summary refs log tree commit diff
path: root/synapse/rest
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/rest')
-rw-r--r--synapse/rest/client/transactions.py98
-rw-r--r--synapse/rest/client/v1/base.py5
-rw-r--r--synapse/rest/client/v1/room.py90
-rw-r--r--synapse/rest/client/v1/transactions.py97
-rw-r--r--synapse/rest/client/v2_alpha/register.py11
-rw-r--r--synapse/rest/client/v2_alpha/sendtodevice.py17
-rw-r--r--synapse/rest/media/v1/download_resource.py3
-rw-r--r--synapse/rest/media/v1/thumbnail_resource.py3
8 files changed, 139 insertions, 185 deletions
diff --git a/synapse/rest/client/transactions.py b/synapse/rest/client/transactions.py
new file mode 100644
index 0000000000..351170edbc
--- /dev/null
+++ b/synapse/rest/client/transactions.py
@@ -0,0 +1,98 @@
+# -*- coding: utf-8 -*-
+# Copyright 2014-2016 OpenMarket Ltd
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""This module contains logic for storing HTTP PUT transactions. This is used
+to ensure idempotency when performing PUTs using the REST API."""
+import logging
+
+from synapse.api.auth import get_access_token_from_request
+from synapse.util.async import ObservableDeferred
+
+logger = logging.getLogger(__name__)
+
+
+def get_transaction_key(request):
+    """A helper function which returns a transaction key that can be used
+    with TransactionCache for idempotent requests.
+
+    Idempotency is based on the returned key being the same for separate
+    requests to the same endpoint. The key is formed from the HTTP request
+    path and the access_token for the requesting user.
+
+    Args:
+        request (twisted.web.http.Request): The incoming request. Must
+        contain an access_token.
+    Returns:
+        str: A transaction key
+    """
+    token = get_access_token_from_request(request)
+    return request.path + "/" + token
+
+
+CLEANUP_PERIOD_MS = 1000 * 60 * 30  # 30 mins
+
+
+class HttpTransactionCache(object):
+
+    def __init__(self, clock):
+        self.clock = clock
+        self.transactions = {
+            # $txn_key: (ObservableDeferred<(res_code, res_json_body)>, timestamp)
+        }
+        # Try to clean entries every 30 mins. This means entries will exist
+        # for at *LEAST* 30 mins, and at *MOST* 60 mins.
+        self.cleaner = self.clock.looping_call(self._cleanup, CLEANUP_PERIOD_MS)
+
+    def fetch_or_execute_request(self, request, fn, *args, **kwargs):
+        """A helper function for fetch_or_execute which extracts
+        a transaction key from the given request.
+
+        See:
+            fetch_or_execute
+        """
+        return self.fetch_or_execute(
+            get_transaction_key(request), fn, *args, **kwargs
+        )
+
+    def fetch_or_execute(self, txn_key, fn, *args, **kwargs):
+        """Fetches the response for this transaction, or executes the given function
+        to produce a response for this transaction.
+
+        Args:
+            txn_key (str): A key to ensure idempotency should fetch_or_execute be
+            called again at a later point in time.
+            fn (function): A function which returns a tuple of
+            (response_code, response_dict).
+            *args: Arguments to pass to fn.
+            **kwargs: Keyword arguments to pass to fn.
+        Returns:
+            Deferred which resolves to a tuple of (response_code, response_dict).
+        """
+        try:
+            return self.transactions[txn_key][0].observe()
+        except (KeyError, IndexError):
+            pass  # execute the function instead.
+
+        deferred = fn(*args, **kwargs)
+        observable = ObservableDeferred(deferred)
+        self.transactions[txn_key] = (observable, self.clock.time_msec())
+        return observable.observe()
+
+    def _cleanup(self):
+        now = self.clock.time_msec()
+        for key in self.transactions.keys():
+            ts = self.transactions[key][1]
+            if now > (ts + CLEANUP_PERIOD_MS):  # after cleanup period
+                del self.transactions[key]
diff --git a/synapse/rest/client/v1/base.py b/synapse/rest/client/v1/base.py
index c2a8447860..c7aa0bbf59 100644
--- a/synapse/rest/client/v1/base.py
+++ b/synapse/rest/client/v1/base.py
@@ -18,7 +18,8 @@
 
 from synapse.http.servlet import RestServlet
 from synapse.api.urls import CLIENT_PREFIX
-from .transactions import HttpTransactionStore
+from synapse.rest.client.transactions import HttpTransactionCache
+
 import re
 
 import logging
@@ -59,4 +60,4 @@ class ClientV1RestServlet(RestServlet):
         self.hs = hs
         self.builder_factory = hs.get_event_builder_factory()
         self.auth = hs.get_v1auth()
-        self.txns = HttpTransactionStore()
+        self.txns = HttpTransactionCache(hs.get_clock())
diff --git a/synapse/rest/client/v1/room.py b/synapse/rest/client/v1/room.py
index 010fbc7c32..3fb1f2deb3 100644
--- a/synapse/rest/client/v1/room.py
+++ b/synapse/rest/client/v1/room.py
@@ -53,19 +53,10 @@ class RoomCreateRestServlet(ClientV1RestServlet):
                                    client_path_patterns("/createRoom(?:/.*)?$"),
                                    self.on_OPTIONS)
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(request)
-
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request
+        )
 
     @defer.inlineCallbacks
     def on_POST(self, request):
@@ -214,19 +205,10 @@ class RoomSendEventRestServlet(ClientV1RestServlet):
     def on_GET(self, request, room_id, event_type, txn_id):
         return (200, "Not implemented")
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, room_id, event_type, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(request, room_id, event_type, txn_id)
-
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request, room_id, event_type, txn_id
+        )
 
 
 # TODO: Needs unit testing for room ID + alias joins
@@ -283,19 +265,10 @@ class JoinRoomAliasServlet(ClientV1RestServlet):
 
         defer.returnValue((200, {"room_id": room_id}))
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, room_identifier, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(request, room_identifier, txn_id)
-
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request, room_identifier, txn_id
+        )
 
 
 # TODO: Needs unit testing
@@ -537,22 +510,11 @@ class RoomForgetRestServlet(ClientV1RestServlet):
 
         defer.returnValue((200, {}))
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, room_id, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(
-            request, room_id, txn_id
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request, room_id, txn_id
         )
 
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
-
 
 # TODO: Needs unit testing
 class RoomMembershipRestServlet(ClientV1RestServlet):
@@ -623,22 +585,11 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
                 return False
         return True
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, room_id, membership_action, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(
-            request, room_id, membership_action, txn_id
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request, room_id, membership_action, txn_id
         )
 
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
-
 
 class RoomRedactEventRestServlet(ClientV1RestServlet):
     def __init__(self, hs):
@@ -669,19 +620,10 @@ class RoomRedactEventRestServlet(ClientV1RestServlet):
 
         defer.returnValue((200, {"event_id": event.event_id}))
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, room_id, event_id, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
-
-        response = yield self.on_POST(request, room_id, event_id, txn_id)
-
-        self.txns.store_client_transaction(request, txn_id, response)
-        defer.returnValue(response)
+        return self.txns.fetch_or_execute_request(
+            request, self.on_POST, request, room_id, event_id, txn_id
+        )
 
 
 class RoomTypingRestServlet(ClientV1RestServlet):
diff --git a/synapse/rest/client/v1/transactions.py b/synapse/rest/client/v1/transactions.py
deleted file mode 100644
index 2f2c9d0881..0000000000
--- a/synapse/rest/client/v1/transactions.py
+++ /dev/null
@@ -1,97 +0,0 @@
-# -*- coding: utf-8 -*-
-# Copyright 2014-2016 OpenMarket Ltd
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""This module contains logic for storing HTTP PUT transactions. This is used
-to ensure idempotency when performing PUTs using the REST API."""
-import logging
-
-from synapse.api.auth import get_access_token_from_request
-
-logger = logging.getLogger(__name__)
-
-
-# FIXME: elsewhere we use FooStore to indicate something in the storage layer...
-class HttpTransactionStore(object):
-
-    def __init__(self):
-        # { key : (txn_id, response) }
-        self.transactions = {}
-
-    def get_response(self, key, txn_id):
-        """Retrieve a response for this request.
-
-        Args:
-            key (str): A transaction-independent key for this request. Usually
-                this is a combination of the path (without the transaction id)
-                and the user's access token.
-            txn_id (str): The transaction ID for this request
-        Returns:
-            A tuple of (HTTP response code, response content) or None.
-        """
-        try:
-            logger.debug("get_response TxnId: %s", txn_id)
-            (last_txn_id, response) = self.transactions[key]
-            if txn_id == last_txn_id:
-                logger.info("get_response: Returning a response for %s", txn_id)
-                return response
-        except KeyError:
-            pass
-        return None
-
-    def store_response(self, key, txn_id, response):
-        """Stores an HTTP response tuple.
-
-        Args:
-            key (str): A transaction-independent key for this request. Usually
-                this is a combination of the path (without the transaction id)
-                and the user's access token.
-            txn_id (str): The transaction ID for this request.
-            response (tuple): A tuple of (HTTP response code, response content)
-        """
-        logger.debug("store_response TxnId: %s", txn_id)
-        self.transactions[key] = (txn_id, response)
-
-    def store_client_transaction(self, request, txn_id, response):
-        """Stores the request/response pair of an HTTP transaction.
-
-        Args:
-            request (twisted.web.http.Request): The twisted HTTP request. This
-            request must have the transaction ID as the last path segment.
-            response (tuple): A tuple of (response code, response dict)
-            txn_id (str): The transaction ID for this request.
-        """
-        self.store_response(self._get_key(request), txn_id, response)
-
-    def get_client_transaction(self, request, txn_id):
-        """Retrieves a stored response if there was one.
-
-        Args:
-            request (twisted.web.http.Request): The twisted HTTP request. This
-            request must have the transaction ID as the last path segment.
-            txn_id (str): The transaction ID for this request.
-        Returns:
-            The response tuple.
-        Raises:
-            KeyError if the transaction was not found.
-        """
-        response = self.get_response(self._get_key(request), txn_id)
-        if response is None:
-            raise KeyError("Transaction not found.")
-        return response
-
-    def _get_key(self, request):
-        token = get_access_token_from_request(request)
-        path_without_txn_id = request.path.rsplit("/", 1)[0]
-        return path_without_txn_id + "/" + token
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index 68d18a9b82..6cfb20866b 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -169,6 +169,17 @@ class RegisterRestServlet(RestServlet):
 
         guest_access_token = body.get("guest_access_token", None)
 
+        if (
+            'initial_device_display_name' in body and
+            'password' not in body
+        ):
+            # ignore 'initial_device_display_name' if sent without
+            # a password to work around a client bug where it sent
+            # the 'initial_device_display_name' param alone, wiping out
+            # the original registration params
+            logger.warn("Ignoring initial_device_display_name without password")
+            del body['initial_device_display_name']
+
         session_id = self.auth_handler.get_session_id(body)
         registered_user_id = None
         if session_id:
diff --git a/synapse/rest/client/v2_alpha/sendtodevice.py b/synapse/rest/client/v2_alpha/sendtodevice.py
index 5975164b37..ac660669f3 100644
--- a/synapse/rest/client/v2_alpha/sendtodevice.py
+++ b/synapse/rest/client/v2_alpha/sendtodevice.py
@@ -19,7 +19,7 @@ from twisted.internet import defer
 
 from synapse.http import servlet
 from synapse.http.servlet import parse_json_object_from_request
-from synapse.rest.client.v1.transactions import HttpTransactionStore
+from synapse.rest.client.transactions import HttpTransactionCache
 
 from ._base import client_v2_patterns
 
@@ -40,18 +40,16 @@ class SendToDeviceRestServlet(servlet.RestServlet):
         super(SendToDeviceRestServlet, self).__init__()
         self.hs = hs
         self.auth = hs.get_auth()
-        self.txns = HttpTransactionStore()
+        self.txns = HttpTransactionCache(hs.get_clock())
         self.device_message_handler = hs.get_device_message_handler()
 
-    @defer.inlineCallbacks
     def on_PUT(self, request, message_type, txn_id):
-        try:
-            defer.returnValue(
-                self.txns.get_client_transaction(request, txn_id)
-            )
-        except KeyError:
-            pass
+        return self.txns.fetch_or_execute_request(
+            request, self._put, request, message_type, txn_id
+        )
 
+    @defer.inlineCallbacks
+    def _put(self, request, message_type, txn_id):
         requester = yield self.auth.get_user_by_req(request)
 
         content = parse_json_object_from_request(request)
@@ -63,7 +61,6 @@ class SendToDeviceRestServlet(servlet.RestServlet):
         )
 
         response = (200, {})
-        self.txns.store_client_transaction(request, txn_id, response)
         defer.returnValue(response)
 
 
diff --git a/synapse/rest/media/v1/download_resource.py b/synapse/rest/media/v1/download_resource.py
index a45ee9483e..dfb87ffd15 100644
--- a/synapse/rest/media/v1/download_resource.py
+++ b/synapse/rest/media/v1/download_resource.py
@@ -15,7 +15,7 @@
 
 from ._base import parse_media_id, respond_with_file, respond_404
 from twisted.web.resource import Resource
-from synapse.http.server import request_handler
+from synapse.http.server import request_handler, set_cors_headers
 
 from twisted.web.server import NOT_DONE_YET
 from twisted.internet import defer
@@ -45,6 +45,7 @@ class DownloadResource(Resource):
     @request_handler()
     @defer.inlineCallbacks
     def _async_render_GET(self, request):
+        set_cors_headers(request)
         request.setHeader(
             "Content-Security-Policy",
             "default-src 'none';"
diff --git a/synapse/rest/media/v1/thumbnail_resource.py b/synapse/rest/media/v1/thumbnail_resource.py
index 0b9e1de1a7..d8f54adc99 100644
--- a/synapse/rest/media/v1/thumbnail_resource.py
+++ b/synapse/rest/media/v1/thumbnail_resource.py
@@ -17,7 +17,7 @@
 from ._base import parse_media_id, respond_404, respond_with_file
 from twisted.web.resource import Resource
 from synapse.http.servlet import parse_string, parse_integer
-from synapse.http.server import request_handler
+from synapse.http.server import request_handler, set_cors_headers
 
 from twisted.web.server import NOT_DONE_YET
 from twisted.internet import defer
@@ -48,6 +48,7 @@ class ThumbnailResource(Resource):
     @request_handler()
     @defer.inlineCallbacks
     def _async_render_GET(self, request):
+        set_cors_headers(request)
         server_name, media_id, _ = parse_media_id(request)
         width = parse_integer(request, "width")
         height = parse_integer(request, "height")