Disable "Invite to this room button" with federation off" and don't allow invites to external folks with whitelist set to not allow external folks

[rtanglao]

Your use case

What would you like to do?

EMS Customers would like to disable the invite button with federation off.
They would also like to disable invites to external folks when the whitelist is set to to internal folks only/

Why would you like to do it?

To prevent "leaking" the server to external folks when federation is off

How would you like to achieve it?

Perhaps a config flag option in Element to hide that button
(or at least stop email invites)?

Have you considered any alternatives?

No response

Additional context

For those who have access, see:

1. https://github.com/matrix-org/matrix-hosted/issues/3355 (parallel issue for EMS_)
2. https://newvector.zammad.com/#ticket/zoom/14756 (customer with this issue)

[flyinghuman]

Same here. Would be good to disable email-invites in Element which lead to element.io instead to own homeserver.

[t3chguy]

Keep in mind Matrix has no concept of "federation off" at a server level - so neither do clients. Each individual room can have federation disabled using m.federate=false at creation time.

You can disable 3pid stuff in the config.json already

https://github.com/vector-im/element-web/blob/develop/docs/config.md#ui-features UIFeature.identityServer

(or at least stop email invites)?

This should be done at the server level by inhibiting the 3pid APIs, given Element Desktop etc won't have the aforementioned UIFeature inhibited due to it having a local config.json file.

[flyinghuman]

yeah, it would also be good that element loads the config.json from the homeserver the user is logged in so that the homeserver-provider can centrally define the configuration at least for element clients.

Matrix has the Server Discovery Feature which can be used for that: https://spec.matrix.org/latest/client-server-api/#get-well-known-matrix-client

Element could grab the config-URL from this file https://TLD/.well-known/matrix/client with its content:

{
  "m.homeserver": {
    "base_url": "https://matrix.example.com"
  },
  "m.identity_server": {
    "base_url": "https://identity.example.com"
  },
  "org.element": {
    "config_url": "https://matix..example.com/config.json"
  }
}

Actually it is not possible via config.json to disable invite via mail (correct?). Would be good that this would be possible.

[t3chguy]

Actually it is not possible via config.json to disable invite via mail (correct?). Would be good that this would be possible.

See https://github.com/vector-im/element-web/blob/develop/docs/config.md#ui-features UIFeature.identityServer ...

[t3chguy]

Element could grab the config-URL from this file https://TLD/.well-known/matrix/client with its content:

This is a separate issue and would need product input and a lot of thought given that loading a new config.json can change the default server and cause all sorts of confusion, also the branding flashing and changing as you switch servers would be jarring, and many many other points of confusion.

[turt2live]

Hiding the invite button is a hard thing to justify in an app like ours, but I've split the unfederatable room issue to #22102