| Commit message (Collapse) | Author | Files | Lines |
|
- Some callbacks should return `True` to allow, `False` to deny, while others should return `True` to deny and `False` to allow. With this PR, all callbacks return `ALLOW` to allow or a `Codes` (typically `Codes.FORBIDDEN`) to deny.
- Similarly, some methods returned `True` to allow, `False` to deny, while others returned `True` to deny and `False` to allow. They now all return `ALLOW` to allow or a `Codes` to deny.
- Spam-checker implementations may now return an explicit code, e.g. to differentiate between "User account has been suspended" (which is in practice required by law in some countries, including UK) and "This message looks like spam".
|
|
Fix https://github.com/matrix-org/synapse/issues/12678
Complement test added: https://github.com/matrix-org/complement/pull/369
**Before:** 500 internal server error
**After:** According to the [spec](https://spec.matrix.org/latest/client-server-api/#get_matrixclientv3roomsroomidmessages), calling `/messages` against a non-existent `room_id` should throw a 403 forbidden (since you're not part of the room). This also matches the behavior before https://github.com/matrix-org/synapse/pull/12370 which regressed Synapse to the 500 behavior.
```json
{
"errcode": "M_FORBIDDEN",
"error": "User @test:my.synapse.server not in room !dne:my.synapse.server, and room previews are disabled"
}
```
|
|
Refactor how the `EventContext` class works, with the intention of reducing the amount of state we fetch from the DB during event processing.
The idea here is to get rid of the cached `current_state_ids` and `prev_state_ids` that live in the `EventContext`, and instead defer straight to the database (and its caching).
One change that may have a noticeable effect is that we now no longer prefill the `get_current_state_ids` cache on a state change. However, that query is relatively light, since its just a case of reading a table from the DB (unlike fetching state at an event which is more heavyweight). For deployments with workers this cache isn't even used.
Part of #12684
|
|
All async request processing goes through `_AsyncResource`, so this is
the only place where a `Deferred` needs to be captured for cancellation.
Unfortunately, the same isn't true for determining whether a request
can be cancelled. Each of `RestServlet`, `BaseFederationServlet`,
`DirectServe{Html,Json}Resource` and `ReplicationEndpoint` have
different wrappers around the method doing the request handling and they
all need to be handled separately.
Signed-off-by: Sean Quah <seanq@element.io>
|
|
|
|
|
|
This table is never read, since #11794. We stop writing to it; in future we can
drop it altogether.
|
|
Also expose the `SynapseRequest` from `FakeChannel` in tests, so that
we can call `Request.connectionLost` to simulate a client disconnecting.
Signed-off-by: Sean Quah <seanq@element.io>
|
|
Signed-off-by: Sean Quah <seanq@element.io>
|
|
Signed-off-by: Sean Quah <seanq@element.io>
|
|
* Move `_condition_checker` into `PushRuleEvaluatorForEvent`.
* Move the condition cache into `PushRuleEvaluatorForEvent`.
* Improve docstrings.
* Inline a method which is only called once.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(superseding `update_user_directory`) to allow a generic worker to be designated as the worker to update the user directory. (#12654)
Co-authored-by: Shay <hillerys@element.io>
|
|
|
|
|
|
|
|
online. (#12500)
Otherwise it can take up to a minute for any in-flight `/send` requests to be retried.
|
|
events (#12601)
Fixes vector-im/element-web#20788
Implements matrix-org/matrix-spec-proposals#3786
|
|
|
|
|
|
* Bump the HS startup timeout
* Log prefixes for more processes
* Bump the overall timeout
|
|
|
|
There's no guarantee that module callbacks will handle cancellation
appropriately. Protect module callbacks with read semantics from
cancellation and avoid swallowing `CancelledError`s that arise.
Other module callbacks, such as the `on_*` callbacks, are presumed to
live on code paths that involve writes and aren't cancellation-friendly.
These module callbacks have been left alone.
Signed-off-by: Sean Quah <seanq@element.io>
|
|
|
|
#12587 has fallen on the wrong side of the release cutoff to the rest of
the related PRs.
Signed-off-by: Sean Quah <seanq@element.io>
|
|
|
|
Fixes #12669
|
|
|
|
`complement.sh` change (#12664)
|
|
|
|
* Move `pympler` back into the `all` extras
Undoes a change I made in #12381. I can't fully remember my reasoning,
but this changed the contents of the debian packages in a backwards
incompatible way. We're not aware of anyone who's been bitten by this,
but we still want to fix it.
To the reviewer: please be convinced that the debian packages will still
contain pympler after this change.
* Debian changelog entry to keep the linter happy
|
|
|
|
|
|
|
|
`notify_appservices`) to allow a generic worker to be designated as the worker to send traffic to Application Services. (#12452)
|
|
Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
|
|
|
|
|
|
|
|
|
|
packages (#12640)
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
|
|
|
|
|
|
Update the "Build docker images" GitHub Actions workflow to use
`docker/metadata-action` to generate docker image tags, instead of a
custom shell script.
Signed-off-by: Henry <97804910+henryclw@users.noreply.github.com>
|
|
|
|
Fixes a regression from 8b309adb436c162510ed1402f33b8741d71fc058 (#11660)
and b65acead428653b988351ae8d7b22127a22039cd (#11752) where events which
themselves were an edit or an annotation could have bundled aggregations calculated,
which is not allowed.
|
|
The last usage was removed in 5a1dd297c3ce105a7f516d9d9fe87b94b9d356c8 (#8059).
|
|
|
|
|
|
* Add mau_appservice_trial_days
* Add a test
* Tweaks
* changelog
* Ensure we sync after the delay
* Fix types
* Add config statement
* Fix test
* Reinstate logging that got removed
* Fix feature name
|
|
getClientIP was deprecated in Twisted 18.4.0, which also added
getClientAddress. The Synapse minimum version for Twisted is
currently 18.9.0, so all supported versions have the new API.
|
|
* Changes hidden read receipts to be a separate receipt type
(instead of a field on `m.read`).
* Updates the `/receipts` endpoint to accept `m.fully_read`.
|
|
|
|
* `m.login.jwt`, which was never specced and has been deprecated
since Synapse 1.16.0. (`org.matrix.login.jwt` can be used instead.)
* `uk.half-shot.msc2778.login.application_service`, which was
stabilized as part of the Matrix spec v1.2 release.
|
|
Don't log stack traces for cancelled requests and use a custom HTTP
status code of 499.
Signed-off-by: Sean Quah <seanq@element.io>
|
|
The `latest_event` field of the bundled aggregations for `m.thread` relations
did not include bundled aggregations itself. This resulted in clients needing to
immediately request the event from the server (and thus making it useless that
the latest event itself was serialized instead of just including an event ID).
|
|
|
|
Fixes a couple of formatting errors which were introduced in #12475.
|
|
I've seen a few errors which can only plausibly be explained by the calculated
event id for an event being different from the ID of the event in the
database. It should be cheap to check this, so let's do so and raise an
exception.
|
|
|
|
|
|
... in order to debug some problems we've been having with certain events not
being sent when expected.
|
|
|
|
broken in 5938928 :-S
|
|
|
|
As the comment says, there is no need to process such events, and indeed we
need to avoid doing so.
Fixes #12509.
|
|
Check we're on the right branch before tagging, and on the right tag before uploading
* Abort if we're on the wrong branch
* Check we have the right tag checked out
* Clarify that `publish` only releases to GitHub
|
|
This works by taking a row level lock on the `rooms` table at the start of both transactions, ensuring that they don't run at the same time. In the event persistence transaction we also check that there is an entry still in the `rooms` table.
I can't figure out how to do this in SQLite. I was just going to lock the table, but it seems that we don't support that in SQLite either, so I'm *really* confused as to how we maintain integrity in SQLite when using `lock_table`....
|
|
|
|
|
|
|
|
This was originally added when we first added a `MemoryHandler` to the default
log config back in https://github.com/matrix-org/synapse/pull/8040, to ensure
that we didn't explode with an infinite loop if there was an error formatting
the logs.
Since then, we made additional improvements to logging which make this
workaround redundant. In particular:
* we no longer attempt to log un-UTF8-decodable byte sequences, which were the
most likely cause of an error in the first place.
* https://github.com/matrix-org/synapse/pull/8268 ensures that in the unlikely
case that there *is* an error, it won't cause an infinite loop.
|
|
* Allow unused ignores in "bleeding edge" CI
Where "bleeding edge" means the Twisted Trunk and Latest Deps jobs.
Follow up from #12531.
Resolves #12574.
* Use `--extras all` in latest deps mypy CI
Twisted trunk job already does this.
Missed in #12531.
* changelog
|
|
|
|
|
|
The status code of requests must always be set, regardless of client
disconnection, otherwise they will always be logged as 200!.
Broken for `respond_with_json` in
f48792eec43f893f4f893ffdcbf00f8958b6f6b5.
Broken for `respond_with_json_bytes` in
3e58ce72b42f2ae473c1e76a967548cd6fa7e2e6.
Broken for `respond_with_html_bytes` in
ea26e9a98b0541fc886a1cb826a38352b7599dbe.
Signed-off-by: Sean Quah <seanq@element.io>
|