diff options
author | Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> | 2024-01-02 12:52:51 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-02 11:52:51 +0000 |
commit | 14ed84ac333a7dd7223793bab53fd115ea24a149 (patch) | |
tree | afcbcd041d3b2c9814cd323bbeac137bc079830e /tests/rest/admin/test_user.py | |
parent | Remove config value from header (#16763) (diff) | |
download | synapse-14ed84ac333a7dd7223793bab53fd115ea24a149.tar.xz |
Enable user without password (#16770)
Closes: - https://github.com/matrix-org/synapse/issues/10397 - #10397 An administrator should know whether he wants to set a password or not. There are many uses cases where a blank password is required. - Use of only some users with SSO. - Use of bots with password, users with SSO
Diffstat (limited to 'tests/rest/admin/test_user.py')
-rw-r--r-- | tests/rest/admin/test_user.py | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py index 3caca98a35..04604bfc04 100644 --- a/tests/rest/admin/test_user.py +++ b/tests/rest/admin/test_user.py @@ -2747,7 +2747,7 @@ class UserRestTestCase(unittest.HomeserverTestCase): profile = self.get_success(self.store._get_user_in_directory(self.other_user)) self.assertIsNone(profile) - def test_reactivate_user(self) -> None: + def test_reactivate_user_with_password(self) -> None: """ Test reactivating another user. """ @@ -2755,21 +2755,36 @@ class UserRestTestCase(unittest.HomeserverTestCase): # Deactivate the user. self._deactivate_user("@user:test") - # Attempt to reactivate the user (without a password). + # Reactivate the user with password. channel = self.make_request( "PUT", self.url_other_user, access_token=self.admin_user_tok, - content={"deactivated": False}, + content={"deactivated": False, "password": "foo"}, ) - self.assertEqual(400, channel.code, msg=channel.json_body) + self.assertEqual(200, channel.code, msg=channel.json_body) + self.assertEqual("@user:test", channel.json_body["name"]) + self.assertFalse(channel.json_body["deactivated"]) + self._is_erased("@user:test", False) + + # This key was removed intentionally. Ensure it is not accidentally re-included. + self.assertNotIn("password_hash", channel.json_body) - # Reactivate the user. + def test_reactivate_user_without_password(self) -> None: + """ + Test reactivating another user without a password. + This can be using some local users and some user with SSO (password = `null`). + """ + + # Deactivate the user. + self._deactivate_user("@user:test") + + # Reactivate the user without a password. channel = self.make_request( "PUT", self.url_other_user, access_token=self.admin_user_tok, - content={"deactivated": False, "password": "foo"}, + content={"deactivated": False}, ) self.assertEqual(200, channel.code, msg=channel.json_body) self.assertEqual("@user:test", channel.json_body["name"]) @@ -2788,7 +2803,7 @@ class UserRestTestCase(unittest.HomeserverTestCase): # Deactivate the user. self._deactivate_user("@user:test") - # Reactivate the user with a password + # Reactivate the user with a password. channel = self.make_request( "PUT", self.url_other_user, @@ -2822,7 +2837,7 @@ class UserRestTestCase(unittest.HomeserverTestCase): # Deactivate the user. self._deactivate_user("@user:test") - # Reactivate the user with a password + # Reactivate the user with a password. channel = self.make_request( "PUT", self.url_other_user, |