diff options
| author | Matthew Hodgson <matthew@matrix.org> | 2018-11-04 00:43:11 +0000 |
|---|---|---|
| committer | Matthew Hodgson <matthew@matrix.org> | 2018-11-04 00:43:11 +0000 |
| commit | 2c68d1935ebf428b865726928cccd763cd4c21ea (patch) | |
| tree | 10e8a861a1f11fc06a17b5dc05d54d19c6142105 | |
| parent | switch from shadow reg to appservice reg (diff) | |
| download | synapse-2c68d1935ebf428b865726928cccd763cd4c21ea.tar.xz | |
make profile shadowing work
| -rw-r--r-- | synapse/api/auth.py | 23 | ||||
| -rw-r--r-- | synapse/config/registration.py | 1 | ||||
| -rw-r--r-- | synapse/rest/client/v1/profile.py | 24 |
3 files changed, 23 insertions, 25 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 90f9e16bde..cfe0a2abca 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -189,6 +189,7 @@ class Auth(object): # Can optionally look elsewhere in the request (e.g. headers) try: user_id, app_service = yield self._get_appservice_user_id(request) + if user_id: request.authenticated_entity = user_id defer.returnValue( @@ -244,6 +245,7 @@ class Auth(object): request, self.TOKEN_NOT_FOUND_HTTP_STATUS ) ) + if app_service is None: return(None, None) @@ -514,24 +516,9 @@ class Auth(object): defer.returnValue(user_info) def get_appservice_by_req(self, request): - try: - token = self.get_access_token_from_request( - request, self.TOKEN_NOT_FOUND_HTTP_STATUS - ) - service = self.store.get_app_service_by_token(token) - if not service: - logger.warn("Unrecognised appservice access token.") - raise AuthError( - self.TOKEN_NOT_FOUND_HTTP_STATUS, - "Unrecognised access token.", - errcode=Codes.UNKNOWN_TOKEN - ) - request.authenticated_entity = service.sender - return defer.succeed(service) - except KeyError: - raise AuthError( - self.TOKEN_NOT_FOUND_HTTP_STATUS, "Missing access token." - ) + (user_id, appservice) = self._get_appservice_user_id(request) + request.authenticated_entity = service.sender + return appservice def is_server_admin(self, user): """ Check if the given user is a local server admin. diff --git a/synapse/config/registration.py b/synapse/config/registration.py index 043d11545f..f451eea715 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -148,6 +148,7 @@ class RegistrationConfig(Config): # via a given AS token. # shadow_server: # hs_url: https://shadow.example.com + # hs: shadow.example.com # as_token: 12u394refgbdhivsia # If enabled, don't let users set their own display names/avatars diff --git a/synapse/rest/client/v1/profile.py b/synapse/rest/client/v1/profile.py index ab2c9cdb8c..5893fc3634 100644 --- a/synapse/rest/client/v1/profile.py +++ b/synapse/rest/client/v1/profile.py @@ -14,6 +14,8 @@ # limitations under the License. """ This module contains REST servlets to do with profile: /profile/<paths> """ +import logging + from twisted.internet import defer from synapse.http.servlet import parse_json_object_from_request @@ -21,6 +23,8 @@ from synapse.types import UserID from .base import ClientV1RestServlet, client_path_patterns +logger = logging.getLogger(__name__) + class ProfileDisplaynameRestServlet(ClientV1RestServlet): PATTERNS = client_path_patterns("/profile/(?P<user_id>[^/]*)/displayname") @@ -61,7 +65,10 @@ class ProfileDisplaynameRestServlet(ClientV1RestServlet): user, requester, new_name, is_admin) if self.hs.config.shadow_server: - self.shadow_displayname(user_id, content) + shadow_user = UserID( + user.localpart, self.hs.config.shadow_server.get("hs") + ) + self.shadow_displayname(shadow_user.to_string(), content) defer.returnValue((200, {})) @@ -74,9 +81,9 @@ class ProfileDisplaynameRestServlet(ClientV1RestServlet): shadow_hs_url = self.hs.config.shadow_server.get("hs_url") as_token = self.hs.config.shadow_server.get("as_token") - yield self.http_client.post_json_get_json( - "%s/_matrix/client/r0/profile/%s/displayname?access_token=%s" % ( - shadow_hs_url, user_id, as_token + yield self.http_client.put_json( + "%s/_matrix/client/r0/profile/%s/displayname?access_token=%s&user_id=%s" % ( + shadow_hs_url, user_id, as_token, user_id ), body ) @@ -120,6 +127,9 @@ class ProfileAvatarURLRestServlet(ClientV1RestServlet): user, requester, new_name, is_admin) if self.hs.config.shadow_server: + shadow_user = UserID( + user.localpart, self.hs.config.shadow_server.get("hs") + ) self.shadow_avatar_url(user_id, content) defer.returnValue((200, {})) @@ -133,9 +143,9 @@ class ProfileAvatarURLRestServlet(ClientV1RestServlet): shadow_hs_url = self.hs.config.shadow_server.get("hs_url") as_token = self.hs.config.shadow_server.get("as_token") - yield self.http_client.post_json_get_json( - "%s/_matrix/client/r0/profile/%s/avatar_url?access_token=%s" % ( - shadow_hs_url, user_id, as_token + yield self.http_client.put_json( + "%s/_matrix/client/r0/profile/%s/avatar_url?access_token=%s&user_id=%s" % ( + shadow_hs_url, shadow_user.to_string(), as_token, user_id ), body ) |