Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge pull request #7157 from matrix-org/rev.outbound_device_pokes_tests | Richard van der Hoff | 2020-03-30 | 2 | -4/+4 |
|\ | | | | | Add tests for outbound device pokes | ||||
| * | Remove spurious "name" parameter to `default_config` | Richard van der Hoff | 2020-03-24 | 2 | -4/+4 |
| | | | | | | | | | | this is never set to anything other than "test", and is a source of unnecessary boilerplate. | ||||
* | | Always whitelist the login fallback for SSO (#7153) | Richard van der Hoff | 2020-03-27 | 1 | -1/+8 |
| | | | | | | | | | | | | | | That fallback sets the redirect URL to itself (so it can process the login token then return gracefully to the client). This would make it pointless to ask the user for confirmation, since the URL the confirmation page would be showing wouldn't be the client's. | ||||
* | | Admin API to join users to a room. (#7051) | Dirk Klimpel | 2020-03-27 | 1 | -0/+288 |
| | | |||||
* | | Add options to prevent users from changing their profile. (#7096) | Dirk Klimpel | 2020-03-27 | 1 | -0/+302 |
| | | |||||
* | | Allow server admins to define and enforce a password policy (MSC2000). (#7118) | Dirk Klimpel | 2020-03-26 | 1 | -0/+179 |
| | | |||||
* | | Validate that the session is not modified during UI-Auth (#7068) | Patrick Cloke | 2020-03-26 | 1 | -1/+67 |
| | | |||||
* | | Clean up some LoggingContext stuff (#7120) | Richard van der Hoff | 2020-03-24 | 1 | -8/+8 |
|/ | | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined. | ||||
* | Remove special casing of `m.room.aliases` events (#7034) | Patrick Cloke | 2020-03-17 | 2 | -15/+33 |
| | |||||
* | Revert "Add options to disable setting profile info for prevent changes. ↵ | Richard van der Hoff | 2020-03-17 | 1 | -303/+0 |
| | | | | | | | (#7053)" This reverts commit 54dd28621b070ca67de9f773fe9a89e1f4dc19da, reversing changes made to 6640460d054e8f4444046a34bdf638921b31c01e. | ||||
* | Add options to disable setting profile info for prevent changes. (#7053) | Brendan Abolivier | 2020-03-10 | 1 | -0/+303 |
|\ | |||||
| * | lint, fix tests | dklimpel | 2020-03-09 | 1 | -2/+2 |
| | | |||||
| * | updates after review | dklimpel | 2020-03-09 | 1 | -10/+7 |
| | | |||||
| * | lint | dklimpel | 2020-03-09 | 1 | -10/+8 |
| | | |||||
| * | add tests | dklimpel | 2020-03-09 | 1 | -0/+308 |
| | | |||||
* | | Merge branch 'master' into develop | Brendan Abolivier | 2020-03-03 | 1 | -0/+111 |
|\ \ | |||||
| * | | Add a whitelist for the SSO confirmation step. | Richard van der Hoff | 2020-03-02 | 1 | -3/+29 |
| | | | |||||
| * | | Merge remote-tracking branch 'origin/release-v1.11.1' into release-v1.11.1 | Richard van der Hoff | 2020-03-02 | 1 | -28/+181 |
| |\ \ | |||||
| | * | | Fixed set a user as an admin with the new API (#6928) | Dirk Klimpel | 2020-03-02 | 1 | -28/+181 |
| | | | | | | | | | | | | | | | | Fix #6910 | ||||
| * | | | Add a confirmation step to the SSO login flow | Brendan Abolivier | 2020-03-02 | 1 | -0/+85 |
| |/ / | |||||
* | / | Validate the alt_aliases property of canonical alias events (#6971) | Patrick Cloke | 2020-03-03 | 1 | -0/+160 |
| |/ |/| | |||||
* | | Fixed set a user as an admin with the new API (#6928) | Dirk Klimpel | 2020-02-28 | 1 | -32/+186 |
| | | | | | | Fix #6910 | ||||
* | | Ensure 'deactivated' parameter is a boolean on user admin API, Fix error ↵ | Andrew Morgan | 2020-02-26 | 1 | -0/+59 |
| | | | | | | | | handling of call to deactivate user (#6990) | ||||
* | | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957) | Patrick Cloke | 2020-02-21 | 1 | -13/+15 |
|/ | | | | Ensure good comprehension hygiene using flake8-comprehensions. | ||||
* | Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekable | Richard van der Hoff | 2020-02-19 | 1 | -0/+17 |
|\ | | | | | Make room alias lists peekable | ||||
| * | Make room alias lists peekable | Richard van der Hoff | 2020-02-19 | 1 | -0/+17 |
| | | | | | | | | | | | | As per https://github.com/matrix-org/matrix-doc/pull/2432#pullrequestreview-360566830, make room alias lists accessible to users outside world_readable rooms. | ||||
* | | Move MSC2432 stuff onto unstable prefix (#6948) | Richard van der Hoff | 2020-02-19 | 1 | -3/+13 |
|/ | | | it's not in the spec yet, so needs to be unstable. Also add a feature flag for it. Also add a test for admin users. | ||||
* | Implement GET /_matrix/client/r0/rooms/{roomId}/aliases (#6939) | Richard van der Hoff | 2020-02-18 | 1 | -1/+69 |
| | | | | | per matrix-org/matrix-doc#2432 | ||||
* | Raise the default power levels for invites, tombstones and server acls (#6834) | Andrew Morgan | 2020-02-17 | 1 | -1/+3 |
| | |||||
* | Return a 404 for admin api user lookup if user not found (#6901) | Andrew Morgan | 2020-02-12 | 1 | -0/+16 |
| | |||||
* | Admin api to add an email address (#6789) | Dirk Klimpel | 2020-02-07 | 1 | -2/+17 |
| | |||||
* | MSC2260: Block direct sends of m.room.aliases events (#6794) | Richard van der Hoff | 2020-01-30 | 2 | -33/+15 |
| | | | | | as per MSC2260 | ||||
* | Admin API to list, filter and sort rooms (#6720) | Andrew Morgan | 2020-01-22 | 1 | -4/+389 |
| | |||||
* | Lint + changelog | Brendan Abolivier | 2020-01-22 | 1 | -3/+1 |
| | |||||
* | Remove unused import | Brendan Abolivier | 2020-01-22 | 1 | -1/+1 |
| | |||||
* | Add tests for thumbnailing | Brendan Abolivier | 2020-01-22 | 1 | -3/+45 |
| | |||||
* | Fix and add test to deprecated quarantine media admin api (#6756) | Andrew Morgan | 2020-01-22 | 1 | -4/+11 |
| | |||||
* | Fix `/events/:event_id` deprecated API. (#6731) | Erik Johnston | 2020-01-20 | 1 | -0/+27 |
| | |||||
* | Fix changing password via user admin API. (#6730) | Erik Johnston | 2020-01-20 | 1 | -0/+13 |
| | |||||
* | Fix purge_room admin API (#6711) | Erik Johnston | 2020-01-15 | 1 | -3/+1 |
| | |||||
* | Add `local_current_membership` table (#6655) | Erik Johnston | 2020-01-15 | 2 | -12/+9 |
| | | | | | | | Currently we rely on `current_state_events` to figure out what rooms a user was in and their last membership event in there. However, if the server leaves the room then the table may be cleaned up and that information is lost. So lets add a table that separately holds that information. | ||||
* | Quarantine media by ID or user ID (#6681) | Andrew Morgan | 2020-01-13 | 2 | -0/+378 |
| | |||||
* | Allow admin users to create or modify users without a shared secret (#6495) | Manuel Stahl | 2020-01-09 | 2 | -338/+465 |
| | | | Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de> | ||||
* | Fix GET request on /_synapse/admin/v2/users endpoint (#6563) | Manuel Stahl | 2020-01-08 | 1 | -0/+41 |
| | | | | Fixes #6552 | ||||
* | Back out ill-advised notary server hackery (#6657) | Richard van der Hoff | 2020-01-08 | 3 | -4/+131 |
| | | | | | | | | | | | This was ill-advised. We can't modify verify_keys here, because the response object has already been signed by the requested key. Furthermore, it's somewhat unnecessary because existing versions of Synapse (which get upset that the notary key isn't present in verify_keys) will fall back to a direct fetch via `/key/v2/server`. Also: more tests for fetching keys via perspectives: it would be nice if we actually tested when our fetcher can't talk to our notary impl. | ||||
* | Workaround for error when fetching notary's own key (#6620) | Richard van der Hoff | 2020-01-06 | 1 | -0/+130 |
| | | | | | | | | | | | | | | * Kill off redundant SynapseRequestFactory We already get the Site via the Channel, so there's no need for a dedicated RequestFactory: we can just use the right constructor. * Workaround for error when fetching notary's own key As a notary server, when we return our own keys, include all of our signing keys in verify_keys. This is a workaround for #6596. | ||||
* | Merge release-v1.7.1 into develop | Richard van der Hoff | 2019-12-18 | 1 | -0/+127 |
|\ | |||||
| * | Incorporate review | Brendan Abolivier | 2019-12-16 | 1 | -5/+0 |
| | | |||||
| * | Lint | Brendan Abolivier | 2019-12-16 | 1 | -2/+1 |
| | | |||||
| * | Add test case | Brendan Abolivier | 2019-12-16 | 1 | -0/+133 |
| | | |||||
* | | Add option to allow profile queries without sharing a room (#6523) | Will Hunt | 2019-12-16 | 1 | -0/+2 |
| | | |||||
* | | Port handlers.account_validity to async/await. | Erik Johnston | 2019-12-10 | 1 | -2/+1 |
|/ | |||||
* | Merge pull request #6484 from matrix-org/erikj/port_sync_handler | Erik Johnston | 2019-12-09 | 1 | -1/+3 |
|\ | | | | | Port SyncHandler to async/await | ||||
| * | Fixup functions to consistently return deferreds | Erik Johnston | 2019-12-06 | 1 | -1/+3 |
| | | |||||
* | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Erik Johnston | 2019-12-06 | 2 | -1/+12 |
|\| | | | | | | | erikj/make_database_class | ||||
| * | Fixup tests | Erik Johnston | 2019-12-05 | 2 | -1/+12 |
| | | |||||
* | | Move DB pool and helper functions into dedicated Database class | Erik Johnston | 2019-12-05 | 1 | -1/+1 |
|/ | |||||
* | Remove underscore from SQLBaseStore functions | Erik Johnston | 2019-12-04 | 1 | -1/+1 |
| | |||||
* | Merge pull request #6329 from matrix-org/babolivier/context_filters | Brendan Abolivier | 2019-12-04 | 3 | -100/+381 |
|\ | | | | | Filter state, events_before and events_after in /context requests | ||||
| * | Un-remove room purge test | Brendan Abolivier | 2019-12-04 | 1 | -0/+72 |
| | | |||||
| * | Merge branch 'babolivier/context_filters' of github.com:matrix-org/synapse ↵ | Brendan Abolivier | 2019-12-04 | 1 | -1/+1 |
| |\ | | | | | | | | | | into babolivier/context_filters | ||||
| | * | Merge branch 'develop' into babolivier/context_filters | Brendan Abolivier | 2019-11-26 | 3 | -1/+213 |
| | |\ | |||||
| * | \ | Merge branch 'develop' into babolivier/context_filters | Brendan Abolivier | 2019-12-04 | 5 | -3/+477 |
| |\ \ \ | | |/ / | |/| | | |||||
| * | | | Lint | Brendan Abolivier | 2019-11-05 | 1 | -30/+41 |
| | | | | |||||
| * | | | Update copyrights | Brendan Abolivier | 2019-11-05 | 3 | -1/+7 |
| | | | | |||||
| * | | | Add tests for /search | Brendan Abolivier | 2019-11-05 | 1 | -44/+143 |
| | | | | |||||
| * | | | Merge labels tests for /context and /messages | Brendan Abolivier | 2019-11-05 | 1 | -146/+130 |
| | | | | |||||
| * | | | Add test case | Brendan Abolivier | 2019-11-05 | 1 | -0/+182 |
| | | | | |||||
* | | | | Add ephemeral messages support (MSC2228) (#6409) | Brendan Abolivier | 2019-12-03 | 1 | -0/+101 |
| |/ / |/| | | | | | | | | | | | | | | | | | | | | Implement part [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228). The parts that differ are: * the feature is hidden behind a configuration flag (`enable_ephemeral_messages`) * self-destruction doesn't happen for state events * only implement support for the `m.self_destruct_after` field (not the `m.self_destruct` one) * doesn't send synthetic redactions to clients because for this specific case we consider the clients to be able to destroy an event themselves, instead we just censor it (by pruning its JSON) in the database | ||||
* | | | Add tests | Erik Johnston | 2019-11-28 | 1 | -0/+140 |
| | | | |||||
* | | | Merge pull request #6358 from matrix-org/babolivier/message_retention | Brendan Abolivier | 2019-11-27 | 1 | -0/+293 |
|\ \ \ | | | | | | | | | Implement message retention policies (MSC1763) | ||||
| * \ \ | Merge branch 'develop' into babolivier/message_retention | Brendan Abolivier | 2019-11-26 | 3 | -1/+114 |
| |\ \ \ | | | |/ | | |/| | |||||
| * | | | Don't restrict the tests to v1 rooms | Brendan Abolivier | 2019-11-26 | 1 | -2/+0 |
| | | | | |||||
| * | | | Lint again | Brendan Abolivier | 2019-11-19 | 1 | -10/+2 |
| | | | | |||||
| * | | | Lint | Brendan Abolivier | 2019-11-19 | 1 | -50/+23 |
| | | | | |||||
| * | | | Don't apply retention policy based filtering on state events | Brendan Abolivier | 2019-11-06 | 1 | -0/+10 |
| | | | | | | | | | | | | | | | | As per MSC1763, 'Retention is only considered for non-state events.', so don't filter out state events based on the room's retention policy. | ||||
| * | | | Implement per-room message retention policies | Brendan Abolivier | 2019-11-04 | 1 | -0/+320 |
| | |/ | |/| | |||||
* | | | Remove assertion and provide a clear warning on startup for missing ↵ | Andrew Morgan | 2019-11-26 | 1 | -0/+1 |
| |/ |/| | | | | | public_baseurl (#6379) | ||||
* | | Lint | Brendan Abolivier | 2019-11-20 | 1 | -6/+8 |
| | | |||||
* | | Test if a purge can make /messages return 500 responses | Brendan Abolivier | 2019-11-20 | 1 | -0/+72 |
| | | |||||
* | | Blacklist PurgeRoomTestCase (#6361) | Andrew Morgan | 2019-11-13 | 1 | -0/+2 |
| | | |||||
* | | Merge pull request #6295 from matrix-org/erikj/split_purge_history | Erik Johnston | 2019-11-08 | 1 | -1/+3 |
|\ \ | | | | | | | Split purge API into events vs state and add PurgeEventsStorage | ||||
| * | | Fix deleting state groups during room purge. | Erik Johnston | 2019-11-06 | 1 | -1/+3 |
| |/ | | | | | | | And fix the tests to actually test that things got deleted. | ||||
* | | Merge branch 'develop' into rav/url_preview_limit_title | Richard van der Hoff | 2019-11-05 | 4 | -5/+332 |
|\| | |||||
| * | Merge pull request #6301 from matrix-org/babolivier/msc2326 | Brendan Abolivier | 2019-11-01 | 3 | -5/+254 |
| |\ | | | | | | | Implement MSC2326 (label based filtering) | ||||
| | * | Incorporate review | Brendan Abolivier | 2019-11-01 | 2 | -8/+8 |
| | | | |||||
| | * | Incorporate review | Brendan Abolivier | 2019-11-01 | 2 | -10/+10 |
| | | | |||||
| | * | Lint | Brendan Abolivier | 2019-10-30 | 2 | -31/+30 |
| | | | |||||
| | * | Add integration tests for /messages | Brendan Abolivier | 2019-10-30 | 1 | -1/+101 |
| | | | |||||
| | * | Add more integration testing | Brendan Abolivier | 2019-10-30 | 1 | -6/+39 |
| | | | |||||
| | * | Add integration tests for sync | Brendan Abolivier | 2019-10-30 | 2 | -5/+122 |
| | | | |||||
| * | | Add unit test for /purge_room API | Erik Johnston | 2019-10-31 | 1 | -0/+78 |
| |/ | |||||
* | | Apply suggestions from code review | Richard van der Hoff | 2019-11-05 | 1 | -0/+1 |
| | | | | | | | | Co-Authored-By: Brendan Abolivier <babolivier@matrix.org> Co-Authored-By: Erik Johnston <erik@matrix.org> | ||||
* | | Strip overlong OpenGraph data from url preview | Richard van der Hoff | 2019-11-05 | 1 | -0/+34 |
|/ | | | | ... to stop people causing DoSes with malicious web pages | ||||
* | Add domain validation when creating room with list of invitees (#6121) | werner291 | 2019-10-10 | 1 | -0/+9 |
| | |||||
* | send 404 as http-status when filter-id is unknown to the server (#2380) | krombel | 2019-10-10 | 1 | -1/+1 |
| | | | | | | | This fixed the weirdness of 400 vs 404 as http status code in the case the filter id is not known by the server. As e.g. matrix-js-sdk expects 404 to catch this situation this leads to unwanted behaviour. | ||||
* | Fix races in room stats (and other) updates. (#6187) | Richard van der Hoff | 2019-10-10 | 1 | -1/+1 |
| | | | | | | | Hopefully this will fix the occasional failures we were seeing in the room directory. The problem was that events are not necessarily persisted (and `current_state_delta_stream` updated) in the same order as their stream_id. So for instance current_state_delta 9 might be persisted *before* current_state_delta 8. Then, when the room stats saw stream_id 9, it assumed it had done everything up to 9, and never came back to do stream_id 8. We can solve this easily by only processing up to the stream_id where we know all events have been persisted. | ||||
* | ok | Brendan Abolivier | 2019-09-27 | 1 | -1/+3 |
| | |||||
* | Lint | Brendan Abolivier | 2019-09-27 | 1 | -7/+1 |
| | |||||
* | Add test to validate the change | Brendan Abolivier | 2019-09-27 | 1 | -13/+57 |
| | |||||
* | Stop advertising unsupported flows for registration (#6107) | Richard van der Hoff | 2019-09-25 | 1 | -12/+17 |
| | | | | | | | If email or msisdn verification aren't supported, let's stop advertising them for registration. Fixes #6100. | ||||
* | Refactor the user-interactive auth handling (#6105) | Richard van der Hoff | 2019-09-25 | 1 | -10/+16 |
| | | | | | | | Pull the checkers out to their own classes, rather than having them lost in a massive 1000-line class which does everything. This is also preparation for some more intelligent advertising of flows, as per #6100 | ||||
* | Refactor code for calculating registration flows (#6106) | Richard van der Hoff | 2019-09-25 | 1 | -12/+67 |
| | | | | | | | | | because, frankly, it looked like it was written by an axe-murderer. This should be a non-functional change, except that where `m.login.dummy` was previously advertised *before* `m.login.terms`, it will now be advertised afterwards. AFAICT that should have no effect, and will be more consistent with the flows that involve passing a 3pid. | ||||
* | Fix comments | Erik Johnston | 2019-09-11 | 1 | -2/+2 |
| | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> | ||||
* | Add test for admin redaction ratelimiting. | Erik Johnston | 2019-09-11 | 1 | -0/+25 |
| | |||||
* | Fix and refactor room and user stats (#5971) | Erik Johnston | 2019-09-04 | 1 | -2/+6 |
| | | | Previously the stats were not being correctly populated. | ||||
* | Remove unnecessary parentheses around return statements (#5931) | Andrew Morgan | 2019-08-30 | 1 | -1/+1 |
| | | | | | Python will return a tuple whether there are parentheses around the returned values or not. I'm just sick of my editor complaining about this all over the place :) | ||||
* | Add tests | Brendan Abolivier | 2019-08-01 | 1 | -0/+37 |
| | |||||
* | Replace returnValue with return (#5736) | Amber Brown | 2019-07-23 | 1 | -1/+1 |
| | |||||
* | Remove the ability to query relations when the original event was redacted. ↵ | Andrew Morgan | 2019-07-18 | 1 | -3/+113 |
| | | | | | | | (#5629) Fixes #5594 Forbid viewing relations on an event once it has been redacted. | ||||
* | Ignore redactions of m.room.create events (#5701) | Richard van der Hoff | 2019-07-17 | 1 | -0/+20 |
| | |||||
* | More refactoring in `get_events_as_list` (#5707) | Richard van der Hoff | 2019-07-17 | 1 | -0/+159 |
| | | | | | | | | We can now use `_get_events_from_cache_or_db` rather than going right back to the database, which means that (a) we can benefit from caching, and (b) it opens the way forward to more extensive checks on the original event. We now always require the original event to exist before we will serve up a redaction. | ||||
* | Implement access token expiry (#5660) | Richard van der Hoff | 2019-07-12 | 1 | -0/+108 |
| | | | | Record how long an access token is valid for, and raise a soft-logout once it expires. | ||||
* | Include the original event in /relations (#5626) | Andrew Morgan | 2019-07-09 | 1 | -0/+5 |
| | | | When asking for the relations of an event, include the original event in the response. This will mostly be used for efficiently showing edit history, but could be useful in other circumstances. | ||||
* | Lint | Brendan Abolivier | 2019-07-08 | 1 | -2/+2 |
| | |||||
* | Add test case | Brendan Abolivier | 2019-07-08 | 1 | -0/+47 |
| | |||||
* | Add origin_server_ts and sender fields to m.replace (#5613) | Andrew Morgan | 2019-07-05 | 1 | -6/+18 |
| | | | | | Riot team would like some extra fields as part of m.replace, so here you go. Fixes: #5598 | ||||
* | Move logging utilities out of the side drawer of util/ and into logging/ (#5606) | Amber Brown | 2019-07-04 | 2 | -2/+2 |
| | |||||
* | Fix media repo breaking (#5593) | Amber Brown | 2019-07-02 | 1 | -0/+12 |
| | |||||
* | Make the http server handle coroutine-making REST servlets (#5475) | Amber Brown | 2019-06-29 | 1 | -10/+15 |
| | |||||
* | Split public rooms directory auth config in two | Brendan Abolivier | 2019-06-24 | 1 | -1/+1 |
| | |||||
* | Run Black. (#5482) | Amber Brown | 2019-06-20 | 13 | -179/+160 |
| | |||||
* | Merge pull request #5440 from matrix-org/babolivier/third_party_event_rules | Brendan Abolivier | 2019-06-14 | 1 | -0/+79 |
|\ | | | | | Allow server admins to define implementations of extra rules for allowing or denying incoming events | ||||
| * | Add plugin APIs for implementations of custom event rules. | Brendan Abolivier | 2019-06-14 | 1 | -0/+79 |
| | | |||||
* | | Don't send renewal emails to deactivated users | Brendan Abolivier | 2019-06-14 | 1 | -25/+42 |
| | | |||||
* | | Track deactivated accounts in the database (#5378) | Brendan Abolivier | 2019-06-14 | 1 | -0/+45 |
| | | |||||
* | | Merge branch 'master' of github.com:matrix-org/synapse into develop | Erik Johnston | 2019-06-11 | 3 | -12/+241 |
|\ \ | |||||
| * | | Bump bleach version so that tests can run on old deps. | Erik Johnston | 2019-06-11 | 2 | -12/+0 |
| | | | |||||
| * | | Change password reset links to /_matrix. | Erik Johnston | 2019-06-11 | 1 | -0/+241 |
| |/ | |||||
* | | Merge pull request #5363 from ↵ | Brendan Abolivier | 2019-06-10 | 1 | -0/+35 |
|\ \ | |/ |/| | | | | | matrix-org/babolivier/account_validity_send_mail_auth Don't check whether the user's account is expired on /send_mail requests | ||||
| * | Don't check whether the user's account is expired on /send_mail requests | Brendan Abolivier | 2019-06-05 | 1 | -0/+35 |
| | | |||||
* | | Unify v1 and v2 REST client APIs (#5226) | Amber Brown | 2019-06-03 | 2 | -2/+1 |
| | | |||||
* | | Merge pull request #5309 from matrix-org/rav/limit_displayname_length | Richard van der Hoff | 2019-06-01 | 1 | -2/+60 |
|\ \ | | | | | | | Limit displaynames and avatar URLs | ||||
| * | | add some tests | Richard van der Hoff | 2019-06-01 | 1 | -2/+60 |
| | | | |||||
* | | | Merge pull request #5276 from matrix-org/babolivier/account_validity_job_delta | Erik Johnston | 2019-05-31 | 1 | -5/+10 |
|\ \ \ | | | | | | | | | Allow configuring a range for the account validity startup job | ||||
| * | | | Move delta from +10% to -10% | Brendan Abolivier | 2019-05-31 | 1 | -2/+2 |
| | | | | |||||
| * | | | Make max_delta equal to period * 10% | Brendan Abolivier | 2019-05-31 | 1 | -17/+1 |
| | | | | |||||
| * | | | Typo | Brendan Abolivier | 2019-05-28 | 1 | -1/+1 |
| | | | | |||||
| * | | | Allow configuring a range for the account validity startup job | Brendan Abolivier | 2019-05-28 | 1 | -0/+21 |
| | |/ | |/| | | | | | | | | | | When enabling the account validity feature, Synapse will look at startup for registered account without an expiration date, and will set one equals to 'now + validity_period' for them. On large servers, it can mean that a large number of users will have the same expiration date, which means that they will all be sent a renewal email at the same time, which isn't ideal. In order to mitigate this, this PR allows server admins to define a 'max_delta' so that the expiration date is a random value in the [now + validity_period ; now + validity_period + max_delta] range. This allows renewal emails to be progressively sent over a configured period instead of being sent all in one big batch. | ||||
* | | | Add config option for setting homeserver's default room version (#5223) | Andrew Morgan | 2019-05-23 | 1 | -2/+5 |
| | | | | | | | | | | | | | | | Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present. That hardcoded value is now located in the server.py config file. | ||||
* | | | Room Statistics (#4338) | Amber Brown | 2019-05-21 | 1 | -0/+17 |
| |/ |/| | |||||
* | | Merge pull request #5212 from matrix-org/erikj/deny_multiple_reactions | Erik Johnston | 2019-05-21 | 1 | -1/+26 |
|\ \ | | | | | | | Block attempts to annotate the same event twice | ||||
| * | | Block attempts to annotate the same event twice | Erik Johnston | 2019-05-20 | 1 | -1/+26 |
| | | | |||||
* | | | Merge pull request #5204 from ↵ | Brendan Abolivier | 2019-05-21 | 1 | -0/+55 |
|\ \ \ | |/ / |/| / | |/ | | | matrix-org/babolivier/account_validity_expiration_date Add startup background job for account validity | ||||
| * | Add startup background job for account validity | Brendan Abolivier | 2019-05-17 | 1 | -0/+55 |
| | | | | | | | | If account validity is enabled in the server's configuration, this job will run at startup as a background job and will stick an expiration date to any registered account missing one. | ||||
* | | Rename relation types to match MSC | Erik Johnston | 2019-05-20 | 1 | -11/+11 |
| | | |||||
* | | Merge pull request #5209 from matrix-org/erikj/reactions_base | Erik Johnston | 2019-05-20 | 1 | -0/+539 |
|\ \ | | | | | | | Land basic reaction and edit support. | ||||
| * | | Fixup comments | Erik Johnston | 2019-05-20 | 1 | -2/+2 |
| | | | |||||
| * | | Correctly update aggregation counts after redaction | Erik Johnston | 2019-05-20 | 1 | -0/+37 |
| | | | |||||
| * | | Make tests use different user for each reaction it sends | Erik Johnston | 2019-05-17 | 1 | -12/+68 |
| | | | | | | | | | | | | As users aren't allowed to react with the same emoji more than once. | ||||
| * | | Add basic editing support | Erik Johnston | 2019-05-16 | 1 | -9/+82 |
| | | | |||||
| * | | Check that event is visible in new APIs | Erik Johnston | 2019-05-16 | 1 | -1/+1 |
| | | | |||||
| * | | Add aggregations API | Erik Johnston | 2019-05-16 | 1 | -3/+248 |
| | | | |||||
| * | | Add simple pagination API | Erik Johnston | 2019-05-15 | 1 | -0/+30 |
| | | | |||||
| * | | Add simple send_relation API and track in DB | Erik Johnston | 2019-05-15 | 1 | -0/+98 |
| | | | |||||
* | | | Merge pull request #5196 from matrix-org/babolivier/per_room_profiles | Brendan Abolivier | 2019-05-17 | 1 | -1/+69 |
|\ \ \ | | |/ | |/| | Add an option to disable per-room profiles | ||||
| * | | Lint | Brendan Abolivier | 2019-05-16 | 1 | -1/+0 |
| | | | |||||
| * | | Lint | Brendan Abolivier | 2019-05-16 | 1 | -1/+3 |
| | | | |||||
| * | | Forgot copyright | Brendan Abolivier | 2019-05-16 | 1 | -0/+1 |
| | | | |||||
| * | | Add test case | Brendan Abolivier | 2019-05-16 | 1 | -1/+67 |
| |/ | |||||
* | | Merge pull request #5174 from matrix-org/dbkr/add_dummy_flow_to_recaptcha_only | David Baker | 2019-05-16 | 1 | -1/+8 |
|\ \ | |/ |/| | Re-order registration stages to do msisdn & email auth last | ||||
| * | Merge remote-tracking branch 'origin/develop' into ↵ | David Baker | 2019-05-13 | 1 | -11/+11 |
| |\ | | | | | | | | | | dbkr/add_dummy_flow_to_recaptcha_only | ||||
| * | | And now I realise why the test is failing... | David Baker | 2019-05-13 | 1 | -1/+8 |
| | | | |||||
* | | | Migrate all tests to use the dict-based config format instead of hanging ↵ | Amber Brown | 2019-05-13 | 10 | -69/+70 |
| |/ |/| | | | | | items off HomeserverConfig (#5171) | ||||
* | | URL preview blacklisting fixes (#5155) | Andrew Morgan | 2019-05-10 | 1 | -11/+11 |
|/ | | | Prevents a SynapseError being raised inside of a IResolutionReceiver and instead opts to just return 0 results. This thus means that we have to lump a failed lookup and a blacklisted lookup together with the same error message, but the substitute should be generic enough to cover both cases. | ||||
* | Run Black on the tests again (#5170) | Amber Brown | 2019-05-10 | 8 | -222/+114 |
| | |||||
* | Fix bogus imports in tests (#5154) | Brendan Abolivier | 2019-05-08 | 3 | -5/+6 |
| | |||||
* | add options to require an access_token to GET /profile and /publicRooms on ↵ | Matthew Hodgson | 2019-05-08 | 2 | -1/+123 |
| | | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit. | ||||
* | Do checks on aliases for incoming m.room.aliases events (#5128) | Brendan Abolivier | 2019-05-08 | 1 | -0/+169 |
| | | | | | Follow-up to #5124 Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended. | ||||
* | Remove the requirement to authenticate for /admin/server_version. (#5122) | Richard van der Hoff | 2019-05-07 | 1 | -22/+8 |
| | | | | | | | | | This endpoint isn't much use for its intended purpose if you first need to get yourself an admin's auth token. I've restricted it to the `/_synapse/admin` path to make it a bit easier to lock down for those concerned about exposing this information. I don't imagine anyone is using it in anger currently. | ||||
* | Add admin api for sending server_notices (#5121) | Richard van der Hoff | 2019-05-02 | 10 | -14/+14 |
| | |||||
* | Move admin api impl to its own package | Richard van der Hoff | 2019-05-01 | 11 | -25/+47 |
| | | | | It doesn't really belong under rest/client/v1 any more. | ||||
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Erik Johnston | 2019-04-17 | 3 | -2/+191 |
|\ | | | | | | | babolivier/account_expiration | ||||
| * | Merge pull request #5047 from matrix-org/babolivier/account_expiration | Brendan Abolivier | 2019-04-17 | 1 | -1/+99 |
| |\ | | | | | | | Send out emails with links to extend an account's validity period | ||||
| * \ | Merge pull request #5027 from matrix-org/babolivier/account_expiration | Brendan Abolivier | 2019-04-09 | 1 | -2/+49 |
| |\ \ | | | | | | | | | Add time-based account expiration | ||||
| * | | | Add config option to block users from looking up 3PIDs (#5010) | Brendan Abolivier | 2019-04-04 | 1 | -0/+65 |
| | | | | |||||
| * | | | Add unit test for deleting groups | Erik Johnston | 2019-04-03 | 1 | -0/+124 |
| | | | | |||||
| * | | | Collect room-version variations into one place (#4969) | Richard van der Hoff | 2019-04-01 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions. | ||||
* | | | | Add management endpoints for account validity | Brendan Abolivier | 2019-04-17 | 1 | -8/+87 |
| |_|/ |/| | | |||||
* | | | Send out emails with links to extend an account's validity period | Brendan Abolivier | 2019-04-17 | 1 | -1/+99 |
| |/ |/| | |||||
* | | Add account expiration feature | Brendan Abolivier | 2019-04-09 | 1 | -2/+49 |
|/ | |||||
* | Some more porting to HomeserverTestCase and remove old RESTHelper (#4913) | Amber Brown | 2019-03-22 | 1 | -125/+0 |
| | |||||
* | Merge pull request #4908 from matrix-org/erikj/block_peek_on_blocked_rooms | Erik Johnston | 2019-03-21 | 1 | -1/+65 |
|\ | | | | | Deny peeking into rooms that have been blocked | ||||
| * | isort | Erik Johnston | 2019-03-21 | 1 | -1/+1 |
| | | |||||
| * | Deny peeking into rooms that have been blocked | Erik Johnston | 2019-03-21 | 1 | -1/+65 |
| | | |||||
* | | Fix typo and add description | Erik Johnston | 2019-03-21 | 1 | -1/+5 |
|/ | |||||
* | Rejig testcase to make it more extensible | Erik Johnston | 2019-03-21 | 1 | -17/+22 |
| | |||||
* | Remove debug | Erik Johnston | 2019-03-21 | 1 | -1/+0 |
| | |||||
* | Add tests | Erik Johnston | 2019-03-21 | 1 | -1/+66 |
| | |||||
* | Fix registration test | Richard van der Hoff | 2019-03-19 | 1 | -1/+2 |
| | | | | | * Set allow_guest_access = True, since we rely on it * config doesn't have a `hostname` attribute; it is `server_name` | ||||
* | Add ratelimiting on failed login attempts (#4865) | Brendan Abolivier | 2019-03-18 | 1 | -0/+45 |
| | |||||
* | Add ratelimiting on login (#4821) | Brendan Abolivier | 2019-03-15 | 2 | -2/+122 |
| | | | Add two ratelimiters on login (per-IP address and per-userID). | ||||
* | Merge pull request #4772 from jbweston/jbweston/server-version-api | Erik Johnston | 2019-03-05 | 1 | -2/+36 |
|\ | | | | | Add 'server_version' endpoint to admin API | ||||
| * | Add 'server_version' endpoint to admin API | Joseph Weston | 2019-03-01 | 1 | -1/+35 |
| | | | | | | | | | | This is required because the 'Server' HTTP header is not always passed through proxies. | ||||
| * | Import 'admin' module rather than 'register_servlets' directly | Joseph Weston | 2019-03-01 | 1 | -2/+2 |
| | | | | | | | | | | | | We will later need also to import 'register_servlets' from the 'login' module, so we un-pollute the namespace now to keep the logical changes separate. | ||||
* | | Add rate-limiting on registration (#4735) | Brendan Abolivier | 2019-03-05 | 4 | -7/+55 |
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test | ||||
* | Fix parsing of Content-Disposition headers (#4763) | Richard van der Hoff | 2019-02-27 | 1 | -0/+45 |
| | | | | | | | | | | | * Fix parsing of Content-Disposition headers TIL: filenames in content-dispostion headers can contain semicolons, and aren't %-encoded. * fix python2 incompatibility * Fix docstrings | ||||
* | Move register_device into handler | Erik Johnston | 2019-02-18 | 1 | -70/+23 |
| | |||||
* | Fix unit tests | Erik Johnston | 2019-02-18 | 1 | -6/+15 |
| | |||||
* | rework format of change password capability | Neil Johnson | 2019-01-29 | 1 | -2/+2 |
| | |||||
* | support change_password in capabilities end-point | Neil Johnson | 2019-01-29 | 1 | -0/+23 |
| | |||||
* | isort | Neil Johnson | 2019-01-29 | 1 | -1/+2 |
| | |||||
* | enforce auth for capabilities endpoint | Neil Johnson | 2019-01-29 | 1 | -4/+19 |
| | |||||
* | Support room version capabilities in CS API (MSC1804) | Neil Johnson | 2019-01-25 | 1 | -0/+39 |
| | |||||
* | Remove v1 only REST APIs now we don't ship matrix console (#4334) | Amber Brown | 2018-12-29 | 2 | -145/+44 |
| | |||||
* | Fix IP URL previews on Python 3 (#4215) | Amber Brown | 2018-12-22 | 1 | -98/+326 |
| | |||||
* | create support user (#4141) | Neil Johnson | 2018-12-14 | 1 | -5/+28 |
| | | | | | | Allow for the creation of a support user. A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits. | ||||
* | Implement .well-known handling (#4262) | Richard van der Hoff | 2018-12-05 | 1 | -0/+58 |
| | | | | Sometimes it's useful for synapse to generate its own .well-known file. | ||||
* | Fix more logcontext leaks in tests (#4209) | Richard van der Hoff | 2018-11-27 | 1 | -1/+2 |
| | |||||
* | Merge pull request #4204 from matrix-org/rav/logcontext_leak_fixes | Richard van der Hoff | 2018-11-20 | 1 | -1/+2 |
|\ | | | | | Fix some logcontext leaks | ||||
| * | Fix logcontext leak in test_url_preview | Richard van der Hoff | 2018-11-19 | 1 | -1/+2 |
| | | |||||
* | | Fix fallback auth on Python 3 (#4197) | Amber Brown | 2018-11-19 | 1 | -0/+104 |
|/ | |||||
* | Fix Content-Disposition in media repository (#4176) | Amber Brown | 2018-11-15 | 1 | -0/+145 |
| | |||||
* | Use <meta> tags to discover the per-page encoding of html previews (#4183) | Amber Brown | 2018-11-15 | 1 | -0/+77 |
| | |||||
* | Add a test for the public T&Cs form | Richard van der Hoff | 2018-11-14 | 1 | -0/+7 |
| | |||||
* | Fix URL preview bugs (type error when loading cache from db, content-type ↵ | Amber Brown | 2018-11-08 | 1 | -0/+164 |
| | | | | including quotes) (#4157) | ||||
* | Remove some boilerplate in tests (#4156) | Amber Brown | 2018-11-07 | 5 | -178/+117 |
| | |||||
* | Tests for user consent resource (#4140) | Amber Brown | 2018-11-06 | 1 | -0/+111 |
| | |||||
* | Fix typing being reset causing infinite syncs (#4127) | Amber Brown | 2018-11-03 | 1 | -0/+123 |
| | |||||
* | Fix search 500ing (#4122) | Amber Brown | 2018-10-31 | 1 | -1/+105 |
| | |||||
* | Port tests/ to Python 3 (#3808) | Amber Brown | 2018-09-07 | 2 | -311/+258 |
| | |||||
* | Port storage/ to Python 3 (#3725) | Amber Brown | 2018-08-31 | 1 | -4/+10 |
| | |||||
* | Integrate presence from hotfixes (#3694) | Amber Brown | 2018-08-18 | 2 | -46/+105 |
| | |||||
* | Fix the tests | Amber Brown | 2018-08-15 | 5 | -45/+24 |
| | |||||
* | Implement a new test baseclass to cut down on boilerplate (#3684) | Amber Brown | 2018-08-14 | 1 | -37/+29 |
| | |||||
* | Run tests under PostgreSQL (#3423) | Amber Brown | 2018-08-13 | 9 | -5/+9 |
| | |||||
* | Run black. | black | 2018-08-10 | 9 | -132/+119 |
| | |||||
* | Test fixes for Python 3 (#3647) | Amber Brown | 2018-08-09 | 7 | -36/+36 |
| | |||||
* | Admin API for creating new users (#3415) | Amber Brown | 2018-07-20 | 1 | -0/+305 |
| | |||||
* | Move v1-only APIs into their own module & isolate deprecated ones (#3460) | Amber Brown | 2018-07-19 | 5 | -86/+27 |
| | |||||
* | Refactor REST API tests to use explicit reactors (#3351) | Amber Brown | 2018-07-17 | 7 | -921/+902 |
| | |||||
* | Make auth & transactions more testable (#3499) | Amber Brown | 2018-07-14 | 1 | -1/+4 |
| | |||||
* | run isort | Amber Brown | 2018-07-09 | 11 | -48/+51 |
| | |||||
* | Pass around the reactor explicitly (#3385) | Amber Brown | 2018-06-22 | 2 | -5/+6 |
| | |||||
* | Fix logcontext leak in HttpTransactionCache | Richard van der Hoff | 2018-05-21 | 1 | -0/+21 |
| | | | | ONE DAY I WILL PURGE THE WORLD OF THIS EVIL | ||||
* | Stop the transaction cache caching failures | Richard van der Hoff | 2018-05-21 | 1 | -0/+54 |
| | | | | | | The transaction cache has some code which tries to stop it caching failures, but if the callback function failed straight away, then things would happen backwards and we'd end up with the failure stuck in the cache. | ||||
* | Burminate v1auth | Adrian Tschira | 2018-04-30 | 4 | -13/+18 |
| | | | | | | | | | | | | | | | | | | This closes #2602 v1auth was created to account for the differences in status code between the v1 and v2_alpha revisions of the protocol (401 vs 403 for invalid tokens). However since those protocols were merged, this makes the r0 version/endpoint internally inconsistent, and violates the specification for the r0 endpoint. This might break clients that rely on this inconsistency with the specification. This is said to affect the legacy angular reference client. However, I feel that restoring parity with the spec is more important. Either way, it is critical to inform developers about this change, in case they rely on the illegal behaviour. Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | Use six.moves.urlparse | Adrian Tschira | 2018-04-15 | 1 | -7/+7 |
| | | | | | | The imports were shuffled around a bunch in py3 Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | move handling of auto_join_rooms to RegisterHandler | Krombel | 2018-03-14 | 1 | -0/+1 |
| | | | | | | | | | | | | | Currently the handling of auto_join_rooms only works when a user registers itself via public register api. Registrations via registration_shared_secret and ModuleApi do not work This auto_joins the users in the registration handler which enables the auto join feature for all 3 registration paths. This is related to issue #2725 Signed-Off-by: Matthias Kesler <krombel@krombel.de> | ||||
* | s/replication_client/federation_client/ | Erik Johnston | 2018-03-13 | 4 | -11/+11 |
| | |||||
* | Fix tests | Erik Johnston | 2018-03-13 | 4 | -11/+11 |
| | |||||
* | Move RoomMemberHandler out of Handlers | Erik Johnston | 2018-03-01 | 1 | -1/+1 |
| | |||||
* | Fix broken unit test for media storage | Erik Johnston | 2018-02-05 | 1 | -1/+6 |
| | |||||
* | Merge pull request #2791 from matrix-org/erikj/media_storage_refactor | Erik Johnston | 2018-02-05 | 3 | -0/+109 |
|\ | | | | | Ensure media is in local cache before thumbnailing | ||||
| * | Add unit tests | Erik Johnston | 2018-01-18 | 3 | -0/+109 |
| | | |||||
* | | mock registrations_require_3pid | Matthew Hodgson | 2018-01-19 | 1 | -0/+1 |
|/ | |||||
* | Remove dead code | Richard van der Hoff | 2018-01-09 | 1 | -3/+0 |
| | | | | pointless function is pointless | ||||
* | Refactor UI auth implementation | Richard van der Hoff | 2017-12-05 | 1 | -4/+7 |
| | | | | | Instead of returning False when auth is incomplete, throw an exception which can be caught with a wrapper. | ||||
* | Fix test | David Baker | 2017-10-17 | 1 | -0/+1 |
| | |||||
* | Split out profile handler to fix tests | Erik Johnston | 2017-08-25 | 1 | -2/+1 |
| |