.html">Presence router callbacks</a></li><li class="chapter-item expanded "><a href="modules/account_validity_callbacks.html">Account validity callbacks</a></li><li class="chapter-item expanded "><a href="modules/password_auth_provider_callbacks.html">Password auth provider callbacks</a></li><li class="chapter-item expanded "><a href="modules/background_update_controller_callbacks.html">Background update controller callbacks</a></li><li class="chapter-item expanded "><a href="modules/account_data_callbacks.html">Account data callbacks</a></li><li class="chapter-item expanded "><a href="modules/porting_legacy_module.html">Porting a legacy module to the new interface</a></li></ol></li></ol></li><li class="chapter-item expanded "><a href="workers.html">Workers</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="synctl_workers.html">Using synctl with Workers</a></li><li class="chapter-item expanded "><a href="systemd-with-workers/index.html">Systemd</a></li></ol></li></ol></li><li class="chapter-item expanded "><a href="usage/administration/index.html">Administration</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="usage/administration/admin_api/index.html">Admin API</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="admin_api/account_validity.html">Account Validity</a></li><li class="chapter-item expanded "><a href="usage/administration/admin_api/background_updates.html">Background Updates</a></li><li class="chapter-item expanded "><a href="admin_api/event_reports.html">Event Reports</a></li><li class="chapter-item expanded "><a href="admin_api/media_admin_api.html">Media</a></li><li class="chapter-item expanded "><a href="admin_api/purge_history_api.html">Purge History</a></li><li class="chapter-item expanded "><a href="admin_api/register_api.html">Register Users</a></li><li class="chapter-item expanded "><a href="usage/administration/admin_api/registration_tokens.html">Registration Tokens</a></li><li class="chapter-item expanded "><a href="admin_api/room_membership.html">Manipulate Room Membership</a></li><li class="chapter-item expanded "><a href="admin_api/rooms.html">Rooms</a></li><li class="chapter-item expanded "><a href="admin_api/server_notices.html">Server Notices</a></li><li class="chapter-item expanded "><a href="admin_api/statistics.html">Statistics</a></li><li class="chapter-item expanded "><a href="admin_api/user_admin_api.html">Users</a></li><li class="chapter-item expanded "><a href="admin_api/version_api.html">Server Version</a></li><li class="chapter-item expanded "><a href="usage/administration/admin_api/federation.html">Federation</a></li></ol></li><li class="chapter-item expanded "><a href="manhole.html">Manhole</a></li><li class="chapter-item expanded "><a href="metrics-howto.html">Monitoring</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="usage/administration/monitoring/reporting_homeserver_usage_statistics.html">Reporting Homeserver Usage Statistics</a></li></ol></li><li class="chapter-item expanded "><a href="usage/administration/monthly_active_users.html">Monthly Active Users</a></li><li class="chapter-item expanded "><a href="usage/administration/understanding_synapse_through_grafana_graphs.html">Understanding Synapse Through Grafana Graphs</a></li><li class="chapter-item expanded "><a href="usage/administration/useful_sql_for_admins.html">Useful SQL for Admins</a></li><li class="chapter-item expanded "><a href="usage/administration/database_maintenance_tools.html">Database Maintenance Tools</a></li><li class="chapter-item expanded "><a href="usage/administration/state_groups.html">State Groups</a></li><li class="chapter-item expanded "><a href="usage/administration/request_log.html">Request log format</a></li><li class="chapter-item expanded "><a href="usage/administration/admin_faq.html">Admin FAQ</a></li><li class="chapter-item expanded "><div>Scripts</div></li></ol></li><li class="chapter-item expanded "><li class="part-title">Development</li><li class="chapter-item expanded "><a href="development/contributing_guide.html">Contributing Guide</a></li><li class="chapter-item expanded "><a href="code_style.html">Code Style</a></li><li class="chapter-item expanded "><a href="development/reviews.html">Reviewing Code</a></li><li class="chapter-item expanded "><a href="development/releases.html">Release Cycle</a></li><li class="chapter-item expanded "><a href="development/git.html">Git Usage</a></li><li class="chapter-item expanded "><div>Testing</div></li><li><ol class="section"><li class="chapter-item expanded "><a href="development/demo.html">Demo scripts</a></li></ol></li><li class="chapter-item expanded "><a href="opentracing.html">OpenTracing</a></li><li class="chapter-item expanded "><a href="development/database_schema.html">Database Schemas</a></li><li class="chapter-item expanded "><a href="development/experimental_features.html">Experimental features</a></li><li class="chapter-item expanded "><a href="development/dependencies.html">Dependency management</a></li><li class="chapter-item expanded "><div>Synapse Architecture</div></li><li><ol class="section"><li class="chapter-item expanded "><a href="development/synapse_architecture/cancellation.html">Cancellation</a></li><li class="chapter-item expanded "><a href="log_contexts.html">Log Contexts</a></li><li class="chapter-item expanded "><a href="replication.html">Replication</a></li><li class="chapter-item expanded "><a href="tcp_replication.html">TCP Replication</a></li><li class="chapter-item expanded "><a href="development/synapse_architecture/faster_joins.html">Faster remote joins</a></li></ol></li><li class="chapter-item expanded "><a href="development/internal_documentation/index.html">Internal Documentation</a></li><li><ol class="section"><li class="chapter-item expanded "><div>Single Sign-On</div></li><li><ol class="section"><li class="chapter-item expanded "><a href="development/saml.html">SAML</a></li><li class="chapter-item expanded "><a href="development/cas.html">CAS</a></li></ol></li><li class="chapter-item expanded "><a href="development/room-dag-concepts.html">Room DAG concepts</a></li><li class="chapter-item expanded "><div>State Resolution</div></li><li><ol class="section"><li class="chapter-item expanded "><a href="auth_chain_difference_algorithm.html">The Auth Chain Difference Algorithm</a></li></ol></li><li class="chapter-item expanded "><a href="media_repository.html">Media Repository</a></li><li class="chapter-item expanded "><a href="room_and_user_statistics.html">Room and User Statistics</a></li></ol></li><li class="chapter-item expanded "><div>Scripts</div></li><li class="chapter-item expanded affix "><li class="part-title">Other</li><li class="chapter-item expanded "><a href="deprecation_policy.html">Dependency Deprecation Policy</a></li><li class="chapter-item expanded "><a href="other/running_synapse_on_single_board_computers.html">Running Synapse on a Single-Board Computer</a></li></ol>
    81. 

  81.             </div>
    82. 

  82.             <div id="sidebar-resize-handle" class="sidebar-resize-handle"></div>
    83. 

  83.         </nav>
    84. 

  84. 

  85.         <div id="page-wrapper" class="page-wrapper">
    86. 

  86. 

  87.             <div class="page">
    88. 

  88.                 <div id="menu-bar-hover-placeholder"></div>
    89. 

  89.                 <div id="menu-bar" class="menu-bar sticky bordered">
    90. 

  90.                     <div class="left-buttons">
    91. 

  91.                         <button id="sidebar-toggle" class="icon-button" type="button" title="Toggle Table of Contents" aria-label="Toggle Table of Contents" aria-controls="sidebar">
    92. 

  92.                             <i class="fa fa-bars"></i>
    93. 

  93.                         </button>
    94. 

  94.                         <button id="theme-toggle" class="icon-button" type="button" title="Change theme" aria-label="Change theme" aria-haspopup="true" aria-expanded="false" aria-controls="theme-list">
    95. 

  95.                             <i class="fa fa-paint-brush"></i>
    96. 

  96.                         </button>
    97. 

  97.                         <ul id="theme-list" class="theme-popup" aria-label="Themes" role="menu">
    98. 

  98.                             <li role="none"><button role="menuitem" class="theme" id="light">Light (default)</button></li>
    99. 

  99.                             <li role="none"><button role="menuitem" class="theme" id="rust">Rust</button></li>
    100. 

  100.                             <li role="none"><button role="menuitem" class="theme" id="coal">Coal</button></li>
    101. 

  101.                             <li role="none"><button role="menuitem" class="theme" id="navy">Navy</button></li>
    102. 

  102.                             <li role="none"><button role="menuitem" class="theme" id="ayu">Ayu</button></li>
    103. 

  103.                         </ul>
    104. 

  104.                         <button id="search-toggle" class="icon-button" type="button" title="Search. (Shortkey: s)" aria-label="Toggle Searchbar" aria-expanded="false" aria-keyshortcuts="S" aria-controls="searchbar">
    105. 

  105.                             <i class="fa fa-search"></i>
    106. 

  106.                         </button>
    107. 

  107.                         <div class="version-picker">
    108. 

  108.                             <div class="dropdown">
    109. 

  109.                                 <div class="select">
    110. 

  110.                                     <span></span>
    111. 

  111.                                     <i class="fa fa-chevron-down"></i>
    112. 

  112.                                 </div>
    113. 

  113.                                 <input type="hidden" name="version">
    114. 

  114.                                 <ul class="dropdown-menu">
    115. 

  115.                                     <!-- Versions will be added dynamically in version-picker.js -->
    116. 

  116.                                 </ul>
    117. 

  117.                             </div>
    118. 

  118.                         </div>      
    119. 

  119.                     </div>
    120. 

  120. 

  121.                     <h1 class="menu-title">Synapse</h1>
    122. 

  122. 

  123.                     <div class="right-buttons">
    124. 

  124.                         <a href="print.html" title="Print this book" aria-label="Print this book">
    125. 

  125.                             <i id="print-button" class="fa fa-print"></i>
    126. 

  126.                         </a>
    127. 

  127.                         <a href="https://github.com/matrix-org/synapse" title="Git repository" aria-label="Git repository">
    128. 

  128.                             <i id="git-repository-button" class="fa fa-github"></i>
    129. 

  129.                         </a>
    130. 

  130.                         <a href="https://github.com/matrix-org/synapse/edit/develop/docs/consent_tracking.md" title="Suggest an edit" aria-label="Suggest an edit">
    131. 

  131.                             <i id="git-edit-button" class="fa fa-edit"></i>
    132. 

  132.                         </a>
    133. 

  133.                     </div>
    134. 

  134.                 </div>
    135. 

  135. 

  136.                 <div id="search-wrapper" class="hidden">
    137. 

  137.                     <form id="searchbar-outer" class="searchbar-outer">
    138. 

  138.                         <input type="search" id="searchbar" name="searchbar" placeholder="Search this book ..." aria-controls="searchresults-outer" aria-describedby="searchresults-header">
    139. 

  139.                     </form>
    140. 

  140.                     <div id="searchresults-outer" class="searchresults-outer hidden">
    141. 

  141.                         <div id="searchresults-header" class="searchresults-header"></div>
    142. 

  142.                         <ul id="searchresults">
    143. 

  143.                         </ul>
    144. 

  144.                     </div>
    145. 

  145.                 </div>
    146. 

  146.                 <!-- Apply ARIA attributes after the sidebar and the sidebar toggle button are added to the DOM -->
    147. 

  147.                 <script type="text/javascript">
    148. 

  148.                     document.getElementById('sidebar-toggle').setAttribute('aria-expanded', sidebar === 'visible');
    149. 

  149.                     document.getElementById('sidebar').setAttribute('aria-hidden', sidebar !== 'visible');
    150. 

  150.                     Array.from(document.querySelectorAll('#sidebar a')).forEach(function(link) {
    151. 

  151.                         link.setAttribute('tabIndex', sidebar === 'visible' ? 0 : -1);
    152. 

  152.                     });
    153. 

  153.                 </script>
    154. 

  154. 

  155.                 <div id="content" class="content">
    156. 

  156.                     <main>
    157. 

  157.                         <!-- Page table of contents -->
    158. 

  158.                         <div class="sidetoc">
    159. 

  159.                             <nav class="pagetoc"></nav>
    160. 

  160.                         </div>
    161. 

  161. 

  162.                         <h1 id="support-in-synapse-for-tracking-agreement-to-server-terms-and-conditions"><a class="header" href="#support-in-synapse-for-tracking-agreement-to-server-terms-and-conditions">Support in Synapse for tracking agreement to server terms and conditions</a></h1>
    163. 

  163. <p>Synapse 0.30 introduces support for tracking whether users have agreed to the
    164. 

  164. terms and conditions set by the administrator of a server - and blocking access
    165. 

  165. to the server until they have.</p>
    166. 

  166. <p>There are several parts to this functionality; each requires some specific
    167. 

  167. configuration in <code>homeserver.yaml</code> to be enabled.</p>
    168. 

  168. <p>Note that various parts of the configuation and this document refer to the
    169. 

  169. &quot;privacy policy&quot;: agreement with a privacy policy is one particular use of this
    170. 

  170. feature, but of course adminstrators can specify other terms and conditions
    171. 

  171. unrelated to &quot;privacy&quot; per se.</p>
    172. 

  172. <h2 id="collecting-policy-agreement-from-a-user"><a class="header" href="#collecting-policy-agreement-from-a-user">Collecting policy agreement from a user</a></h2>
    173. 

  173. <p>Synapse can be configured to serve the user a simple policy form with an
    174. 

  174. &quot;accept&quot; button. Clicking &quot;Accept&quot; records the user's acceptance in the
    175. 

  175. database and shows a success page.</p>
    176. 

  176. <p>To enable this, first create templates for the policy and success pages.
    177. 

  177. These should be stored on the local filesystem.</p>
    178. 

  178. <p>These templates use the <a href="http://jinja.pocoo.org">Jinja2</a> templating language,
    179. 

  179. and <a href="https://github.com/matrix-org/synapse/tree/develop/docs/privacy_policy_templates/">docs/privacy_policy_templates</a>
    180. 

  180. gives examples of the sort of thing that can be done.</p>
    181. 

  181. <p>Note that the templates must be stored under a name giving the language of the
    182. 

  182. template - currently this must always be <code>en</code> (for &quot;English&quot;);
    183. 

  183. internationalisation support is intended for the future.</p>
    184. 

  184. <p>The template for the policy itself should be versioned and named according to
    185. 

  185. the version: for example <code>1.0.html</code>. The version of the policy which the user
    186. 

  186. has agreed to is stored in the database.</p>
    187. 

  187. <p>Once the templates are in place, make the following changes to <code>homeserver.yaml</code>:</p>
    188. 

  188. <ol>
    189. 

  189. <li>
    190. 

  190. <p>Add a <code>user_consent</code> section, which should look like:</p>
    191. 

  191. <pre><code class="language-yaml">user_consent:
    192. 

  192.   template_dir: privacy_policy_templates
    193. 

  193.   version: 1.0
    194. 

  194. </code></pre>
    195. 

  195. <p><code>template_dir</code> points to the directory containing the policy
    196. 

  196. templates. <code>version</code> defines the version of the policy which will be served
    197. 

  197. to the user. In the example above, Synapse will serve
    198. 

  198. <code>privacy_policy_templates/en/1.0.html</code>.</p>
    199. 

  199. </li>
    200. 

  200. <li>
    201. 

  201. <p>Add a <code>form_secret</code> setting at the top level:</p>
    202. 

  202. <pre><code class="language-yaml">form_secret: &quot;&lt;unique secret&gt;&quot;
    203. 

  203. </code></pre>
    204. 

  204. <p>This should be set to an arbitrary secret string (try <code>pwgen -y 30</code> to
    205. 

  205. generate suitable secrets).</p>
    206. 

  206. <p>More on what this is used for below.</p>
    207. 

  207. </li>
    208. 

  208. <li>
    209. 

  209. <p>Add <code>consent</code> wherever the <code>client</code> resource is currently enabled in the
    210. 

  210. <code>listeners</code> configuration. For example:</p>
    211. 

  211. <pre><code class="language-yaml">listeners:
    212. 

  212.   - port: 8008
    213. 

  213.     resources:
    214. 

  214.       - names:
    215. 

  215.         - client
    216. 

  216.         - consent
    217. 

  217. </code></pre>
    218. 

  218. </li>
    219. 

  219. </ol>
    220. 

  220. <p>Finally, ensure that <code>jinja2</code> is installed. If you are using a virtualenv, this
    221. 

  221. should be a matter of <code>pip install Jinja2</code>. On debian, try <code>apt-get install python-jinja2</code>.</p>
    222. 

  222. <p>Once this is complete, and the server has been restarted, try visiting
    223. 

  223. <code>https://&lt;server&gt;/_matrix/consent</code>. If correctly configured, this should give
    224. 

  224. an error &quot;Missing string query parameter 'u'&quot;. It is now possible to manually
    225. 

  225. construct URIs where users can give their consent.</p>
    226. 

  226. <h3 id="enabling-consent-tracking-at-registration"><a class="header" href="#enabling-consent-tracking-at-registration">Enabling consent tracking at registration</a></h3>
    227. 

  227. <ol>
    228. 

  228. <li>
    229. 

  229. <p>Add the following to your configuration:</p>
    230. 

  230. <pre><code class="language-yaml">user_consent:
    231. 

  231.   require_at_registration: true
    232. 

  232.   policy_name: &quot;Privacy Policy&quot; # or whatever you'd like to call the policy
    233. 

  233. </code></pre>
    234. 

  234. </li>
    235. 

  235. <li>
    236. 

  236. <p>In your consent templates, make use of the <code>public_version</code> variable to
    237. 

  237. see if an unauthenticated user is viewing the page. This is typically
    238. 

  238. wrapped around the form that would be used to actually agree to the document:</p>
    239. 

  239. <pre><code class="language-html">{% if not public_version %}
    240. 

  240.   &lt;!-- The variables used here are only provided when the 'u' param is given to the homeserver --&gt;
    241. 

  241.   &lt;form method=&quot;post&quot; action=&quot;consent&quot;&gt;
    242. 

  242.     &lt;input type=&quot;hidden&quot; name=&quot;v&quot; value=&quot;{{version}}&quot;/&gt;
    243. 

  243.     &lt;input type=&quot;hidden&quot; name=&quot;u&quot; value=&quot;{{user}}&quot;/&gt;
    244. 

  244.     &lt;input type=&quot;hidden&quot; name=&quot;h&quot; value=&quot;{{userhmac}}&quot;/&gt;
    245. 

  245.     &lt;input type=&quot;submit&quot; value=&quot;Sure thing!&quot;/&gt;
    246. 

  246.   &lt;/form&gt;
    247. 

  247. {% endif %}
    248. 

  248. </code></pre>
    249. 

  249. </li>
    250. 

  250. <li>
    251. 

  251. <p>Restart Synapse to apply the changes.</p>
    252. 

  252. </li>
    253. 

  253. </ol>
    254. 

  254. <p>Visiting <code>https://&lt;server&gt;/_matrix/consent</code> should now give you a view of the privacy
    255. 

  255. document. This is what users will be able to see when registering for accounts.</p>
    256. 

  256. <h3 id="constructing-the-consent-uri"><a class="header" href="#constructing-the-consent-uri">Constructing the consent URI</a></h3>
    257. 

  257. <p>It may be useful to manually construct the &quot;consent URI&quot; for a given user - for
    258. 

  258. instance, in order to send them an email asking them to consent. To do this,
    259. 

  259. take the base <code>https://&lt;server&gt;/_matrix/consent</code> URL and add the following
    260. 

  260. query parameters:</p>
    261. 

  261. <ul>
    262. 

  262. <li>
    263. 

  263. <p><code>u</code>: the user id of the user. This can either be a full MXID
    264. 

  264. (<code>@user:server.com</code>) or just the localpart (<code>user</code>).</p>
    265. 

  265. </li>
    266. 

  266. <li>
    267. 

  267. <p><code>h</code>: hex-encoded HMAC-SHA256 of <code>u</code> using the <code>form_secret</code> as a key. It is
    268. 

  268. possible to calculate this on the commandline with something like:</p>
    269. 

  269. <pre><code class="language-bash">echo -n '&lt;user&gt;' | openssl sha256 -hmac '&lt;form_secret&gt;'
    270. 

  270. </code></pre>
    271. 

  271. <p>This should result in a URI which looks something like:
    272. 

  272. <code>https://&lt;server&gt;/_matrix/consent?u=&lt;user&gt;&amp;h=68a152465a4d...</code>.</p>
    273. 

  273. </li>
    274. 

  274. </ul>
    275. 

  275. <p>Note that not providing a <code>u</code> parameter will be interpreted as wanting to view
    276. 

  276. the document from an unauthenticated perspective, such as prior to registration.
    277. 

  277. Therefore, the <code>h</code> parameter is not required in this scenario. To enable this
    278. 

  278. behaviour, set <code>require_at_registration</code> to <code>true</code> in your <code>user_consent</code> config.</p>
    279. 

  279. <h2 id="sending-users-a-server-notice-asking-them-to-agree-to-the-policy"><a class="header" href="#sending-users-a-server-notice-asking-them-to-agree-to-the-policy">Sending users a server notice asking them to agree to the policy</a></h2>
    280. 

  280. <p>It is possible to configure Synapse to send a <a href="server_notices.html">server
    281. 

  281. notice</a> to anybody who has not yet agreed to the current
    282. 

  282. version of the policy. To do so:</p>
    283. 

  283. <ul>
    284. 

  284. <li>
    285. 

  285. <p>ensure that the consent resource is configured, as in the previous section</p>
    286. 

  286. </li>
    287. 

  287. <li>
    288. 

  288. <p>ensure that server notices are configured, as in <a href="server_notices.html">the server notice documentation</a>.</p>
    289. 

  289. </li>
    290. 

  290. <li>
    291. 

  291. <p>Add <code>server_notice_content</code> under <code>user_consent</code> in <code>homeserver.yaml</code>. For
    292. 

  292. example:</p>
    293. 

  293. <pre><code class="language-yaml">user_consent:
    294. 

  294.   server_notice_content:
    295. 

  295.     msgtype: m.text
    296. 

  296.     body: &gt;-
    297. 

  297.       Please give your consent to the privacy policy at %(consent_uri)s.
    298. 

  298. </code></pre>
    299. 

  299. <p>Synapse automatically replaces the placeholder <code>%(consent_uri)s</code> with the
    300. 

  300. consent uri for that user.</p>
    301. 

  301. </li>
    302. 

  302. <li>
    303. 

  303. <p>ensure that <code>public_baseurl</code> is set in <code>homeserver.yaml</code>, and gives the base
    304. 

  304. URI that clients use to connect to the server. (It is used to construct
    305. 

  305. <code>consent_uri</code> in the server notice.)</p>
    306. 

  306. </li>
    307. 

  307. </ul>
    308. 

  308. <h2 id="blocking-users-from-using-the-server-until-they-agree-to-the-policy"><a class="header" href="#blocking-users-from-using-the-server-until-they-agree-to-the-policy">Blocking users from using the server until they agree to the policy</a></h2>
    309. 

  309. <p>Synapse can be configured to block any attempts to join rooms or send messages
    310. 

  310. until the user has given their agreement to the policy. (Joining the server
    311. 

  311. notices room is exempted from this).</p>
    312. 

  312. <p>To enable this, add <code>block_events_error</code> under <code>user_consent</code>. For example:</p>
    313. 

  313. <pre><code class="language-yaml">user_consent:
    314. 

  314.   block_events_error: &gt;-
    315. 

  315.     You can't send any messages until you consent to the privacy policy at
    316. 

  316.     %(consent_uri)s.
    317. 

  317. </code></pre>
    318. 

  318. <p>Synapse automatically replaces the placeholder <code>%(consent_uri)s</code> with the
    319. 

  319. consent uri for that user.</p>
    320. 

  320. <p>ensure that <code>public_baseurl</code> is set in <code>homeserver.yaml</code>, and gives the base
    321. 

  321. URI that clients use to connect to the server. (It is used to construct
    322. 

  322. <code>consent_uri</code> in the error.)</p>
    323. 

  323. 

  324.                     </main>
    325. 

  325. 

  326.                     <nav class="nav-wrapper" aria-label="Page navigation">
    327. 

  327.                         <!-- Mobile navigation buttons -->
    328. 

  328.                             <a rel="prev" href="server_notices.html" class="mobile-nav-chapters previous" title="Previous chapter" aria-label="Previous chapter" aria-keyshortcuts="Left">
    329. 

  329.                                 <i class="fa fa-angle-left"></i>
    330. 

  330.                             </a>
    331. 

  331.                             <a rel="next" href="user_directory.html" class="mobile-nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right">
    332. 

  332.                                 <i class="fa fa-angle-right"></i>
    333. 

  333.                             </a>
    334. 

  334.                         <div style="clear: both"></div>
    335. 

  335.                     </nav>
    336. 

  336.                 </div>
    337. 

  337.             </div>
    338. 

  338. 

  339.             <nav class="nav-wide-wrapper" aria-label="Page navigation">
    340. 

  340.                     <a rel="prev" href="server_notices.html" class="nav-chapters previous" title="Previous chapter" aria-label="Previous chapter" aria-keyshortcuts="Left">
    341. 

  341.                         <i class="fa fa-angle-left"></i>
    342. 

  342.                     </a>
    343. 

  343.                     <a rel="next" href="user_directory.html" class="nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right">
    344. 

  344.                         <i class="fa fa-angle-right"></i>
    345. 

  345.                     </a>
    346. 

  346.             </nav>
    347. 

  347. 

  348.         </div>
    349. 

  349. 

  350.         <script type="text/javascript">
    351. 

  351.             window.playground_copyable = true;
    352. 

  352.         </script>
    353. 

  353.         <script src="elasticlunr.min.js" type="text/javascript" charset="utf-8"></script>
    354. 

  354.         <script src="mark.min.js" type="text/javascript" charset="utf-8"></script>
    355. 

  355.         <script src="searcher.js" type="text/javascript" charset="utf-8"></script>
    356. 

  356.         <script src="clipboard.min.js" type="text/javascript" charset="utf-8"></script>
    357. 

  357.         <script src="highlight.js" type="text/javascript" charset="utf-8"></script>
    358. 

  358.         <script src="book.js" type="text/javascript" charset="utf-8"></script>
    359. 

  359. 

  360.         <!-- Custom JS scripts -->
    361. 

  361.         <script type="text/javascript" src="docs/website_files/table-of-contents.js"></script>
    362. 

  362.         <script type="text/javascript" src="docs/website_files/version-picker.js"></script>
    363. 

  363.         <script type="text/javascript" src="docs/website_files/version.js"></script>
    364. 

  364.     </body>
    365. 

  365. </html>
    366.