diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py
index 8551ac19b8..fefc8f71fa 100644
--- a/synapse/rest/admin/users.py
+++ b/synapse/rest/admin/users.py
@@ -94,10 +94,10 @@ class UsersRestServletV2(RestServlet):
guests = parse_boolean(request, "guests", default=True)
deactivated = parse_boolean(request, "deactivated", default=False)
- users = await self.store.get_users_paginate(
+ users, total = await self.store.get_users_paginate(
start, limit, user_id, guests, deactivated
)
- ret = {"users": users}
+ ret = {"users": users, "total": total}
if len(users) >= limit:
ret["next_token"] = str(start + len(users))
@@ -142,6 +142,7 @@ class UserRestServletV2(RestServlet):
self.set_password_handler = hs.get_set_password_handler()
self.deactivate_account_handler = hs.get_deactivate_account_handler()
self.registration_handler = hs.get_registration_handler()
+ self.pusher_pool = hs.get_pusherpool()
async def on_GET(self, request, user_id):
await assert_requester_is_admin(self.auth, request)
@@ -199,7 +200,7 @@ class UserRestServletV2(RestServlet):
user_id, threepid["medium"], threepid["address"], current_time
)
- if "avatar_url" in body:
+ if "avatar_url" in body and type(body["avatar_url"]) == str:
await self.profile_handler.set_avatar_url(
target_user, requester, body["avatar_url"], True
)
@@ -222,8 +223,14 @@ class UserRestServletV2(RestServlet):
else:
new_password = body["password"]
logout_devices = True
+
+ new_password_hash = await self.auth_handler.hash(new_password)
+
await self.set_password_handler.set_password(
- target_user.to_string(), new_password, logout_devices, requester
+ target_user.to_string(),
+ new_password_hash,
+ logout_devices,
+ requester,
)
if "deactivated" in body:
@@ -243,11 +250,11 @@ class UserRestServletV2(RestServlet):
else: # create user
password = body.get("password")
- if password is not None and (
- not isinstance(body["password"], text_type)
- or len(body["password"]) > 512
- ):
- raise SynapseError(400, "Invalid password")
+ password_hash = None
+ if password is not None:
+ if not isinstance(password, text_type) or len(password) > 512:
+ raise SynapseError(400, "Invalid password")
+ password_hash = await self.auth_handler.hash(password)
admin = body.get("admin", None)
user_type = body.get("user_type", None)
@@ -259,10 +266,11 @@ class UserRestServletV2(RestServlet):
user_id = await self.registration_handler.register_user(
localpart=target_user.localpart,
- password=password,
+ password_hash=password_hash,
admin=bool(admin),
default_display_name=displayname,
user_type=user_type,
+ by_admin=True,
)
if "threepids" in body:
@@ -275,8 +283,23 @@ class UserRestServletV2(RestServlet):
await self.auth_handler.add_threepid(
user_id, threepid["medium"], threepid["address"], current_time
)
+ if (
+ self.hs.config.email_enable_notifs
+ and self.hs.config.email_notif_for_new_users
+ ):
+ await self.pusher_pool.add_pusher(
+ user_id=user_id,
+ access_token=None,
+ kind="email",
+ app_id="m.email",
+ app_display_name="Email Notifications",
+ device_display_name=threepid["address"],
+ pushkey=threepid["address"],
+ lang=None, # We don't know a user's language here
+ data={},
+ )
- if "avatar_url" in body:
+ if "avatar_url" in body and type(body["avatar_url"]) == str:
await self.profile_handler.set_avatar_url(
user_id, requester, body["avatar_url"], True
)
@@ -298,7 +321,7 @@ class UserRegisterServlet(RestServlet):
NONCE_TIMEOUT = 60
def __init__(self, hs):
- self.handlers = hs.get_handlers()
+ self.auth_handler = hs.get_auth_handler()
self.reactor = hs.get_reactor()
self.nonces = {}
self.hs = hs
@@ -362,16 +385,16 @@ class UserRegisterServlet(RestServlet):
400, "password must be specified", errcode=Codes.BAD_JSON
)
else:
- if (
- not isinstance(body["password"], text_type)
- or len(body["password"]) > 512
- ):
+ password = body["password"]
+ if not isinstance(password, text_type) or len(password) > 512:
raise SynapseError(400, "Invalid password")
- password = body["password"].encode("utf-8")
- if b"\x00" in password:
+ password_bytes = password.encode("utf-8")
+ if b"\x00" in password_bytes:
raise SynapseError(400, "Invalid password")
+ password_hash = await self.auth_handler.hash(password)
+
admin = body.get("admin", None)
user_type = body.get("user_type", None)
@@ -388,7 +411,7 @@ class UserRegisterServlet(RestServlet):
want_mac_builder.update(b"\x00")
want_mac_builder.update(username)
want_mac_builder.update(b"\x00")
- want_mac_builder.update(password)
+ want_mac_builder.update(password_bytes)
want_mac_builder.update(b"\x00")
want_mac_builder.update(b"admin" if admin else b"notadmin")
if user_type:
@@ -407,9 +430,10 @@ class UserRegisterServlet(RestServlet):
user_id = await register.registration_handler.register_user(
localpart=body["username"].lower(),
- password=body["password"],
+ password_hash=password_hash,
admin=bool(admin),
user_type=user_type,
+ by_admin=True,
)
result = await register._create_registration_details(user_id, body)
@@ -523,6 +547,7 @@ class ResetPasswordRestServlet(RestServlet):
self.store = hs.get_datastore()
self.hs = hs
self.auth = hs.get_auth()
+ self.auth_handler = hs.get_auth_handler()
self._set_password_handler = hs.get_set_password_handler()
async def on_POST(self, request, target_user_id):
@@ -539,8 +564,10 @@ class ResetPasswordRestServlet(RestServlet):
new_password = params["new_password"]
logout_devices = params.get("logout_devices", True)
+ new_password_hash = await self.auth_handler.hash(new_password)
+
await self._set_password_handler.set_password(
- target_user_id, new_password, logout_devices, requester
+ target_user_id, new_password_hash, logout_devices, requester
)
return 200, {}
|
