summary refs log tree commit diff
path: root/tests/rest/client/v1/test_rooms.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Split public rooms directory auth config in twoBrendan Abolivier2019-06-241-1/+1
|
* Run Black. (#5482)Amber Brown2019-06-201-26/+20
|
* LintBrendan Abolivier2019-05-161-1/+0
|
* LintBrendan Abolivier2019-05-161-1/+3
|
* Forgot copyrightBrendan Abolivier2019-05-161-0/+1
|
* Add test caseBrendan Abolivier2019-05-161-1/+67
|
* Migrate all tests to use the dict-based config format instead of hanging ↵Amber Brown2019-05-131-1/+1
| | | | items off HomeserverConfig (#5171)
* Fix bogus imports in tests (#5154)Brendan Abolivier2019-05-081-1/+1
|
* add options to require an access_token to GET /profile and /publicRooms on ↵Matthew Hodgson2019-05-081-0/+32
| | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
* Add admin api for sending server_notices (#5121)Richard van der Hoff2019-05-021-1/+1
|
* Move admin api impl to its own packageRichard van der Hoff2019-05-011-2/+3
| | | | It doesn't really belong under rest/client/v1 any more.
* Add rate-limiting on registration (#4735)Brendan Abolivier2019-03-051-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test
* Fix search 500ing (#4122)Amber Brown2018-10-311-1/+105
|
* Port tests/ to Python 3 (#3808)Amber Brown2018-09-071-304/+257
|
* Run tests under PostgreSQL (#3423)Amber Brown2018-08-131-0/+1
|
* Move v1-only APIs into their own module & isolate deprecated ones (#3460)Amber Brown2018-07-191-1/+1
|
* Refactor REST API tests to use explicit reactors (#3351)Amber Brown2018-07-171-680/+476
|
* run isortAmber Brown2018-07-091-6/+5
|
* Burminate v1authAdrian Tschira2018-04-301-9/+9
| | | | | | | | | | | | | | | | | | This closes #2602 v1auth was created to account for the differences in status code between the v1 and v2_alpha revisions of the protocol (401 vs 403 for invalid tokens). However since those protocols were merged, this makes the r0 version/endpoint internally inconsistent, and violates the specification for the r0 endpoint. This might break clients that rely on this inconsistency with the specification. This is said to affect the legacy angular reference client. However, I feel that restoring parity with the spec is more important. Either way, it is critical to inform developers about this change, in case they rely on the illegal behaviour. Signed-off-by: Adrian Tschira <nota@notafile.com>
* Use six.moves.urlparseAdrian Tschira2018-04-151-7/+7
| | | | | | The imports were shuffled around a bunch in py3 Signed-off-by: Adrian Tschira <nota@notafile.com>
* s/replication_client/federation_client/Erik Johnston2018-03-131-8/+8
|
* Fix testsErik Johnston2018-03-131-8/+8
|
* Remove dead codeRichard van der Hoff2018-01-091-3/+0
| | | | pointless function is pointless
* Add groups to sync streamErik Johnston2017-07-201-2/+2
|
* Add basic implementation of local device list changesErik Johnston2017-01-251-2/+2
|
* Linearize updates to membership via PUT /state/Erik Johnston2017-01-091-2/+2
|
* More 0_0 in testsMark Haines2016-08-251-2/+2
|
* Do checks for memberships before creating eventsErik Johnston2016-04-011-2/+2
|
* Fix testsDavid Baker2016-03-071-16/+16
|
* Fix unit testsMark Haines2016-03-041-2/+2
|
* Fix flake8 warnings for testsMark Haines2016-02-191-108/+112
|
* Remove old tests.Erik Johnston2016-02-181-6/+0
|
* Allow paginating backwards from stream tokenErik Johnston2016-01-281-8/+1
|
* Make it possible to paginate forwards from stream tokensRichard van der Hoff2016-01-271-2/+14
| | | | | In order that we can fill the gap after a /sync, make it possible to paginate forwards from a stream token.
* copyrightsMatthew Hodgson2016-01-071-1/+1
|
* Add a couple of unit tests for room/<x>/messagesRichard van der Hoff2015-11-091-0/+56
| | | | ... merely because I was trying to figure out how it worked, and couldn't.
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-7/+14
| | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices.
* Allow rejecting invitesDaniel Wagner-Hall2015-10-201-2/+2
| | | | | This is done by using the same /leave flow as you would use if you had already accepted the invite and wanted to leave.
* Merge pull request #276 from ↵Mark Haines2015-09-211-7/+7
|\ | | | | | | | | matrix-org/markjh/history_for_rooms_that_have_been_left SPEC-216: Allow users to view the history of rooms that they have left.
| * Allow users to GET individual state events for rooms that they have leftMark Haines2015-09-101-5/+5
| |
| * Allow users that have left the room to view the member list from the point ↵Mark Haines2015-09-091-2/+2
| | | | | | | | they left
* | s/user_id/user/g for consistencyDaniel Wagner-Hall2015-09-011-7/+7
| |
* | Attempt to validate macaroonsDaniel Wagner-Hall2015-08-261-14/+14
|/ | | | | | | | | | | | | A couple of weird caveats: * If we can't validate your macaroon, we fall back to checking that your access token is in the DB, and ignoring the failure * Even if we can validate your macaroon, we still have to hit the DB to get the access token ID, which we pretend is a device ID all over the codebase. This mostly adds the interesting code, and points out the two pieces we need to delete (and necessary conditions) in order to fix the above caveats.
* Stop looking up "admin", which we never readDaniel Wagner-Hall2015-08-251-7/+0
|
* Remove completely unused concepts from codebaseDaniel Wagner-Hall2015-08-251-7/+0
| | | | | | | | | | Removes device_id and ClientInfo device_id is never actually written, and the matrix.org DB has no non-null entries for it. Right now, it's just cluttering up code. This doesn't remove the columns from the database, because that's fiddly.
* s/by_token/by_access_token/gDaniel Wagner-Hall2015-08-201-14/+14
| | | | We're about to have two kinds of token, access and refresh
* Fix testsDavid Baker2015-03-241-8/+8
|
* Factor out some of the common homeserver setup code into aMark Haines2015-02-111-83/+14
| | | | setup_test_homeserver function in utils.
* Extract the id token of the token when authing users, include the token and ↵Mark Haines2015-01-281-0/+7
| | | | device_id in the internal meta data for the event along with the transaction id when sending events
* Replace hs.parse_userid with UserID.from_stringMark Haines2015-01-231-12/+9
|
* Move client rest tests back under restMark Haines2015-01-221-0/+1068