From b136ee10dff071baa3fb8895bf00d2b10f443437 Mon Sep 17 00:00:00 2001 From: Joseph Weston Date: Fri, 1 Mar 2019 03:59:25 +0100 Subject: Import 'admin' module rather than 'register_servlets' directly We will later need also to import 'register_servlets' from the 'login' module, so we un-pollute the namespace now to keep the logical changes separate. --- tests/rest/client/v1/test_admin.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index 407bf0ac4c..c926836206 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -20,14 +20,14 @@ import json from mock import Mock from synapse.api.constants import UserTypes -from synapse.rest.client.v1.admin import register_servlets +from synapse.rest.client.v1 import admin from tests import unittest class UserRegisterTestCase(unittest.HomeserverTestCase): - servlets = [register_servlets] + servlets = [admin.register_servlets] def make_homeserver(self, reactor, clock): -- cgit 1.5.1 From 1e8388b311c54d754d6afbe639ed2825c1c1f285 Mon Sep 17 00:00:00 2001 From: Joseph Weston Date: Fri, 1 Mar 2019 04:05:47 +0100 Subject: Add 'server_version' endpoint to admin API This is required because the 'Server' HTTP header is not always passed through proxies. --- synapse/rest/client/v1/admin.py | 23 +++++++++++++++++++++++ tests/rest/client/v1/test_admin.py | 36 +++++++++++++++++++++++++++++++++++- 2 files changed, 58 insertions(+), 1 deletion(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/synapse/rest/client/v1/admin.py b/synapse/rest/client/v1/admin.py index 82433a2aa9..0201cf1186 100644 --- a/synapse/rest/client/v1/admin.py +++ b/synapse/rest/client/v1/admin.py @@ -17,12 +17,14 @@ import hashlib import hmac import logging +import platform from six import text_type from six.moves import http_client from twisted.internet import defer +import synapse from synapse.api.constants import Membership, UserTypes from synapse.api.errors import AuthError, Codes, NotFoundError, SynapseError from synapse.http.servlet import ( @@ -32,6 +34,7 @@ from synapse.http.servlet import ( parse_string, ) from synapse.types import UserID, create_requester +from synapse.util.versionstring import get_version_string from .base import ClientV1RestServlet, client_path_patterns @@ -66,6 +69,25 @@ class UsersRestServlet(ClientV1RestServlet): defer.returnValue((200, ret)) +class VersionServlet(ClientV1RestServlet): + PATTERNS = client_path_patterns("/admin/server_version") + + @defer.inlineCallbacks + def on_GET(self, request): + requester = yield self.auth.get_user_by_req(request) + is_admin = yield self.auth.is_server_admin(requester.user) + + if not is_admin: + raise AuthError(403, "You are not a server admin") + + ret = { + 'server_version': get_version_string(synapse), + 'python_version': platform.python_version(), + } + + defer.returnValue((200, ret)) + + class UserRegisterServlet(ClientV1RestServlet): """ Attributes: @@ -763,3 +785,4 @@ def register_servlets(hs, http_server): QuarantineMediaInRoom(hs).register(http_server) ListMediaInRoom(hs).register(http_server) UserRegisterServlet(hs).register(http_server) + VersionServlet(hs).register(http_server) diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index c926836206..ea03b7e523 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -20,11 +20,45 @@ import json from mock import Mock from synapse.api.constants import UserTypes -from synapse.rest.client.v1 import admin +from synapse.rest.client.v1 import admin, login from tests import unittest +class VersionTestCase(unittest.HomeserverTestCase): + + servlets = [ + admin.register_servlets, + login.register_servlets, + ] + + url = '/_matrix/client/r0/admin/server_version' + + def test_version_string(self): + self.register_user("admin", "pass", admin=True) + self.admin_token = self.login("admin", "pass") + + request, channel = self.make_request("GET", self.url, + access_token=self.admin_token) + self.render(request) + + self.assertEqual(200, int(channel.result["code"]), + msg=channel.result["body"]) + self.assertEqual({'server_version', 'python_version'}, + set(channel.json_body.keys())) + + def test_inaccessible_to_non_admins(self): + self.register_user("unprivileged-user", "pass", admin=False) + user_token = self.login("unprivileged-user", "pass") + + request, channel = self.make_request("GET", self.url, + access_token=user_token) + self.render(request) + + self.assertEqual(403, int(channel.result['code']), + msg=channel.result['body']) + + class UserRegisterTestCase(unittest.HomeserverTestCase): servlets = [admin.register_servlets] -- cgit 1.5.1 From 5c6f61f81c966d34d76362eb2af4c8701b3bb46b Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 21 Mar 2019 10:51:21 +0000 Subject: Add tests --- tests/rest/client/v1/test_admin.py | 67 +++++++++++++++++++++++++++++++++++++- 1 file changed, 66 insertions(+), 1 deletion(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index ea03b7e523..b3ab5642b7 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -20,7 +20,7 @@ import json from mock import Mock from synapse.api.constants import UserTypes -from synapse.rest.client.v1 import admin, login +from synapse.rest.client.v1 import admin, login, room from tests import unittest @@ -353,3 +353,68 @@ class UserRegisterTestCase(unittest.HomeserverTestCase): self.assertEqual(400, int(channel.result["code"]), msg=channel.result["body"]) self.assertEqual('Invalid user type', channel.json_body["error"]) + + +class ShutdownRoomTestCase(unittest.HomeserverTestCase): + servlets = [ + admin.register_servlets, + login.register_servlets, + room.register_servlets, + ] + + def prepare(self, reactor, clock, hs): + self.event_creation_handler = hs.get_event_creation_handler() + hs.config.user_consent_version = "1" + + self._consent_uri_builder = Mock() + self._consent_uri_builder.build_user_consent_uri.return_value = ( + "http://example.com" + ) + + self.store = hs.get_datastore() + + @unittest.DEBUG + def test_shutdown_room_conset(self): + admin_user = self.register_user("admin", "pass", admin=True) + admin_user_tok = self.login("admin", "pass") + + other_user = self.register_user("user", "pass") + other_user_token = self.login("user", "pass") + + room_id = self.helper.create_room_as(other_user, tok=other_user_token) + + # Assert one user in room + users_in_room = self.get_success( + self.store.get_users_in_room(room_id), + ) + self.assertEqual([other_user], users_in_room) + + # Enable require consent to send events + self.event_creation_handler._block_events_without_consent_error = "Error" + self.event_creation_handler._consent_uri_builder = self._consent_uri_builder + + # Assert that the user is getting consent error + self.helper.send(room_id, body="foo", tok=other_user_token, expect_code=403) + + # Mark the admin user as having consented + self.get_success( + self.store.user_set_consent_version(admin_user, "1"), + ) + + # Test that the admin can still send shutdown + url = "admin/shutdown_room/" + room_id + request, channel = self.make_request( + "POST", + url.encode('ascii'), + json.dumps({"new_room_user_id": admin_user}), + access_token=admin_user_tok, + ) + self.render(request) + + self.assertEqual(200, int(channel.result["code"]), msg=channel.result["body"]) + + # Assert there is now no longer anyone in the room + users_in_room = self.get_success( + self.store.get_users_in_room(room_id), + ) + self.assertEqual([], users_in_room) -- cgit 1.5.1 From 9c9e618b93f9f6d9b72d79343b3a8977447b4f61 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 21 Mar 2019 10:58:56 +0000 Subject: Remove debug --- tests/rest/client/v1/test_admin.py | 1 - 1 file changed, 1 deletion(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index b3ab5642b7..2b7ade9f62 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -373,7 +373,6 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase): self.store = hs.get_datastore() - @unittest.DEBUG def test_shutdown_room_conset(self): admin_user = self.register_user("admin", "pass", admin=True) admin_user_tok = self.login("admin", "pass") -- cgit 1.5.1 From 4a8a1ac962091aa305f3f7d448a24c9e2cd138bb Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 21 Mar 2019 11:02:11 +0000 Subject: Rejig testcase to make it more extensible --- tests/rest/client/v1/test_admin.py | 39 +++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index 2b7ade9f62..fb4ac6b95f 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -366,38 +366,43 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase): self.event_creation_handler = hs.get_event_creation_handler() hs.config.user_consent_version = "1" - self._consent_uri_builder = Mock() - self._consent_uri_builder.build_user_consent_uri.return_value = ( + consent_uri_builder = Mock() + consent_uri_builder.build_user_consent_uri.return_value = ( "http://example.com" ) + self.event_creation_handler._consent_uri_builder = consent_uri_builder self.store = hs.get_datastore() - def test_shutdown_room_conset(self): - admin_user = self.register_user("admin", "pass", admin=True) - admin_user_tok = self.login("admin", "pass") + self.admin_user = self.register_user("admin", "pass", admin=True) + self.admin_user_tok = self.login("admin", "pass") + + self.other_user = self.register_user("user", "pass") + self.other_user_token = self.login("user", "pass") + + # Mark the admin user as having consented + self.get_success( + self.store.user_set_consent_version(self.admin_user, "1"), + ) - other_user = self.register_user("user", "pass") - other_user_token = self.login("user", "pass") + def test_shutdown_room_conset(self): + self.event_creation_handler._block_events_without_consent_error = None - room_id = self.helper.create_room_as(other_user, tok=other_user_token) + room_id = self.helper.create_room_as(self.other_user, tok=self.other_user_token) # Assert one user in room users_in_room = self.get_success( self.store.get_users_in_room(room_id), ) - self.assertEqual([other_user], users_in_room) + self.assertEqual([self.other_user], users_in_room) # Enable require consent to send events self.event_creation_handler._block_events_without_consent_error = "Error" - self.event_creation_handler._consent_uri_builder = self._consent_uri_builder # Assert that the user is getting consent error - self.helper.send(room_id, body="foo", tok=other_user_token, expect_code=403) - - # Mark the admin user as having consented - self.get_success( - self.store.user_set_consent_version(admin_user, "1"), + self.helper.send( + room_id, + body="foo", tok=self.other_user_token, expect_code=403, ) # Test that the admin can still send shutdown @@ -405,8 +410,8 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase): request, channel = self.make_request( "POST", url.encode('ascii'), - json.dumps({"new_room_user_id": admin_user}), - access_token=admin_user_tok, + json.dumps({"new_room_user_id": self.admin_user}), + access_token=self.admin_user_tok, ) self.render(request) -- cgit 1.5.1 From cd80cbffea0e4dc28e01d46b6a87915e7b58244d Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 21 Mar 2019 11:22:26 +0000 Subject: Fix typo and add description --- tests/rest/client/v1/test_admin.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'tests/rest/client/v1/test_admin.py') diff --git a/tests/rest/client/v1/test_admin.py b/tests/rest/client/v1/test_admin.py index fb4ac6b95f..0caa4aa802 100644 --- a/tests/rest/client/v1/test_admin.py +++ b/tests/rest/client/v1/test_admin.py @@ -385,7 +385,11 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase): self.store.user_set_consent_version(self.admin_user, "1"), ) - def test_shutdown_room_conset(self): + def test_shutdown_room_consent(self): + """Test that we can shutdown rooms with local users who have not + yet accepted the privacy policy. This used to fail when we tried to + force part the user from the old room. + """ self.event_creation_handler._block_events_without_consent_error = None room_id = self.helper.create_room_as(self.other_user, tok=self.other_user_token) -- cgit 1.5.1