Working unsubscribe links going straight to the HS

and authed by macaroons that let you delete pushers and nothing else
author: David Baker <dave@matrix.org> 2016-06-02 17:21:31 +0100
committer: David Baker <dave@matrix.org> 2016-06-02 17:21:31 +0100
commit: 1f31cc37f8611f9ae5612ef5be82e63735fbdf34 (patch)
tree: 20ac10037b1e13b61ed709ae665925fe53df6e46 /synapse/api/auth.py
parent: Merge remote-tracking branch 'origin/dbkr/email_notif_string_fmt_error' into ... (diff)
download: synapse-1f31cc37f8611f9ae5612ef5be82e63735fbdf34.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 463bd8b692..31e1abb964 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -660,6 +660,13 @@ class Auth(object):
                     "is_guest": True,
                     "token_id": None,
                 }
+            elif rights == "delete_pusher":
+                # We don't store these tokens in the database
+                ret = {
+                    "user": user,
+                    "is_guest": False,
+                    "token_id": None,
+                }
             else:
                 # This codepath exists so that we can actually return a
                 # token ID, because we use token IDs in place of device
author	David Baker <dave@matrix.org>	2016-06-02 17:21:31 +0100
committer	David Baker <dave@matrix.org>	2016-06-02 17:21:31 +0100
commit	1f31cc37f8611f9ae5612ef5be82e63735fbdf34 (patch)
tree	20ac10037b1e13b61ed709ae665925fe53df6e46 /synapse/api/auth.py
parent	Merge remote-tracking branch 'origin/dbkr/email_notif_string_fmt_error' into ... (diff)
download	synapse-1f31cc37f8611f9ae5612ef5be82e63735fbdf34.tar.xz