PyPI - matrix-synapse - Versions diffs - 1.142.0rc3__cp314-abi3-musllinux_1_2_aarch64.whl - Mend

matrix-synapse 1.142.0rc3__cp314-abi3-musllinux_1_2_aarch64.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of matrix-synapse might be problematic. Click here for more details.

Files changed (1057) hide show

matrix_synapse-1.142.0rc3.dist-info/AUTHORS.rst +51 -0
matrix_synapse-1.142.0rc3.dist-info/LICENSE-AGPL-3.0 +661 -0
matrix_synapse-1.142.0rc3.dist-info/LICENSE-COMMERCIAL +6 -0
matrix_synapse-1.142.0rc3.dist-info/METADATA +375 -0
matrix_synapse-1.142.0rc3.dist-info/RECORD +1057 -0
matrix_synapse-1.142.0rc3.dist-info/WHEEL +4 -0
matrix_synapse-1.142.0rc3.dist-info/entry_points.txt +14 -0
matrix_synapse.libs/libgcc_s-2d945d6c.so.1 +0 -0
synapse/__init__.py +97 -0
synapse/_scripts/__init__.py +0 -0
synapse/_scripts/export_signing_key.py +109 -0
synapse/_scripts/generate_config.py +83 -0
synapse/_scripts/generate_log_config.py +56 -0
synapse/_scripts/generate_signing_key.py +55 -0
synapse/_scripts/generate_workers_map.py +318 -0
synapse/_scripts/hash_password.py +95 -0
synapse/_scripts/move_remote_media_to_new_store.py +128 -0
synapse/_scripts/register_new_matrix_user.py +374 -0
synapse/_scripts/review_recent_signups.py +212 -0
synapse/_scripts/synapse_port_db.py +1603 -0
synapse/_scripts/synctl.py +365 -0
synapse/_scripts/update_synapse_database.py +130 -0
synapse/api/__init__.py +20 -0
synapse/api/auth/__init__.py +207 -0
synapse/api/auth/base.py +406 -0
synapse/api/auth/internal.py +299 -0
synapse/api/auth/mas.py +457 -0
synapse/api/auth/msc3861_delegated.py +617 -0
synapse/api/auth_blocking.py +144 -0
synapse/api/constants.py +362 -0
synapse/api/errors.py +907 -0
synapse/api/filtering.py +539 -0
synapse/api/presence.py +104 -0
synapse/api/ratelimiting.py +482 -0
synapse/api/room_versions.py +535 -0
synapse/api/urls.py +119 -0
synapse/app/__init__.py +60 -0
synapse/app/_base.py +866 -0
synapse/app/admin_cmd.py +388 -0
synapse/app/appservice.py +30 -0
synapse/app/client_reader.py +30 -0
synapse/app/complement_fork_starter.py +206 -0
synapse/app/event_creator.py +29 -0
synapse/app/federation_reader.py +30 -0
synapse/app/federation_sender.py +30 -0
synapse/app/frontend_proxy.py +30 -0
synapse/app/generic_worker.py +475 -0
synapse/app/homeserver.py +504 -0
synapse/app/media_repository.py +30 -0
synapse/app/phone_stats_home.py +296 -0
synapse/app/pusher.py +30 -0
synapse/app/synchrotron.py +30 -0
synapse/app/user_dir.py +31 -0
synapse/appservice/__init__.py +461 -0
synapse/appservice/api.py +569 -0
synapse/appservice/scheduler.py +567 -0
synapse/config/__init__.py +27 -0
synapse/config/__main__.py +62 -0
synapse/config/_base.py +1108 -0
synapse/config/_base.pyi +217 -0
synapse/config/_util.py +99 -0
synapse/config/account_validity.py +116 -0
synapse/config/api.py +141 -0
synapse/config/appservice.py +210 -0
synapse/config/auth.py +80 -0
synapse/config/auto_accept_invites.py +43 -0
synapse/config/background_updates.py +44 -0
synapse/config/cache.py +231 -0
synapse/config/captcha.py +90 -0
synapse/config/cas.py +116 -0
synapse/config/consent.py +73 -0
synapse/config/database.py +184 -0
synapse/config/emailconfig.py +367 -0
synapse/config/experimental.py +595 -0
synapse/config/federation.py +114 -0
synapse/config/homeserver.py +141 -0
synapse/config/jwt.py +55 -0
synapse/config/key.py +447 -0
synapse/config/logger.py +390 -0
synapse/config/mas.py +191 -0
synapse/config/matrixrtc.py +66 -0
synapse/config/metrics.py +84 -0
synapse/config/modules.py +40 -0
synapse/config/oembed.py +185 -0
synapse/config/oidc.py +509 -0
synapse/config/password_auth_providers.py +82 -0
synapse/config/push.py +64 -0
synapse/config/ratelimiting.py +254 -0
synapse/config/redis.py +74 -0
synapse/config/registration.py +296 -0
synapse/config/repository.py +311 -0
synapse/config/retention.py +162 -0
synapse/config/room.py +88 -0
synapse/config/room_directory.py +165 -0
synapse/config/saml2.py +251 -0
synapse/config/server.py +1170 -0
synapse/config/server_notices.py +84 -0
synapse/config/spam_checker.py +66 -0
synapse/config/sso.py +121 -0
synapse/config/stats.py +54 -0
synapse/config/third_party_event_rules.py +40 -0
synapse/config/tls.py +192 -0
synapse/config/tracer.py +71 -0
synapse/config/user_directory.py +47 -0
synapse/config/user_types.py +44 -0
synapse/config/voip.py +59 -0
synapse/config/workers.py +642 -0
synapse/crypto/__init__.py +20 -0
synapse/crypto/context_factory.py +278 -0
synapse/crypto/event_signing.py +194 -0
synapse/crypto/keyring.py +931 -0
synapse/event_auth.py +1266 -0
synapse/events/__init__.py +668 -0
synapse/events/auto_accept_invites.py +216 -0
synapse/events/builder.py +387 -0
synapse/events/presence_router.py +245 -0
synapse/events/snapshot.py +559 -0
synapse/events/utils.py +928 -0
synapse/events/validator.py +305 -0
synapse/federation/__init__.py +22 -0
synapse/federation/federation_base.py +383 -0
synapse/federation/federation_client.py +2134 -0
synapse/federation/federation_server.py +1544 -0
synapse/federation/persistence.py +71 -0
synapse/federation/send_queue.py +532 -0
synapse/federation/sender/__init__.py +1165 -0
synapse/federation/sender/per_destination_queue.py +884 -0
synapse/federation/sender/transaction_manager.py +210 -0
synapse/federation/transport/__init__.py +28 -0
synapse/federation/transport/client.py +1201 -0
synapse/federation/transport/server/__init__.py +334 -0
synapse/federation/transport/server/_base.py +429 -0
synapse/federation/transport/server/federation.py +912 -0
synapse/federation/units.py +133 -0
synapse/handlers/__init__.py +20 -0
synapse/handlers/account.py +162 -0
synapse/handlers/account_data.py +362 -0
synapse/handlers/account_validity.py +361 -0
synapse/handlers/admin.py +618 -0
synapse/handlers/appservice.py +991 -0
synapse/handlers/auth.py +2494 -0
synapse/handlers/cas.py +413 -0
synapse/handlers/deactivate_account.py +363 -0
synapse/handlers/delayed_events.py +635 -0
synapse/handlers/device.py +1873 -0
synapse/handlers/devicemessage.py +399 -0
synapse/handlers/directory.py +554 -0
synapse/handlers/e2e_keys.py +1834 -0
synapse/handlers/e2e_room_keys.py +455 -0
synapse/handlers/event_auth.py +390 -0
synapse/handlers/events.py +201 -0
synapse/handlers/federation.py +2043 -0
synapse/handlers/federation_event.py +2420 -0
synapse/handlers/identity.py +812 -0
synapse/handlers/initial_sync.py +528 -0
synapse/handlers/jwt.py +120 -0
synapse/handlers/message.py +2347 -0
synapse/handlers/oidc.py +1803 -0
synapse/handlers/pagination.py +768 -0
synapse/handlers/password_policy.py +102 -0
synapse/handlers/presence.py +2638 -0
synapse/handlers/profile.py +655 -0
synapse/handlers/push_rules.py +164 -0
synapse/handlers/read_marker.py +79 -0
synapse/handlers/receipts.py +351 -0
synapse/handlers/register.py +1060 -0
synapse/handlers/relations.py +624 -0
synapse/handlers/reports.py +98 -0
synapse/handlers/room.py +2447 -0
synapse/handlers/room_list.py +632 -0
synapse/handlers/room_member.py +2365 -0
synapse/handlers/room_member_worker.py +146 -0
synapse/handlers/room_policy.py +186 -0
synapse/handlers/room_summary.py +1057 -0
synapse/handlers/saml.py +524 -0
synapse/handlers/search.py +723 -0
synapse/handlers/send_email.py +209 -0
synapse/handlers/set_password.py +71 -0
synapse/handlers/sliding_sync/__init__.py +1701 -0
synapse/handlers/sliding_sync/extensions.py +970 -0
synapse/handlers/sliding_sync/room_lists.py +2266 -0
synapse/handlers/sliding_sync/store.py +128 -0
synapse/handlers/sso.py +1292 -0
synapse/handlers/state_deltas.py +82 -0
synapse/handlers/stats.py +322 -0
synapse/handlers/sync.py +3109 -0
synapse/handlers/thread_subscriptions.py +190 -0
synapse/handlers/typing.py +606 -0
synapse/handlers/ui_auth/__init__.py +48 -0
synapse/handlers/ui_auth/checkers.py +332 -0
synapse/handlers/user_directory.py +783 -0
synapse/handlers/worker_lock.py +365 -0
synapse/http/__init__.py +106 -0
synapse/http/additional_resource.py +62 -0
synapse/http/client.py +1360 -0
synapse/http/connectproxyclient.py +309 -0
synapse/http/federation/__init__.py +19 -0
synapse/http/federation/matrix_federation_agent.py +490 -0
synapse/http/federation/srv_resolver.py +196 -0
synapse/http/federation/well_known_resolver.py +367 -0
synapse/http/matrixfederationclient.py +1875 -0
synapse/http/proxy.py +290 -0
synapse/http/proxyagent.py +497 -0
synapse/http/replicationagent.py +203 -0
synapse/http/request_metrics.py +309 -0
synapse/http/server.py +1114 -0
synapse/http/servlet.py +1019 -0
synapse/http/site.py +825 -0
synapse/http/types.py +27 -0
synapse/logging/__init__.py +31 -0
synapse/logging/_remote.py +261 -0
synapse/logging/_terse_json.py +95 -0
synapse/logging/context.py +1211 -0
synapse/logging/formatter.py +63 -0
synapse/logging/handlers.py +99 -0
synapse/logging/loggers.py +25 -0
synapse/logging/opentracing.py +1132 -0
synapse/logging/scopecontextmanager.py +161 -0
synapse/media/_base.py +827 -0
synapse/media/filepath.py +417 -0
synapse/media/media_repository.py +1580 -0
synapse/media/media_storage.py +704 -0
synapse/media/oembed.py +277 -0
synapse/media/preview_html.py +559 -0
synapse/media/storage_provider.py +195 -0
synapse/media/thumbnailer.py +833 -0
synapse/media/url_previewer.py +875 -0
synapse/metrics/__init__.py +754 -0
synapse/metrics/_gc.py +219 -0
synapse/metrics/_reactor_metrics.py +171 -0
synapse/metrics/_types.py +38 -0
synapse/metrics/background_process_metrics.py +556 -0
synapse/metrics/common_usage_metrics.py +94 -0
synapse/metrics/jemalloc.py +248 -0
synapse/module_api/__init__.py +2154 -0
synapse/module_api/callbacks/__init__.py +50 -0
synapse/module_api/callbacks/account_validity_callbacks.py +106 -0
synapse/module_api/callbacks/media_repository_callbacks.py +160 -0
synapse/module_api/callbacks/ratelimit_callbacks.py +79 -0
synapse/module_api/callbacks/spamchecker_callbacks.py +1113 -0
synapse/module_api/callbacks/third_party_event_rules_callbacks.py +599 -0
synapse/module_api/errors.py +42 -0
synapse/notifier.py +972 -0
synapse/push/__init__.py +212 -0
synapse/push/bulk_push_rule_evaluator.py +637 -0
synapse/push/clientformat.py +126 -0
synapse/push/emailpusher.py +333 -0
synapse/push/httppusher.py +564 -0
synapse/push/mailer.py +1012 -0
synapse/push/presentable_names.py +216 -0
synapse/push/push_tools.py +114 -0
synapse/push/push_types.py +141 -0
synapse/push/pusher.py +87 -0
synapse/push/pusherpool.py +501 -0
synapse/push/rulekinds.py +33 -0
synapse/py.typed +0 -0
synapse/replication/__init__.py +20 -0
synapse/replication/http/__init__.py +68 -0
synapse/replication/http/_base.py +468 -0
synapse/replication/http/account_data.py +297 -0
synapse/replication/http/deactivate_account.py +81 -0
synapse/replication/http/delayed_events.py +62 -0
synapse/replication/http/devices.py +254 -0
synapse/replication/http/federation.py +334 -0
synapse/replication/http/login.py +106 -0
synapse/replication/http/membership.py +364 -0
synapse/replication/http/presence.py +133 -0
synapse/replication/http/push.py +156 -0
synapse/replication/http/register.py +172 -0
synapse/replication/http/send_events.py +182 -0
synapse/replication/http/state.py +82 -0
synapse/replication/http/streams.py +101 -0
synapse/replication/tcp/__init__.py +56 -0
synapse/replication/tcp/client.py +552 -0
synapse/replication/tcp/commands.py +569 -0
synapse/replication/tcp/context.py +41 -0
synapse/replication/tcp/external_cache.py +156 -0
synapse/replication/tcp/handler.py +942 -0
synapse/replication/tcp/protocol.py +608 -0
synapse/replication/tcp/redis.py +509 -0
synapse/replication/tcp/resource.py +348 -0
synapse/replication/tcp/streams/__init__.py +96 -0
synapse/replication/tcp/streams/_base.py +766 -0
synapse/replication/tcp/streams/events.py +287 -0
synapse/replication/tcp/streams/federation.py +92 -0
synapse/replication/tcp/streams/partial_state.py +80 -0
synapse/res/providers.json +29 -0
synapse/res/templates/_base.html +29 -0
synapse/res/templates/account_previously_renewed.html +6 -0
synapse/res/templates/account_renewed.html +6 -0
synapse/res/templates/add_threepid.html +8 -0
synapse/res/templates/add_threepid.txt +6 -0
synapse/res/templates/add_threepid_failure.html +7 -0
synapse/res/templates/add_threepid_success.html +6 -0
synapse/res/templates/already_in_use.html +12 -0
synapse/res/templates/already_in_use.txt +10 -0
synapse/res/templates/auth_success.html +21 -0
synapse/res/templates/invalid_token.html +6 -0
synapse/res/templates/mail-Element.css +7 -0
synapse/res/templates/mail-Vector.css +7 -0
synapse/res/templates/mail-expiry.css +4 -0
synapse/res/templates/mail.css +156 -0
synapse/res/templates/notice_expiry.html +46 -0
synapse/res/templates/notice_expiry.txt +7 -0
synapse/res/templates/notif.html +51 -0
synapse/res/templates/notif.txt +22 -0
synapse/res/templates/notif_mail.html +59 -0
synapse/res/templates/notif_mail.txt +10 -0
synapse/res/templates/password_reset.html +10 -0
synapse/res/templates/password_reset.txt +7 -0
synapse/res/templates/password_reset_confirmation.html +15 -0
synapse/res/templates/password_reset_failure.html +7 -0
synapse/res/templates/password_reset_success.html +6 -0
synapse/res/templates/recaptcha.html +42 -0
synapse/res/templates/registration.html +12 -0
synapse/res/templates/registration.txt +10 -0
synapse/res/templates/registration_failure.html +6 -0
synapse/res/templates/registration_success.html +6 -0
synapse/res/templates/registration_token.html +18 -0
synapse/res/templates/room.html +33 -0
synapse/res/templates/room.txt +9 -0
synapse/res/templates/sso.css +129 -0
synapse/res/templates/sso_account_deactivated.html +25 -0
synapse/res/templates/sso_auth_account_details.html +186 -0
synapse/res/templates/sso_auth_account_details.js +116 -0
synapse/res/templates/sso_auth_bad_user.html +26 -0
synapse/res/templates/sso_auth_confirm.html +27 -0
synapse/res/templates/sso_auth_success.html +26 -0
synapse/res/templates/sso_error.html +71 -0
synapse/res/templates/sso_footer.html +19 -0
synapse/res/templates/sso_login_idp_picker.html +60 -0
synapse/res/templates/sso_new_user_consent.html +30 -0
synapse/res/templates/sso_partial_profile.html +19 -0
synapse/res/templates/sso_redirect_confirm.html +39 -0
synapse/res/templates/style.css +33 -0
synapse/res/templates/terms.html +27 -0
synapse/rest/__init__.py +197 -0
synapse/rest/admin/__init__.py +390 -0
synapse/rest/admin/_base.py +72 -0
synapse/rest/admin/background_updates.py +171 -0
synapse/rest/admin/devices.py +221 -0
synapse/rest/admin/event_reports.py +173 -0
synapse/rest/admin/events.py +69 -0
synapse/rest/admin/experimental_features.py +137 -0
synapse/rest/admin/federation.py +243 -0
synapse/rest/admin/media.py +540 -0
synapse/rest/admin/registration_tokens.py +358 -0
synapse/rest/admin/rooms.py +1061 -0
synapse/rest/admin/scheduled_tasks.py +70 -0
synapse/rest/admin/server_notice_servlet.py +132 -0
synapse/rest/admin/statistics.py +132 -0
synapse/rest/admin/username_available.py +58 -0
synapse/rest/admin/users.py +1608 -0
synapse/rest/client/__init__.py +20 -0
synapse/rest/client/_base.py +113 -0
synapse/rest/client/account.py +930 -0
synapse/rest/client/account_data.py +319 -0
synapse/rest/client/account_validity.py +103 -0
synapse/rest/client/appservice_ping.py +125 -0
synapse/rest/client/auth.py +218 -0
synapse/rest/client/auth_metadata.py +122 -0
synapse/rest/client/capabilities.py +121 -0
synapse/rest/client/delayed_events.py +111 -0
synapse/rest/client/devices.py +587 -0
synapse/rest/client/directory.py +211 -0
synapse/rest/client/events.py +116 -0
synapse/rest/client/filter.py +112 -0
synapse/rest/client/initial_sync.py +65 -0
synapse/rest/client/keys.py +678 -0
synapse/rest/client/knock.py +104 -0
synapse/rest/client/login.py +754 -0
synapse/rest/client/login_token_request.py +127 -0
synapse/rest/client/logout.py +93 -0
synapse/rest/client/matrixrtc.py +52 -0
synapse/rest/client/media.py +286 -0
synapse/rest/client/mutual_rooms.py +93 -0
synapse/rest/client/notifications.py +137 -0
synapse/rest/client/openid.py +109 -0
synapse/rest/client/password_policy.py +69 -0
synapse/rest/client/presence.py +131 -0
synapse/rest/client/profile.py +291 -0
synapse/rest/client/push_rule.py +331 -0
synapse/rest/client/pusher.py +181 -0
synapse/rest/client/read_marker.py +104 -0
synapse/rest/client/receipts.py +165 -0
synapse/rest/client/register.py +1067 -0
synapse/rest/client/relations.py +138 -0
synapse/rest/client/rendezvous.py +76 -0
synapse/rest/client/reporting.py +207 -0
synapse/rest/client/room.py +1669 -0
synapse/rest/client/room_keys.py +426 -0
synapse/rest/client/room_upgrade_rest_servlet.py +112 -0
synapse/rest/client/sendtodevice.py +85 -0
synapse/rest/client/sync.py +1131 -0
synapse/rest/client/tags.py +129 -0
synapse/rest/client/thirdparty.py +130 -0
synapse/rest/client/thread_subscriptions.py +247 -0
synapse/rest/client/tokenrefresh.py +52 -0
synapse/rest/client/transactions.py +149 -0
synapse/rest/client/user_directory.py +90 -0
synapse/rest/client/versions.py +191 -0
synapse/rest/client/voip.py +88 -0
synapse/rest/consent/__init__.py +0 -0
synapse/rest/consent/consent_resource.py +210 -0
synapse/rest/health.py +38 -0
synapse/rest/key/__init__.py +20 -0
synapse/rest/key/v2/__init__.py +40 -0
synapse/rest/key/v2/local_key_resource.py +125 -0
synapse/rest/key/v2/remote_key_resource.py +302 -0
synapse/rest/media/__init__.py +0 -0
synapse/rest/media/config_resource.py +53 -0
synapse/rest/media/create_resource.py +90 -0
synapse/rest/media/download_resource.py +110 -0
synapse/rest/media/media_repository_resource.py +113 -0
synapse/rest/media/preview_url_resource.py +77 -0
synapse/rest/media/thumbnail_resource.py +142 -0
synapse/rest/media/upload_resource.py +187 -0
synapse/rest/media/v1/__init__.py +39 -0
synapse/rest/media/v1/_base.py +23 -0
synapse/rest/media/v1/media_storage.py +23 -0
synapse/rest/media/v1/storage_provider.py +23 -0
synapse/rest/synapse/__init__.py +20 -0
synapse/rest/synapse/client/__init__.py +93 -0
synapse/rest/synapse/client/federation_whitelist.py +66 -0
synapse/rest/synapse/client/jwks.py +77 -0
synapse/rest/synapse/client/new_user_consent.py +115 -0
synapse/rest/synapse/client/oidc/__init__.py +45 -0
synapse/rest/synapse/client/oidc/backchannel_logout_resource.py +42 -0
synapse/rest/synapse/client/oidc/callback_resource.py +48 -0
synapse/rest/synapse/client/password_reset.py +129 -0
synapse/rest/synapse/client/pick_idp.py +107 -0
synapse/rest/synapse/client/pick_username.py +153 -0
synapse/rest/synapse/client/rendezvous.py +58 -0
synapse/rest/synapse/client/saml2/__init__.py +42 -0
synapse/rest/synapse/client/saml2/metadata_resource.py +46 -0
synapse/rest/synapse/client/saml2/response_resource.py +52 -0
synapse/rest/synapse/client/sso_register.py +56 -0
synapse/rest/synapse/client/unsubscribe.py +88 -0
synapse/rest/synapse/mas/__init__.py +71 -0
synapse/rest/synapse/mas/_base.py +55 -0
synapse/rest/synapse/mas/devices.py +239 -0
synapse/rest/synapse/mas/users.py +469 -0
synapse/rest/well_known.py +148 -0
synapse/server.py +1258 -0
synapse/server_notices/__init__.py +0 -0
synapse/server_notices/consent_server_notices.py +136 -0
synapse/server_notices/resource_limits_server_notices.py +215 -0
synapse/server_notices/server_notices_manager.py +388 -0
synapse/server_notices/server_notices_sender.py +67 -0
synapse/server_notices/worker_server_notices_sender.py +46 -0
synapse/spam_checker_api/__init__.py +31 -0
synapse/state/__init__.py +1022 -0
synapse/state/v1.py +370 -0
synapse/state/v2.py +985 -0
synapse/static/client/login/index.html +47 -0
synapse/static/client/login/js/jquery-3.4.1.min.js +2 -0
synapse/static/client/login/js/login.js +291 -0
synapse/static/client/login/spinner.gif +0 -0
synapse/static/client/login/style.css +79 -0
synapse/static/index.html +63 -0
synapse/storage/__init__.py +43 -0
synapse/storage/_base.py +245 -0
synapse/storage/admin_client_config.py +26 -0
synapse/storage/background_updates.py +1189 -0
synapse/storage/controllers/__init__.py +57 -0
synapse/storage/controllers/persist_events.py +1239 -0
synapse/storage/controllers/purge_events.py +456 -0
synapse/storage/controllers/state.py +954 -0
synapse/storage/controllers/stats.py +119 -0
synapse/storage/database.py +2720 -0
synapse/storage/databases/__init__.py +175 -0
synapse/storage/databases/main/__init__.py +424 -0
synapse/storage/databases/main/account_data.py +1060 -0
synapse/storage/databases/main/appservice.py +473 -0
synapse/storage/databases/main/cache.py +911 -0
synapse/storage/databases/main/censor_events.py +225 -0
synapse/storage/databases/main/client_ips.py +817 -0
synapse/storage/databases/main/delayed_events.py +560 -0
synapse/storage/databases/main/deviceinbox.py +1272 -0
synapse/storage/databases/main/devices.py +2581 -0
synapse/storage/databases/main/directory.py +212 -0
synapse/storage/databases/main/e2e_room_keys.py +690 -0
synapse/storage/databases/main/end_to_end_keys.py +1896 -0
synapse/storage/databases/main/event_federation.py +2509 -0
synapse/storage/databases/main/event_push_actions.py +1937 -0
synapse/storage/databases/main/events.py +3746 -0
synapse/storage/databases/main/events_bg_updates.py +2910 -0
synapse/storage/databases/main/events_forward_extremities.py +126 -0
synapse/storage/databases/main/events_worker.py +2784 -0
synapse/storage/databases/main/experimental_features.py +130 -0
synapse/storage/databases/main/filtering.py +231 -0
synapse/storage/databases/main/keys.py +291 -0
synapse/storage/databases/main/lock.py +553 -0
synapse/storage/databases/main/media_repository.py +1070 -0
synapse/storage/databases/main/metrics.py +460 -0
synapse/storage/databases/main/monthly_active_users.py +443 -0
synapse/storage/databases/main/openid.py +61 -0
synapse/storage/databases/main/presence.py +511 -0
synapse/storage/databases/main/profile.py +541 -0
synapse/storage/databases/main/purge_events.py +511 -0
synapse/storage/databases/main/push_rule.py +972 -0
synapse/storage/databases/main/pusher.py +794 -0
synapse/storage/databases/main/receipts.py +1342 -0
synapse/storage/databases/main/registration.py +3076 -0
synapse/storage/databases/main/rejections.py +38 -0
synapse/storage/databases/main/relations.py +1118 -0
synapse/storage/databases/main/room.py +2781 -0
synapse/storage/databases/main/roommember.py +2112 -0
synapse/storage/databases/main/search.py +941 -0
synapse/storage/databases/main/session.py +151 -0
synapse/storage/databases/main/signatures.py +94 -0
synapse/storage/databases/main/sliding_sync.py +603 -0
synapse/storage/databases/main/state.py +1006 -0
synapse/storage/databases/main/state_deltas.py +329 -0
synapse/storage/databases/main/stats.py +791 -0
synapse/storage/databases/main/stream.py +2580 -0
synapse/storage/databases/main/tags.py +360 -0
synapse/storage/databases/main/task_scheduler.py +225 -0
synapse/storage/databases/main/thread_subscriptions.py +591 -0
synapse/storage/databases/main/transactions.py +681 -0
synapse/storage/databases/main/ui_auth.py +420 -0
synapse/storage/databases/main/user_directory.py +1331 -0
synapse/storage/databases/main/user_erasure_store.py +117 -0
synapse/storage/databases/state/__init__.py +22 -0
synapse/storage/databases/state/bg_updates.py +499 -0
synapse/storage/databases/state/deletion.py +558 -0
synapse/storage/databases/state/store.py +949 -0
synapse/storage/engines/__init__.py +70 -0
synapse/storage/engines/_base.py +154 -0
synapse/storage/engines/postgres.py +261 -0
synapse/storage/engines/sqlite.py +199 -0
synapse/storage/invite_rule.py +112 -0
synapse/storage/keys.py +40 -0
synapse/storage/prepare_database.py +731 -0
synapse/storage/push_rule.py +28 -0
synapse/storage/roommember.py +89 -0
synapse/storage/schema/README.md +4 -0
synapse/storage/schema/__init__.py +182 -0
synapse/storage/schema/common/delta/25/00background_updates.sql +40 -0
synapse/storage/schema/common/delta/35/00background_updates_add_col.sql +36 -0
synapse/storage/schema/common/delta/58/00background_update_ordering.sql +38 -0
synapse/storage/schema/common/full_schemas/72/full.sql.postgres +8 -0
synapse/storage/schema/common/full_schemas/72/full.sql.sqlite +6 -0
synapse/storage/schema/common/schema_version.sql +60 -0
synapse/storage/schema/main/delta/12/v12.sql +82 -0
synapse/storage/schema/main/delta/13/v13.sql +38 -0
synapse/storage/schema/main/delta/14/v14.sql +42 -0
synapse/storage/schema/main/delta/15/appservice_txns.sql +50 -0
synapse/storage/schema/main/delta/15/presence_indices.sql +2 -0
synapse/storage/schema/main/delta/15/v15.sql +24 -0
synapse/storage/schema/main/delta/16/events_order_index.sql +4 -0
synapse/storage/schema/main/delta/16/remote_media_cache_index.sql +2 -0
synapse/storage/schema/main/delta/16/remove_duplicates.sql +9 -0
synapse/storage/schema/main/delta/16/room_alias_index.sql +3 -0
synapse/storage/schema/main/delta/16/unique_constraints.sql +72 -0
synapse/storage/schema/main/delta/16/users.sql +56 -0
synapse/storage/schema/main/delta/17/drop_indexes.sql +37 -0
synapse/storage/schema/main/delta/17/server_keys.sql +43 -0
synapse/storage/schema/main/delta/17/user_threepids.sql +9 -0
synapse/storage/schema/main/delta/18/server_keys_bigger_ints.sql +51 -0
synapse/storage/schema/main/delta/19/event_index.sql +38 -0
synapse/storage/schema/main/delta/20/dummy.sql +1 -0
synapse/storage/schema/main/delta/20/pushers.py +93 -0
synapse/storage/schema/main/delta/21/end_to_end_keys.sql +53 -0
synapse/storage/schema/main/delta/21/receipts.sql +57 -0
synapse/storage/schema/main/delta/22/receipts_index.sql +41 -0
synapse/storage/schema/main/delta/22/user_threepids_unique.sql +19 -0
synapse/storage/schema/main/delta/24/stats_reporting.sql +37 -0
synapse/storage/schema/main/delta/25/fts.py +81 -0
synapse/storage/schema/main/delta/25/guest_access.sql +44 -0
synapse/storage/schema/main/delta/25/history_visibility.sql +44 -0
synapse/storage/schema/main/delta/25/tags.sql +57 -0
synapse/storage/schema/main/delta/26/account_data.sql +36 -0
synapse/storage/schema/main/delta/27/account_data.sql +55 -0
synapse/storage/schema/main/delta/27/forgotten_memberships.sql +45 -0
synapse/storage/schema/main/delta/27/ts.py +61 -0
synapse/storage/schema/main/delta/28/event_push_actions.sql +46 -0
synapse/storage/schema/main/delta/28/events_room_stream.sql +39 -0
synapse/storage/schema/main/delta/28/public_roms_index.sql +39 -0
synapse/storage/schema/main/delta/28/receipts_user_id_index.sql +41 -0
synapse/storage/schema/main/delta/28/upgrade_times.sql +40 -0
synapse/storage/schema/main/delta/28/users_is_guest.sql +41 -0
synapse/storage/schema/main/delta/29/push_actions.sql +54 -0
synapse/storage/schema/main/delta/30/alias_creator.sql +35 -0
synapse/storage/schema/main/delta/30/as_users.py +82 -0
synapse/storage/schema/main/delta/30/deleted_pushers.sql +44 -0
synapse/storage/schema/main/delta/30/presence_stream.sql +49 -0
synapse/storage/schema/main/delta/30/public_rooms.sql +42 -0
synapse/storage/schema/main/delta/30/push_rule_stream.sql +57 -0
synapse/storage/schema/main/delta/30/threepid_guest_access_tokens.sql +43 -0
synapse/storage/schema/main/delta/31/invites.sql +61 -0
synapse/storage/schema/main/delta/31/local_media_repository_url_cache.sql +46 -0
synapse/storage/schema/main/delta/31/pushers_0.py +92 -0
synapse/storage/schema/main/delta/31/pushers_index.sql +41 -0
synapse/storage/schema/main/delta/31/search_update.py +65 -0
synapse/storage/schema/main/delta/32/events.sql +35 -0
synapse/storage/schema/main/delta/32/openid.sql +9 -0
synapse/storage/schema/main/delta/32/pusher_throttle.sql +42 -0
synapse/storage/schema/main/delta/32/remove_indices.sql +52 -0
synapse/storage/schema/main/delta/32/reports.sql +44 -0
synapse/storage/schema/main/delta/33/access_tokens_device_index.sql +36 -0
synapse/storage/schema/main/delta/33/devices.sql +40 -0
synapse/storage/schema/main/delta/33/devices_for_e2e_keys.sql +38 -0
synapse/storage/schema/main/delta/33/devices_for_e2e_keys_clear_unknown_device.sql +39 -0
synapse/storage/schema/main/delta/33/event_fields.py +61 -0
synapse/storage/schema/main/delta/33/remote_media_ts.py +43 -0
synapse/storage/schema/main/delta/33/user_ips_index.sql +36 -0
synapse/storage/schema/main/delta/34/appservice_stream.sql +42 -0
synapse/storage/schema/main/delta/34/cache_stream.py +50 -0
synapse/storage/schema/main/delta/34/device_inbox.sql +43 -0
synapse/storage/schema/main/delta/34/push_display_name_rename.sql +39 -0
synapse/storage/schema/main/delta/34/received_txn_purge.py +36 -0
synapse/storage/schema/main/delta/35/contains_url.sql +36 -0
synapse/storage/schema/main/delta/35/device_outbox.sql +58 -0
synapse/storage/schema/main/delta/35/device_stream_id.sql +40 -0
synapse/storage/schema/main/delta/35/event_push_actions_index.sql +36 -0
synapse/storage/schema/main/delta/35/public_room_list_change_stream.sql +52 -0
synapse/storage/schema/main/delta/35/stream_order_to_extrem.sql +56 -0
synapse/storage/schema/main/delta/36/readd_public_rooms.sql +45 -0
synapse/storage/schema/main/delta/37/remove_auth_idx.py +89 -0
synapse/storage/schema/main/delta/37/user_threepids.sql +71 -0
synapse/storage/schema/main/delta/38/postgres_fts_gist.sql +38 -0
synapse/storage/schema/main/delta/39/appservice_room_list.sql +48 -0
synapse/storage/schema/main/delta/39/device_federation_stream_idx.sql +35 -0
synapse/storage/schema/main/delta/39/event_push_index.sql +36 -0
synapse/storage/schema/main/delta/39/federation_out_position.sql +41 -0
synapse/storage/schema/main/delta/39/membership_profile.sql +39 -0
synapse/storage/schema/main/delta/40/current_state_idx.sql +36 -0
synapse/storage/schema/main/delta/40/device_inbox.sql +40 -0
synapse/storage/schema/main/delta/40/device_list_streams.sql +79 -0
synapse/storage/schema/main/delta/40/event_push_summary.sql +57 -0
synapse/storage/schema/main/delta/40/pushers.sql +58 -0
synapse/storage/schema/main/delta/41/device_list_stream_idx.sql +36 -0
synapse/storage/schema/main/delta/41/device_outbound_index.sql +35 -0
synapse/storage/schema/main/delta/41/event_search_event_id_idx.sql +36 -0
synapse/storage/schema/main/delta/41/ratelimit.sql +41 -0
synapse/storage/schema/main/delta/42/current_state_delta.sql +48 -0
synapse/storage/schema/main/delta/42/device_list_last_id.sql +52 -0
synapse/storage/schema/main/delta/42/event_auth_state_only.sql +36 -0
synapse/storage/schema/main/delta/42/user_dir.py +88 -0
synapse/storage/schema/main/delta/43/blocked_rooms.sql +40 -0
synapse/storage/schema/main/delta/43/quarantine_media.sql +36 -0
synapse/storage/schema/main/delta/43/url_cache.sql +35 -0
synapse/storage/schema/main/delta/43/user_share.sql +52 -0
synapse/storage/schema/main/delta/44/expire_url_cache.sql +60 -0
synapse/storage/schema/main/delta/45/group_server.sql +186 -0
synapse/storage/schema/main/delta/45/profile_cache.sql +47 -0
synapse/storage/schema/main/delta/46/drop_refresh_tokens.sql +36 -0
synapse/storage/schema/main/delta/46/drop_unique_deleted_pushers.sql +54 -0
synapse/storage/schema/main/delta/46/group_server.sql +51 -0
synapse/storage/schema/main/delta/46/local_media_repository_url_idx.sql +43 -0
synapse/storage/schema/main/delta/46/user_dir_null_room_ids.sql +54 -0
synapse/storage/schema/main/delta/46/user_dir_typos.sql +43 -0
synapse/storage/schema/main/delta/47/last_access_media.sql +35 -0
synapse/storage/schema/main/delta/47/postgres_fts_gin.sql +36 -0
synapse/storage/schema/main/delta/47/push_actions_staging.sql +47 -0
synapse/storage/schema/main/delta/48/add_user_consent.sql +37 -0
synapse/storage/schema/main/delta/48/add_user_ips_last_seen_index.sql +36 -0
synapse/storage/schema/main/delta/48/deactivated_users.sql +44 -0
synapse/storage/schema/main/delta/48/group_unique_indexes.py +67 -0
synapse/storage/schema/main/delta/48/groups_joinable.sql +41 -0
synapse/storage/schema/main/delta/49/add_user_consent_server_notice_sent.sql +39 -0
synapse/storage/schema/main/delta/49/add_user_daily_visits.sql +40 -0
synapse/storage/schema/main/delta/49/add_user_ips_last_seen_only_index.sql +36 -0
synapse/storage/schema/main/delta/50/add_creation_ts_users_index.sql +38 -0
synapse/storage/schema/main/delta/50/erasure_store.sql +40 -0
synapse/storage/schema/main/delta/50/make_event_content_nullable.py +102 -0
synapse/storage/schema/main/delta/51/e2e_room_keys.sql +58 -0
synapse/storage/schema/main/delta/51/monthly_active_users.sql +46 -0
synapse/storage/schema/main/delta/52/add_event_to_state_group_index.sql +38 -0
synapse/storage/schema/main/delta/52/device_list_streams_unique_idx.sql +55 -0
synapse/storage/schema/main/delta/52/e2e_room_keys.sql +72 -0
synapse/storage/schema/main/delta/53/add_user_type_to_users.sql +38 -0
synapse/storage/schema/main/delta/53/drop_sent_transactions.sql +35 -0
synapse/storage/schema/main/delta/53/event_format_version.sql +35 -0
synapse/storage/schema/main/delta/53/user_dir_populate.sql +49 -0
synapse/storage/schema/main/delta/53/user_ips_index.sql +49 -0
synapse/storage/schema/main/delta/53/user_share.sql +63 -0
synapse/storage/schema/main/delta/53/user_threepid_id.sql +48 -0
synapse/storage/schema/main/delta/53/users_in_public_rooms.sql +47 -0
synapse/storage/schema/main/delta/54/account_validity_with_renewal.sql +49 -0
synapse/storage/schema/main/delta/54/add_validity_to_server_keys.sql +42 -0
synapse/storage/schema/main/delta/54/delete_forward_extremities.sql +42 -0
synapse/storage/schema/main/delta/54/drop_legacy_tables.sql +49 -0
synapse/storage/schema/main/delta/54/drop_presence_list.sql +35 -0
synapse/storage/schema/main/delta/54/relations.sql +46 -0
synapse/storage/schema/main/delta/54/stats.sql +99 -0
synapse/storage/schema/main/delta/54/stats2.sql +47 -0
synapse/storage/schema/main/delta/55/access_token_expiry.sql +37 -0
synapse/storage/schema/main/delta/55/track_threepid_validations.sql +50 -0
synapse/storage/schema/main/delta/55/users_alter_deactivated.sql +38 -0
synapse/storage/schema/main/delta/56/add_spans_to_device_lists.sql +39 -0
synapse/storage/schema/main/delta/56/current_state_events_membership.sql +41 -0
synapse/storage/schema/main/delta/56/current_state_events_membership_mk2.sql +43 -0
synapse/storage/schema/main/delta/56/delete_keys_from_deleted_backups.sql +44 -0
synapse/storage/schema/main/delta/56/destinations_failure_ts.sql +44 -0
synapse/storage/schema/main/delta/56/destinations_retry_interval_type.sql.postgres +18 -0
synapse/storage/schema/main/delta/56/device_stream_id_insert.sql +39 -0
synapse/storage/schema/main/delta/56/devices_last_seen.sql +43 -0
synapse/storage/schema/main/delta/56/drop_unused_event_tables.sql +39 -0
synapse/storage/schema/main/delta/56/event_expiry.sql +40 -0
synapse/storage/schema/main/delta/56/event_labels.sql +49 -0
synapse/storage/schema/main/delta/56/event_labels_background_update.sql +36 -0
synapse/storage/schema/main/delta/56/fix_room_keys_index.sql +37 -0
synapse/storage/schema/main/delta/56/hidden_devices.sql +37 -0
synapse/storage/schema/main/delta/56/hidden_devices_fix.sql.sqlite +42 -0
synapse/storage/schema/main/delta/56/nuke_empty_communities_from_db.sql +48 -0
synapse/storage/schema/main/delta/56/public_room_list_idx.sql +35 -0
synapse/storage/schema/main/delta/56/redaction_censor.sql +35 -0
synapse/storage/schema/main/delta/56/redaction_censor2.sql +41 -0
synapse/storage/schema/main/delta/56/redaction_censor3_fix_update.sql.postgres +25 -0
synapse/storage/schema/main/delta/56/redaction_censor4.sql +35 -0
synapse/storage/schema/main/delta/56/remove_tombstoned_rooms_from_directory.sql +38 -0
synapse/storage/schema/main/delta/56/room_key_etag.sql +36 -0
synapse/storage/schema/main/delta/56/room_membership_idx.sql +37 -0
synapse/storage/schema/main/delta/56/room_retention.sql +52 -0
synapse/storage/schema/main/delta/56/signing_keys.sql +75 -0
synapse/storage/schema/main/delta/56/signing_keys_nonunique_signatures.sql +41 -0
synapse/storage/schema/main/delta/56/stats_separated.sql +175 -0
synapse/storage/schema/main/delta/56/unique_user_filter_index.py +46 -0
synapse/storage/schema/main/delta/56/user_external_ids.sql +43 -0
synapse/storage/schema/main/delta/56/users_in_public_rooms_idx.sql +36 -0
synapse/storage/schema/main/delta/57/delete_old_current_state_events.sql +41 -0
synapse/storage/schema/main/delta/57/device_list_remote_cache_stale.sql +44 -0
synapse/storage/schema/main/delta/57/local_current_membership.py +111 -0
synapse/storage/schema/main/delta/57/remove_sent_outbound_pokes.sql +40 -0
synapse/storage/schema/main/delta/57/rooms_version_column.sql +43 -0
synapse/storage/schema/main/delta/57/rooms_version_column_2.sql.postgres +35 -0
synapse/storage/schema/main/delta/57/rooms_version_column_2.sql.sqlite +22 -0
synapse/storage/schema/main/delta/57/rooms_version_column_3.sql.postgres +39 -0
synapse/storage/schema/main/delta/57/rooms_version_column_3.sql.sqlite +23 -0
synapse/storage/schema/main/delta/58/02remove_dup_outbound_pokes.sql +41 -0
synapse/storage/schema/main/delta/58/03persist_ui_auth.sql +55 -0
synapse/storage/schema/main/delta/58/05cache_instance.sql.postgres +30 -0
synapse/storage/schema/main/delta/58/06dlols_unique_idx.py +83 -0
synapse/storage/schema/main/delta/58/07add_method_to_thumbnail_constraint.sql.postgres +33 -0
synapse/storage/schema/main/delta/58/07add_method_to_thumbnail_constraint.sql.sqlite +44 -0
synapse/storage/schema/main/delta/58/07persist_ui_auth_ips.sql +44 -0
synapse/storage/schema/main/delta/58/08_media_safe_from_quarantine.sql.postgres +18 -0
synapse/storage/schema/main/delta/58/08_media_safe_from_quarantine.sql.sqlite +18 -0
synapse/storage/schema/main/delta/58/09shadow_ban.sql +37 -0
synapse/storage/schema/main/delta/58/10_pushrules_enabled_delete_obsolete.sql +47 -0
synapse/storage/schema/main/delta/58/10drop_local_rejections_stream.sql +41 -0
synapse/storage/schema/main/delta/58/10federation_pos_instance_name.sql +41 -0
synapse/storage/schema/main/delta/58/11dehydration.sql +39 -0
synapse/storage/schema/main/delta/58/11fallback.sql +43 -0
synapse/storage/schema/main/delta/58/11user_id_seq.py +38 -0
synapse/storage/schema/main/delta/58/12room_stats.sql +51 -0
synapse/storage/schema/main/delta/58/13remove_presence_allow_inbound.sql +36 -0
synapse/storage/schema/main/delta/58/14events_instance_name.sql +35 -0
synapse/storage/schema/main/delta/58/14events_instance_name.sql.postgres +28 -0
synapse/storage/schema/main/delta/58/15_catchup_destination_rooms.sql +61 -0
synapse/storage/schema/main/delta/58/15unread_count.sql +45 -0
synapse/storage/schema/main/delta/58/16populate_stats_process_rooms_fix.sql +41 -0
synapse/storage/schema/main/delta/58/17_catchup_last_successful.sql +40 -0
synapse/storage/schema/main/delta/58/18stream_positions.sql +41 -0
synapse/storage/schema/main/delta/58/19instance_map.sql.postgres +25 -0
synapse/storage/schema/main/delta/58/19txn_id.sql +59 -0
synapse/storage/schema/main/delta/58/20instance_name_event_tables.sql +36 -0
synapse/storage/schema/main/delta/58/20user_daily_visits.sql +37 -0
synapse/storage/schema/main/delta/58/21as_device_stream.sql +36 -0
synapse/storage/schema/main/delta/58/21drop_device_max_stream_id.sql +1 -0
synapse/storage/schema/main/delta/58/22puppet_token.sql +36 -0
synapse/storage/schema/main/delta/58/22users_have_local_media.sql +2 -0
synapse/storage/schema/main/delta/58/23e2e_cross_signing_keys_idx.sql +36 -0
synapse/storage/schema/main/delta/58/24drop_event_json_index.sql +38 -0
synapse/storage/schema/main/delta/58/25user_external_ids_user_id_idx.sql +36 -0
synapse/storage/schema/main/delta/58/26access_token_last_validated.sql +37 -0
synapse/storage/schema/main/delta/58/27local_invites.sql +37 -0
synapse/storage/schema/main/delta/58/28drop_last_used_column.sql.postgres +16 -0
synapse/storage/schema/main/delta/58/28drop_last_used_column.sql.sqlite +62 -0
synapse/storage/schema/main/delta/59/01ignored_user.py +85 -0
synapse/storage/schema/main/delta/59/02shard_send_to_device.sql +37 -0
synapse/storage/schema/main/delta/59/03shard_send_to_device_sequence.sql.postgres +25 -0
synapse/storage/schema/main/delta/59/04_event_auth_chains.sql +71 -0
synapse/storage/schema/main/delta/59/04_event_auth_chains.sql.postgres +16 -0
synapse/storage/schema/main/delta/59/04drop_account_data.sql +36 -0
synapse/storage/schema/main/delta/59/05cache_invalidation.sql +36 -0
synapse/storage/schema/main/delta/59/06chain_cover_index.sql +36 -0
synapse/storage/schema/main/delta/59/06shard_account_data.sql +39 -0
synapse/storage/schema/main/delta/59/06shard_account_data.sql.postgres +32 -0
synapse/storage/schema/main/delta/59/07shard_account_data_fix.sql +37 -0
synapse/storage/schema/main/delta/59/08delete_pushers_for_deactivated_accounts.sql +39 -0
synapse/storage/schema/main/delta/59/08delete_stale_pushers.sql +39 -0
synapse/storage/schema/main/delta/59/09rejected_events_metadata.sql +45 -0
synapse/storage/schema/main/delta/59/10delete_purged_chain_cover.sql +36 -0
synapse/storage/schema/main/delta/59/11add_knock_members_to_stats.sql +39 -0
synapse/storage/schema/main/delta/59/11drop_thumbnail_constraint.sql.postgres +22 -0
synapse/storage/schema/main/delta/59/12account_validity_token_used_ts_ms.sql +37 -0
synapse/storage/schema/main/delta/59/12presence_stream_instance.sql +37 -0
synapse/storage/schema/main/delta/59/12presence_stream_instance_seq.sql.postgres +20 -0
synapse/storage/schema/main/delta/59/13users_to_send_full_presence_to.sql +53 -0
synapse/storage/schema/main/delta/59/14refresh_tokens.sql +53 -0
synapse/storage/schema/main/delta/59/15locks.sql +56 -0
synapse/storage/schema/main/delta/59/16federation_inbound_staging.sql +51 -0
synapse/storage/schema/main/delta/60/01recreate_stream_ordering.sql.postgres +45 -0
synapse/storage/schema/main/delta/60/02change_stream_ordering_columns.sql.postgres +30 -0
synapse/storage/schema/main/delta/61/01change_appservices_txns.sql.postgres +23 -0
synapse/storage/schema/main/delta/61/01insertion_event_lookups.sql +68 -0
synapse/storage/schema/main/delta/61/02drop_redundant_room_depth_index.sql +37 -0
synapse/storage/schema/main/delta/61/03recreate_min_depth.py +74 -0
synapse/storage/schema/main/delta/62/01insertion_event_extremities.sql +43 -0
synapse/storage/schema/main/delta/63/01create_registration_tokens.sql +42 -0
synapse/storage/schema/main/delta/63/02delete_unlinked_email_pushers.sql +39 -0
synapse/storage/schema/main/delta/63/02populate-rooms-creator.sql +36 -0
synapse/storage/schema/main/delta/63/03session_store.sql +42 -0
synapse/storage/schema/main/delta/63/04add_presence_stream_not_offline_index.sql +37 -0
synapse/storage/schema/main/delta/64/01msc2716_chunk_to_batch_rename.sql.postgres +23 -0
synapse/storage/schema/main/delta/64/01msc2716_chunk_to_batch_rename.sql.sqlite +37 -0
synapse/storage/schema/main/delta/65/01msc2716_insertion_event_edges.sql +38 -0
synapse/storage/schema/main/delta/65/03remove_hidden_devices_from_device_inbox.sql +41 -0
synapse/storage/schema/main/delta/65/04_local_group_updates.sql +37 -0
synapse/storage/schema/main/delta/65/05_remove_room_stats_historical_and_user_stats_historical.sql +38 -0
synapse/storage/schema/main/delta/65/06remove_deleted_devices_from_device_inbox.sql +53 -0
synapse/storage/schema/main/delta/65/07_arbitrary_relations.sql +37 -0
synapse/storage/schema/main/delta/65/08_device_inbox_background_updates.sql +37 -0
synapse/storage/schema/main/delta/65/10_expirable_refresh_tokens.sql +47 -0
synapse/storage/schema/main/delta/65/11_devices_auth_provider_session.sql +46 -0
synapse/storage/schema/main/delta/67/01drop_public_room_list_stream.sql +37 -0
synapse/storage/schema/main/delta/68/01event_columns.sql +45 -0
synapse/storage/schema/main/delta/68/02_msc2409_add_device_id_appservice_stream_type.sql +40 -0
synapse/storage/schema/main/delta/68/03_delete_account_data_for_deactivated_accounts.sql +39 -0
synapse/storage/schema/main/delta/68/04_refresh_tokens_index_next_token_id.sql +47 -0
synapse/storage/schema/main/delta/68/04partial_state_rooms.sql +60 -0
synapse/storage/schema/main/delta/68/05_delete_non_strings_from_event_search.sql.sqlite +22 -0
synapse/storage/schema/main/delta/68/05partial_state_rooms_triggers.py +80 -0
synapse/storage/schema/main/delta/68/06_msc3202_add_device_list_appservice_stream_type.sql +42 -0
synapse/storage/schema/main/delta/69/01as_txn_seq.py +54 -0
synapse/storage/schema/main/delta/69/01device_list_oubound_by_room.sql +57 -0
synapse/storage/schema/main/delta/69/02cache_invalidation_index.sql +37 -0
synapse/storage/schema/main/delta/70/01clean_table_purged_rooms.sql +39 -0
synapse/storage/schema/main/delta/71/01rebuild_event_edges.sql.postgres +43 -0
synapse/storage/schema/main/delta/71/01rebuild_event_edges.sql.sqlite +47 -0
synapse/storage/schema/main/delta/71/01remove_noop_background_updates.sql +80 -0
synapse/storage/schema/main/delta/71/02event_push_summary_unique.sql +37 -0
synapse/storage/schema/main/delta/72/01add_room_type_to_state_stats.sql +38 -0
synapse/storage/schema/main/delta/72/01event_push_summary_receipt.sql +54 -0
synapse/storage/schema/main/delta/72/02event_push_actions_index.sql +38 -0
synapse/storage/schema/main/delta/72/03bg_populate_events_columns.py +57 -0
synapse/storage/schema/main/delta/72/03drop_event_reference_hashes.sql +36 -0
synapse/storage/schema/main/delta/72/03remove_groups.sql +50 -0
synapse/storage/schema/main/delta/72/04drop_column_application_services_state_last_txn.sql.postgres +17 -0
synapse/storage/schema/main/delta/72/04drop_column_application_services_state_last_txn.sql.sqlite +40 -0
synapse/storage/schema/main/delta/72/05receipts_event_stream_ordering.sql +38 -0
synapse/storage/schema/main/delta/72/05remove_unstable_private_read_receipts.sql +38 -0
synapse/storage/schema/main/delta/72/06add_consent_ts_to_users.sql +35 -0
synapse/storage/schema/main/delta/72/06thread_notifications.sql +49 -0
synapse/storage/schema/main/delta/72/07force_update_current_state_events_membership.py +67 -0
synapse/storage/schema/main/delta/72/07thread_receipts.sql.postgres +30 -0
synapse/storage/schema/main/delta/72/07thread_receipts.sql.sqlite +70 -0
synapse/storage/schema/main/delta/72/08begin_cache_invalidation_seq_at_2.sql.postgres +23 -0
synapse/storage/schema/main/delta/72/08thread_receipts.sql +39 -0
synapse/storage/schema/main/delta/72/09partial_indices.sql.sqlite +56 -0
synapse/storage/schema/main/delta/73/01event_failed_pull_attempts.sql +48 -0
synapse/storage/schema/main/delta/73/02add_pusher_enabled.sql +35 -0
synapse/storage/schema/main/delta/73/02room_id_indexes_for_purging.sql +41 -0
synapse/storage/schema/main/delta/73/03pusher_device_id.sql +39 -0
synapse/storage/schema/main/delta/73/03users_approved_column.sql +39 -0
synapse/storage/schema/main/delta/73/04partial_join_details.sql +42 -0
synapse/storage/schema/main/delta/73/04pending_device_list_updates.sql +47 -0
synapse/storage/schema/main/delta/73/05old_push_actions.sql.postgres +22 -0
synapse/storage/schema/main/delta/73/05old_push_actions.sql.sqlite +24 -0
synapse/storage/schema/main/delta/73/06thread_notifications_thread_id_idx.sql +42 -0
synapse/storage/schema/main/delta/73/08thread_receipts_non_null.sql.postgres +23 -0
synapse/storage/schema/main/delta/73/08thread_receipts_non_null.sql.sqlite +76 -0
synapse/storage/schema/main/delta/73/09partial_joined_via_destination.sql +37 -0
synapse/storage/schema/main/delta/73/09threads_table.sql +49 -0
synapse/storage/schema/main/delta/73/10_update_sqlite_fts4_tokenizer.py +71 -0
synapse/storage/schema/main/delta/73/10login_tokens.sql +54 -0
synapse/storage/schema/main/delta/73/11event_search_room_id_n_distinct.sql.postgres +33 -0
synapse/storage/schema/main/delta/73/12refactor_device_list_outbound_pokes.sql +72 -0
synapse/storage/schema/main/delta/73/13add_device_lists_index.sql +39 -0
synapse/storage/schema/main/delta/73/20_un_partial_stated_room_stream.sql +51 -0
synapse/storage/schema/main/delta/73/21_un_partial_stated_room_stream_seq.sql.postgres +20 -0
synapse/storage/schema/main/delta/73/22_rebuild_user_dir_stats.sql +48 -0
synapse/storage/schema/main/delta/73/22_un_partial_stated_event_stream.sql +53 -0
synapse/storage/schema/main/delta/73/23_fix_thread_index.sql +52 -0
synapse/storage/schema/main/delta/73/23_un_partial_stated_room_stream_seq.sql.postgres +20 -0
synapse/storage/schema/main/delta/73/24_events_jump_to_date_index.sql +36 -0
synapse/storage/schema/main/delta/73/25drop_presence.sql +36 -0
synapse/storage/schema/main/delta/74/01_user_directory_stale_remote_users.sql +58 -0
synapse/storage/schema/main/delta/74/02_set_device_id_for_pushers_bg_update.sql +38 -0
synapse/storage/schema/main/delta/74/03_membership_tables_event_stream_ordering.sql.postgres +29 -0
synapse/storage/schema/main/delta/74/03_membership_tables_event_stream_ordering.sql.sqlite +23 -0
synapse/storage/schema/main/delta/74/03_room_membership_index.sql +38 -0
synapse/storage/schema/main/delta/74/04_delete_e2e_backup_keys_for_deactivated_users.sql +36 -0
synapse/storage/schema/main/delta/74/04_membership_tables_event_stream_ordering_triggers.py +87 -0
synapse/storage/schema/main/delta/74/05_events_txn_id_device_id.sql +72 -0
synapse/storage/schema/main/delta/74/90COMMENTS_destinations.sql.postgres +52 -0
synapse/storage/schema/main/delta/76/01_add_profiles_full_user_id_column.sql +39 -0
synapse/storage/schema/main/delta/76/02_add_user_filters_full_user_id_column.sql +39 -0
synapse/storage/schema/main/delta/76/03_per_user_experimental_features.sql +46 -0
synapse/storage/schema/main/delta/76/04_add_room_forgetter.sql +43 -0
synapse/storage/schema/main/delta/77/01_add_profiles_not_valid_check.sql.postgres +16 -0
synapse/storage/schema/main/delta/77/02_add_user_filters_not_valid_check.sql.postgres +16 -0
synapse/storage/schema/main/delta/77/03bg_populate_full_user_id_profiles.sql +35 -0
synapse/storage/schema/main/delta/77/04bg_populate_full_user_id_user_filters.sql +35 -0
synapse/storage/schema/main/delta/77/05thread_notifications_backfill.sql +67 -0
synapse/storage/schema/main/delta/77/06thread_notifications_not_null.sql.sqlite +102 -0
synapse/storage/schema/main/delta/77/06thread_notifications_not_null_event_push_actions.sql.postgres +27 -0
synapse/storage/schema/main/delta/77/06thread_notifications_not_null_event_push_actions_staging.sql.postgres +27 -0
synapse/storage/schema/main/delta/77/06thread_notifications_not_null_event_push_summary.sql.postgres +29 -0
synapse/storage/schema/main/delta/77/14bg_indices_event_stream_ordering.sql +39 -0
synapse/storage/schema/main/delta/78/01_validate_and_update_profiles.py +99 -0
synapse/storage/schema/main/delta/78/02_validate_and_update_user_filters.py +100 -0
synapse/storage/schema/main/delta/78/03_remove_unused_indexes_user_filters.py +72 -0
synapse/storage/schema/main/delta/78/03event_extremities_constraints.py +65 -0
synapse/storage/schema/main/delta/78/04_add_full_user_id_index_user_filters.py +32 -0
synapse/storage/schema/main/delta/79/03_read_write_locks_triggers.sql.postgres +102 -0
synapse/storage/schema/main/delta/79/03_read_write_locks_triggers.sql.sqlite +72 -0
synapse/storage/schema/main/delta/79/04_mitigate_stream_ordering_update_race.py +70 -0
synapse/storage/schema/main/delta/79/05_read_write_locks_triggers.sql.postgres +69 -0
synapse/storage/schema/main/delta/79/05_read_write_locks_triggers.sql.sqlite +65 -0
synapse/storage/schema/main/delta/80/01_users_alter_locked.sql +35 -0
synapse/storage/schema/main/delta/80/02_read_write_locks_unlogged.sql.postgres +30 -0
synapse/storage/schema/main/delta/80/02_scheduled_tasks.sql +47 -0
synapse/storage/schema/main/delta/80/03_read_write_locks_triggers.sql.postgres +37 -0
synapse/storage/schema/main/delta/80/04_read_write_locks_deadlock.sql.postgres +71 -0
synapse/storage/schema/main/delta/82/02_scheduled_tasks_index.sql +35 -0
synapse/storage/schema/main/delta/82/04_add_indices_for_purging_rooms.sql +39 -0
synapse/storage/schema/main/delta/82/05gaps.sql +44 -0
synapse/storage/schema/main/delta/83/01_drop_old_tables.sql +43 -0
synapse/storage/schema/main/delta/83/03_instance_name_receipts.sql.sqlite +17 -0
synapse/storage/schema/main/delta/83/05_cross_signing_key_update_grant.sql +34 -0
synapse/storage/schema/main/delta/83/06_event_push_summary_room.sql +36 -0
synapse/storage/schema/main/delta/84/01_auth_links_stats.sql.postgres +20 -0
synapse/storage/schema/main/delta/84/02_auth_links_index.sql +16 -0
synapse/storage/schema/main/delta/84/03_auth_links_analyze.sql.postgres +16 -0
synapse/storage/schema/main/delta/84/04_access_token_index.sql +15 -0
synapse/storage/schema/main/delta/85/01_add_suspended.sql +14 -0
synapse/storage/schema/main/delta/85/02_add_instance_names.sql +27 -0
synapse/storage/schema/main/delta/85/03_new_sequences.sql.postgres +54 -0
synapse/storage/schema/main/delta/85/04_cleanup_device_federation_outbox.sql +15 -0
synapse/storage/schema/main/delta/85/05_add_instance_names_converted_pos.sql +16 -0
synapse/storage/schema/main/delta/85/06_add_room_reports.sql +20 -0
synapse/storage/schema/main/delta/86/01_authenticate_media.sql +15 -0
synapse/storage/schema/main/delta/86/02_receipts_event_id_index.sql +15 -0
synapse/storage/schema/main/delta/87/01_sliding_sync_memberships.sql +169 -0
synapse/storage/schema/main/delta/87/02_per_connection_state.sql +81 -0
synapse/storage/schema/main/delta/87/03_current_state_index.sql +19 -0
synapse/storage/schema/main/delta/88/01_add_delayed_events.sql +43 -0
synapse/storage/schema/main/delta/88/01_custom_profile_fields.sql +15 -0
synapse/storage/schema/main/delta/88/02_fix_sliding_sync_membership_snapshots_forgotten_column.sql +21 -0
synapse/storage/schema/main/delta/88/03_add_otk_ts_added_index.sql +18 -0
synapse/storage/schema/main/delta/88/04_current_state_delta_index.sql +18 -0
synapse/storage/schema/main/delta/88/05_drop_old_otks.sql.postgres +19 -0
synapse/storage/schema/main/delta/88/05_drop_old_otks.sql.sqlite +19 -0
synapse/storage/schema/main/delta/88/05_sliding_sync_room_config_index.sql +20 -0
synapse/storage/schema/main/delta/88/06_events_received_ts_index.sql +17 -0
synapse/storage/schema/main/delta/89/01_sliding_sync_membership_snapshot_index.sql +15 -0
synapse/storage/schema/main/delta/90/01_add_column_participant_room_memberships_table.sql +16 -0
synapse/storage/schema/main/delta/91/01_media_hash.sql +28 -0
synapse/storage/schema/main/delta/92/01_remove_trigger.sql.postgres +16 -0
synapse/storage/schema/main/delta/92/01_remove_trigger.sql.sqlite +16 -0
synapse/storage/schema/main/delta/92/02_remove_populate_participant_bg_update.sql +17 -0
synapse/storage/schema/main/delta/92/04_ss_membership_snapshot_idx.sql +16 -0
synapse/storage/schema/main/delta/92/04_thread_subscriptions.sql +59 -0
synapse/storage/schema/main/delta/92/04_thread_subscriptions_seq.sql.postgres +19 -0
synapse/storage/schema/main/delta/92/05_fixup_max_depth_cap.sql +17 -0
synapse/storage/schema/main/delta/92/05_thread_subscriptions_comments.sql.postgres +18 -0
synapse/storage/schema/main/delta/92/06_device_federation_inbox_index.sql +16 -0
synapse/storage/schema/main/delta/92/06_threads_last_sent_stream_ordering_comments.sql.postgres +24 -0
synapse/storage/schema/main/delta/92/07_add_user_reports.sql +22 -0
synapse/storage/schema/main/delta/92/07_event_txn_id_device_id_txn_id2.sql +15 -0
synapse/storage/schema/main/delta/92/08_room_ban_redactions.sql +21 -0
synapse/storage/schema/main/delta/92/08_thread_subscriptions_seq_fixup.sql.postgres +19 -0
synapse/storage/schema/main/delta/92/09_thread_subscriptions_update.sql +20 -0
synapse/storage/schema/main/delta/92/09_thread_subscriptions_update.sql.postgres +18 -0
synapse/storage/schema/main/full_schemas/72/full.sql.postgres +1344 -0
synapse/storage/schema/main/full_schemas/72/full.sql.sqlite +646 -0
synapse/storage/schema/state/delta/23/drop_state_index.sql +35 -0
synapse/storage/schema/state/delta/32/remove_state_indices.sql +38 -0
synapse/storage/schema/state/delta/35/add_state_index.sql +36 -0
synapse/storage/schema/state/delta/35/state.sql +41 -0
synapse/storage/schema/state/delta/35/state_dedupe.sql +36 -0
synapse/storage/schema/state/delta/47/state_group_seq.py +38 -0
synapse/storage/schema/state/delta/56/state_group_room_idx.sql +36 -0
synapse/storage/schema/state/delta/61/02state_groups_state_n_distinct.sql.postgres +34 -0
synapse/storage/schema/state/delta/70/08_state_group_edges_unique.sql +36 -0
synapse/storage/schema/state/delta/89/01_state_groups_deletion.sql +39 -0
synapse/storage/schema/state/delta/90/02_delete_unreferenced_state_groups.sql +16 -0
synapse/storage/schema/state/delta/90/03_remove_old_deletion_bg_update.sql +15 -0
synapse/storage/schema/state/full_schemas/72/full.sql.postgres +30 -0
synapse/storage/schema/state/full_schemas/72/full.sql.sqlite +20 -0
synapse/storage/types.py +185 -0
synapse/storage/util/__init__.py +20 -0
synapse/storage/util/id_generators.py +909 -0
synapse/storage/util/partial_state_events_tracker.py +194 -0
synapse/storage/util/sequence.py +315 -0
synapse/streams/__init__.py +43 -0
synapse/streams/config.py +92 -0
synapse/streams/events.py +203 -0
synapse/synapse_rust/__init__.pyi +3 -0
synapse/synapse_rust/acl.pyi +20 -0
synapse/synapse_rust/events.pyi +136 -0
synapse/synapse_rust/http_client.pyi +32 -0
synapse/synapse_rust/push.pyi +86 -0
synapse/synapse_rust/rendezvous.pyi +30 -0
synapse/synapse_rust/segmenter.pyi +1 -0
synapse/synapse_rust.abi3.so +0 -0
synapse/types/__init__.py +1600 -0
synapse/types/handlers/__init__.py +93 -0
synapse/types/handlers/policy_server.py +16 -0
synapse/types/handlers/sliding_sync.py +909 -0
synapse/types/rest/__init__.py +25 -0
synapse/types/rest/client/__init__.py +415 -0
synapse/types/state.py +635 -0
synapse/types/storage/__init__.py +66 -0
synapse/util/__init__.py +170 -0
synapse/util/async_helpers.py +1067 -0
synapse/util/batching_queue.py +202 -0
synapse/util/caches/__init__.py +300 -0
synapse/util/caches/cached_call.py +143 -0
synapse/util/caches/deferred_cache.py +530 -0
synapse/util/caches/descriptors.py +694 -0
synapse/util/caches/dictionary_cache.py +350 -0
synapse/util/caches/expiringcache.py +251 -0
synapse/util/caches/lrucache.py +977 -0
synapse/util/caches/response_cache.py +323 -0
synapse/util/caches/stream_change_cache.py +370 -0
synapse/util/caches/treecache.py +189 -0
synapse/util/caches/ttlcache.py +197 -0
synapse/util/cancellation.py +63 -0
synapse/util/check_dependencies.py +335 -0
synapse/util/clock.py +500 -0
synapse/util/constants.py +22 -0
synapse/util/daemonize.py +165 -0
synapse/util/distributor.py +159 -0
synapse/util/events.py +134 -0
synapse/util/file_consumer.py +164 -0
synapse/util/frozenutils.py +57 -0
synapse/util/gai_resolver.py +180 -0
synapse/util/hash.py +38 -0
synapse/util/httpresourcetree.py +108 -0
synapse/util/iterutils.py +189 -0
synapse/util/json.py +56 -0
synapse/util/linked_list.py +156 -0
synapse/util/logcontext.py +46 -0
synapse/util/logformatter.py +28 -0
synapse/util/macaroons.py +325 -0
synapse/util/manhole.py +191 -0
synapse/util/metrics.py +340 -0
synapse/util/module_loader.py +116 -0
synapse/util/msisdn.py +51 -0
synapse/util/patch_inline_callbacks.py +250 -0
synapse/util/pydantic_models.py +56 -0
synapse/util/ratelimitutils.py +420 -0
synapse/util/retryutils.py +339 -0
synapse/util/rlimit.py +42 -0
synapse/util/rust.py +134 -0
synapse/util/sentinel.py +21 -0
synapse/util/stringutils.py +293 -0
synapse/util/task_scheduler.py +493 -0
synapse/util/templates.py +126 -0
synapse/util/threepids.py +123 -0
synapse/util/wheel_timer.py +112 -0
synapse/visibility.py +836 -0

synapse/media/media_repository.py ADDED Viewed

@@ -0,0 +1,1580 @@
+#
+# This file is licensed under the Affero General Public License (AGPL) version 3.
+#
+# Copyright 2018-2021 The Matrix.org Foundation C.I.C.
+# Copyright 2014-2016 OpenMarket Ltd
+# Copyright (C) 2023 New Vector, Ltd
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# See the GNU Affero General Public License for more details:
+# <https://www.gnu.org/licenses/agpl-3.0.html>.
+#
+# Originally licensed under the Apache License, Version 2.0:
+# <http://www.apache.org/licenses/LICENSE-2.0>.
+#
+# [This file includes modifications made by New Vector Limited]
+#
+#
+import errno
+import logging
+import os
+import shutil
+from io import BytesIO
+from typing import IO, TYPE_CHECKING, Optional
+import attr
+from matrix_common.types.mxc_uri import MXCUri
+import twisted.internet.error
+import twisted.web.http
+from twisted.internet.defer import Deferred
+from synapse.api.errors import (
+    Codes,
+    FederationDeniedError,
+    HttpResponseException,
+    NotFoundError,
+    RequestSendFailed,
+    SynapseError,
+    cs_error,
+)
+from synapse.api.ratelimiting import Ratelimiter
+from synapse.config.repository import ThumbnailRequirement
+from synapse.http.server import respond_with_json
+from synapse.http.site import SynapseRequest
+from synapse.logging.context import defer_to_thread
+from synapse.logging.opentracing import trace
+from synapse.media._base import (
+    FileInfo,
+    Responder,
+    ThumbnailInfo,
+    check_for_cached_entry_and_respond,
+    get_filename_from_headers,
+    respond_404,
+    respond_with_multipart_responder,
+    respond_with_responder,
+)
+from synapse.media.filepath import MediaFilePaths
+from synapse.media.media_storage import (
+    MediaStorage,
+    SHA256TransparentIOReader,
+    SHA256TransparentIOWriter,
+)
+from synapse.media.storage_provider import StorageProviderWrapper
+from synapse.media.thumbnailer import Thumbnailer, ThumbnailError
+from synapse.media.url_previewer import UrlPreviewer
+from synapse.storage.databases.main.media_repository import LocalMedia, RemoteMedia
+from synapse.types import UserID
+from synapse.util.async_helpers import Linearizer
+from synapse.util.retryutils import NotRetryingDestination
+from synapse.util.stringutils import random_string
+if TYPE_CHECKING:
+    from synapse.server import HomeServer
+logger = logging.getLogger(__name__)
+# How often to run the background job to update the "recently accessed"
+# attribute of local and remote media.
+UPDATE_RECENTLY_ACCESSED_TS = 60 * 1000  # 1 minute
+# How often to run the background job to check for local and remote media
+# that should be purged according to the configured media retention settings.
+MEDIA_RETENTION_CHECK_PERIOD_MS = 60 * 60 * 1000  # 1 hour
+class MediaRepository:
+    def __init__(self, hs: "HomeServer"):
+        self.hs = hs
+        self.auth = hs.get_auth()
+        self.client = hs.get_federation_client()
+        self.clock = hs.get_clock()
+        self.server_name = hs.hostname
+        self.store = hs.get_datastores().main
+        self.max_upload_size = hs.config.media.max_upload_size
+        self.max_image_pixels = hs.config.media.max_image_pixels
+        self.unused_expiration_time = hs.config.media.unused_expiration_time
+        self.max_pending_media_uploads = hs.config.media.max_pending_media_uploads
+        Thumbnailer.set_limits(self.max_image_pixels)
+        self.primary_base_path: str = hs.config.media.media_store_path
+        self.filepaths: MediaFilePaths = MediaFilePaths(self.primary_base_path)
+        self.dynamic_thumbnails = hs.config.media.dynamic_thumbnails
+        self.thumbnail_requirements = hs.config.media.thumbnail_requirements
+        self.remote_media_linearizer = Linearizer(name="media_remote", clock=self.clock)
+        self.recently_accessed_remotes: set[tuple[str, str]] = set()
+        self.recently_accessed_locals: set[str] = set()
+        self.federation_domain_whitelist = (
+            hs.config.federation.federation_domain_whitelist
+        )
+        self.prevent_media_downloads_from = hs.config.media.prevent_media_downloads_from
+        self.download_ratelimiter = Ratelimiter(
+            store=hs.get_storage_controllers().main,
+            clock=hs.get_clock(),
+            cfg=hs.config.ratelimiting.remote_media_downloads,
+        )
+        # List of StorageProviders where we should search for media and
+        # potentially upload to.
+        storage_providers = []
+        for (
+            clz,
+            provider_config,
+            wrapper_config,
+        ) in hs.config.media.media_storage_providers:
+            backend = clz(hs, provider_config)
+            provider = StorageProviderWrapper(
+                backend,
+                store_local=wrapper_config.store_local,
+                store_remote=wrapper_config.store_remote,
+                store_synchronous=wrapper_config.store_synchronous,
+            )
+            storage_providers.append(provider)
+        self.media_storage: MediaStorage = MediaStorage(
+            self.hs, self.primary_base_path, self.filepaths, storage_providers
+        )
+        self.clock.looping_call(
+            self._start_update_recently_accessed, UPDATE_RECENTLY_ACCESSED_TS
+        )
+        # Media retention configuration options
+        self._media_retention_local_media_lifetime_ms = (
+            hs.config.media.media_retention_local_media_lifetime_ms
+        )
+        self._media_retention_remote_media_lifetime_ms = (
+            hs.config.media.media_retention_remote_media_lifetime_ms
+        )
+        # Check whether local or remote media retention is configured
+        if (
+            hs.config.media.media_retention_local_media_lifetime_ms is not None
+            or hs.config.media.media_retention_remote_media_lifetime_ms is not None
+        ):
+            # Run the background job to apply media retention rules routinely,
+            # with the duration between runs dictated by the homeserver config.
+            self.clock.looping_call(
+                self._start_apply_media_retention_rules,
+                MEDIA_RETENTION_CHECK_PERIOD_MS,
+            )
+        if hs.config.media.url_preview_enabled:
+            self.url_previewer: Optional[UrlPreviewer] = UrlPreviewer(
+                hs, self, self.media_storage
+            )
+        else:
+            self.url_previewer = None
+        # We get the media upload limits and sort them in descending order of
+        # time period, so that we can apply some optimizations.
+        self.default_media_upload_limits = hs.config.media.media_upload_limits
+        self.default_media_upload_limits.sort(
+            key=lambda limit: limit.time_period_ms, reverse=True
+        )
+        self.media_repository_callbacks = hs.get_module_api_callbacks().media_repository
+    def _start_update_recently_accessed(self) -> Deferred:
+        return self.hs.run_as_background_process(
+            "update_recently_accessed_media",
+            self._update_recently_accessed,
+        )
+    def _start_apply_media_retention_rules(self) -> Deferred:
+        return self.hs.run_as_background_process(
+            "apply_media_retention_rules",
+            self._apply_media_retention_rules,
+        )
+    async def _update_recently_accessed(self) -> None:
+        remote_media = self.recently_accessed_remotes
+        self.recently_accessed_remotes = set()
+        local_media = self.recently_accessed_locals
+        self.recently_accessed_locals = set()
+        await self.store.update_cached_last_access_time(
+            local_media, remote_media, self.clock.time_msec()
+        )
+    def mark_recently_accessed(self, server_name: Optional[str], media_id: str) -> None:
+        """Mark the given media as recently accessed.
+        Args:
+            server_name: Origin server of media, or None if local
+            media_id: The media ID of the content
+        """
+        if server_name:
+            self.recently_accessed_remotes.add((server_name, media_id))
+        else:
+            self.recently_accessed_locals.add(media_id)
+    @trace
+    async def create_media_id(self, auth_user: UserID) -> tuple[str, int]:
+        """Create and store a media ID for a local user and return the MXC URI and its
+        expiration.
+        Args:
+            auth_user: The user_id of the uploader
+        Returns:
+            A tuple containing the MXC URI of the stored content and the timestamp at
+            which the MXC URI expires.
+        """
+        media_id = random_string(24)
+        now = self.clock.time_msec()
+        await self.store.store_local_media_id(
+            media_id=media_id,
+            time_now_ms=now,
+            user_id=auth_user,
+        )
+        return f"mxc://{self.server_name}/{media_id}", now + self.unused_expiration_time
+    @trace
+    async def reached_pending_media_limit(self, auth_user: UserID) -> tuple[bool, int]:
+        """Check if the user is over the limit for pending media uploads.
+        Args:
+            auth_user: The user_id of the uploader
+        Returns:
+            A tuple with a boolean and an integer indicating whether the user has too
+            many pending media uploads and the timestamp at which the first pending
+            media will expire, respectively.
+        """
+        pending, first_expiration_ts = await self.store.count_pending_media(
+            user_id=auth_user
+        )
+        return pending >= self.max_pending_media_uploads, first_expiration_ts
+    @trace
+    async def verify_can_upload(self, media_id: str, auth_user: UserID) -> None:
+        """Verify that the media ID can be uploaded to by the given user. This
+        function checks that:
+        * the media ID exists
+        * the media ID does not already have content
+        * the user uploading is the same as the one who created the media ID
+        * the media ID has not expired
+        Args:
+            media_id: The media ID to verify
+            auth_user: The user_id of the uploader
+        """
+        media = await self.store.get_local_media(media_id)
+        if media is None:
+            raise NotFoundError("Unknown media ID")
+        if media.user_id != auth_user.to_string():
+            raise SynapseError(
+                403,
+                "Only the creator of the media ID can upload to it",
+                errcode=Codes.FORBIDDEN,
+            )
+        if media.media_length is not None:
+            raise SynapseError(
+                409,
+                "Media ID already has content",
+                errcode=Codes.CANNOT_OVERWRITE_MEDIA,
+            )
+        expired_time_ms = self.clock.time_msec() - self.unused_expiration_time
+        if media.created_ts < expired_time_ms:
+            raise NotFoundError("Media ID has expired")
+    @trace
+    async def create_or_update_content(
+        self,
+        media_type: str,
+        upload_name: Optional[str],
+        content: IO,
+        content_length: int,
+        auth_user: UserID,
+        media_id: Optional[str] = None,
+    ) -> MXCUri:
+        """Create or update the content of the given media ID.
+        Args:
+            media_type: The content type of the file.
+            upload_name: The name of the file, if provided.
+            content: A file like object that is the content to store
+            content_length: The length of the content
+            auth_user: The user_id of the uploader
+            media_id: The media ID to update if provided, otherwise creates
+                new media ID.
+        Returns:
+            The mxc url of the stored content
+        """
+        is_new_media = media_id is None
+        if media_id is None:
+            media_id = random_string(24)
+        file_info = FileInfo(server_name=None, file_id=media_id)
+        sha256reader = SHA256TransparentIOReader(content)
+        # This implements all of IO as it has a passthrough
+        fname = await self.media_storage.store_file(sha256reader.wrap(), file_info)
+        sha256 = sha256reader.hexdigest()
+        should_quarantine = await self.store.get_is_hash_quarantined(sha256)
+        logger.info("Stored local media in file %r", fname)
+        if should_quarantine:
+            logger.warning(
+                "Media has been automatically quarantined as it matched existing quarantined media"
+            )
+        # Check that the user has not exceeded any of the media upload limits.
+        # Use limits from module API if provided
+        media_upload_limits = (
+            await self.media_repository_callbacks.get_media_upload_limits_for_user(
+                auth_user.to_string()
+            )
+        )
+        # Otherwise use the default limits from config
+        if media_upload_limits is None:
+            # Note: the media upload limits are sorted so larger time periods are
+            # first.
+            media_upload_limits = self.default_media_upload_limits
+        # This is the total size of media uploaded by the user in the last
+        # `time_period_ms` milliseconds, or None if we haven't checked yet.
+        uploaded_media_size: Optional[int] = None
+        for limit in media_upload_limits:
+            # We only need to check the amount of media uploaded by the user in
+            # this latest (smaller) time period if the amount of media uploaded
+            # in a previous (larger) time period is below the limit.
+            #
+            # This optimization means that in the common case where the user
+            # hasn't uploaded much media, we only need to query the database
+            # once.
+            if (
+                uploaded_media_size is None
+                or uploaded_media_size + content_length > limit.max_bytes
+            ):
+                uploaded_media_size = await self.store.get_media_uploaded_size_for_user(
+                    user_id=auth_user.to_string(), time_period_ms=limit.time_period_ms
+                )
+            if uploaded_media_size + content_length > limit.max_bytes:
+                await self.media_repository_callbacks.on_media_upload_limit_exceeded(
+                    user_id=auth_user.to_string(),
+                    limit=limit,
+                    sent_bytes=uploaded_media_size,
+                    attempted_bytes=content_length,
+                )
+                raise SynapseError(
+                    400, "Media upload limit exceeded", Codes.RESOURCE_LIMIT_EXCEEDED
+                )
+        if is_new_media:
+            await self.store.store_local_media(
+                media_id=media_id,
+                media_type=media_type,
+                time_now_ms=self.clock.time_msec(),
+                upload_name=upload_name,
+                media_length=content_length,
+                user_id=auth_user,
+                sha256=sha256,
+                quarantined_by="system" if should_quarantine else None,
+            )
+        else:
+            await self.store.update_local_media(
+                media_id=media_id,
+                media_type=media_type,
+                upload_name=upload_name,
+                media_length=content_length,
+                user_id=auth_user,
+                sha256=sha256,
+                quarantined_by="system" if should_quarantine else None,
+            )
+        try:
+            await self._generate_thumbnails(None, media_id, media_id, media_type)
+        except Exception as e:
+            logger.info("Failed to generate thumbnails: %s", e)
+        return MXCUri(self.server_name, media_id)
+    def respond_not_yet_uploaded(self, request: SynapseRequest) -> None:
+        respond_with_json(
+            request,
+            504,
+            cs_error("Media has not been uploaded yet", code=Codes.NOT_YET_UPLOADED),
+            send_cors=True,
+        )
+    async def get_cached_remote_media_info(
+        self, origin: str, media_id: str
+    ) -> Optional[RemoteMedia]:
+        """
+        Get cached remote media info for a given origin/media ID combo. If the requested
+        media is not found locally, it will not be requested over federation and the
+        call will return None.
+        Args:
+            origin: The origin of the remote media
+            media_id: The media ID of the requested content
+        Returns:
+            The info for the cached remote media or None if it was not found
+        """
+        return await self.store.get_cached_remote_media(origin, media_id)
+    async def get_local_media_info(
+        self, request: SynapseRequest, media_id: str, max_timeout_ms: int
+    ) -> Optional[LocalMedia]:
+        """Gets the info dictionary for given local media ID. If the media has
+        not been uploaded yet, this function will wait up to ``max_timeout_ms``
+        milliseconds for the media to be uploaded.
+        Args:
+            request: The incoming request.
+            media_id: The media ID of the content. (This is the same as
+                the file_id for local content.)
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+        Returns:
+            Either the info dictionary for the given local media ID or
+            ``None``. If ``None``, then no further processing is necessary as
+            this function will send the necessary JSON response.
+        """
+        wait_until = self.clock.time_msec() + max_timeout_ms
+        while True:
+            # Get the info for the media
+            media_info = await self.store.get_local_media(media_id)
+            if not media_info:
+                logger.info("Media %s is unknown", media_id)
+                respond_404(request)
+                return None
+            if media_info.quarantined_by:
+                logger.info("Media %s is quarantined", media_id)
+                respond_404(request)
+                return None
+            # The file has been uploaded, so stop looping
+            if media_info.media_length is not None:
+                return media_info
+            # Check if the media ID has expired and still hasn't been uploaded to.
+            now = self.clock.time_msec()
+            expired_time_ms = now - self.unused_expiration_time
+            if media_info.created_ts < expired_time_ms:
+                logger.info("Media %s has expired without being uploaded", media_id)
+                respond_404(request)
+                return None
+            if now >= wait_until:
+                break
+            await self.clock.sleep(0.5)
+        logger.info("Media %s has not yet been uploaded", media_id)
+        self.respond_not_yet_uploaded(request)
+        return None
+    async def get_local_media(
+        self,
+        request: SynapseRequest,
+        media_id: str,
+        name: Optional[str],
+        max_timeout_ms: int,
+        allow_authenticated: bool = True,
+        federation: bool = False,
+    ) -> None:
+        """Responds to requests for local media, if exists, or returns 404.
+        Args:
+            request: The incoming request.
+            media_id: The media ID of the content. (This is the same as
+                the file_id for local content.)
+            name: Optional name that, if specified, will be used as
+                the filename in the Content-Disposition header of the response.
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            allow_authenticated: whether media marked as authenticated may be served to this request
+            federation: whether the local media being fetched is for a federation request
+        Returns:
+            Resolves once a response has successfully been written to request
+        """
+        media_info = await self.get_local_media_info(request, media_id, max_timeout_ms)
+        if not media_info:
+            return
+        if self.hs.config.media.enable_authenticated_media and not allow_authenticated:
+            if media_info.authenticated:
+                raise NotFoundError()
+        self.mark_recently_accessed(None, media_id)
+        # Once we've checked auth we can return early if the media is cached on
+        # the client
+        if check_for_cached_entry_and_respond(request):
+            return
+        media_type = media_info.media_type
+        if not media_type:
+            media_type = "application/octet-stream"
+        media_length = media_info.media_length
+        upload_name = name if name else media_info.upload_name
+        url_cache = media_info.url_cache
+        file_info = FileInfo(None, media_id, url_cache=bool(url_cache))
+        responder = await self.media_storage.fetch_media(file_info)
+        if federation:
+            await respond_with_multipart_responder(
+                self.clock, request, responder, media_type, media_length, upload_name
+            )
+        else:
+            await respond_with_responder(
+                request, responder, media_type, media_length, upload_name
+            )
+    async def get_remote_media(
+        self,
+        request: SynapseRequest,
+        server_name: str,
+        media_id: str,
+        name: Optional[str],
+        max_timeout_ms: int,
+        ip_address: str,
+        use_federation_endpoint: bool,
+        allow_authenticated: bool = True,
+    ) -> None:
+        """Respond to requests for remote media.
+        Args:
+            request: The incoming request.
+            server_name: Remote server_name where the media originated.
+            media_id: The media ID of the content (as defined by the remote server).
+            name: Optional name that, if specified, will be used as
+                the filename in the Content-Disposition header of the response.
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            ip_address: the IP address of the requester
+            use_federation_endpoint: whether to request the remote media over the new
+                federation `/download` endpoint
+            allow_authenticated: whether media marked as authenticated may be served to this
+                request
+        Returns:
+            Resolves once a response has successfully been written to request
+        """
+        if (
+            self.federation_domain_whitelist is not None
+            and server_name not in self.federation_domain_whitelist
+        ):
+            raise FederationDeniedError(server_name)
+        # Don't let users download media from domains listed in the config, even
+        # if we might have the media to serve. This is Trust & Safety tooling to
+        # block some servers' media from being accessible to local users.
+        # See `prevent_media_downloads_from` config docs for more info.
+        if server_name in self.prevent_media_downloads_from:
+            respond_404(request)
+            return
+        self.mark_recently_accessed(server_name, media_id)
+        # We linearize here to ensure that we don't try and download remote
+        # media multiple times concurrently
+        key = (server_name, media_id)
+        async with self.remote_media_linearizer.queue(key):
+            responder, media_info = await self._get_remote_media_impl(
+                server_name,
+                media_id,
+                max_timeout_ms,
+                self.download_ratelimiter,
+                ip_address,
+                use_federation_endpoint,
+                allow_authenticated,
+            )
+        # Check if the media is cached on the client, if so return 304. We need
+        # to do this after we have fetched remote media, as we need it to do the
+        # auth.
+        if check_for_cached_entry_and_respond(request):
+            # We always need to use the responder.
+            if responder:
+                with responder:
+                    pass
+            return
+        # We deliberately stream the file outside the lock
+        if responder and media_info:
+            upload_name = name if name else media_info.upload_name
+            await respond_with_responder(
+                request,
+                responder,
+                media_info.media_type,
+                media_info.media_length,
+                upload_name,
+            )
+        else:
+            respond_404(request)
+    async def get_remote_media_info(
+        self,
+        server_name: str,
+        media_id: str,
+        max_timeout_ms: int,
+        ip_address: str,
+        use_federation: bool,
+        allow_authenticated: bool,
+    ) -> RemoteMedia:
+        """Gets the media info associated with the remote file, downloading
+        if necessary.
+        Args:
+            server_name: Remote server_name where the media originated.
+            media_id: The media ID of the content (as defined by the remote server).
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            ip_address: IP address of the requester
+            use_federation: if a download is necessary, whether to request the remote file
+                over the federation `/download` endpoint
+            allow_authenticated: whether media marked as authenticated may be served to this
+                request
+        Returns:
+            The media info of the file
+        """
+        if (
+            self.federation_domain_whitelist is not None
+            and server_name not in self.federation_domain_whitelist
+        ):
+            raise FederationDeniedError(server_name)
+        # We linearize here to ensure that we don't try and download remote
+        # media multiple times concurrently
+        key = (server_name, media_id)
+        async with self.remote_media_linearizer.queue(key):
+            responder, media_info = await self._get_remote_media_impl(
+                server_name,
+                media_id,
+                max_timeout_ms,
+                self.download_ratelimiter,
+                ip_address,
+                use_federation,
+                allow_authenticated,
+            )
+        # Ensure we actually use the responder so that it releases resources
+        if responder:
+            with responder:
+                pass
+        return media_info
+    async def _get_remote_media_impl(
+        self,
+        server_name: str,
+        media_id: str,
+        max_timeout_ms: int,
+        download_ratelimiter: Ratelimiter,
+        ip_address: str,
+        use_federation_endpoint: bool,
+        allow_authenticated: bool,
+    ) -> tuple[Optional[Responder], RemoteMedia]:
+        """Looks for media in local cache, if not there then attempt to
+        download from remote server.
+        Args:
+            server_name: Remote server_name where the media originated.
+            media_id: The media ID of the content (as defined by the
+                remote server).
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            download_ratelimiter: a ratelimiter limiting remote media downloads, keyed to
+                requester IP.
+            ip_address: the IP address of the requester
+            use_federation_endpoint: whether to request the remote media over the new federation
+            /download endpoint
+        Returns:
+            A tuple of responder and the media info of the file.
+        """
+        media_info = await self.store.get_cached_remote_media(server_name, media_id)
+        if self.hs.config.media.enable_authenticated_media and not allow_authenticated:
+            # if it isn't cached then don't fetch it or if it's authenticated then don't serve it
+            if not media_info or media_info.authenticated:
+                raise NotFoundError()
+        # file_id is the ID we use to track the file locally. If we've already
+        # seen the file then reuse the existing ID, otherwise generate a new
+        # one.
+        # If we have an entry in the DB, try and look for it
+        if media_info:
+            file_id = media_info.filesystem_id
+            file_info = FileInfo(server_name, file_id)
+            if media_info.quarantined_by:
+                logger.info("Media is quarantined")
+                raise NotFoundError()
+            if not media_info.media_type:
+                media_info = attr.evolve(
+                    media_info, media_type="application/octet-stream"
+                )
+            responder = await self.media_storage.fetch_media(file_info)
+            if responder:
+                return responder, media_info
+        # Failed to find the file anywhere, lets download it.
+        try:
+            if not use_federation_endpoint:
+                media_info = await self._download_remote_file(
+                    server_name,
+                    media_id,
+                    max_timeout_ms,
+                    download_ratelimiter,
+                    ip_address,
+                )
+            else:
+                media_info = await self._federation_download_remote_file(
+                    server_name,
+                    media_id,
+                    max_timeout_ms,
+                    download_ratelimiter,
+                    ip_address,
+                )
+        except SynapseError:
+            raise
+        except Exception as e:
+            # An exception may be because we downloaded media in another
+            # process, so let's check if we magically have the media.
+            media_info = await self.store.get_cached_remote_media(server_name, media_id)
+            if not media_info:
+                raise e
+        file_id = media_info.filesystem_id
+        if not media_info.media_type:
+            media_info = attr.evolve(media_info, media_type="application/octet-stream")
+        file_info = FileInfo(server_name, file_id)
+        # We generate thumbnails even if another process downloaded the media
+        # as a) it's conceivable that the other download request dies before it
+        # generates thumbnails, but mainly b) we want to be sure the thumbnails
+        # have finished being generated before responding to the client,
+        # otherwise they'll request thumbnails and get a 404 if they're not
+        # ready yet.
+        await self._generate_thumbnails(
+            server_name, media_id, file_id, media_info.media_type
+        )
+        responder = await self.media_storage.fetch_media(file_info)
+        return responder, media_info
+    async def _download_remote_file(
+        self,
+        server_name: str,
+        media_id: str,
+        max_timeout_ms: int,
+        download_ratelimiter: Ratelimiter,
+        ip_address: str,
+    ) -> RemoteMedia:
+        """Attempt to download the remote file from the given server name,
+        using the given file_id as the local id.
+        Args:
+            server_name: Originating server
+            media_id: The media ID of the content (as defined by the
+                remote server). This is different than the file_id, which is
+                locally generated.
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            download_ratelimiter: a ratelimiter limiting remote media downloads, keyed to
+                requester IP
+            ip_address: the IP address of the requester
+        Returns:
+            The media info of the file.
+        """
+        file_id = random_string(24)
+        file_info = FileInfo(server_name=server_name, file_id=file_id)
+        async with self.media_storage.store_into_file(file_info) as (f, fname):
+            sha256writer = SHA256TransparentIOWriter(f)
+            try:
+                length, headers = await self.client.download_media(
+                    server_name,
+                    media_id,
+                    # This implements all of BinaryIO as it has a passthrough
+                    output_stream=sha256writer.wrap(),
+                    max_size=self.max_upload_size,
+                    max_timeout_ms=max_timeout_ms,
+                    download_ratelimiter=download_ratelimiter,
+                    ip_address=ip_address,
+                )
+            except RequestSendFailed as e:
+                logger.warning(
+                    "Request failed fetching remote media %s/%s: %r",
+                    server_name,
+                    media_id,
+                    e,
+                )
+                raise SynapseError(502, "Failed to fetch remote media")
+            except HttpResponseException as e:
+                logger.warning(
+                    "HTTP error fetching remote media %s/%s: %s",
+                    server_name,
+                    media_id,
+                    e.response,
+                )
+                if e.code == twisted.web.http.NOT_FOUND:
+                    raise e.to_synapse_error()
+                raise SynapseError(502, "Failed to fetch remote media")
+            except SynapseError:
+                logger.warning(
+                    "Failed to fetch remote media %s/%s", server_name, media_id
+                )
+                raise
+            except NotRetryingDestination:
+                logger.warning("Not retrying destination %r", server_name)
+                raise SynapseError(502, "Failed to fetch remote media")
+            except Exception:
+                logger.exception(
+                    "Failed to fetch remote media %s/%s", server_name, media_id
+                )
+                raise SynapseError(502, "Failed to fetch remote media")
+            if b"Content-Type" in headers:
+                media_type = headers[b"Content-Type"][0].decode("ascii")
+            else:
+                media_type = "application/octet-stream"
+            upload_name = get_filename_from_headers(headers)
+            time_now_ms = self.clock.time_msec()
+            # Multiple remote media download requests can race (when using
+            # multiple media repos), so this may throw a violation constraint
+            # exception. If it does we'll delete the newly downloaded file from
+            # disk (as we're in the ctx manager).
+            #
+            # However: we've already called `finish()` so we may have also
+            # written to the storage providers. This is preferable to the
+            # alternative where we call `finish()` *after* this, where we could
+            # end up having an entry in the DB but fail to write the files to
+            # the storage providers.
+            await self.store.store_cached_remote_media(
+                origin=server_name,
+                media_id=media_id,
+                media_type=media_type,
+                time_now_ms=time_now_ms,
+                upload_name=upload_name,
+                media_length=length,
+                filesystem_id=file_id,
+                sha256=sha256writer.hexdigest(),
+            )
+        logger.info("Stored remote media in file %r", fname)
+        if self.hs.config.media.enable_authenticated_media:
+            authenticated = True
+        else:
+            authenticated = False
+        return RemoteMedia(
+            media_origin=server_name,
+            media_id=media_id,
+            media_type=media_type,
+            media_length=length,
+            upload_name=upload_name,
+            created_ts=time_now_ms,
+            filesystem_id=file_id,
+            last_access_ts=time_now_ms,
+            quarantined_by=None,
+            authenticated=authenticated,
+            sha256=sha256writer.hexdigest(),
+        )
+    async def _federation_download_remote_file(
+        self,
+        server_name: str,
+        media_id: str,
+        max_timeout_ms: int,
+        download_ratelimiter: Ratelimiter,
+        ip_address: str,
+    ) -> RemoteMedia:
+        """Attempt to download the remote file from the given server name.
+        Uses the given file_id as the local id and downloads the file over the federation
+        v1 download endpoint
+        Args:
+            server_name: Originating server
+            media_id: The media ID of the content (as defined by the
+                remote server). This is different than the file_id, which is
+                locally generated.
+            max_timeout_ms: the maximum number of milliseconds to wait for the
+                media to be uploaded.
+            download_ratelimiter: a ratelimiter limiting remote media downloads, keyed to
+                requester IP
+            ip_address: the IP address of the requester
+        Returns:
+            The media info of the file.
+        """
+        file_id = random_string(24)
+        file_info = FileInfo(server_name=server_name, file_id=file_id)
+        async with self.media_storage.store_into_file(file_info) as (f, fname):
+            sha256writer = SHA256TransparentIOWriter(f)
+            try:
+                res = await self.client.federation_download_media(
+                    server_name,
+                    media_id,
+                    # This implements all of BinaryIO as it has a passthrough
+                    output_stream=sha256writer.wrap(),
+                    max_size=self.max_upload_size,
+                    max_timeout_ms=max_timeout_ms,
+                    download_ratelimiter=download_ratelimiter,
+                    ip_address=ip_address,
+                )
+                # if we had to fall back to the _matrix/media endpoint it will only return
+                # the headers and length, check the length of the tuple before unpacking
+                if len(res) == 3:
+                    length, headers, json = res
+                else:
+                    length, headers = res
+            except RequestSendFailed as e:
+                logger.warning(
+                    "Request failed fetching remote media %s/%s: %r",
+                    server_name,
+                    media_id,
+                    e,
+                )
+                raise SynapseError(502, "Failed to fetch remote media")
+            except HttpResponseException as e:
+                logger.warning(
+                    "HTTP error fetching remote media %s/%s: %s",
+                    server_name,
+                    media_id,
+                    e.response,
+                )
+                if e.code == twisted.web.http.NOT_FOUND:
+                    raise e.to_synapse_error()
+                raise SynapseError(502, "Failed to fetch remote media")
+            except SynapseError:
+                logger.warning(
+                    "Failed to fetch remote media %s/%s", server_name, media_id
+                )
+                raise
+            except NotRetryingDestination:
+                logger.warning("Not retrying destination %r", server_name)
+                raise SynapseError(502, "Failed to fetch remote media")
+            except Exception:
+                logger.exception(
+                    "Failed to fetch remote media %s/%s", server_name, media_id
+                )
+                raise SynapseError(502, "Failed to fetch remote media")
+            if b"Content-Type" in headers:
+                media_type = headers[b"Content-Type"][0].decode("ascii")
+            else:
+                media_type = "application/octet-stream"
+            upload_name = get_filename_from_headers(headers)
+            time_now_ms = self.clock.time_msec()
+            # Multiple remote media download requests can race (when using
+            # multiple media repos), so this may throw a violation constraint
+            # exception. If it does we'll delete the newly downloaded file from
+            # disk (as we're in the ctx manager).
+            #
+            # However: we've already called `finish()` so we may have also
+            # written to the storage providers. This is preferable to the
+            # alternative where we call `finish()` *after* this, where we could
+            # end up having an entry in the DB but fail to write the files to
+            # the storage providers.
+            await self.store.store_cached_remote_media(
+                origin=server_name,
+                media_id=media_id,
+                media_type=media_type,
+                time_now_ms=time_now_ms,
+                upload_name=upload_name,
+                media_length=length,
+                filesystem_id=file_id,
+                sha256=sha256writer.hexdigest(),
+            )
+        logger.debug("Stored remote media in file %r", fname)
+        if self.hs.config.media.enable_authenticated_media:
+            authenticated = True
+        else:
+            authenticated = False
+        return RemoteMedia(
+            media_origin=server_name,
+            media_id=media_id,
+            media_type=media_type,
+            media_length=length,
+            upload_name=upload_name,
+            created_ts=time_now_ms,
+            filesystem_id=file_id,
+            last_access_ts=time_now_ms,
+            quarantined_by=None,
+            authenticated=authenticated,
+            sha256=sha256writer.hexdigest(),
+        )
+    def _get_thumbnail_requirements(
+        self, media_type: str
+    ) -> tuple[ThumbnailRequirement, ...]:
+        scpos = media_type.find(";")
+        if scpos > 0:
+            media_type = media_type[:scpos]
+        return self.thumbnail_requirements.get(media_type, ())
+    def _generate_thumbnail(
+        self,
+        thumbnailer: Thumbnailer,
+        t_width: int,
+        t_height: int,
+        t_method: str,
+        t_type: str,
+    ) -> Optional[BytesIO]:
+        m_width = thumbnailer.width
+        m_height = thumbnailer.height
+        if m_width * m_height >= self.max_image_pixels:
+            logger.info(
+                "Image too large to thumbnail %r x %r > %r",
+                m_width,
+                m_height,
+                self.max_image_pixels,
+            )
+            return None
+        if thumbnailer.transpose_method is not None:
+            m_width, m_height = thumbnailer.transpose()
+        if t_method == "crop":
+            return thumbnailer.crop(t_width, t_height, t_type)
+        elif t_method == "scale":
+            t_width, t_height = thumbnailer.aspect(t_width, t_height)
+            t_width = min(m_width, t_width)
+            t_height = min(m_height, t_height)
+            return thumbnailer.scale(t_width, t_height, t_type)
+        return None
+    async def generate_local_exact_thumbnail(
+        self,
+        media_id: str,
+        t_width: int,
+        t_height: int,
+        t_method: str,
+        t_type: str,
+        url_cache: bool,
+    ) -> Optional[tuple[str, FileInfo]]:
+        input_path = await self.media_storage.ensure_media_is_in_local_cache(
+            FileInfo(None, media_id, url_cache=url_cache)
+        )
+        try:
+            thumbnailer = Thumbnailer(input_path)
+        except ThumbnailError as e:
+            logger.warning(
+                "Unable to generate a thumbnail for local media %s using a method of %s and type of %s: %s",
+                media_id,
+                t_method,
+                t_type,
+                e,
+            )
+            return None
+        with thumbnailer:
+            t_byte_source = await defer_to_thread(
+                self.hs.get_reactor(),
+                self._generate_thumbnail,
+                thumbnailer,
+                t_width,
+                t_height,
+                t_method,
+                t_type,
+            )
+        if t_byte_source:
+            try:
+                file_info = FileInfo(
+                    server_name=None,
+                    file_id=media_id,
+                    url_cache=url_cache,
+                    thumbnail=ThumbnailInfo(
+                        width=t_width,
+                        height=t_height,
+                        method=t_method,
+                        type=t_type,
+                        length=t_byte_source.tell(),
+                    ),
+                )
+                output_path = await self.media_storage.store_file(
+                    t_byte_source, file_info
+                )
+            finally:
+                t_byte_source.close()
+            logger.info("Stored thumbnail in file %r", output_path)
+            t_len = os.path.getsize(output_path)
+            await self.store.store_local_thumbnail(
+                media_id,
+                t_width,
+                t_height,
+                t_type,
+                t_method,
+                t_len,
+            )
+            return output_path, file_info
+        # Could not generate thumbnail.
+        return None
+    async def generate_remote_exact_thumbnail(
+        self,
+        server_name: str,
+        file_id: str,
+        media_id: str,
+        t_width: int,
+        t_height: int,
+        t_method: str,
+        t_type: str,
+    ) -> Optional[str]:
+        input_path = await self.media_storage.ensure_media_is_in_local_cache(
+            FileInfo(server_name, file_id)
+        )
+        try:
+            thumbnailer = Thumbnailer(input_path)
+        except ThumbnailError as e:
+            logger.warning(
+                "Unable to generate a thumbnail for remote media %s from %s using a method of %s and type of %s: %s",
+                media_id,
+                server_name,
+                t_method,
+                t_type,
+                e,
+            )
+            return None
+        with thumbnailer:
+            t_byte_source = await defer_to_thread(
+                self.hs.get_reactor(),
+                self._generate_thumbnail,
+                thumbnailer,
+                t_width,
+                t_height,
+                t_method,
+                t_type,
+            )
+        if t_byte_source:
+            try:
+                file_info = FileInfo(
+                    server_name=server_name,
+                    file_id=file_id,
+                    thumbnail=ThumbnailInfo(
+                        width=t_width,
+                        height=t_height,
+                        method=t_method,
+                        type=t_type,
+                        length=t_byte_source.tell(),
+                    ),
+                )
+                output_path = await self.media_storage.store_file(
+                    t_byte_source, file_info
+                )
+            finally:
+                t_byte_source.close()
+            logger.info("Stored thumbnail in file %r", output_path)
+            t_len = os.path.getsize(output_path)
+            await self.store.store_remote_media_thumbnail(
+                server_name,
+                media_id,
+                file_id,
+                t_width,
+                t_height,
+                t_type,
+                t_method,
+                t_len,
+            )
+            return output_path
+        # Could not generate thumbnail.
+        return None
+    @trace
+    async def _generate_thumbnails(
+        self,
+        server_name: Optional[str],
+        media_id: str,
+        file_id: str,
+        media_type: str,
+        url_cache: bool = False,
+    ) -> Optional[dict]:
+        """Generate and store thumbnails for an image.
+        Args:
+            server_name: The server name if remote media, else None if local
+            media_id: The media ID of the content. (This is the same as
+                the file_id for local content)
+            file_id: Local file ID
+            media_type: The content type of the file
+            url_cache: If we are thumbnailing images downloaded for the URL cache,
+                used exclusively by the url previewer
+        Returns:
+            Dict with "width" and "height" keys of original image or None if the
+            media cannot be thumbnailed.
+        """
+        requirements = self._get_thumbnail_requirements(media_type)
+        if not requirements:
+            return None
+        input_path = await self.media_storage.ensure_media_is_in_local_cache(
+            FileInfo(server_name, file_id, url_cache=url_cache)
+        )
+        try:
+            thumbnailer = Thumbnailer(input_path)
+        except ThumbnailError as e:
+            logger.warning(
+                "Unable to generate thumbnails for remote media %s from %s of type %s: %s",
+                media_id,
+                server_name,
+                media_type,
+                e,
+            )
+            return None
+        with thumbnailer:
+            m_width = thumbnailer.width
+            m_height = thumbnailer.height
+            if m_width * m_height >= self.max_image_pixels:
+                logger.info(
+                    "Image too large to thumbnail %r x %r > %r",
+                    m_width,
+                    m_height,
+                    self.max_image_pixels,
+                )
+                return None
+            if thumbnailer.transpose_method is not None:
+                m_width, m_height = await defer_to_thread(
+                    self.hs.get_reactor(), thumbnailer.transpose
+                )
+            # We deduplicate the thumbnail sizes by ignoring the cropped versions if
+            # they have the same dimensions of a scaled one.
+            thumbnails: dict[tuple[int, int, str], str] = {}
+            for requirement in requirements:
+                if requirement.method == "crop":
+                    thumbnails.setdefault(
+                        (requirement.width, requirement.height, requirement.media_type),
+                        requirement.method,
+                    )
+                elif requirement.method == "scale":
+                    t_width, t_height = thumbnailer.aspect(
+                        requirement.width, requirement.height
+                    )
+                    t_width = min(m_width, t_width)
+                    t_height = min(m_height, t_height)
+                    thumbnails[(t_width, t_height, requirement.media_type)] = (
+                        requirement.method
+                    )
+            # Now we generate the thumbnails for each dimension, store it
+            for (t_width, t_height, t_type), t_method in thumbnails.items():
+                # Generate the thumbnail
+                if t_method == "crop":
+                    t_byte_source = await defer_to_thread(
+                        self.hs.get_reactor(),
+                        thumbnailer.crop,
+                        t_width,
+                        t_height,
+                        t_type,
+                    )
+                elif t_method == "scale":
+                    t_byte_source = await defer_to_thread(
+                        self.hs.get_reactor(),
+                        thumbnailer.scale,
+                        t_width,
+                        t_height,
+                        t_type,
+                    )
+                else:
+                    logger.error("Unrecognized method: %r", t_method)
+                    continue
+                if not t_byte_source:
+                    continue
+                file_info = FileInfo(
+                    server_name=server_name,
+                    file_id=file_id,
+                    url_cache=url_cache,
+                    thumbnail=ThumbnailInfo(
+                        width=t_width,
+                        height=t_height,
+                        method=t_method,
+                        type=t_type,
+                        length=t_byte_source.tell(),
+                    ),
+                )
+                async with self.media_storage.store_into_file(file_info) as (f, fname):
+                    try:
+                        await self.media_storage.write_to_file(t_byte_source, f)
+                    finally:
+                        t_byte_source.close()
+                    # We flush and close the file to ensure that the bytes have
+                    # been written before getting the size.
+                    f.flush()
+                    f.close()
+                    t_len = os.path.getsize(fname)
+                    # Write to database
+                    if server_name:
+                        # Multiple remote media download requests can race (when
+                        # using multiple media repos), so this may throw a violation
+                        # constraint exception. If it does we'll delete the newly
+                        # generated thumbnail from disk (as we're in the ctx
+                        # manager).
+                        #
+                        # However: we've already called `finish()` so we may have
+                        # also written to the storage providers. This is preferable
+                        # to the alternative where we call `finish()` *after* this,
+                        # where we could end up having an entry in the DB but fail
+                        # to write the files to the storage providers.
+                        try:
+                            await self.store.store_remote_media_thumbnail(
+                                server_name,
+                                media_id,
+                                file_id,
+                                t_width,
+                                t_height,
+                                t_type,
+                                t_method,
+                                t_len,
+                            )
+                        except Exception as e:
+                            thumbnail_exists = (
+                                await self.store.get_remote_media_thumbnail(
+                                    server_name,
+                                    media_id,
+                                    t_width,
+                                    t_height,
+                                    t_type,
+                                )
+                            )
+                            if not thumbnail_exists:
+                                raise e
+                    else:
+                        await self.store.store_local_thumbnail(
+                            media_id, t_width, t_height, t_type, t_method, t_len
+                        )
+        return {"width": m_width, "height": m_height}
+    async def _apply_media_retention_rules(self) -> None:
+        """
+        Purge old local and remote media according to the media retention rules
+        defined in the homeserver config.
+        """
+        # Purge remote media
+        if self._media_retention_remote_media_lifetime_ms is not None:
+            # Calculate a threshold timestamp derived from the configured lifetime. Any
+            # media that has not been accessed since this timestamp will be removed.
+            remote_media_threshold_timestamp_ms = (
+                self.clock.time_msec() - self._media_retention_remote_media_lifetime_ms
+            )
+            logger.info(
+                "Purging remote media last accessed before %s",
+                remote_media_threshold_timestamp_ms,
+            )
+            await self.delete_old_remote_media(
+                before_ts=remote_media_threshold_timestamp_ms
+            )
+        # And now do the same for local media
+        if self._media_retention_local_media_lifetime_ms is not None:
+            # This works the same as the remote media threshold
+            local_media_threshold_timestamp_ms = (
+                self.clock.time_msec() - self._media_retention_local_media_lifetime_ms
+            )
+            logger.info(
+                "Purging local media last accessed before %s",
+                local_media_threshold_timestamp_ms,
+            )
+            await self.delete_old_local_media(
+                before_ts=local_media_threshold_timestamp_ms,
+                keep_profiles=True,
+                delete_quarantined_media=False,
+                delete_protected_media=False,
+            )
+    async def delete_old_remote_media(self, before_ts: int) -> dict[str, int]:
+        old_media = await self.store.get_remote_media_ids(
+            before_ts, include_quarantined_media=False
+        )
+        deleted = 0
+        for origin, media_id, file_id in old_media:
+            key = (origin, media_id)
+            logger.info("Deleting: %r", key)
+            # TODO: Should we delete from the backup store
+            async with self.remote_media_linearizer.queue(key):
+                full_path = self.filepaths.remote_media_filepath(origin, file_id)
+                try:
+                    os.remove(full_path)
+                except OSError as e:
+                    logger.warning("Failed to remove file: %r", full_path)
+                    if e.errno == errno.ENOENT:
+                        pass
+                    else:
+                        continue
+                thumbnail_dir = self.filepaths.remote_media_thumbnail_dir(
+                    origin, file_id
+                )
+                shutil.rmtree(thumbnail_dir, ignore_errors=True)
+                await self.store.delete_remote_media(origin, media_id)
+                deleted += 1
+        return {"deleted": deleted}
+    async def delete_local_media_ids(
+        self, media_ids: list[str]
+    ) -> tuple[list[str], int]:
+        """
+        Delete the given local or remote media ID from this server
+        Args:
+            media_id: The media ID to delete.
+        Returns:
+            A tuple of (list of deleted media IDs, total deleted media IDs).
+        """
+        return await self._remove_local_media_from_disk(media_ids)
+    async def delete_old_local_media(
+        self,
+        before_ts: int,
+        size_gt: int = 0,
+        keep_profiles: bool = True,
+        delete_quarantined_media: bool = False,
+        delete_protected_media: bool = False,
+    ) -> tuple[list[str], int]:
+        """
+        Delete local or remote media from this server by size and timestamp. Removes
+        media files, any thumbnails and cached URLs.
+        Args:
+            before_ts: Unix timestamp in ms.
+                Files that were last used before this timestamp will be deleted.
+            size_gt: Size of the media in bytes. Files that are larger will be deleted.
+            keep_profiles: Switch to delete also files that are still used in image data
+                (e.g user profile, room avatar). If false these files will be deleted.
+            delete_quarantined_media: If True, media marked as quarantined will be deleted.
+            delete_protected_media: If True, media marked as protected will be deleted.
+        Returns:
+            A tuple of (list of deleted media IDs, total deleted media IDs).
+        """
+        old_media = await self.store.get_local_media_ids(
+            before_ts,
+            size_gt,
+            keep_profiles,
+            include_quarantined_media=delete_quarantined_media,
+            include_protected_media=delete_protected_media,
+        )
+        return await self._remove_local_media_from_disk(old_media)
+    async def _remove_local_media_from_disk(
+        self, media_ids: list[str]
+    ) -> tuple[list[str], int]:
+        """
+        Delete local or remote media from this server. Removes media files,
+        any thumbnails and cached URLs.
+        Args:
+            media_ids: List of media_id to delete
+        Returns:
+            A tuple of (list of deleted media IDs, total deleted media IDs).
+        """
+        removed_media = []
+        for media_id in media_ids:
+            logger.info("Deleting media with ID '%s'", media_id)
+            full_path = self.filepaths.local_media_filepath(media_id)
+            try:
+                os.remove(full_path)
+            except OSError as e:
+                logger.warning("Failed to remove file: %r: %s", full_path, e)
+                if e.errno == errno.ENOENT:
+                    pass
+                else:
+                    continue
+            thumbnail_dir = self.filepaths.local_media_thumbnail_dir(media_id)
+            shutil.rmtree(thumbnail_dir, ignore_errors=True)
+            await self.store.delete_remote_media(self.server_name, media_id)
+            await self.store.delete_url_cache((media_id,))
+            await self.store.delete_url_cache_media((media_id,))
+            removed_media.append(media_id)
+        return removed_media, len(removed_media)