summary refs log tree commit diff
path: root/tests/storage/test_registration.py
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2020-10-29 15:58:44 +0000
committerGitHub <noreply@github.com>2020-10-29 15:58:44 +0000
commitf21e24ffc22a5eb01f242f47fa30979321cf20fc (patch)
treeec3dff4f767d024777c1b0c70d4f594a218c4a23 /tests/storage/test_registration.py
parentFix cache call signature to accept `on_invalidate`. (#8684) (diff)
downloadsynapse-f21e24ffc22a5eb01f242f47fa30979321cf20fc.tar.xz
Add ability for access tokens to belong to one user but grant access to another user. (#8616)
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't).

A future PR will add an API for creating such a token.

When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
Diffstat (limited to 'tests/storage/test_registration.py')
-rw-r--r--tests/storage/test_registration.py10
1 files changed, 4 insertions, 6 deletions
diff --git a/tests/storage/test_registration.py b/tests/storage/test_registration.py
index 6b582771fe..c8c7a90e5d 100644
--- a/tests/storage/test_registration.py
+++ b/tests/storage/test_registration.py
@@ -69,11 +69,9 @@ class RegistrationStoreTestCase(unittest.TestCase):
             self.store.get_user_by_access_token(self.tokens[1])
         )
 
-        self.assertDictContainsSubset(
-            {"name": self.user_id, "device_id": self.device_id}, result
-        )
-
-        self.assertTrue("token_id" in result)
+        self.assertEqual(result.user_id, self.user_id)
+        self.assertEqual(result.device_id, self.device_id)
+        self.assertIsNotNone(result.token_id)
 
     @defer.inlineCallbacks
     def test_user_delete_access_tokens(self):
@@ -105,7 +103,7 @@ class RegistrationStoreTestCase(unittest.TestCase):
         user = yield defer.ensureDeferred(
             self.store.get_user_by_access_token(self.tokens[0])
         )
-        self.assertEqual(self.user_id, user["name"])
+        self.assertEqual(self.user_id, user.user_id)
 
         # now delete the rest
         yield defer.ensureDeferred(self.store.user_delete_access_tokens(self.user_id))