diff options
author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2020-01-23 12:03:58 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-23 12:03:58 +0000 |
commit | 5bd3cb7260984164c4c54eb2add1fa7821795360 (patch) | |
tree | d29c0a269622411f03fa59ff8ec8a02e59f2ffe1 /synapse/rest/admin | |
parent | Merge branch 'release-v1.9.0' into develop (diff) | |
download | synapse-5bd3cb7260984164c4c54eb2add1fa7821795360.tar.xz |
Minor fixes to user admin api (#6761)
* don't insist on a password (this is valid if you have an SSO login) * fix reference to undefined `requester`
Diffstat (limited to 'synapse/rest/admin')
-rw-r--r-- | synapse/rest/admin/users.py | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py index 927e9ca9ee..3455741195 100644 --- a/synapse/rest/admin/users.py +++ b/synapse/rest/admin/users.py @@ -153,7 +153,8 @@ class UserRestServletV2(RestServlet): return 200, ret async def on_PUT(self, request, user_id): - await assert_requester_is_admin(self.auth, request) + requester = await self.auth.get_user_by_req(request) + await assert_user_is_admin(self.auth, requester.user) target_user = UserID.from_string(user_id) body = parse_json_object_from_request(request) @@ -164,8 +165,6 @@ class UserRestServletV2(RestServlet): user = await self.admin_handler.get_user(target_user) if user: # modify user - requester = await self.auth.get_user_by_req(request) - if "displayname" in body: await self.profile_handler.set_displayname( target_user, requester, body["displayname"], True @@ -212,11 +211,8 @@ class UserRestServletV2(RestServlet): return 200, user else: # create user - if "password" not in body: - raise SynapseError( - 400, "password must be specified", errcode=Codes.BAD_JSON - ) - elif ( + password = body.get("password") + if password is not None and ( not isinstance(body["password"], text_type) or len(body["password"]) > 512 ): @@ -231,7 +227,7 @@ class UserRestServletV2(RestServlet): user_id = await self.registration_handler.register_user( localpart=target_user.localpart, - password=body["password"], + password=password, admin=bool(admin), default_display_name=displayname, user_type=user_type, |