diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 03dd99fcd0..a1593325f6 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -523,6 +523,12 @@ class Auth(object):
def get_appservice_by_req(self, request):
(user_id, app_service) = self._get_appservice_user_id(request)
+ if not app_service:
+ raise AuthError(
+ self.TOKEN_NOT_FOUND_HTTP_STATUS,
+ "Unrecognised access token.",
+ errcode=Codes.UNKNOWN_TOKEN,
+ )
request.authenticated_entity = app_service.sender
return app_service
diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py
index 0a952dab97..2313379c58 100644
--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@@ -20,6 +20,8 @@ from signedjson.sign import sign_json
from twisted.internet import defer, reactor
+from six.moves import range
+
from synapse.api.errors import (
AuthError,
CodeMessageException,
@@ -100,7 +102,7 @@ class BaseProfileHandler(BaseHandler):
if repl_host not in host_batches:
host_batches[repl_host] = -1
try:
- for i in xrange(host_batches[repl_host] + 1, latest_batch + 1):
+ for i in range(host_batches[repl_host] + 1, latest_batch + 1):
yield self._replicate_host_profile_batch(repl_host, i)
except Exception:
logger.exception(
@@ -272,14 +274,16 @@ class BaseProfileHandler(BaseHandler):
@defer.inlineCallbacks
def set_active(self, target_user, active, hide):
"""
- Sets the 'active' flag on a user profile. If set to false, the user account is
- considered deactivated or hidden.
- If 'hide' is true, then we interpret active=False as a request to try to hide the
- user rather than deactivating it. This means withholding the profile from replication
- (and mark it as inactive) rather than clearing the profile from the HS DB.
- Note that unlike set_displayname and set_avatar_url, this does *not* perform
- authorization checks! This is because the only place it's used currently is
- in account deactivation where we've already done these checks anyway.
+ Sets the 'active' flag on a user profile. If set to false, the user
+ account is considered deactivated or hidden.
+
+ If 'hide' is true, then we interpret active=False as a request to try to
+ hide the user rather than deactivating it. This means withholding the
+ profile from replication (and mark it as inactive) rather than clearing
+ the profile from the HS DB. Note that unlike set_displayname and
+ set_avatar_url, this does *not* perform authorization checks! This is
+ because the only place it's used currently is in account deactivation
+ where we've already done these checks anyway.
"""
if len(self.hs.config.replicate_user_profiles_to) > 0:
cur_batchnum = yield self.store.get_latest_profile_replication_batch_number()
diff --git a/synapse/util/threepids.py b/synapse/util/threepids.py
index 84c56109ca..e48c6201d0 100644
--- a/synapse/util/threepids.py
+++ b/synapse/util/threepids.py
@@ -48,7 +48,10 @@ def check_3pid_allowed(hs, medium, address):
defer.returnValue(False)
# Check if this user is intended to register for this homeserver
- if data['hs'] != hs.config.server_name and data['shadow_hs'] != hs.config.server_name:
+ if (
+ data['hs'] != hs.config.server_name
+ and data['shadow_hs'] != hs.config.server_name
+ ):
defer.returnValue(False)
if data.get('requires_invite', False) and not data.get('invited', False):
|
