diff options
author | Erik Johnston <erik@matrix.org> | 2020-10-29 15:58:44 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-29 15:58:44 +0000 |
commit | f21e24ffc22a5eb01f242f47fa30979321cf20fc (patch) | |
tree | ec3dff4f767d024777c1b0c70d4f594a218c4a23 /changelog.d | |
parent | Fix cache call signature to accept `on_invalidate`. (#8684) (diff) | |
download | synapse-f21e24ffc22a5eb01f242f47fa30979321cf20fc.tar.xz |
Add ability for access tokens to belong to one user but grant access to another user. (#8616)
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
Diffstat (limited to 'changelog.d')
-rw-r--r-- | changelog.d/8616.misc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/8616.misc b/changelog.d/8616.misc new file mode 100644 index 0000000000..385b14063e --- /dev/null +++ b/changelog.d/8616.misc @@ -0,0 +1 @@ +Change schema to support access tokens belonging to one user but granting access to another. |