summary refs log tree commit diff
path: root/synapse/api (follow)
Commit message (Expand)AuthorAgeFilesLines
* Move check_in_room_or_world_readable to AuthErik Johnston2018-07-201-0/+34
* Make auth & transactions more testable (#3499)Amber Brown2018-07-141-62/+62
* run isortAmber Brown2018-07-094-13/+14
* Implementation of server_aclsRichard van der Hoff2018-07-041-0/+2
* add ip_range_whitelist parameter to limit where ASes can connect fromMatthew Hodgson2018-06-281-0/+6
* Attempt to be more performant on PyPy (#3462)Amber Brown2018-06-282-2/+4
* Don't print invalid access tokens in the logsTravis Ralston2018-06-241-2/+2
* Refactor get_send_level to take a power_levels eventRichard van der Hoff2018-06-141-1/+1
* Consistently use six's iteritems and wrap lazy keys/values in list() if they'...Amber Brown2018-05-312-2/+4
* Merge remote-tracking branch 'origin/develop' into 3218-official-promAmber Brown2018-05-281-0/+1
|\
| * custom error code for not leaving server notices roomRichard van der Hoff2018-05-221-0/+1
* | Merge remote-tracking branch 'origin/develop' into 3218-official-promAmber Brown2018-05-222-1/+79
|\|
| * Reject attempts to send event before privacy consent is givenRichard van der Hoff2018-05-222-1/+79
* | replacing portionsAmber Brown2018-05-211-1/+1
|/
* Apply some limits to depth to counter abuseRichard van der Hoff2018-05-011-0/+3
* Use six.itervalues in some placesAdrian Tschira2018-04-151-1/+2
* Add b prefixes to some strings that are bytes in py3Adrian Tschira2018-04-041-5/+5
* Use simplejson throughoutRichard van der Hoff2018-03-291-1/+2
* Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2018-03-191-1/+1
|\
| * Replace ujson with simplejsonErik Johnston2018-03-151-1/+1
* | Add federation_domain_whitelist option (#2820)Matthew Hodgson2018-01-221-0/+26
* | add registrations_require_3pidMatthew Hodgson2018-01-191-0/+1
|/
* Refactor UI auth implementationRichard van der Hoff2017-12-051-0/+16
* Improve comments on get_user_by_access_tokenRichard van der Hoff2017-11-291-1/+5
* Add a config option to block all room invites (#2457)Richard van der Hoff2017-09-191-0/+8
* Merge pull request #2309 from matrix-org/erikj/user_ip_replErik Johnston2017-07-061-1/+1
|\
| * Fix upErik Johnston2017-06-271-1/+1
* | Cache macaroon parse and validationErik Johnston2017-06-291-13/+60
|/
* Batch upsert user ipsErik Johnston2017-06-271-2/+1
* Change is_host_joined to use current_state tableErik Johnston2017-06-091-11/+2
* Use CodeMessageException subclass insteadDavid Baker2017-04-251-0/+11
* use jsonschema.FormatChecker for RoomID and UserID stringspik2017-03-231-18/+27
* Add valid filter tests, flake8, fix typopik2017-03-231-5/+6
* check_valid_filter using JSONSchemapik2017-03-231-93/+158
* Fix a couple of logcontext leaksRichard van der Hoff2017-03-231-3/+2
* CommentErik Johnston2017-03-151-1/+3
* CommentErik Johnston2017-03-151-0/+3
* Format presence events on the edges instead of reformatting them multiple timesErik Johnston2017-03-151-10/+22
* Merge pull request #1994 from matrix-org/dbkr/msisdn_signin_2Erik Johnston2017-03-151-0/+2
|\
| * Support registration / login with phone numberDavid Baker2017-03-131-0/+2
* | Address review commentsRichard van der Hoff2017-03-141-5/+14
* | re-refactor exception heirarchyRichard van der Hoff2017-03-141-16/+14
* | Fix routing loop when fetching remote mediaRichard van der Hoff2017-03-131-7/+52
|/
* Revert "Support registration & login with phone number"Erik Johnston2017-03-131-2/+0
* WIP support for msisdn 3pid proxy methodsDavid Baker2017-02-141-0/+2
* Remove a few aspirational but unused constantsDavid Baker2017-02-081-3/+0
* Change resolve_state_groups call site logging to DEBUGErik Johnston2017-01-171-1/+1
* Remove unused functionErik Johnston2017-01-131-3/+0
* Split event auth code into seperate moduleErik Johnston2017-01-131-645/+9
* Split out static auth methods from Auth objectErik Johnston2017-01-101-419/+495
* Fix flake8 and update changelog v0.18.6-rc3Mark Haines2017-01-051-1/+1
* add logging for all the places we call resolve_state_groups. my kingdom for a...Matthew Hodgson2017-01-051-0/+1
* Prevent user tokens being used as guest tokens (#1675)Richard van der Hoff2016-12-061-15/+36
* Rip out more refresh_token codeRichard van der Hoff2016-11-301-3/+2
* Merge pull request #1656 from matrix-org/rav/remove_time_caveatRichard van der Hoff2016-11-301-3/+13
|\
| * CommentsRichard van der Hoff2016-11-301-3/+9
| * Stop putting a time caveat on access tokensRichard van der Hoff2016-11-291-0/+4
* | Merge pull request #1653 from matrix-org/rav/guest_e2eRichard van der Hoff2016-11-291-1/+5
|\ \ | |/ |/|
| * Give guest users a device_idRichard van der Hoff2016-11-251-1/+5
* | Merge pull request #1655 from matrix-org/rav/remove_redundant_macaroon_checksRichard van der Hoff2016-11-251-26/+8
|\ \
| * | Remove redundant list of known caveat prefixesRichard van der Hoff2016-11-241-26/+8
| |/
* / Return early on /sync code paths if a '*' filter is usedKegan Dougal2016-11-221-0/+29
|/
* Merge pull request #1638 from matrix-org/kegan/sync-event-fieldsKegsay2016-11-221-0/+16
|\
| * Glue only_event_fields into the sync rest servletKegan Dougal2016-11-221-0/+1
| * Move event_fields filtering to serialize_eventKegan Dougal2016-11-211-55/+1
| * Add filter_event_fields and filter_field to FilterCollectionKegan Dougal2016-11-211-0/+69
* | Fail with a coherent error message if `/sync?filter=` is invalidKegan Dougal2016-11-211-0/+1
|/
* Merge pull request #1098 from matrix-org/markjh/bearer_tokenMark Haines2016-10-251-9/+37
|\
| * Fix unit testsMark Haines2016-09-121-1/+1
| * Allow clients to supply access_tokens as headersMark Haines2016-09-091-9/+37
* | Merge pull request #1175 from matrix-org/luke/feature-configurable-as-rate-li...Luke Barnard2016-10-201-7/+10
|\ \
| * | Closing brace on following lineLuke Barnard2016-10-201-1/+2
| * | as_user->app_service, less redundant comments, better positioned commentsLuke Barnard2016-10-201-3/+3
| * | flake8Luke Barnard2016-10-201-1/+3
| * | Use real AS object by passing it through the requesterLuke Barnard2016-10-201-7/+7
* | | Check whether to ratelimit sooner to avoid workErik Johnston2016-10-191-5/+9
|/ /
* | Merge pull request #1157 from Rugvip/nolimitErik Johnston2016-10-111-4/+3
|\ \
| * | storage/appservice: make appservice methods only relying on the cache synchro...Patrik Oldsberg2016-10-061-4/+3
* | | api/auth: fix for not being allowed to set your own state_keyPatrik Oldsberg2016-09-301-10/+0
|/ /
* | Update commentsErik Johnston2016-09-221-2/+3
* | Add commentsErik Johnston2016-09-221-0/+3
* | Shuffle things around to make unit tests workErik Johnston2016-09-221-14/+15
* | Allow invites via 3pid to bypass sender sig checkErik Johnston2016-09-221-1/+16
|/
* Add helper function for getting access_tokens from requestsMark Haines2016-09-091-7/+51
* Handle the fact that workers can't generate state groupsErik Johnston2016-08-311-2/+4
* Correctly handle the difference between prev and current stateErik Johnston2016-08-311-2/+2
* Cache check_host_in_roomErik Johnston2016-08-261-14/+6
* Add measure on check_host_in_roomErik Johnston2016-08-261-11/+12
* Merge branch 'develop' of github.com:matrix-org/synapse into erikj/state_idsErik Johnston2016-08-262-1/+5
|\
| * Move ThirdPartyEntityKind into api.constants so the expectation becomes that ...Paul "LeoNerd" Evans2016-08-251-0/+5
| * APP_SERVICE_PREFIX is never used; don't botherPaul "LeoNerd" Evans2016-08-251-1/+0
* | Pull out full state lessErik Johnston2016-08-251-6/+7
* | Replace context.current_state with context.current_state_idsErik Johnston2016-08-251-24/+44
|/
* Fix login with m.login.tokenRichard van der Hoff2016-08-081-15/+30
* Merge pull request #952 from matrix-org/markjh/more_fixesMark Haines2016-07-261-0/+4
|\
| * Check if the user is banned when handling 3pid invitesMark Haines2016-07-261-0/+4
* | Add `create_requester` functionRichard van der Hoff2016-07-261-13/+11
|/
* Record device_id in client_ipsRichard van der Hoff2016-07-201-6/+23
* More doc-commentsRichard van der Hoff2016-07-201-3/+2
* Merge pull request #922 from matrix-org/erikj/file_api2Erik Johnston2016-07-201-3/+20
|\
| * Add 'contains_url' to filterErik Johnston2016-07-141-3/+20
* | Fix 500 ISE when sending alias event without a state_keyMark Haines2016-07-151-0/+5
* | Merge pull request #919 from matrix-org/erikj/auth_fixErik Johnston2016-07-151-1/+25
|\ \
| * | Check sender signed eventErik Johnston2016-07-141-2/+8
| * | Check if alias event's state_key matches sender's domainErik Johnston2016-07-131-0/+11
| * | Check creation event's room_id domain matches sender'sErik Johnston2016-07-131-0/+7
* | | Merge pull request #918 from negzi/bugfix_for_token_expiryErik Johnston2016-07-141-0/+3
|\ \ \ | |_|/ |/| |
| * | Bug fix: expire invalid access tokensNegar Fazeli2016-07-131-0/+3
| |/
* / Implement https://github.com/matrix-org/matrix-doc/pull/346/filesDavid Baker2016-07-081-0/+1
|/
* Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2016-07-081-5/+10
|\
| * Fix bug where we did not correctly explode when multiple user_ids were set in...Erik Johnston2016-07-071-5/+10
* | requestToken updateDavid Baker2016-06-301-1/+2
|/
* Working unsubscribe links going straight to the HSDavid Baker2016-06-021-0/+7
* Merge remote-tracking branch 'origin/develop' into dbkr/email_unsubscribeDavid Baker2016-06-021-0/+18
|\
| * special case m.room.third_party_invite event auth to match invites, otherwise...Matthew Hodgson2016-06-011-0/+18
* | WIP on unsubscribing email notifs without logging inDavid Baker2016-06-011-9/+16
|/
* Spell "domain" correctlyMark Haines2016-05-161-8/+8
* Create user with expiryNegi Fazeli2016-05-131-1/+2
* Merge branch 'develop' of github.com:matrix-org/synapse into erikj/ignore_userErik Johnston2016-05-091-8/+8
|\
| * Add and use get_domian_from_idErik Johnston2016-05-091-8/+8
* | Implement basic ignore userErik Johnston2016-05-041-3/+5
|/
* Measure Auth.checkErik Johnston2016-04-131-47/+50
* Don't auto log failed auth checksErik Johnston2016-04-131-53/+45
* Add published room list edit APIErik Johnston2016-03-211-4/+50
* Send the user ID matching the guest access token, since there is no Matrix AP...David Baker2016-03-071-2/+2
* Allow third_party_signed to be specified on /joinDaniel Wagner-Hall2016-02-231-21/+36
* Merge pull request #582 from matrix-org/erikj/presenceErik Johnston2016-02-191-1/+0
|\
| * Check presence state is a valid oneErik Johnston2016-02-181-1/+0
* | api/filtering: don't assume that event content will always be a dictPatrik Oldsberg2016-02-171-1/+4
|/
* Revert "Merge two of the room join codepaths"Daniel Wagner-Hall2016-02-121-5/+0
* Merge two of the room join codepathsDaniel Wagner-Hall2016-02-121-0/+5
* Fix up logcontextsErik Johnston2016-02-081-1/+3
* Host /media/r0 as well as /media/v1Daniel Wagner-Hall2016-02-051-1/+2
* Log more diagnostics for unrecognised access tokensDaniel Wagner-Hall2016-02-021-0/+2
* Fix flake8 warnings for new flake8Daniel Wagner-Hall2016-02-021-1/+1
* Fix testErik Johnston2016-01-281-0/+5
* Fix testsErik Johnston2016-01-251-1/+1
* Move logic from rest/ to handlers/Erik Johnston2016-01-251-12/+10
* Sanitize filtersErik Johnston2016-01-221-21/+27
* Don't error on AS non-ghost user useDaniel Wagner-Hall2016-01-181-0/+2
* Pull out app service user lookupDaniel Wagner-Hall2016-01-181-31/+28
* Require unbanning before other membership changesDaniel Wagner-Hall2016-01-151-0/+1
* M_INVALID_USERNAME to be consistent with the parameter nameDavid Baker2016-01-151-1/+1
* Add specific error code for invalid user names.David Baker2016-01-141-0/+1
* Require AS users to be registered before useDaniel Wagner-Hall2016-01-131-0/+5
* Introduce a Requester objectDaniel Wagner-Hall2016-01-111-3/+5
* copyrightsMatthew Hodgson2016-01-076-6/+6
* Guest users must be joined to a room to see it in /syncMark Haines2016-01-062-28/+0
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-3/+3
* Include the list of bad room ids in the errorMark Haines2015-12-221-0/+16
* Merge remote-tracking branch 'origin/develop' into markjh/guest_accessMark Haines2015-12-221-0/+5
|\
| * Add top level filters for filtering by room idMark Haines2015-12-221-33/+35
* | Allow guest access if the user provides a list of rooms in the filterMark Haines2015-12-221-0/+12
* | Add top level filtering by room idMark Haines2015-12-211-33/+30
|/
* Strip address and such out of 3pid invitesDaniel Wagner-Hall2015-12-171-1/+1
* Only include the archived rooms if a include_leave flag in set in the filterMark Haines2015-12-041-0/+4
* Add API for setting account_data globaly or on a per room basisMark Haines2015-12-011-1/+8
* Allow user to redact with an equal powerErik Johnston2015-11-261-1/+1
* Merge branch 'develop' into daniel/forgetroomsPaul "LeoNerd" Evans2015-11-192-13/+22
|\
| * Merge pull request #386 from matrix-org/markjh/rename_pud_to_account_dataMark Haines2015-11-191-5/+5
| |\
| | * s/private_user_data/account_data/Mark Haines2015-11-181-5/+5
| * | Take a boolean not a list of lambdasDaniel Wagner-Hall2015-11-191-8/+17
| |/
* / Allow users to forget roomsDaniel Wagner-Hall2015-11-171-0/+7
|/
* Always check guest = true in macaroonsSteven Hammerton2015-11-171-1/+2
* Merge branch 'develop' into sh-cas-auth-via-homeserverSteven Hammerton2015-11-171-0/+1
|\
| * Allow guest users to join and message roomsDaniel Wagner-Hall2015-11-101-0/+1
* | Share more code between macaroon validationSteven Hammerton2015-11-111-9/+10
|/
* Exchange 3pid invites for m.room.member invitesDaniel Wagner-Hall2015-11-051-35/+38
* Merge pull request #347 from matrix-org/markjh/check_filterMark Haines2015-11-051-18/+2
|\
| * Remove fields that are both unspecified and unused from the filter checks, ch...Mark Haines2015-11-041-18/+2
* | Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-042-41/+55
|/
* Include room tags in v2 /syncMark Haines2015-11-021-0/+7
* Merge pull request #323 from matrix-org/daniel/sizelimitsDaniel Wagner-Hall2015-10-232-1/+30
|\
| * Reject events which are too largeDaniel Wagner-Hall2015-10-222-1/+30
* | Merge pull request #325 from matrix-org/markjh/filter_dictsMark Haines2015-10-221-3/+22
|\ \
| * | Don't assume that the event has a room_id or senderMark Haines2015-10-221-2/+2
| * | Support filtering events represented as dicts.Mark Haines2015-10-221-3/+22
* | | Filter room ids before hitting the databaseErik Johnston2015-10-211-0/+20
|/ /
* | DocstringErik Johnston2015-10-201-0/+5
* | Refactor api.filtering to have a Filter APIErik Johnston2015-10-201-98/+55
|/
* Allow rejecting invitesDaniel Wagner-Hall2015-10-201-1/+5
* Stuff signed data in a standalone objectDaniel Wagner-Hall2015-10-161-7/+14
* Add signing host and keyname to signaturesDaniel Wagner-Hall2015-10-161-5/+9
* Verify third party ID server certificatesDaniel Wagner-Hall2015-10-161-0/+11
* Merge branch 'develop' into daniel/3pidinvitesDaniel Wagner-Hall2015-10-151-18/+44
|\
| * Update the v2 filters to support filtering presence and remove support for pu...Mark Haines2015-10-131-18/+44
* | Remove unnecessary class-wrappingDaniel Wagner-Hall2015-10-131-3/+3
* | Add some docstringDaniel Wagner-Hall2015-10-131-0/+15
* | Move event contents into third_party_layout fieldDaniel Wagner-Hall2015-10-131-9/+12
* | Merge branch 'develop' into daniel/3pidinvitesDaniel Wagner-Hall2015-10-061-1/+0
|\|
| * Remove log line that was generated whenever an error was created. We are now ...Mark Haines2015-10-061-1/+0
* | Add third party invites to auth_events for joinsDaniel Wagner-Hall2015-10-061-0/+5
* | Merge branch 'develop' into daniel/3pidinvitesDaniel Wagner-Hall2015-10-052-1/+25
|\|
| * Add 'trusted_private_chat' to room creation presetsErik Johnston2015-10-021-0/+1
| * Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatableErik Johnston2015-10-023-19/+140
| |\
| * \ Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatableErik Johnston2015-09-141-8/+27
| |\ \
| * | | Also check the domains for membership state_keysErik Johnston2015-09-011-0/+9
| * | | Merge branch 'erikj/check_room_exists' into erikj/unfederatableErik Johnston2015-09-011-0/+8
| |\ \ \
| * | | | Check against sender rather than event_idErik Johnston2015-09-011-3/+3
| * | | | Add flag which disables federation of the roomErik Johnston2015-09-011-1/+15
* | | | | Implement third party identifier invitesDaniel Wagner-Hall2015-10-012-1/+33
| |_|_|/ |/| | |
* | | | synapse/api/errors.py:RoomError was unusedMark Haines2015-09-221-5/+0
* | | | Merge pull request #276 from matrix-org/markjh/history_for_rooms_that_have_be...Mark Haines2015-09-212-11/+51
|\ \ \ \
| * | | | Clarify which event is returned by check_user_was_in_roomMark Haines2015-09-211-2/+3
| * | | | Remove undocumented and unimplemented 'feedback' parameter from the Client-Se...Mark Haines2015-09-091-11/+0
| * | | | Allow rooms/{roomId}/state for a room that has been leftMark Haines2015-09-091-1/+2
| * | | | Allow room initialSync for users that have left the room, returning a snapsho...Mark Haines2015-09-091-0/+49
* | | | | Merge pull request #256 from matrix-org/authDaniel Wagner-Hall2015-09-141-3/+89
|\ \ \ \ \ | |_|_|_|/ |/| | | |
| * | | | s/user_id/user/g for consistencyDaniel Wagner-Hall2015-09-011-10/+10
| * | | | Attempt to validate macaroonsDaniel Wagner-Hall2015-08-261-9/+95
| | |/ / | |/| |
* | | | Merge pull request #265 from matrix-org/erikj/check_room_existsErik Johnston2015-09-141-0/+8
|\ \ \ \ | |_|/ / |/| | / | | |/ | |/|
| * | Fix testsErik Johnston2015-09-011-1/+1
| * | Check room exists when authenticating an event, by asserting they reference a...Erik Johnston2015-09-011-0/+8
| |/
* | Check domain of events properlyDaniel Wagner-Hall2015-09-011-1/+3
* | Allow users to redact their own eventsDaniel Wagner-Hall2015-08-281-8/+25
|/
* Stop looking up "admin", which we never readDaniel Wagner-Hall2015-08-251-3/+1
* Re-wrap lineDaniel Wagner-Hall2015-08-251-3/+1
* Remove completely unused concepts from codebaseDaniel Wagner-Hall2015-08-251-10/+7
* Merge branch 'develop' into refreshDaniel Wagner-Hall2015-08-202-0/+3
|\
| * Add m.room.avatar to default power levels. Change default required power leve...Erik Johnston2015-08-201-0/+1
| * Merge pull request #233 from matrix-org/erikj/canonical_aliasErik Johnston2015-08-201-0/+1
| |\
| | * Add canonical alias to the default power levelsErik Johnston2015-08-191-0/+1
| * | Merge pull request #211 from matrix-org/email_in_useMark Haines2015-08-201-0/+1
| |\ \ | | |/ | |/|
| | * Add endpoint that proxies ID server request token and errors if the given ema...David Baker2015-08-041-0/+1
* | | s/by_token/by_access_token/gDaniel Wagner-Hall2015-08-201-3/+3
|/ /
* | Set request.authenticated_entity for application servicesErik Johnston2015-08-181-0/+3
* | Add missing space because linterDaniel Wagner-Hall2015-08-111-1/+1
* | Minor docs cleanupDaniel Wagner-Hall2015-08-111-2/+7
* | Remove redundant if-guardDaniel Wagner-Hall2015-08-111-13/+12
|/
* Merge pull request #203 from matrix-org/erikj/room_creation_presetsErik Johnston2015-07-161-0/+5
|\
| * Capitalize contantsErik Johnston2015-07-141-2/+2
| * Implement presets at room creationErik Johnston2015-07-131-0/+5
* | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/power_leve...Erik Johnston2015-07-132-1/+4
|\|
| * Add m.room.history_visibility to newly created rooms' m.room.power_levelsErik Johnston2015-07-061-0/+1
| * Add m.room.history_visibility to list of auth eventsErik Johnston2015-07-031-1/+1
| * Add basic impl for room history ACL on GET /messages client APIErik Johnston2015-07-021-0/+2
* | Sanitize power level checksErik Johnston2015-07-101-15/+21
* | You shouldn't be able to ban/kick users with higher power levelsErik Johnston2015-07-101-2/+5
|/
* Log more when we have processed the requestErik Johnston2015-06-151-0/+2
* TypoErik Johnston2015-05-011-1/+1
* Remove some run_on_reactorsErik Johnston2015-05-011-3/+0
* Don't log all auth events every time we call auth.checkErik Johnston2015-05-011-1/+4
* Don't wait for storage of access_tokenErik Johnston2015-05-011-1/+1
* Merge branch 'develop' into key_distributionMark Haines2015-04-293-19/+40
|\
| * Merge pull request #126 from matrix-org/csauthMark Haines2015-04-283-19/+32
| |\
| | * Merge branch 'develop' into csauthDavid Baker2015-04-242-60/+32
| | |\
| | * | Dedicated error code for failed 3pid auth verificationDavid Baker2015-04-231-0/+1
| | * | Add an error code to 'missing token' response.David Baker2015-04-232-1/+3
| | * | Merge branch 'develop' into csauthDavid Baker2015-04-171-14/+11
| | |\ \
| | * | | Dummy login so we can do the first POST request to get login flows without it...David Baker2015-04-151-0/+1