diff --git a/tests/handlers/test_e2e_keys.py b/tests/handlers/test_e2e_keys.py
index 3d931abb06..0e6352ff4b 100644
--- a/tests/handlers/test_e2e_keys.py
+++ b/tests/handlers/test_e2e_keys.py
@@ -1101,6 +1101,56 @@ class E2eKeysHandlerTestCase(unittest.HomeserverTestCase):
},
)
+ def test_has_different_keys(self) -> None:
+ """check that has_different_keys returns True when the keys provided are different to what
+ is in the database."""
+ local_user = "@boris:" + self.hs.hostname
+ keys1 = {
+ "master_key": {
+ # private key: 2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0
+ "user_id": local_user,
+ "usage": ["master"],
+ "keys": {
+ "ed25519:nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk": "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk"
+ },
+ }
+ }
+ self.get_success(self.handler.upload_signing_keys_for_user(local_user, keys1))
+ is_different = self.get_success(
+ self.handler.has_different_keys(
+ local_user,
+ {
+ "master_key": keys1["master_key"],
+ },
+ )
+ )
+ self.assertEqual(is_different, False)
+ # change the usage => different keys
+ keys1["master_key"]["usage"] = ["develop"]
+ is_different = self.get_success(
+ self.handler.has_different_keys(
+ local_user,
+ {
+ "master_key": keys1["master_key"],
+ },
+ )
+ )
+ self.assertEqual(is_different, True)
+ keys1["master_key"]["usage"] = ["master"] # reset
+ # change the key => different keys
+ keys1["master_key"]["keys"] = {
+ "ed25519:nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unIc0rncs": "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unIc0rncs"
+ }
+ is_different = self.get_success(
+ self.handler.has_different_keys(
+ local_user,
+ {
+ "master_key": keys1["master_key"],
+ },
+ )
+ )
+ self.assertEqual(is_different, True)
+
def test_query_devices_remote_sync(self) -> None:
"""Tests that querying keys for a remote user that we share a room with,
but haven't yet fetched the keys for, returns the cross signing keys
diff --git a/tests/rest/admin/test_media.py b/tests/rest/admin/test_media.py
index 493e1d1919..f378165513 100644
--- a/tests/rest/admin/test_media.py
+++ b/tests/rest/admin/test_media.py
@@ -277,7 +277,8 @@ class DeleteMediaByDateSizeTestCase(_AdminMediaTests):
self.assertEqual(400, channel.code, msg=channel.json_body)
self.assertEqual(Codes.MISSING_PARAM, channel.json_body["errcode"])
self.assertEqual(
- "Missing integer query parameter 'before_ts'", channel.json_body["error"]
+ "Missing required integer query parameter before_ts",
+ channel.json_body["error"],
)
def test_invalid_parameter(self) -> None:
@@ -320,7 +321,7 @@ class DeleteMediaByDateSizeTestCase(_AdminMediaTests):
self.assertEqual(400, channel.code, msg=channel.json_body)
self.assertEqual(Codes.INVALID_PARAM, channel.json_body["errcode"])
self.assertEqual(
- "Query parameter size_gt must be a string representing a positive integer.",
+ "Query parameter size_gt must be a positive integer.",
channel.json_body["error"],
)
diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py
index 0b669b6ee7..7562747260 100644
--- a/tests/rest/admin/test_room.py
+++ b/tests/rest/admin/test_room.py
@@ -21,6 +21,7 @@
import json
import time
import urllib.parse
+from http import HTTPStatus
from typing import List, Optional
from unittest.mock import AsyncMock, Mock
@@ -2190,6 +2191,33 @@ class RoomMessagesTestCase(unittest.HomeserverTestCase):
chunk = channel.json_body["chunk"]
self.assertEqual(len(chunk), 0, [event["content"] for event in chunk])
+ def test_room_message_filter_query_validation(self) -> None:
+ # Test json validation in (filter) query parameter.
+ # Does not test the validity of the filter, only the json validation.
+
+ # Check Get with valid json filter parameter, expect 200.
+ valid_filter_str = '{"types": ["m.room.message"]}'
+ channel = self.make_request(
+ "GET",
+ f"/_synapse/admin/v1/rooms/{self.room_id}/messages?dir=b&filter={valid_filter_str}",
+ access_token=self.admin_user_tok,
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
+
+ # Check Get with invalid json filter parameter, expect 400 NOT_JSON.
+ invalid_filter_str = "}}}{}"
+ channel = self.make_request(
+ "GET",
+ f"/_synapse/admin/v1/rooms/{self.room_id}/messages?dir=b&filter={invalid_filter_str}",
+ access_token=self.admin_user_tok,
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.BAD_REQUEST, channel.json_body)
+ self.assertEqual(
+ channel.json_body["errcode"], Codes.NOT_JSON, channel.json_body
+ )
+
class JoinAliasRoomTestCase(unittest.HomeserverTestCase):
servlets = [
@@ -2522,6 +2550,39 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):
else:
self.fail("Event %s from events_after not found" % j)
+ def test_room_event_context_filter_query_validation(self) -> None:
+ # Test json validation in (filter) query parameter.
+ # Does not test the validity of the filter, only the json validation.
+
+ # Create a user with room and event_id.
+ user_id = self.register_user("test", "test")
+ user_tok = self.login("test", "test")
+ room_id = self.helper.create_room_as(user_id, tok=user_tok)
+ event_id = self.helper.send(room_id, "message 1", tok=user_tok)["event_id"]
+
+ # Check Get with valid json filter parameter, expect 200.
+ valid_filter_str = '{"types": ["m.room.message"]}'
+ channel = self.make_request(
+ "GET",
+ f"/_synapse/admin/v1/rooms/{room_id}/context/{event_id}?filter={valid_filter_str}",
+ access_token=self.admin_user_tok,
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
+
+ # Check Get with invalid json filter parameter, expect 400 NOT_JSON.
+ invalid_filter_str = "}}}{}"
+ channel = self.make_request(
+ "GET",
+ f"/_synapse/admin/v1/rooms/{room_id}/context/{event_id}?filter={invalid_filter_str}",
+ access_token=self.admin_user_tok,
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.BAD_REQUEST, channel.json_body)
+ self.assertEqual(
+ channel.json_body["errcode"], Codes.NOT_JSON, channel.json_body
+ )
+
class MakeRoomAdminTestCase(unittest.HomeserverTestCase):
servlets = [
diff --git a/tests/rest/client/test_register.py b/tests/rest/client/test_register.py
index 859051cdda..694f143eff 100644
--- a/tests/rest/client/test_register.py
+++ b/tests/rest/client/test_register.py
@@ -22,6 +22,7 @@
import datetime
import os
from typing import Any, Dict, List, Tuple
+from unittest.mock import AsyncMock
import pkg_resources
@@ -42,6 +43,7 @@ from synapse.types import JsonDict
from synapse.util import Clock
from tests import unittest
+from tests.server import ThreadedMemoryReactorClock
from tests.unittest import override_config
@@ -58,6 +60,13 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):
config["allow_guest_access"] = True
return config
+ def make_homeserver(
+ self, reactor: ThreadedMemoryReactorClock, clock: Clock
+ ) -> HomeServer:
+ hs = super().make_homeserver(reactor, clock)
+ hs.get_send_email_handler()._sendmail = AsyncMock()
+ return hs
+
def test_POST_appservice_registration_valid(self) -> None:
user_id = "@as_user_kermit:test"
as_token = "i_am_an_app_service"
diff --git a/tests/rest/client/test_rendezvous.py b/tests/rest/client/test_rendezvous.py
index 294b39f179..c84704c090 100644
--- a/tests/rest/client/test_rendezvous.py
+++ b/tests/rest/client/test_rendezvous.py
@@ -27,8 +27,10 @@ from synapse.util import Clock
from tests import unittest
from tests.unittest import override_config
+from tests.utils import HAS_AUTHLIB
-endpoint = "/_matrix/client/unstable/org.matrix.msc3886/rendezvous"
+msc3886_endpoint = "/_matrix/client/unstable/org.matrix.msc3886/rendezvous"
+msc4108_endpoint = "/_matrix/client/unstable/org.matrix.msc4108/rendezvous"
class RendezvousServletTestCase(unittest.HomeserverTestCase):
@@ -41,11 +43,35 @@ class RendezvousServletTestCase(unittest.HomeserverTestCase):
return self.hs
def test_disabled(self) -> None:
- channel = self.make_request("POST", endpoint, {}, access_token=None)
+ channel = self.make_request("POST", msc3886_endpoint, {}, access_token=None)
+ self.assertEqual(channel.code, 404)
+ channel = self.make_request("POST", msc4108_endpoint, {}, access_token=None)
self.assertEqual(channel.code, 404)
@override_config({"experimental_features": {"msc3886_endpoint": "/asd"}})
- def test_redirect(self) -> None:
- channel = self.make_request("POST", endpoint, {}, access_token=None)
+ def test_msc3886_redirect(self) -> None:
+ channel = self.make_request("POST", msc3886_endpoint, {}, access_token=None)
self.assertEqual(channel.code, 307)
self.assertEqual(channel.headers.getRawHeaders("Location"), ["/asd"])
+
+ @unittest.skip_unless(HAS_AUTHLIB, "requires authlib")
+ @override_config(
+ {
+ "disable_registration": True,
+ "experimental_features": {
+ "msc4108_delegation_endpoint": "https://asd",
+ "msc3861": {
+ "enabled": True,
+ "issuer": "https://issuer",
+ "client_id": "client_id",
+ "client_auth_method": "client_secret_post",
+ "client_secret": "client_secret",
+ "admin_token": "admin_token_value",
+ },
+ },
+ }
+ )
+ def test_msc4108_delegation(self) -> None:
+ channel = self.make_request("POST", msc4108_endpoint, {}, access_token=None)
+ self.assertEqual(channel.code, 307)
+ self.assertEqual(channel.headers.getRawHeaders("Location"), ["https://asd"])
diff --git a/tests/rest/client/test_rooms.py b/tests/rest/client/test_rooms.py
index 1364615085..b796163dcb 100644
--- a/tests/rest/client/test_rooms.py
+++ b/tests/rest/client/test_rooms.py
@@ -2175,6 +2175,31 @@ class RoomMessageListTestCase(RoomBase):
chunk = channel.json_body["chunk"]
self.assertEqual(len(chunk), 0, [event["content"] for event in chunk])
+ def test_room_message_filter_query_validation(self) -> None:
+ # Test json validation in (filter) query parameter.
+ # Does not test the validity of the filter, only the json validation.
+
+ # Check Get with valid json filter parameter, expect 200.
+ valid_filter_str = '{"types": ["m.room.message"]}'
+ channel = self.make_request(
+ "GET",
+ f"/rooms/{self.room_id}/messages?access_token=x&dir=b&filter={valid_filter_str}",
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
+
+ # Check Get with invalid json filter parameter, expect 400 NOT_JSON.
+ invalid_filter_str = "}}}{}"
+ channel = self.make_request(
+ "GET",
+ f"/rooms/{self.room_id}/messages?access_token=x&dir=b&filter={invalid_filter_str}",
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.BAD_REQUEST, channel.json_body)
+ self.assertEqual(
+ channel.json_body["errcode"], Codes.NOT_JSON, channel.json_body
+ )
+
class RoomMessageFilterTestCase(RoomBase):
"""Tests /rooms/$room_id/messages REST events."""
@@ -3213,6 +3238,33 @@ class ContextTestCase(unittest.HomeserverTestCase):
self.assertDictEqual(events_after[0].get("content"), {}, events_after[0])
self.assertEqual(events_after[1].get("content"), {}, events_after[1])
+ def test_room_event_context_filter_query_validation(self) -> None:
+ # Test json validation in (filter) query parameter.
+ # Does not test the validity of the filter, only the json validation.
+ event_id = self.helper.send(self.room_id, "message 7", tok=self.tok)["event_id"]
+
+ # Check Get with valid json filter parameter, expect 200.
+ valid_filter_str = '{"types": ["m.room.message"]}'
+ channel = self.make_request(
+ "GET",
+ f"/rooms/{self.room_id}/context/{event_id}?filter={valid_filter_str}",
+ access_token=self.tok,
+ )
+ self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
+
+ # Check Get with invalid json filter parameter, expect 400 NOT_JSON.
+ invalid_filter_str = "}}}{}"
+ channel = self.make_request(
+ "GET",
+ f"/rooms/{self.room_id}/context/{event_id}?filter={invalid_filter_str}",
+ access_token=self.tok,
+ )
+
+ self.assertEqual(channel.code, HTTPStatus.BAD_REQUEST, channel.json_body)
+ self.assertEqual(
+ channel.json_body["errcode"], Codes.NOT_JSON, channel.json_body
+ )
+
class RoomAliasListTestCase(unittest.HomeserverTestCase):
servlets = [
|
