Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add signing host and keyname to signatures | Daniel Wagner-Hall | 2015-10-16 | 1 | -5/+9 |
| | |||||
* | Verify third party ID server certificates | Daniel Wagner-Hall | 2015-10-16 | 1 | -0/+11 |
| | |||||
* | Remove unnecessary class-wrapping | Daniel Wagner-Hall | 2015-10-13 | 1 | -3/+3 |
| | |||||
* | Add some docstring | Daniel Wagner-Hall | 2015-10-13 | 1 | -0/+15 |
| | |||||
* | Move event contents into third_party_layout field | Daniel Wagner-Hall | 2015-10-13 | 1 | -9/+12 |
| | |||||
* | Add third party invites to auth_events for joins | Daniel Wagner-Hall | 2015-10-06 | 1 | -0/+5 |
| | |||||
* | Merge branch 'develop' into daniel/3pidinvites | Daniel Wagner-Hall | 2015-10-05 | 1 | -1/+24 |
|\ | |||||
| * | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatable | Erik Johnston | 2015-10-02 | 1 | -3/+140 |
| |\ | |||||
| * \ | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatable | Erik Johnston | 2015-09-14 | 1 | -8/+27 |
| |\ \ | |||||
| * | | | Also check the domains for membership state_keys | Erik Johnston | 2015-09-01 | 1 | -0/+9 |
| | | | | |||||
| * | | | Merge branch 'erikj/check_room_exists' into erikj/unfederatable | Erik Johnston | 2015-09-01 | 1 | -0/+8 |
| |\ \ \ | |||||
| * | | | | Check against sender rather than event_id | Erik Johnston | 2015-09-01 | 1 | -3/+3 |
| | | | | | |||||
| * | | | | Add flag which disables federation of the room | Erik Johnston | 2015-09-01 | 1 | -1/+15 |
| | | | | | |||||
* | | | | | Implement third party identifier invites | Daniel Wagner-Hall | 2015-10-01 | 1 | -1/+32 |
| |_|_|/ |/| | | | |||||
* | | | | Merge pull request #276 from ↵ | Mark Haines | 2015-09-21 | 1 | -0/+51 |
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | matrix-org/markjh/history_for_rooms_that_have_been_left SPEC-216: Allow users to view the history of rooms that they have left. | ||||
| * | | | | Clarify which event is returned by check_user_was_in_room | Mark Haines | 2015-09-21 | 1 | -2/+3 |
| | | | | | |||||
| * | | | | Allow rooms/{roomId}/state for a room that has been left | Mark Haines | 2015-09-09 | 1 | -1/+2 |
| | | | | | |||||
| * | | | | Allow room initialSync for users that have left the room, returning a ↵ | Mark Haines | 2015-09-09 | 1 | -0/+49 |
| | | | | | | | | | | | | | | | | | | | | snapshot of how the room was when they left it | ||||
* | | | | | Merge pull request #256 from matrix-org/auth | Daniel Wagner-Hall | 2015-09-14 | 1 | -3/+89 |
|\ \ \ \ \ | |_|_|_|/ |/| | | | | Attempt to validate macaroons | ||||
| * | | | | s/user_id/user/g for consistency | Daniel Wagner-Hall | 2015-09-01 | 1 | -10/+10 |
| | | | | | |||||
| * | | | | Attempt to validate macaroons | Daniel Wagner-Hall | 2015-08-26 | 1 | -9/+95 |
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A couple of weird caveats: * If we can't validate your macaroon, we fall back to checking that your access token is in the DB, and ignoring the failure * Even if we can validate your macaroon, we still have to hit the DB to get the access token ID, which we pretend is a device ID all over the codebase. This mostly adds the interesting code, and points out the two pieces we need to delete (and necessary conditions) in order to fix the above caveats. | ||||
* | | | | Merge pull request #265 from matrix-org/erikj/check_room_exists | Erik Johnston | 2015-09-14 | 1 | -0/+8 |
|\ \ \ \ | |_|/ / |/| | / | | |/ | |/| | Check room exists when authenticating an event | ||||
| * | | Fix tests | Erik Johnston | 2015-09-01 | 1 | -1/+1 |
| | | | |||||
| * | | Check room exists when authenticating an event, by asserting they reference ↵ | Erik Johnston | 2015-09-01 | 1 | -0/+8 |
| |/ | | | | | | | a creation event | ||||
* | | Check domain of events properly | Daniel Wagner-Hall | 2015-09-01 | 1 | -1/+3 |
| | | | | | | | | Federated servers still need to delegate authority to owning servers | ||||
* | | Allow users to redact their own events | Daniel Wagner-Hall | 2015-08-28 | 1 | -8/+25 |
|/ | |||||
* | Stop looking up "admin", which we never read | Daniel Wagner-Hall | 2015-08-25 | 1 | -3/+1 |
| | |||||
* | Re-wrap line | Daniel Wagner-Hall | 2015-08-25 | 1 | -3/+1 |
| | |||||
* | Remove completely unused concepts from codebase | Daniel Wagner-Hall | 2015-08-25 | 1 | -10/+7 |
| | | | | | | | | | | Removes device_id and ClientInfo device_id is never actually written, and the matrix.org DB has no non-null entries for it. Right now, it's just cluttering up code. This doesn't remove the columns from the database, because that's fiddly. | ||||
* | s/by_token/by_access_token/g | Daniel Wagner-Hall | 2015-08-20 | 1 | -3/+3 |
| | | | | We're about to have two kinds of token, access and refresh | ||||
* | Set request.authenticated_entity for application services | Erik Johnston | 2015-08-18 | 1 | -0/+3 |
| | |||||
* | Add missing space because linter | Daniel Wagner-Hall | 2015-08-11 | 1 | -1/+1 |
| | |||||
* | Minor docs cleanup | Daniel Wagner-Hall | 2015-08-11 | 1 | -2/+7 |
| | |||||
* | Remove redundant if-guard | Daniel Wagner-Hall | 2015-08-11 | 1 | -13/+12 |
| | | | | The startswith("@") does the job | ||||
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Erik Johnston | 2015-07-13 | 1 | -1/+2 |
|\ | | | | | | | erikj/power_level_sanity | ||||
| * | Add m.room.history_visibility to newly created rooms' m.room.power_levels | Erik Johnston | 2015-07-06 | 1 | -0/+1 |
| | | |||||
| * | Add m.room.history_visibility to list of auth events | Erik Johnston | 2015-07-03 | 1 | -1/+1 |
| | | |||||
* | | Sanitize power level checks | Erik Johnston | 2015-07-10 | 1 | -15/+21 |
| | | |||||
* | | You shouldn't be able to ban/kick users with higher power levels | Erik Johnston | 2015-07-10 | 1 | -2/+5 |
|/ | |||||
* | Log more when we have processed the request | Erik Johnston | 2015-06-15 | 1 | -0/+2 |
| | |||||
* | Typo | Erik Johnston | 2015-05-01 | 1 | -1/+1 |
| | |||||
* | Remove some run_on_reactors | Erik Johnston | 2015-05-01 | 1 | -3/+0 |
| | |||||
* | Don't log all auth events every time we call auth.check | Erik Johnston | 2015-05-01 | 1 | -1/+4 |
| | |||||
* | Don't wait for storage of access_token | Erik Johnston | 2015-05-01 | 1 | -1/+1 |
| | |||||
* | Merge pull request #126 from matrix-org/csauth | Mark Haines | 2015-04-28 | 1 | -19/+27 |
|\ | | | | | Client / Server Auth Refactor | ||||
| * | Merge branch 'develop' into csauth | David Baker | 2015-04-24 | 1 | -58/+30 |
| |\ | | | | | | | | | | | | | Conflicts: synapse/http/server.py | ||||
| * | | Add an error code to 'missing token' response. | David Baker | 2015-04-23 | 1 | -1/+2 |
| | | | |||||
| * | | Merge branch 'develop' into csauth | David Baker | 2015-04-17 | 1 | -14/+11 |
| |\ \ | |||||
| * | | | unused import | David Baker | 2015-03-24 | 1 | -1/+1 |
| | | | | |||||
| * | | | 1) Pushers are now associated with an access token | David Baker | 2015-03-24 | 1 | -18/+25 |
| | | | | | | | | | | | | | | | | 2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it. | ||||
* | | | | Merge branch 'develop' into invite_power_level | Paul "LeoNerd" Evans | 2015-04-27 | 1 | -36/+12 |
|\ \ \ \ | | |_|/ | |/| | | |||||
| * | | | Neater fetching of user's auth level in a room - squash to int() at access ↵ | Paul "LeoNerd" Evans | 2015-04-22 | 1 | -35/+12 |
| | | | | | | | | | | | | | | | | time (SYN-353) | ||||
| * | | | Appease pep8 | Paul "LeoNerd" Evans | 2015-04-22 | 1 | -1/+0 |
| | | | | |||||
* | | | | Also remember to check 'invite' level for changes | Paul "LeoNerd" Evans | 2015-04-21 | 1 | -0/+1 |
| | | | | |||||
* | | | | Initial implementation of an 'invite' power_level | Paul "LeoNerd" Evans | 2015-04-21 | 1 | -0/+7 |
|/ / / | |||||
* | | | Much neater fetching of defined powerlevels from m.room.power_levels state event | Paul "LeoNerd" Evans | 2015-04-21 | 1 | -31/+21 |
| | | | |||||
* | | | Remove debugging print statement accidentally committed | Paul "LeoNerd" Evans | 2015-04-21 | 1 | -1/+0 |
| | | | |||||
* | | | Sanitise a user's powerlevel to an int() before numerical comparison, ↵ | Paul "LeoNerd" Evans | 2015-04-21 | 1 | -0/+7 |
| |/ |/| | | | | | because otherwise Python is "helpful" with it (SYN-351) | ||||
* | | Neater implementation of membership change auth checks, ensuring we can't ↵ | Paul "LeoNerd" Evans | 2015-04-15 | 1 | -18/+10 |
| | | | | | | | | forget to check if the calling user is a member of the room | ||||
* | | Ensure that non-room-members cannot ban others, even if they do have enough ↵ | Paul "LeoNerd" Evans | 2015-04-15 | 1 | -0/+5 |
| | | | | | | | | powerlevel (SYN-343) | ||||
* | | Fix a bug which causes a send event level of 0 to not be honoured. | Kegan Dougal | 2015-04-07 | 1 | -1/+1 |
|/ | | | | | Caused by a bad if check, which incorrectly executes for both 0 and None, when None was the original intent. | ||||
* | @cached() annotate get_user_by_token() - achieves a minor DB performance ↵ | Paul "LeoNerd" Evans | 2015-03-17 | 1 | -1/+1 |
| | | | | improvement | ||||
* | Remove concept of context.auth_events, instead use context.current_state | Erik Johnston | 2015-03-16 | 1 | -6/+0 |
| | |||||
* | Make context.auth_events grap auth events from current state. Otherwise auth ↵ | Erik Johnston | 2015-03-16 | 1 | -1/+7 |
| | | | | is wrong. | ||||
* | Respect ban membership | Erik Johnston | 2015-03-16 | 1 | -5/+17 |
| | |||||
* | Merge branch 'develop' into application-services | Kegan Dougal | 2015-02-11 | 1 | -7/+14 |
|\ | |||||
| * | During room intial sync, only calculate current state once. | Erik Johnston | 2015-02-09 | 1 | -7/+14 |
| | | |||||
* | | Modify auth.get_user_by_req for authing appservices directly. | Kegan Dougal | 2015-02-09 | 1 | -18/+16 |
| | | | | | | | | | | | | Add logic to map the appservice token to the autogenned appservice user ID. Add unit tests for all forms of get_user_by_req (user/appservice, valid/bad/missing tokens) | ||||
* | | Grant ASes the ability to create alias in their own namespace. | Kegan Dougal | 2015-02-06 | 1 | -0/+12 |
| | | | | | | | | | | | | Add a new errcode type M_EXCLUSIVE when users try to create aliases inside AS namespaces, and when ASes try to create aliases outside their own namespace. | ||||
* | | Fix unit tests. | Kegan Dougal | 2015-02-05 | 1 | -0/+6 |
| | | |||||
* | | Add CS extension for masquerading as users within the namespaces specified ↵ | Kegan Dougal | 2015-02-05 | 1 | -0/+23 |
|/ | | | | by the AS. | ||||
* | Change context.auth_events to what the auth_events would be bases on ↵ | Erik Johnston | 2015-02-04 | 1 | -6/+6 |
| | | | | context.current_state, rather than based on the auth_events from the event. | ||||
* | Keep around the old (buggy) version of the prune_event function so that we ↵ | Erik Johnston | 2015-02-03 | 1 | -2/+0 |
| | | | | can use it to check signatures for events on old servers | ||||
* | Fix bug where we superfluously asked for current state. Change API of ↵ | Erik Johnston | 2015-01-30 | 1 | -0/+2 |
| | | | | /query_auth/ so that we don't duplicate events in the response. | ||||
* | Merge branch 'develop' of github.com:matrix-org/synapse into rejections | Erik Johnston | 2015-01-30 | 1 | -3/+8 |
|\ | | | | | | | | | | | Conflicts: synapse/storage/__init__.py synapse/storage/schema/delta/v12.sql | ||||
| * | Rename ClientID to ClientInfo since it is a pair of IDs rather than a single ↵ | Mark Haines | 2015-01-28 | 1 | -2/+2 |
| | | | | | | | | identifier | ||||
| * | Add a : to the doc string after the type of the return value | Mark Haines | 2015-01-28 | 1 | -1/+1 |
| | | |||||
| * | Extract the id token of the token when authing users, include the token and ↵ | Mark Haines | 2015-01-28 | 1 | -3/+5 |
| | | | | | | | | device_id in the internal meta data for the event along with the transaction id when sending events | ||||
| * | Return the device_id from get_auth_by_req | Mark Haines | 2015-01-28 | 1 | -2/+5 |
| | | |||||
* | | Start implementing auth conflict res | Erik Johnston | 2015-01-28 | 1 | -17/+21 |
|/ | |||||
* | Replace hs.parse_userid with UserID.from_string | Mark Haines | 2015-01-23 | 1 | -4/+5 |
| | |||||
* | SYN-154: Tweak how the m.room.create check is done. | Kegan Dougal | 2015-01-07 | 1 | -10/+1 |
| | | | | | Don't perform the check in auth.is_host_in_room but instead do it in _do_join and also assert that there are no m.room.members in the room before doing so. | ||||
* | SYN-154: Better error messages when joining an unknown room by ID. | Kegan Dougal | 2015-01-07 | 1 | -1/+10 |
| | | | | | | The simple fix doesn't work here because room creation also involves unknown room IDs. The check relies on the presence of m.room.create for rooms being created, whereas bogus room IDs have no state events at all. | ||||
* | Update copyright notices | Mark Haines | 2015-01-06 | 1 | -1/+1 |
| | |||||
* | Make auth module use EventTypes constants | Erik Johnston | 2014-12-12 | 1 | -27/+23 |
| | |||||
* | Fix stream test. Make sure we add join to auth_events for invitiations | Erik Johnston | 2014-12-12 | 1 | -0/+6 |
| | |||||
* | Remove unused import | Erik Johnston | 2014-12-08 | 1 | -1/+0 |
| | |||||
* | Various typos and bug fixes. | Erik Johnston | 2014-12-08 | 1 | -7/+9 |
| | |||||
* | Start making more things use EventContext rather than event.* | Erik Johnston | 2014-12-05 | 1 | -13/+20 |
| | |||||
* | Begin converting things to use the new Event structure | Erik Johnston | 2014-12-04 | 1 | -9/+2 |
| | |||||
* | WIP for new way of managing events. | Erik Johnston | 2014-12-03 | 1 | -6/+7 |
| | |||||
* | Fix bugs when joining a remote room that has dodgy event graphs. This should ↵ | Erik Johnston | 2014-11-27 | 1 | -2/+8 |
| | | | | also fix the number of times a HS will trigger a GET /event/ | ||||
* | Fix bugs in invite/join dances. | Erik Johnston | 2014-11-25 | 1 | -70/+68 |
| | | | | | We now do more implement more of the auth on the events so that we don't reject valid events. | ||||
* | Add missing None check | Erik Johnston | 2014-11-24 | 1 | -1/+1 |
| | |||||
* | Fix pep8 codestyle warnings | Mark Haines | 2014-11-20 | 1 | -1/+1 |
| | |||||
* | Only users can set state events which have their own user_id | Erik Johnston | 2014-11-19 | 1 | -0/+20 |
| | |||||
* | Null check when determining default power levels | Mark Haines | 2014-11-18 | 1 | -1/+2 |
| | |||||
* | Fix auth to correctly handle initial creation of rooms | Erik Johnston | 2014-11-18 | 1 | -3/+21 |
| | |||||
* | Fix bugs with invites/joins across federatiom. | Erik Johnston | 2014-11-12 | 1 | -3/+16 |
| | | | | | Both in terms of auth and not trying to fetch missing PDUs for invites, joins etc. | ||||
* | Add an EventValidator. Fix bugs in auth ++ storage | Erik Johnston | 2014-11-10 | 1 | -5/+11 |
| | |||||
* | PEP8 | Erik Johnston | 2014-11-10 | 1 | -2/+1 |
| | |||||
* | Fix backfill to work. Add auth to backfill request | Erik Johnston | 2014-11-10 | 1 | -0/+6 |
| | |||||
* | Notify users about invites. | Erik Johnston | 2014-11-10 | 1 | -7/+9 |
| | |||||
* | Fix invite auth | Erik Johnston | 2014-11-10 | 1 | -3/+5 |
| | |||||
* | Fix joining over federation | Erik Johnston | 2014-11-07 | 1 | -2/+51 |
| | |||||
* | Start implementing auth chains | Erik Johnston | 2014-11-07 | 1 | -2/+1 |
| | |||||
* | Neaten things up a bit | Erik Johnston | 2014-11-07 | 1 | -5/+2 |
| | |||||
* | Amalgamate all power levels. | Erik Johnston | 2014-11-06 | 1 | -149/+72 |
| | | | | | Remove concept of reqired power levels, something similiar can be done using the new power level event. | ||||
* | Fix auth checks to all use the given old_event_state | Erik Johnston | 2014-11-05 | 1 | -24/+31 |
| | |||||
* | Fix bug in redaction auth. | Erik Johnston | 2014-10-31 | 1 | -2/+2 |
| | | | | | This caused a 500 when sending a redaction due to a typo in a method invocation. | ||||
* | Fix bug where people could join private rooms | Erik Johnston | 2014-10-17 | 1 | -39/+47 |
| | |||||
* | Use state groups to get current state. Make join dance actually work. | Erik Johnston | 2014-10-17 | 1 | -0/+5 |
| | |||||
* | Finish implementing the new join dance. | Erik Johnston | 2014-10-17 | 1 | -0/+9 |
| | |||||
* | Start implementing the invite/join dance. Continue moving auth to use ↵ | Erik Johnston | 2014-10-16 | 1 | -10/+6 |
| | | | | event.state_events | ||||
* | Begin making auth use event.old_state_events | Erik Johnston | 2014-10-15 | 1 | -43/+70 |
| | |||||
* | Update docstring | Erik Johnston | 2014-09-29 | 1 | -1/+1 |
| | |||||
* | SYN-48: Implement WHOIS rest servlet | Erik Johnston | 2014-09-29 | 1 | -9/+19 |
| | |||||
* | Add auth check to test if a user is an admin or not. | Erik Johnston | 2014-09-29 | 1 | -0/+3 |
| | |||||
* | SYN-48: Track User-Agents as well as IPs for client devices. | Erik Johnston | 2014-09-29 | 1 | -1/+10 |
| | |||||
* | Track the IP users connect with. Add an admin column to users table. | Erik Johnston | 2014-09-26 | 1 | -1/+9 |
| | |||||
* | Merge branch 'deletions' of github.com:matrix-org/synapse into develop | Erik Johnston | 2014-09-25 | 1 | -3/+31 |
|\ | |||||
| * | Rename deletions to redactions | Erik Johnston | 2014-09-24 | 1 | -9/+9 |
| | | |||||
| * | SYN-12: Implement auth for deletion by adding a 'delete_level' on the ops ↵ | Erik Johnston | 2014-09-23 | 1 | -3/+31 |
| | | | | | | | | | | | | levels event SYN-12 # comment Auth has been added. | ||||
* | | SYN-70: And fix another bug where I can't type | Erik Johnston | 2014-09-24 | 1 | -1/+1 |
| | | |||||
* | | SYN-70: Fix typo | Erik Johnston | 2014-09-24 | 1 | -1/+1 |
|/ | |||||
* | Validate power levels event changes. Change error messages to be more ↵ | Erik Johnston | 2014-09-05 | 1 | -10/+37 |
| | | | | helpful. Fix bug where we checked the wrong power levels | ||||
* | Generate m.room.aliases event when the HS creates a room alias | Erik Johnston | 2014-09-05 | 1 | -1/+6 |
| | |||||
* | AUth the contents of power level events | Erik Johnston | 2014-09-05 | 1 | -1/+72 |
| | |||||
* | Change the default power levels to be 0, 50 and 100 | Erik Johnston | 2014-09-05 | 1 | -2/+2 |
| | |||||
* | fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵ | Matthew Hodgson | 2014-09-03 | 1 | -1/+1 |
| | | | | hasn't been incorporated in time for launch. | ||||
* | Fix bug where we didn't correctly store the ops power levels event. | Erik Johnston | 2014-09-02 | 1 | -0/+5 |
| | |||||
* | Implement auth for kicking. | Erik Johnston | 2014-09-02 | 1 | -3/+10 |
| | |||||
* | Add all the necessary checks to make banning work. | Erik Johnston | 2014-09-01 | 1 | -2/+38 |
| | |||||
* | Add beginnings of ban support. | Erik Johnston | 2014-09-01 | 1 | -0/+19 |
| | |||||
* | Implement power level lists, default power levels and ↵ | Erik Johnston | 2014-09-01 | 1 | -12/+84 |
| | | | | send_evnet_level/add_state_level events. | ||||
* | add _get_room_member, fix datastore methods | Mark Haines | 2014-08-27 | 1 | -1/+3 |
| | |||||
* | Merge branch 'develop' into storage_transactions | Mark Haines | 2014-08-27 | 1 | -0/+2 |
|\ | |||||
| * | Modified /join/$identifier to support $identifier being a room ID in ↵ | Kegan Dougal | 2014-08-27 | 1 | -0/+2 |
| | | | | | | | | addition to a room alias. | ||||
* | | Merge branch 'develop' into storage_transactions | Mark Haines | 2014-08-26 | 1 | -19/+20 |
|\| | | | | | | | | | | | | | Conflicts: synapse/api/auth.py synapse/handlers/room.py synapse/storage/__init__.py | ||||
| * | Fix pyflakes errors | Mark Haines | 2014-08-26 | 1 | -2/+1 |
| | | |||||
| * | Removed member list servlet: now using generic state paths. | Kegan Dougal | 2014-08-26 | 1 | -5/+7 |
| | | |||||
| * | Impl: /rooms/roomid/state/eventtype/state_key - Renamed RoomTopicRestServlet ↵ | Kegan Dougal | 2014-08-22 | 1 | -8/+8 |
| | | | | | | | | to RoomStateEventRestServlet. Support generic state event sending. | ||||
* | | Take a snapshot of the state of the room before performing updates | Mark Haines | 2014-08-22 | 1 | -5/+11 |
|/ | |||||
* | Added M_UNKNOWN_TOKEN error code and send it when there is an unrecognised ↵ | Kegan Dougal | 2014-08-14 | 1 | -2/+3 |
| | | | | access_token | ||||
* | fix whitespace | Matthew Hodgson | 2014-08-14 | 1 | -0/+1 |
| | |||||
* | add in whitespace after copyright statements to improve legibility | Matthew Hodgson | 2014-08-13 | 1 | -0/+1 |
| | |||||
* | Reference Matrix Home Server | matrix.org | 2014-08-12 | 1 | -0/+164 |