summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
Diffstat (limited to 'synapse')
-rw-r--r--synapse/api/urls.py3
-rwxr-xr-xsynapse/app/homeserver.py12
-rw-r--r--synapse/federation/replication.py1
-rw-r--r--synapse/handlers/presence.py10
-rw-r--r--synapse/http/server.py160
-rw-r--r--synapse/rest/room.py18
-rw-r--r--synapse/server.py2
-rw-r--r--synapse/types.py6
8 files changed, 194 insertions, 18 deletions
diff --git a/synapse/api/urls.py b/synapse/api/urls.py
index 04970adb71..05ca000787 100644
--- a/synapse/api/urls.py
+++ b/synapse/api/urls.py
@@ -17,4 +17,5 @@
 
 CLIENT_PREFIX = "/matrix/client/api/v1"
 FEDERATION_PREFIX = "/matrix/federation/v1"
-WEB_CLIENT_PREFIX = "/matrix/client"
\ No newline at end of file
+WEB_CLIENT_PREFIX = "/matrix/client"
+CONTENT_REPO_PREFIX = "/matrix/content"
\ No newline at end of file
diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 3429a29a6b..ca102236cf 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -24,9 +24,11 @@ from twisted.python.log import PythonLoggingObserver
 from twisted.web.resource import Resource
 from twisted.web.static import File
 from twisted.web.server import Site
-from synapse.http.server import JsonResource, RootRedirect
+from synapse.http.server import JsonResource, RootRedirect, ContentRepoResource
 from synapse.http.client import TwistedHttpClient
-from synapse.api.urls import CLIENT_PREFIX, FEDERATION_PREFIX, WEB_CLIENT_PREFIX
+from synapse.api.urls import (
+    CLIENT_PREFIX, FEDERATION_PREFIX, WEB_CLIENT_PREFIX, CONTENT_REPO_PREFIX
+)
 
 from daemonize import Daemonize
 
@@ -53,6 +55,9 @@ class SynapseHomeServer(HomeServer):
     def build_resource_for_web_client(self):
         return File("webclient")  # TODO configurable?
 
+    def build_resource_for_content_repo(self):
+        return ContentRepoResource("uploads", self.auth)
+
     def build_db_pool(self):
         """ Set up all the dbs. Since all the *.sql have IF NOT EXISTS, so we
         don't have to worry about overwriting existing content.
@@ -101,7 +106,8 @@ class SynapseHomeServer(HomeServer):
         # [ ("/aaa/bbb/cc", Resource1), ("/aaa/dummy", Resource2) ]
         desired_tree = [
             (CLIENT_PREFIX, self.get_resource_for_client()),
-            (FEDERATION_PREFIX, self.get_resource_for_federation())
+            (FEDERATION_PREFIX, self.get_resource_for_federation()),
+            (CONTENT_REPO_PREFIX, self.get_resource_for_content_repo())
         ]
         if web_client:
             logger.info("Adding the web client.")
diff --git a/synapse/federation/replication.py b/synapse/federation/replication.py
index 3e5f1a4108..8030d0963f 100644
--- a/synapse/federation/replication.py
+++ b/synapse/federation/replication.py
@@ -158,6 +158,7 @@ class ReplicationLayer(object):
 
         # TODO, add errback, etc.
         self._transaction_queue.enqueue_edu(edu)
+        return defer.succeed(None)
 
     @log_function
     def make_query(self, destination, query_type, args):
diff --git a/synapse/handlers/presence.py b/synapse/handlers/presence.py
index f140dc527a..60684f17d7 100644
--- a/synapse/handlers/presence.py
+++ b/synapse/handlers/presence.py
@@ -383,7 +383,7 @@ class PresenceHandler(BaseHandler):
         logger.debug("Start polling for presence from %s", user)
 
         if target_user:
-            target_users = set(target_user)
+            target_users = set([target_user])
         else:
             presence = yield self.store.get_presence_list(
                 user.localpart, accepted=True
@@ -463,9 +463,13 @@ class PresenceHandler(BaseHandler):
         deferreds = []
 
         if target_user:
-            raise NotImplementedError("TODO: remove one user")
+            if target_user not in self._remote_recvmap:
+                return
+            target_users = set([target_user])
+        else:
+            target_users = self._remote_recvmap.keys()
 
-        remoteusers = [u for u in self._remote_recvmap
+        remoteusers = [u for u in target_users
                        if user in self._remote_recvmap[u]]
         remoteusers_by_domain = partition(remoteusers, lambda u: u.domain)
 
diff --git a/synapse/http/server.py b/synapse/http/server.py
index bad2738bde..c28d9a33f9 100644
--- a/synapse/http/server.py
+++ b/synapse/http/server.py
@@ -17,16 +17,23 @@
 from syutil.jsonutil import (
     encode_canonical_json, encode_pretty_printed_json
 )
-from synapse.api.errors import cs_exception, CodeMessageException
+from synapse.api.errors import (
+    cs_exception, SynapseError, CodeMessageException, Codes, cs_error
+)
+from synapse.util.stringutils import random_string
 
 from twisted.internet import defer, reactor
+from twisted.protocols.basic import FileSender
 from twisted.web import server, resource
 from twisted.web.server import NOT_DONE_YET
 from twisted.web.util import redirectTo
 
+import base64
 import collections
+import json
 import logging
-
+import os
+import re
 
 logger = logging.getLogger(__name__)
 
@@ -125,7 +132,11 @@ class JsonResource(HttpServer, resource.Resource):
                 {"error": "Unrecognized request"}
             )
         except CodeMessageException as e:
-            logger.exception(e)
+            if isinstance(e, SynapseError):
+                logger.error("%s SynapseError: %s - %s", request, e.code,
+                             e.msg)
+            else:
+                logger.exception(e)
             self._send_response(
                 request,
                 e.code,
@@ -140,6 +151,14 @@ class JsonResource(HttpServer, resource.Resource):
             )
 
     def _send_response(self, request, code, response_json_object):
+        # could alternatively use request.notifyFinish() and flip a flag when
+        # the Deferred fires, but since the flag is RIGHT THERE it seems like
+        # a waste.
+        if request._disconnected:
+            logger.warn(
+                "Not sending response to request %s, already disconnected.",
+                request)
+            return
 
         if not self._request_user_agent_is_curl(request):
             json_bytes = encode_canonical_json(response_json_object)
@@ -176,6 +195,141 @@ class RootRedirect(resource.Resource):
         return resource.Resource.getChild(self, name, request)
 
 
+class ContentRepoResource(resource.Resource):
+    """Provides file uploading and downloading.
+
+    Uploads are POSTed to wherever this Resource is linked to. This resource
+    returns a "content token" which can be used to GET this content again. The
+    token is typically a path, but it may not be. Tokens can expire, be one-time
+    uses, etc.
+
+    In this case, the token is a path to the file and contains 3 interesting
+    sections:
+        - User ID base64d (for namespacing content to each user)
+        - random 24 char string
+        - Content type base64d (so we can return it when clients GET it)
+
+    """
+    isLeaf = True
+
+    def __init__(self, directory, auth):
+        resource.Resource.__init__(self)
+        self.directory = directory
+        self.auth = auth
+
+        if not os.path.isdir(self.directory):
+            os.mkdir(self.directory)
+            logger.info("ContentRepoResource : Created %s directory.",
+                        self.directory)
+
+    @defer.inlineCallbacks
+    def map_request_to_name(self, request):
+        # auth the user
+        auth_user = yield self.auth.get_user_by_req(request)
+
+        # namespace all file uploads on the user
+        prefix = base64.urlsafe_b64encode(
+            auth_user.to_string()
+        ).replace('=', '')
+
+        # use a random string for the main portion
+        main_part = random_string(24)
+
+        # suffix with a file extension if we can make one. This is nice to
+        # provide a hint to clients on the file information. We will also reuse
+        # this info to spit back the content type to the client.
+        suffix = ""
+        if request.requestHeaders.hasHeader("Content-Type"):
+            content_type = request.requestHeaders.getRawHeaders(
+                "Content-Type")[0]
+            suffix = "." + base64.urlsafe_b64encode(content_type)
+            if (content_type.split("/")[0].lower() in
+                    ["image", "video", "audio"]):
+                file_ext = content_type.split("/")[-1]
+                # be a little paranoid and only allow a-z
+                file_ext = re.sub("[^a-z]", "", file_ext)
+                suffix += "." + file_ext
+
+        file_path = os.path.join(self.directory, prefix + main_part + suffix)
+        logger.info("User %s is uploading a file to path %s",
+                    auth_user.to_string(),
+                    file_path)
+
+        # keep trying to make a non-clashing file, with a sensible max attempts
+        attempts = 0
+        while os.path.exists(file_path):
+            main_part = random_string(24)
+            file_path = os.path.join(self.directory,
+                                     prefix + main_part + suffix)
+            attempts += 1
+            if attempts > 25:  # really? Really?
+                raise SynapseError(500, "Unable to create file.")
+
+        defer.returnValue(file_path)
+
+    def render_GET(self, request):
+        # no auth here on purpose, to allow anyone to view, even across home
+        # servers.
+
+        # TODO: A little crude here, we could do this better.
+        filename = request.path.split(self.directory + "/")[1]
+        # be paranoid
+        filename = re.sub("[^0-9A-z.-_]", "", filename)
+
+        file_path = self.directory + "/" + filename
+        if os.path.isfile(file_path):
+            # filename has the content type
+            base64_contentype = filename.split(".")[1]
+            content_type = base64.urlsafe_b64decode(base64_contentype)
+            logger.info("Sending file %s", file_path)
+            f = open(file_path, 'rb')
+            request.setHeader('Content-Type', content_type)
+            d = FileSender().beginFileTransfer(f, request)
+
+            # after the file has been sent, clean up and finish the request
+            def cbFinished(ignored):
+                f.close()
+                request.finish()
+            d.addCallback(cbFinished)
+        else:
+            respond_with_json_bytes(
+                request,
+                404,
+                json.dumps(cs_error("Not found", code=Codes.NOT_FOUND)),
+                send_cors=True)
+
+        return server.NOT_DONE_YET
+
+    def render_POST(self, request):
+        self._async_render(request)
+        return server.NOT_DONE_YET
+
+    @defer.inlineCallbacks
+    def _async_render(self, request):
+        try:
+            fname = yield self.map_request_to_name(request)
+
+            # TODO I have a suspcious feeling this is just going to block
+            with open(fname, "wb") as f:
+                f.write(request.content.read())
+
+            respond_with_json_bytes(request, 200,
+                                    json.dumps({"content_token": fname}),
+                                    send_cors=True)
+
+        except CodeMessageException as e:
+            logger.exception(e)
+            respond_with_json_bytes(request, e.code,
+                                    json.dumps(cs_exception(e)))
+        except Exception as e:
+            logger.error("Failed to store file: %s" % e)
+            respond_with_json_bytes(
+                request,
+                500,
+                json.dumps({"error": "Internal server error"}),
+                send_cors=True)
+
+
 def respond_with_json_bytes(request, code, json_bytes, send_cors=False):
     """Sends encoded JSON in response to the given request.
 
diff --git a/synapse/rest/room.py b/synapse/rest/room.py
index 89ea9f0d25..1c48e63628 100644
--- a/synapse/rest/room.py
+++ b/synapse/rest/room.py
@@ -170,8 +170,10 @@ class RoomMemberRestServlet(RestServlet):
         user = yield self.auth.get_user_by_req(request)
 
         handler = self.handlers.room_member_handler
-        member = yield handler.get_room_member(room_id, target_user_id,
-                                               user.to_string())
+        member = yield handler.get_room_member(
+            room_id,
+            urllib.unquote(target_user_id),
+            user.to_string())
         if not member:
             raise SynapseError(404, "Member not found.",
                                errcode=Codes.NOT_FOUND)
@@ -183,7 +185,7 @@ class RoomMemberRestServlet(RestServlet):
 
         event = self.event_factory.create_event(
             etype=self.get_event_type(),
-            target_user_id=target_user_id,
+            target_user_id=urllib.unquote(target_user_id),
             room_id=urllib.unquote(roomid),
             user_id=user.to_string(),
             membership=Membership.LEAVE,
@@ -210,7 +212,7 @@ class RoomMemberRestServlet(RestServlet):
 
         event = self.event_factory.create_event(
             etype=self.get_event_type(),
-            target_user_id=target_user_id,
+            target_user_id=urllib.unquote(target_user_id),
             room_id=urllib.unquote(roomid),
             user_id=user.to_string(),
             membership=content["membership"],
@@ -218,8 +220,8 @@ class RoomMemberRestServlet(RestServlet):
             )
 
         handler = self.handlers.room_member_handler
-        result = yield handler.change_membership(event, broadcast_msg=True)
-        defer.returnValue((200, result))
+        yield handler.change_membership(event, broadcast_msg=True)
+        defer.returnValue((200, ""))
 
 
 class MessageRestServlet(RestServlet):
@@ -235,7 +237,7 @@ class MessageRestServlet(RestServlet):
 
         msg_handler = self.handlers.message_handler
         msg = yield msg_handler.get_message(room_id=urllib.unquote(room_id),
-                                            sender_id=sender_id,
+                                            sender_id=urllib.unquote(sender_id),
                                             msg_id=msg_id,
                                             user_id=user.to_string(),
                                             )
@@ -250,7 +252,7 @@ class MessageRestServlet(RestServlet):
     def on_PUT(self, request, room_id, sender_id, msg_id):
         user = yield self.auth.get_user_by_req(request)
 
-        if user.to_string() != sender_id:
+        if user.to_string() != urllib.unquote(sender_id):
             raise SynapseError(403, "Must send messages as yourself.",
                                errcode=Codes.FORBIDDEN)
 
diff --git a/synapse/server.py b/synapse/server.py
index 0f7ac352ae..d4c2481483 100644
--- a/synapse/server.py
+++ b/synapse/server.py
@@ -72,6 +72,7 @@ class BaseHomeServer(object):
         'resource_for_client',
         'resource_for_federation',
         'resource_for_web_client',
+        'resource_for_content_repo',
     ]
 
     def __init__(self, hostname, **kwargs):
@@ -140,6 +141,7 @@ class HomeServer(BaseHomeServer):
         resource_for_client
         resource_for_web_client
         resource_for_federation
+        resource_for_content_repo
         http_client
         db_pool
     """
diff --git a/synapse/types.py b/synapse/types.py
index 054b1e713c..b8e191bb3c 100644
--- a/synapse/types.py
+++ b/synapse/types.py
@@ -32,6 +32,12 @@ class DomainSpecificString(
             HomeServer as being its own
     """
 
+    # Deny iteration because it will bite you if you try to create a singleton
+    # set by:
+    #    users = set(user)
+    def __iter__(self):
+        raise ValueError("Attempted to iterate a %s" % (type(self).__name__))
+
     @classmethod
     def from_string(cls, s, hs):
         """Parse the string given by 's' into a structure object."""