diff options
| author | Jan Christian Grünhage <jan.christian@gruenhage.xyz> | 2022-06-06 13:10:13 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-06 12:10:13 +0100 |
| commit | fcd8703508ce5bfe481fc2f1510b05731477ce32 (patch) | |
| tree | 47180b0b22960d9bcf0e1daa4b92c26b8062ef36 | |
| parent | Reduce the amount of state we pull from the DB (#12811) (diff) | |
| download | synapse-fcd8703508ce5bfe481fc2f1510b05731477ce32.tar.xz | |
Allow updating passwords using the admin api without logging out devices (#12952)
| -rw-r--r-- | changelog.d/12952.feature | 1 | ||||
| -rw-r--r-- | docs/admin_api/user_admin_api.md | 4 | ||||
| -rw-r--r-- | synapse/rest/admin/users.py | 8 |
3 files changed, 11 insertions, 2 deletions
diff --git a/changelog.d/12952.feature b/changelog.d/12952.feature new file mode 100644 index 0000000000..7329bcc3d4 --- /dev/null +++ b/changelog.d/12952.feature @@ -0,0 +1 @@ +Allow updating a user's password using the admin API without logging out their devices. Contributed by @jcgruenhage. diff --git a/docs/admin_api/user_admin_api.md b/docs/admin_api/user_admin_api.md index c8794299e7..62f89e8cba 100644 --- a/docs/admin_api/user_admin_api.md +++ b/docs/admin_api/user_admin_api.md @@ -115,7 +115,9 @@ URL parameters: Body parameters: - `password` - string, optional. If provided, the user's password is updated and all - devices are logged out. + devices are logged out, unless `logout_devices` is set to `false`. +- `logout_devices` - bool, optional, defaults to `true`. If set to false, devices aren't + logged out even when `password` is provided. - `displayname` - string, optional, defaults to the value of `user_id`. - `threepids` - array, optional, allows setting the third-party IDs (email, msisdn) - `medium` - string. Kind of third-party ID, either `email` or `msisdn`. diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py index 8e29ada8a0..f0614a2897 100644 --- a/synapse/rest/admin/users.py +++ b/synapse/rest/admin/users.py @@ -226,6 +226,13 @@ class UserRestServletV2(RestServlet): if not isinstance(password, str) or len(password) > 512: raise SynapseError(HTTPStatus.BAD_REQUEST, "Invalid password") + logout_devices = body.get("logout_devices", True) + if not isinstance(logout_devices, bool): + raise SynapseError( + HTTPStatus.BAD_REQUEST, + "'logout_devices' parameter is not of type boolean", + ) + deactivate = body.get("deactivated", False) if not isinstance(deactivate, bool): raise SynapseError( @@ -305,7 +312,6 @@ class UserRestServletV2(RestServlet): await self.store.set_server_admin(target_user, set_admin_to) if password is not None: - logout_devices = True new_password_hash = await self.auth_handler.hash(password) await self.set_password_handler.set_password( |