diff --git a/synapse/rest/client/account.py b/synapse/rest/client/account.py
index 4373c73662..484d7440a4 100644
--- a/synapse/rest/client/account.py
+++ b/synapse/rest/client/account.py
@@ -415,6 +415,7 @@ class MsisdnThreepidRequestTokenRestServlet(RestServlet):
request, MsisdnRequestTokenBody
)
msisdn = phone_number_to_msisdn(body.country, body.phone_number)
+ logger.info("Request #%s to verify ownership of %s", body.send_attempt, msisdn)
if not await check_3pid_allowed(self.hs, "msisdn", msisdn):
raise SynapseError(
@@ -444,6 +445,7 @@ class MsisdnThreepidRequestTokenRestServlet(RestServlet):
await self.hs.get_clock().sleep(random.randint(1, 10) / 10)
return 200, {"sid": random_string(16)}
+ logger.info("MSISDN %s is already in use by %s", msisdn, existing_user_id)
raise SynapseError(400, "MSISDN is already in use", Codes.THREEPID_IN_USE)
if not self.hs.config.registration.account_threepid_delegate_msisdn:
@@ -468,6 +470,7 @@ class MsisdnThreepidRequestTokenRestServlet(RestServlet):
threepid_send_requests.labels(type="msisdn", reason="add_threepid").observe(
body.send_attempt
)
+ logger.info("MSISDN %s: got response from identity server: %s", msisdn, ret)
return 200, ret
@@ -734,12 +737,7 @@ class ThreepidUnbindRestServlet(RestServlet):
# Attempt to unbind the threepid from an identity server. If id_server is None, try to
# unbind from all identity servers this threepid has been added to in the past
result = await self.identity_handler.try_unbind_threepid(
- requester.user.to_string(),
- {
- "address": body.address,
- "medium": body.medium,
- "id_server": body.id_server,
- },
+ requester.user.to_string(), body.medium, body.address, body.id_server
)
return 200, {"id_server_unbind_result": "success" if result else "no-support"}
@@ -770,7 +768,9 @@ class ThreepidDeleteRestServlet(RestServlet):
user_id = requester.user.to_string()
try:
- ret = await self.auth_handler.delete_threepid(
+ # Attempt to remove any known bindings of this third-party ID
+ # and user ID from identity servers.
+ ret = await self.hs.get_identity_handler().try_unbind_threepid(
user_id, body.medium, body.address, body.id_server
)
except Exception:
@@ -785,6 +785,11 @@ class ThreepidDeleteRestServlet(RestServlet):
else:
id_server_unbind_result = "no-support"
+ # Delete the local association of this user ID and third-party ID.
+ await self.auth_handler.delete_local_threepid(
+ user_id, body.medium, body.address
+ )
+
return 200, {"id_server_unbind_result": id_server_unbind_result}
diff --git a/synapse/rest/client/auth.py b/synapse/rest/client/auth.py
index eb77337044..276a1b405d 100644
--- a/synapse/rest/client/auth.py
+++ b/synapse/rest/client/auth.py
@@ -97,7 +97,6 @@ class AuthRestServlet(RestServlet):
return None
async def on_POST(self, request: Request, stagetype: str) -> None:
-
session = parse_string(request, "session")
if not session:
raise SynapseError(400, "No session supplied")
diff --git a/synapse/rest/client/devices.py b/synapse/rest/client/devices.py
index 486c6dbbc5..dab4a77f7e 100644
--- a/synapse/rest/client/devices.py
+++ b/synapse/rest/client/devices.py
@@ -255,7 +255,7 @@ class DehydratedDeviceServlet(RestServlet):
"""
- PATTERNS = client_patterns("/org.matrix.msc2697.v2/dehydrated_device", releases=())
+ PATTERNS = client_patterns("/org.matrix.msc2697.v2/dehydrated_device$", releases=())
def __init__(self, hs: "HomeServer"):
super().__init__()
diff --git a/synapse/rest/client/events.py b/synapse/rest/client/events.py
index 782e7d14e8..694d77d287 100644
--- a/synapse/rest/client/events.py
+++ b/synapse/rest/client/events.py
@@ -17,6 +17,7 @@ import logging
from typing import TYPE_CHECKING, Dict, List, Tuple, Union
from synapse.api.errors import SynapseError
+from synapse.events.utils import SerializeEventConfig
from synapse.http.server import HttpServer
from synapse.http.servlet import RestServlet, parse_string
from synapse.http.site import SynapseRequest
@@ -43,9 +44,8 @@ class EventStreamRestServlet(RestServlet):
async def on_GET(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
requester = await self.auth.get_user_by_req(request, allow_guest=True)
- is_guest = requester.is_guest
args: Dict[bytes, List[bytes]] = request.args # type: ignore
- if is_guest:
+ if requester.is_guest:
if b"room_id" not in args:
raise SynapseError(400, "Guest users must specify room_id param")
room_id = parse_string(request, "room_id")
@@ -63,13 +63,12 @@ class EventStreamRestServlet(RestServlet):
as_client_event = b"raw" not in args
chunk = await self.event_stream_handler.get_stream(
- requester.user.to_string(),
+ requester,
pagin_config,
timeout=timeout,
as_client_event=as_client_event,
- affect_presence=(not is_guest),
+ affect_presence=(not requester.is_guest),
room_id=room_id,
- is_guest=is_guest,
)
return 200, chunk
@@ -91,9 +90,12 @@ class EventRestServlet(RestServlet):
requester = await self.auth.get_user_by_req(request)
event = await self.event_handler.get_event(requester.user, None, event_id)
- time_now = self.clock.time_msec()
if event:
- result = self._event_serializer.serialize_event(event, time_now)
+ result = self._event_serializer.serialize_event(
+ event,
+ self.clock.time_msec(),
+ config=SerializeEventConfig(requester=requester),
+ )
return 200, result
else:
return 404, "Event not found."
diff --git a/synapse/rest/client/filter.py b/synapse/rest/client/filter.py
index cc1c2f9731..236199897c 100644
--- a/synapse/rest/client/filter.py
+++ b/synapse/rest/client/filter.py
@@ -79,7 +79,6 @@ class CreateFilterRestServlet(RestServlet):
async def on_POST(
self, request: SynapseRequest, user_id: str
) -> Tuple[int, JsonDict]:
-
target_user = UserID.from_string(user_id)
requester = await self.auth.get_user_by_req(request)
diff --git a/synapse/rest/client/keys.py b/synapse/rest/client/keys.py
index 7873b363c0..32bb8b9a91 100644
--- a/synapse/rest/client/keys.py
+++ b/synapse/rest/client/keys.py
@@ -312,15 +312,29 @@ class SigningKeyUploadServlet(RestServlet):
user_id = requester.user.to_string()
body = parse_json_object_from_request(request)
- await self.auth_handler.validate_user_via_ui_auth(
- requester,
- request,
- body,
- "add a device signing key to your account",
- # Allow skipping of UI auth since this is frequently called directly
- # after login and it is silly to ask users to re-auth immediately.
- can_skip_ui_auth=True,
- )
+ if self.hs.config.experimental.msc3967_enabled:
+ if await self.e2e_keys_handler.is_cross_signing_set_up_for_user(user_id):
+ # If we already have a master key then cross signing is set up and we require UIA to reset
+ await self.auth_handler.validate_user_via_ui_auth(
+ requester,
+ request,
+ body,
+ "reset the device signing key on your account",
+ # Do not allow skipping of UIA auth.
+ can_skip_ui_auth=False,
+ )
+ # Otherwise we don't require UIA since we are setting up cross signing for first time
+ else:
+ # Previous behaviour is to always require UIA but allow it to be skipped
+ await self.auth_handler.validate_user_via_ui_auth(
+ requester,
+ request,
+ body,
+ "add a device signing key to your account",
+ # Allow skipping of UI auth since this is frequently called directly
+ # after login and it is silly to ask users to re-auth immediately.
+ can_skip_ui_auth=True,
+ )
result = await self.e2e_keys_handler.upload_signing_keys_for_user(user_id, body)
return 200, result
diff --git a/synapse/rest/client/knock.py b/synapse/rest/client/knock.py
index ad025c8a45..4fa66904ba 100644
--- a/synapse/rest/client/knock.py
+++ b/synapse/rest/client/knock.py
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
-from typing import TYPE_CHECKING, Awaitable, Dict, List, Optional, Tuple
+from typing import TYPE_CHECKING, Dict, List, Tuple
from synapse.api.constants import Membership
from synapse.api.errors import SynapseError
@@ -24,8 +24,6 @@ from synapse.http.servlet import (
parse_strings_from_args,
)
from synapse.http.site import SynapseRequest
-from synapse.logging.opentracing import set_tag
-from synapse.rest.client.transactions import HttpTransactionCache
from synapse.types import JsonDict, RoomAlias, RoomID
if TYPE_CHECKING:
@@ -45,7 +43,6 @@ class KnockRoomAliasServlet(RestServlet):
def __init__(self, hs: "HomeServer"):
super().__init__()
- self.txns = HttpTransactionCache(hs)
self.room_member_handler = hs.get_room_member_handler()
self.auth = hs.get_auth()
@@ -53,7 +50,6 @@ class KnockRoomAliasServlet(RestServlet):
self,
request: SynapseRequest,
room_identifier: str,
- txn_id: Optional[str] = None,
) -> Tuple[int, JsonDict]:
requester = await self.auth.get_user_by_req(request)
@@ -67,7 +63,6 @@ class KnockRoomAliasServlet(RestServlet):
# twisted.web.server.Request.args is incorrectly defined as Optional[Any]
args: Dict[bytes, List[bytes]] = request.args # type: ignore
-
remote_room_hosts = parse_strings_from_args(
args, "server_name", required=False
)
@@ -86,7 +81,6 @@ class KnockRoomAliasServlet(RestServlet):
target=requester.user,
room_id=room_id,
action=Membership.KNOCK,
- txn_id=txn_id,
third_party_signed=None,
remote_room_hosts=remote_room_hosts,
content=event_content,
@@ -94,15 +88,6 @@ class KnockRoomAliasServlet(RestServlet):
return 200, {"room_id": room_id}
- def on_PUT(
- self, request: SynapseRequest, room_identifier: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
- set_tag("txn_id", txn_id)
-
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_identifier, txn_id
- )
-
def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
KnockRoomAliasServlet(hs).register(http_server)
diff --git a/synapse/rest/client/notifications.py b/synapse/rest/client/notifications.py
index 61268e3af1..ea10042569 100644
--- a/synapse/rest/client/notifications.py
+++ b/synapse/rest/client/notifications.py
@@ -72,6 +72,12 @@ class NotificationsServlet(RestServlet):
next_token = None
+ serialize_options = SerializeEventConfig(
+ event_format=format_event_for_client_v2_without_room_id,
+ requester=requester,
+ )
+ now = self.clock.time_msec()
+
for pa in push_actions:
returned_pa = {
"room_id": pa.room_id,
@@ -81,10 +87,8 @@ class NotificationsServlet(RestServlet):
"event": (
self._event_serializer.serialize_event(
notif_events[pa.event_id],
- self.clock.time_msec(),
- config=SerializeEventConfig(
- event_format=format_event_for_client_v2_without_room_id
- ),
+ now,
+ config=serialize_options,
)
),
}
diff --git a/synapse/rest/client/register.py b/synapse/rest/client/register.py
index 3cb1e7e375..bce806f2bb 100644
--- a/synapse/rest/client/register.py
+++ b/synapse/rest/client/register.py
@@ -628,10 +628,12 @@ class RegisterRestServlet(RestServlet):
if not password_hash:
raise SynapseError(400, "Missing params: password", Codes.MISSING_PARAM)
- desired_username = await (
- self.password_auth_provider.get_username_for_registration(
- auth_result,
- params,
+ desired_username = (
+ await (
+ self.password_auth_provider.get_username_for_registration(
+ auth_result,
+ params,
+ )
)
)
@@ -682,9 +684,11 @@ class RegisterRestServlet(RestServlet):
session_id
)
- display_name = await (
- self.password_auth_provider.get_displayname_for_registration(
- auth_result, params
+ display_name = (
+ await (
+ self.password_auth_provider.get_displayname_for_registration(
+ auth_result, params
+ )
)
)
diff --git a/synapse/rest/client/report_event.py b/synapse/rest/client/report_event.py
index e2b410cf32..9be5860221 100644
--- a/synapse/rest/client/report_event.py
+++ b/synapse/rest/client/report_event.py
@@ -16,7 +16,7 @@ import logging
from http import HTTPStatus
from typing import TYPE_CHECKING, Tuple
-from synapse.api.errors import Codes, SynapseError
+from synapse.api.errors import Codes, NotFoundError, SynapseError
from synapse.http.server import HttpServer
from synapse.http.servlet import RestServlet, parse_json_object_from_request
from synapse.http.site import SynapseRequest
@@ -39,6 +39,7 @@ class ReportEventRestServlet(RestServlet):
self.auth = hs.get_auth()
self.clock = hs.get_clock()
self.store = hs.get_datastores().main
+ self._event_handler = self.hs.get_event_handler()
async def on_POST(
self, request: SynapseRequest, room_id: str, event_id: str
@@ -61,6 +62,14 @@ class ReportEventRestServlet(RestServlet):
Codes.BAD_JSON,
)
+ event = await self._event_handler.get_event(
+ requester.user, room_id, event_id, show_redacted=False
+ )
+ if event is None:
+ raise NotFoundError(
+ "Unable to report event: it does not exist or you aren't able to see it."
+ )
+
await self.store.add_event_report(
room_id=room_id,
event_id=event_id,
diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
index e7bec9f02e..3a3abed56a 100644
--- a/synapse/rest/client/room.py
+++ b/synapse/rest/client/room.py
@@ -37,7 +37,7 @@ from synapse.api.errors import (
UnredactedContentDeletedError,
)
from synapse.api.filtering import Filter
-from synapse.events.utils import format_event_for_client_v2
+from synapse.events.utils import SerializeEventConfig, format_event_for_client_v2
from synapse.http.server import HttpServer
from synapse.http.servlet import (
ResolveRoomIdMixin,
@@ -57,7 +57,7 @@ from synapse.metrics.background_process_metrics import run_as_background_process
from synapse.rest.client._base import client_patterns
from synapse.rest.client.transactions import HttpTransactionCache
from synapse.streams.config import PaginationConfig
-from synapse.types import JsonDict, StreamToken, ThirdPartyInstanceID, UserID
+from synapse.types import JsonDict, Requester, StreamToken, ThirdPartyInstanceID, UserID
from synapse.types.state import StateFilter
from synapse.util import json_decoder
from synapse.util.cancellation import cancellable
@@ -151,20 +151,27 @@ class RoomCreateRestServlet(TransactionRestServlet):
PATTERNS = "/createRoom"
register_txn_path(self, PATTERNS, http_server)
- def on_PUT(
+ async def on_PUT(
self, request: SynapseRequest, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(request, self.on_POST, request)
+ return await self.txns.fetch_or_execute_request(
+ request, requester, self._do, request, requester
+ )
async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
requester = await self.auth.get_user_by_req(request)
+ return await self._do(request, requester)
- info, _ = await self._room_creation_handler.create_room(
+ async def _do(
+ self, request: SynapseRequest, requester: Requester
+ ) -> Tuple[int, JsonDict]:
+ room_id, _, _ = await self._room_creation_handler.create_room(
requester, self.get_room_config(request)
)
- return 200, info
+ return 200, {"room_id": room_id}
def get_room_config(self, request: Request) -> JsonDict:
user_supplied_config = parse_json_object_from_request(request)
@@ -172,9 +179,9 @@ class RoomCreateRestServlet(TransactionRestServlet):
# TODO: Needs unit testing for generic events
-class RoomStateEventRestServlet(TransactionRestServlet):
+class RoomStateEventRestServlet(RestServlet):
def __init__(self, hs: "HomeServer"):
- super().__init__(hs)
+ super().__init__()
self.event_creation_handler = hs.get_event_creation_handler()
self.room_member_handler = hs.get_room_member_handler()
self.message_handler = hs.get_message_handler()
@@ -324,16 +331,16 @@ class RoomSendEventRestServlet(TransactionRestServlet):
def register(self, http_server: HttpServer) -> None:
# /rooms/$roomid/send/$event_type[/$txn_id]
PATTERNS = "/rooms/(?P<room_id>[^/]*)/send/(?P<event_type>[^/]*)"
- register_txn_path(self, PATTERNS, http_server, with_get=True)
+ register_txn_path(self, PATTERNS, http_server)
- async def on_POST(
+ async def _do(
self,
request: SynapseRequest,
+ requester: Requester,
room_id: str,
event_type: str,
- txn_id: Optional[str] = None,
+ txn_id: Optional[str],
) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request, allow_guest=True)
content = parse_json_object_from_request(request)
event_dict: JsonDict = {
@@ -362,18 +369,30 @@ class RoomSendEventRestServlet(TransactionRestServlet):
set_tag("event_id", event_id)
return 200, {"event_id": event_id}
- def on_GET(
- self, request: SynapseRequest, room_id: str, event_type: str, txn_id: str
- ) -> Tuple[int, str]:
- return 200, "Not implemented"
+ async def on_POST(
+ self,
+ request: SynapseRequest,
+ room_id: str,
+ event_type: str,
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
+ return await self._do(request, requester, room_id, event_type, None)
- def on_PUT(
+ async def on_PUT(
self, request: SynapseRequest, room_id: str, event_type: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_id, event_type, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request,
+ requester,
+ self._do,
+ request,
+ requester,
+ room_id,
+ event_type,
+ txn_id,
)
@@ -389,14 +408,13 @@ class JoinRoomAliasServlet(ResolveRoomIdMixin, TransactionRestServlet):
PATTERNS = "/join/(?P<room_identifier>[^/]*)"
register_txn_path(self, PATTERNS, http_server)
- async def on_POST(
+ async def _do(
self,
request: SynapseRequest,
+ requester: Requester,
room_identifier: str,
- txn_id: Optional[str] = None,
+ txn_id: Optional[str],
) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request, allow_guest=True)
-
content = parse_json_object_from_request(request, allow_empty_body=True)
# twisted.web.server.Request.args is incorrectly defined as Optional[Any]
@@ -420,22 +438,31 @@ class JoinRoomAliasServlet(ResolveRoomIdMixin, TransactionRestServlet):
return 200, {"room_id": room_id}
- def on_PUT(
+ async def on_POST(
+ self,
+ request: SynapseRequest,
+ room_identifier: str,
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
+ return await self._do(request, requester, room_identifier, None)
+
+ async def on_PUT(
self, request: SynapseRequest, room_identifier: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_identifier, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request, requester, self._do, request, requester, room_identifier, txn_id
)
# TODO: Needs unit testing
-class PublicRoomListRestServlet(TransactionRestServlet):
+class PublicRoomListRestServlet(RestServlet):
PATTERNS = client_patterns("/publicRooms$", v1=True)
def __init__(self, hs: "HomeServer"):
- super().__init__(hs)
+ super().__init__()
self.hs = hs
self.auth = hs.get_auth()
@@ -814,11 +841,13 @@ class RoomEventServlet(RestServlet):
[event], requester.user.to_string()
)
- time_now = self.clock.time_msec()
# per MSC2676, /rooms/{roomId}/event/{eventId}, should return the
# *original* event, rather than the edited version
event_dict = self._event_serializer.serialize_event(
- event, time_now, bundle_aggregations=aggregations, apply_edits=False
+ event,
+ self.clock.time_msec(),
+ bundle_aggregations=aggregations,
+ config=SerializeEventConfig(requester=requester),
)
return 200, event_dict
@@ -863,24 +892,30 @@ class RoomEventContextServlet(RestServlet):
raise SynapseError(404, "Event not found.", errcode=Codes.NOT_FOUND)
time_now = self.clock.time_msec()
+ serializer_options = SerializeEventConfig(requester=requester)
results = {
"events_before": self._event_serializer.serialize_events(
event_context.events_before,
time_now,
bundle_aggregations=event_context.aggregations,
+ config=serializer_options,
),
"event": self._event_serializer.serialize_event(
event_context.event,
time_now,
bundle_aggregations=event_context.aggregations,
+ config=serializer_options,
),
"events_after": self._event_serializer.serialize_events(
event_context.events_after,
time_now,
bundle_aggregations=event_context.aggregations,
+ config=serializer_options,
),
"state": self._event_serializer.serialize_events(
- event_context.state, time_now
+ event_context.state,
+ time_now,
+ config=serializer_options,
),
"start": event_context.start,
"end": event_context.end,
@@ -899,22 +934,25 @@ class RoomForgetRestServlet(TransactionRestServlet):
PATTERNS = "/rooms/(?P<room_id>[^/]*)/forget"
register_txn_path(self, PATTERNS, http_server)
- async def on_POST(
- self, request: SynapseRequest, room_id: str, txn_id: Optional[str] = None
- ) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request, allow_guest=False)
-
+ async def _do(self, requester: Requester, room_id: str) -> Tuple[int, JsonDict]:
await self.room_member_handler.forget(user=requester.user, room_id=room_id)
return 200, {}
- def on_PUT(
+ async def on_POST(
+ self, request: SynapseRequest, room_id: str
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=False)
+ return await self._do(requester, room_id)
+
+ async def on_PUT(
self, request: SynapseRequest, room_id: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=False)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_id, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request, requester, self._do, requester, room_id
)
@@ -926,22 +964,21 @@ class RoomMembershipRestServlet(TransactionRestServlet):
self.auth = hs.get_auth()
def register(self, http_server: HttpServer) -> None:
- # /rooms/$roomid/[invite|join|leave]
+ # /rooms/$roomid/[join|invite|leave|ban|unban|kick]
PATTERNS = (
"/rooms/(?P<room_id>[^/]*)/"
"(?P<membership_action>join|invite|leave|ban|unban|kick)"
)
register_txn_path(self, PATTERNS, http_server)
- async def on_POST(
+ async def _do(
self,
request: SynapseRequest,
+ requester: Requester,
room_id: str,
membership_action: str,
- txn_id: Optional[str] = None,
+ txn_id: Optional[str],
) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request, allow_guest=True)
-
if requester.is_guest and membership_action not in {
Membership.JOIN,
Membership.LEAVE,
@@ -1006,13 +1043,30 @@ class RoomMembershipRestServlet(TransactionRestServlet):
return 200, return_value
- def on_PUT(
+ async def on_POST(
+ self,
+ request: SynapseRequest,
+ room_id: str,
+ membership_action: str,
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
+ return await self._do(request, requester, room_id, membership_action, None)
+
+ async def on_PUT(
self, request: SynapseRequest, room_id: str, membership_action: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_id, membership_action, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request,
+ requester,
+ self._do,
+ request,
+ requester,
+ room_id,
+ membership_action,
+ txn_id,
)
@@ -1028,14 +1082,14 @@ class RoomRedactEventRestServlet(TransactionRestServlet):
PATTERNS = "/rooms/(?P<room_id>[^/]*)/redact/(?P<event_id>[^/]*)"
register_txn_path(self, PATTERNS, http_server)
- async def on_POST(
+ async def _do(
self,
request: SynapseRequest,
+ requester: Requester,
room_id: str,
event_id: str,
- txn_id: Optional[str] = None,
+ txn_id: Optional[str],
) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request)
content = parse_json_object_from_request(request)
try:
@@ -1086,13 +1140,23 @@ class RoomRedactEventRestServlet(TransactionRestServlet):
set_tag("event_id", event_id)
return 200, {"event_id": event_id}
- def on_PUT(
+ async def on_POST(
+ self,
+ request: SynapseRequest,
+ room_id: str,
+ event_id: str,
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request)
+ return await self._do(request, requester, room_id, event_id, None)
+
+ async def on_PUT(
self, request: SynapseRequest, room_id: str, event_id: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_id, event_id, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request, requester, self._do, request, requester, room_id, event_id, txn_id
)
@@ -1192,7 +1256,7 @@ class SearchRestServlet(RestServlet):
content = parse_json_object_from_request(request)
batch = parse_string(request, "next_batch")
- results = await self.search_handler.search(requester.user, content, batch)
+ results = await self.search_handler.search(requester, content, batch)
return 200, results
@@ -1216,7 +1280,6 @@ def register_txn_path(
servlet: RestServlet,
regex_string: str,
http_server: HttpServer,
- with_get: bool = False,
) -> None:
"""Registers a transaction-based path.
@@ -1228,7 +1291,6 @@ def register_txn_path(
regex_string: The regex string to register. Must NOT have a
trailing $ as this string will be appended to.
http_server: The http_server to register paths with.
- with_get: True to also register respective GET paths for the PUTs.
"""
on_POST = getattr(servlet, "on_POST", None)
on_PUT = getattr(servlet, "on_PUT", None)
@@ -1246,18 +1308,6 @@ def register_txn_path(
on_PUT,
servlet.__class__.__name__,
)
- on_GET = getattr(servlet, "on_GET", None)
- if with_get:
- if on_GET is None:
- raise RuntimeError(
- "register_txn_path called with with_get = True, but no on_GET method exists"
- )
- http_server.register_paths(
- "GET",
- client_patterns(regex_string + "/(?P<txn_id>[^/]*)$", v1=True),
- on_GET,
- servlet.__class__.__name__,
- )
class TimestampLookupRestServlet(RestServlet):
diff --git a/synapse/rest/client/room_batch.py b/synapse/rest/client/room_batch.py
index 10be4a781b..ef284ecc11 100644
--- a/synapse/rest/client/room_batch.py
+++ b/synapse/rest/client/room_batch.py
@@ -15,9 +15,7 @@
import logging
import re
from http import HTTPStatus
-from typing import TYPE_CHECKING, Awaitable, Tuple
-
-from twisted.web.server import Request
+from typing import TYPE_CHECKING, Tuple
from synapse.api.constants import EventContentFields
from synapse.api.errors import AuthError, Codes, SynapseError
@@ -30,7 +28,6 @@ from synapse.http.servlet import (
parse_strings_from_args,
)
from synapse.http.site import SynapseRequest
-from synapse.rest.client.transactions import HttpTransactionCache
from synapse.types import JsonDict
if TYPE_CHECKING:
@@ -79,7 +76,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
self.event_creation_handler = hs.get_event_creation_handler()
self.auth = hs.get_auth()
self.room_batch_handler = hs.get_room_batch_handler()
- self.txns = HttpTransactionCache(hs)
async def on_POST(
self, request: SynapseRequest, room_id: str
@@ -249,16 +245,6 @@ class RoomBatchSendEventRestServlet(RestServlet):
return HTTPStatus.OK, response_dict
- def on_GET(self, request: Request, room_id: str) -> Tuple[int, str]:
- return HTTPStatus.NOT_IMPLEMENTED, "Not implemented"
-
- def on_PUT(
- self, request: SynapseRequest, room_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
- return self.txns.fetch_or_execute_request(
- request, self.on_POST, request, room_id
- )
-
def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
msc2716_enabled = hs.config.experimental.msc2716_enabled
diff --git a/synapse/rest/client/room_keys.py b/synapse/rest/client/room_keys.py
index f7081f638e..4e7ffdb555 100644
--- a/synapse/rest/client/room_keys.py
+++ b/synapse/rest/client/room_keys.py
@@ -259,6 +259,32 @@ class RoomKeysNewVersionServlet(RestServlet):
self.auth = hs.get_auth()
self.e2e_room_keys_handler = hs.get_e2e_room_keys_handler()
+ async def on_GET(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
+ """
+ Retrieve the version information about the most current backup version (if any)
+
+ It takes out an exclusive lock on this user's room_key backups, to ensure
+ clients only upload to the current backup.
+
+ Returns 404 if the given version does not exist.
+
+ GET /room_keys/version HTTP/1.1
+ {
+ "version": "12345",
+ "algorithm": "m.megolm_backup.v1",
+ "auth_data": "dGhpcyBzaG91bGQgYWN0dWFsbHkgYmUgZW5jcnlwdGVkIGpzb24K"
+ }
+ """
+ requester = await self.auth.get_user_by_req(request, allow_guest=False)
+ user_id = requester.user.to_string()
+
+ try:
+ info = await self.e2e_room_keys_handler.get_version_info(user_id)
+ except SynapseError as e:
+ if e.code == 404:
+ raise SynapseError(404, "No backup found", Codes.NOT_FOUND)
+ return 200, info
+
async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
"""
Create a new backup version for this user's room_keys with the given
@@ -301,7 +327,7 @@ class RoomKeysNewVersionServlet(RestServlet):
class RoomKeysVersionServlet(RestServlet):
- PATTERNS = client_patterns("/room_keys/version(/(?P<version>[^/]+))?$")
+ PATTERNS = client_patterns("/room_keys/version/(?P<version>[^/]+)$")
def __init__(self, hs: "HomeServer"):
super().__init__()
@@ -309,12 +335,11 @@ class RoomKeysVersionServlet(RestServlet):
self.e2e_room_keys_handler = hs.get_e2e_room_keys_handler()
async def on_GET(
- self, request: SynapseRequest, version: Optional[str]
+ self, request: SynapseRequest, version: str
) -> Tuple[int, JsonDict]:
"""
Retrieve the version information about a given version of the user's
- room_keys backup. If the version part is missing, returns info about the
- most current backup version (if any)
+ room_keys backup.
It takes out an exclusive lock on this user's room_key backups, to ensure
clients only upload to the current backup.
@@ -339,20 +364,16 @@ class RoomKeysVersionServlet(RestServlet):
return 200, info
async def on_DELETE(
- self, request: SynapseRequest, version: Optional[str]
+ self, request: SynapseRequest, version: str
) -> Tuple[int, JsonDict]:
"""
Delete the information about a given version of the user's
- room_keys backup. If the version part is missing, deletes the most
- current backup version (if any). Doesn't delete the actual room data.
+ room_keys backup. Doesn't delete the actual room data.
DELETE /room_keys/version/12345 HTTP/1.1
HTTP/1.1 200 OK
{}
"""
- if version is None:
- raise SynapseError(400, "No version specified to delete", Codes.NOT_FOUND)
-
requester = await self.auth.get_user_by_req(request, allow_guest=False)
user_id = requester.user.to_string()
@@ -360,7 +381,7 @@ class RoomKeysVersionServlet(RestServlet):
return 200, {}
async def on_PUT(
- self, request: SynapseRequest, version: Optional[str]
+ self, request: SynapseRequest, version: str
) -> Tuple[int, JsonDict]:
"""
Update the information about a given version of the user's room_keys backup.
@@ -386,11 +407,6 @@ class RoomKeysVersionServlet(RestServlet):
user_id = requester.user.to_string()
info = parse_json_object_from_request(request)
- if version is None:
- raise SynapseError(
- 400, "No version specified to update", Codes.MISSING_PARAM
- )
-
await self.e2e_room_keys_handler.update_version(user_id, version, info)
return 200, {}
diff --git a/synapse/rest/client/sendtodevice.py b/synapse/rest/client/sendtodevice.py
index 55d52f0b28..110af6df47 100644
--- a/synapse/rest/client/sendtodevice.py
+++ b/synapse/rest/client/sendtodevice.py
@@ -13,7 +13,7 @@
# limitations under the License.
import logging
-from typing import TYPE_CHECKING, Awaitable, Tuple
+from typing import TYPE_CHECKING, Tuple
from synapse.http import servlet
from synapse.http.server import HttpServer
@@ -21,7 +21,7 @@ from synapse.http.servlet import assert_params_in_dict, parse_json_object_from_r
from synapse.http.site import SynapseRequest
from synapse.logging.opentracing import set_tag
from synapse.rest.client.transactions import HttpTransactionCache
-from synapse.types import JsonDict
+from synapse.types import JsonDict, Requester
from ._base import client_patterns
@@ -43,19 +43,26 @@ class SendToDeviceRestServlet(servlet.RestServlet):
self.txns = HttpTransactionCache(hs)
self.device_message_handler = hs.get_device_message_handler()
- def on_PUT(
+ async def on_PUT(
self, request: SynapseRequest, message_type: str, txn_id: str
- ) -> Awaitable[Tuple[int, JsonDict]]:
+ ) -> Tuple[int, JsonDict]:
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
set_tag("txn_id", txn_id)
- return self.txns.fetch_or_execute_request(
- request, self._put, request, message_type, txn_id
+ return await self.txns.fetch_or_execute_request(
+ request,
+ requester,
+ self._put,
+ request,
+ requester,
+ message_type,
)
async def _put(
- self, request: SynapseRequest, message_type: str, txn_id: str
+ self,
+ request: SynapseRequest,
+ requester: Requester,
+ message_type: str,
) -> Tuple[int, JsonDict]:
- requester = await self.auth.get_user_by_req(request, allow_guest=True)
-
content = parse_json_object_from_request(request)
assert_params_in_dict(content, ("messages",))
diff --git a/synapse/rest/client/sync.py b/synapse/rest/client/sync.py
index f2013faeb2..e578b26fa3 100644
--- a/synapse/rest/client/sync.py
+++ b/synapse/rest/client/sync.py
@@ -16,7 +16,7 @@ import logging
from collections import defaultdict
from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple, Union
-from synapse.api.constants import EduTypes, Membership, PresenceState
+from synapse.api.constants import AccountDataTypes, EduTypes, Membership, PresenceState
from synapse.api.errors import Codes, StoreError, SynapseError
from synapse.api.filtering import FilterCollection
from synapse.api.presence import UserPresenceState
@@ -38,7 +38,7 @@ from synapse.http.server import HttpServer
from synapse.http.servlet import RestServlet, parse_boolean, parse_integer, parse_string
from synapse.http.site import SynapseRequest
from synapse.logging.opentracing import trace_with_opname
-from synapse.types import JsonDict, StreamToken
+from synapse.types import JsonDict, Requester, StreamToken
from synapse.util import json_decoder
from ._base import client_patterns, set_timeline_upper_limit
@@ -139,7 +139,28 @@ class SyncRestServlet(RestServlet):
device_id,
)
- request_key = (user, timeout, since, filter_id, full_state, device_id)
+ # Stream position of the last ignored users account data event for this user,
+ # if we're initial syncing.
+ # We include this in the request key to invalidate an initial sync
+ # in the response cache once the set of ignored users has changed.
+ # (We filter out ignored users from timeline events, so our sync response
+ # is invalid once the set of ignored users changes.)
+ last_ignore_accdata_streampos: Optional[int] = None
+ if not since:
+ # No `since`, so this is an initial sync.
+ last_ignore_accdata_streampos = await self.store.get_latest_stream_id_for_global_account_data_by_type_for_user(
+ user.to_string(), AccountDataTypes.IGNORED_USER_LIST
+ )
+
+ request_key = (
+ user,
+ timeout,
+ since,
+ filter_id,
+ full_state,
+ device_id,
+ last_ignore_accdata_streampos,
+ )
if filter_id is None:
filter_collection = self.filtering.DEFAULT_FILTER_COLLECTION
@@ -205,7 +226,7 @@ class SyncRestServlet(RestServlet):
# We know that the the requester has an access token since appservices
# cannot use sync.
response_content = await self.encode_response(
- time_now, sync_result, requester.access_token_id, filter_collection
+ time_now, sync_result, requester, filter_collection
)
logger.debug("Event formatting complete")
@@ -216,7 +237,7 @@ class SyncRestServlet(RestServlet):
self,
time_now: int,
sync_result: SyncResult,
- access_token_id: Optional[int],
+ requester: Requester,
filter: FilterCollection,
) -> JsonDict:
logger.debug("Formatting events in sync response")
@@ -229,12 +250,12 @@ class SyncRestServlet(RestServlet):
serialize_options = SerializeEventConfig(
event_format=event_formatter,
- token_id=access_token_id,
+ requester=requester,
only_event_fields=filter.event_fields,
)
stripped_serialize_options = SerializeEventConfig(
event_format=event_formatter,
- token_id=access_token_id,
+ requester=requester,
include_stripped_room_state=True,
)
diff --git a/synapse/rest/client/tags.py b/synapse/rest/client/tags.py
index ca638755c7..dde08417a4 100644
--- a/synapse/rest/client/tags.py
+++ b/synapse/rest/client/tags.py
@@ -34,7 +34,9 @@ class TagListServlet(RestServlet):
GET /user/{user_id}/rooms/{room_id}/tags HTTP/1.1
"""
- PATTERNS = client_patterns("/user/(?P<user_id>[^/]*)/rooms/(?P<room_id>[^/]*)/tags")
+ PATTERNS = client_patterns(
+ "/user/(?P<user_id>[^/]*)/rooms/(?P<room_id>[^/]*)/tags$"
+ )
def __init__(self, hs: "HomeServer"):
super().__init__()
diff --git a/synapse/rest/client/transactions.py b/synapse/rest/client/transactions.py
index 3a2c6bd36d..df194f8439 100644
--- a/synapse/rest/client/transactions.py
+++ b/synapse/rest/client/transactions.py
@@ -15,16 +15,16 @@
"""This module contains logic for storing HTTP PUT transactions. This is used
to ensure idempotency when performing PUTs using the REST API."""
import logging
-from typing import TYPE_CHECKING, Awaitable, Callable, Dict, Tuple
+from typing import TYPE_CHECKING, Awaitable, Callable, Dict, Hashable, Tuple
from typing_extensions import ParamSpec
from twisted.internet.defer import Deferred
from twisted.python.failure import Failure
-from twisted.web.server import Request
+from twisted.web.iweb import IRequest
from synapse.logging.context import make_deferred_yieldable, run_in_background
-from synapse.types import JsonDict
+from synapse.types import JsonDict, Requester
from synapse.util.async_helpers import ObservableDeferred
if TYPE_CHECKING:
@@ -41,53 +41,47 @@ P = ParamSpec("P")
class HttpTransactionCache:
def __init__(self, hs: "HomeServer"):
self.hs = hs
- self.auth = self.hs.get_auth()
self.clock = self.hs.get_clock()
# $txn_key: (ObservableDeferred<(res_code, res_json_body)>, timestamp)
self.transactions: Dict[
- str, Tuple[ObservableDeferred[Tuple[int, JsonDict]], int]
+ Hashable, Tuple[ObservableDeferred[Tuple[int, JsonDict]], int]
] = {}
# Try to clean entries every 30 mins. This means entries will exist
# for at *LEAST* 30 mins, and at *MOST* 60 mins.
self.cleaner = self.clock.looping_call(self._cleanup, CLEANUP_PERIOD_MS)
- def _get_transaction_key(self, request: Request) -> str:
+ def _get_transaction_key(self, request: IRequest, requester: Requester) -> Hashable:
"""A helper function which returns a transaction key that can be used
with TransactionCache for idempotent requests.
Idempotency is based on the returned key being the same for separate
requests to the same endpoint. The key is formed from the HTTP request
- path and the access_token for the requesting user.
+ path and attributes from the requester: the access_token_id for regular users,
+ the user ID for guest users, and the appservice ID for appservice users.
Args:
- request: The incoming request. Must contain an access_token.
+ request: The incoming request.
+ requester: The requester doing the request.
Returns:
A transaction key
"""
assert request.path is not None
- token = self.auth.get_access_token_from_request(request)
- return request.path.decode("utf8") + "/" + token
+ path: str = request.path.decode("utf8")
+ if requester.is_guest:
+ assert requester.user is not None, "Guest requester must have a user ID set"
+ return (path, "guest", requester.user)
+ elif requester.app_service is not None:
+ return (path, "appservice", requester.app_service.id)
+ else:
+ assert (
+ requester.access_token_id is not None
+ ), "Requester must have an access_token_id"
+ return (path, "user", requester.access_token_id)
def fetch_or_execute_request(
self,
- request: Request,
- fn: Callable[P, Awaitable[Tuple[int, JsonDict]]],
- *args: P.args,
- **kwargs: P.kwargs,
- ) -> Awaitable[Tuple[int, JsonDict]]:
- """A helper function for fetch_or_execute which extracts
- a transaction key from the given request.
-
- See:
- fetch_or_execute
- """
- return self.fetch_or_execute(
- self._get_transaction_key(request), fn, *args, **kwargs
- )
-
- def fetch_or_execute(
- self,
- txn_key: str,
+ request: IRequest,
+ requester: Requester,
fn: Callable[P, Awaitable[Tuple[int, JsonDict]]],
*args: P.args,
**kwargs: P.kwargs,
@@ -96,14 +90,15 @@ class HttpTransactionCache:
to produce a response for this transaction.
Args:
- txn_key: A key to ensure idempotency should fetch_or_execute be
- called again at a later point in time.
+ request:
+ requester:
fn: A function which returns a tuple of (response_code, response_dict).
*args: Arguments to pass to fn.
**kwargs: Keyword arguments to pass to fn.
Returns:
Deferred which resolves to a tuple of (response_code, response_dict).
"""
+ txn_key = self._get_transaction_key(request, requester)
if txn_key in self.transactions:
observable = self.transactions[txn_key][0]
else:
|
