Fix yaml warnings by using safe_load

As per #3622, we remove trailing slashes from outbound federation requests. However, to ensure that we remain backwards compatible with previous versions of Synapse, if we receive a HTTP 400 with `M_UNRECOGNIZED`, then we are likely talking to an older version of Synapse in which case we retry with a trailing slash appended to the request path.

Deny peeking into rooms that have been blocked

Co-Authored-By: erikjohnston <erikj@jki.re>

This one should close #4841. Many thanks to @dev4223 for bringing it up and finding a solution.

Signed-off-by: Colin White

Fixup shutdown room API

Add option to disable search room lists

Rather than stubbing out the access_log, make it actually log the requests,
which makes it a lot more obvious what is going on during tests.

There are a number of instances where a server or admin may puppet a
user to join/leave rooms, which we don't want to fail if the user has
not consented to the privacy policy. We fix this by adding a check to
test if the requester has an associated access_token, which is used as a
proxy to answer the question of whether the action is being done on
behalf of a real request from the user.

Add option to disable searching in the user dir

Setting this to 50 or so makes a bunch of sytests fail in worker mode.

Rate-limit outgoing read-receipts as per #4730.

Co-Authored-By: erikjohnston <erikj@jki.re>