summary refs log tree commit diff
path: root/tests/rest (follow)
Commit message (Collapse)AuthorAgeFilesLines
* annotate tests.server.FakeChannel (#13136)David Robertson2022-07-045-9/+14
|
* Implement MSC3827: Filtering of `/publicRooms` by room type (#13031)Šimon Brandner2022-06-291-3/+89
| | | | Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Merge branch 'master' into developAndrew Morgan2022-06-281-0/+17
|\
| * Merge pull request from GHSA-22p3-qrh9-cx32reivilibre2022-06-281-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make _iterate_over_text easier to read by using simple data structures * Prefer a set of tags to ignore In my tests, it's 4x faster to check for containment in a set of this size * Add a stack size limit to _iterate_over_text * Continue accepting the case where there is no body element * Use an early return instead for None Co-authored-by: Richard van der Hoff <richard@matrix.org>
* | Add Cross-Origin-Resource-Policy header to thumbnail and download media ↵Robert Long2022-06-271-0/+20
| | | | | | | | endpoints (#12944)
* | validate room alias before interacting with the room directory (#13106)santhoshivan232022-06-221-0/+13
| |
* | Simplify the alias deletion logic as an application service. (#13093)Quentin Gliech2022-06-171-0/+34
| |
* | Improve URL previews for sites with only Twitter card information. (#13056)Patrick Cloke2022-06-161-0/+41
| | | | | | | | | | | | Pull out `twitter:` meta tags when generating a preview and use it to augment any `og:` meta tags. Prefers Open Graph information over Twitter card information.
* | Add custom well-known (#13035)Jacek Kuśnierz2022-06-161-0/+22
| | | | | | Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
* | Add more tests for room upgrades (#13074)Sean Quah2022-06-151-5/+78
| | | | | | | | Signed-off-by: Sean Quah <seanq@element.io>
* | Replace pyjwt with authlib in `org.matrix.login.jwt` (#13011)Hannes Lerchl2022-06-151-21/+23
| |
* | Fix `destination_is` errors seen in sentry. (#13041)David Robertson2022-06-141-0/+8
| | | | | | | | | | | | * Rename test_fedclient to match its source file * Require at least one destination to be truthy * Explicitly validate user ID in profile endpoint GETs Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* | Uniformize spam-checker API, part 4: port other spam-checker callbacks to ↵David Teller2022-06-131-5/+170
| | | | | | | | | | return `Union[Allow, Codes]`. (#12857) Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* | Move the (unstable) `dir` parameter for /relations behind an experimental ↵Patrick Cloke2022-06-081-0/+1
| | | | | | | | | | | | flag. (#12984) MSC3715 defines this parameter, but the unstable version of it should be behind an experimental flag.
* | Test cancellation at every `await` during request handling (#12674)Sean Quah2022-06-071-0/+100
|/ | | | | | * Add tests for `/rooms/<room_id>/members` cancellation. * Add tests for `/rooms/<room_id>/state` cancellation. Signed-off-by: Sean Quah <seanq@element.io>
* Prevent local quarantined media from being claimed by media retention (#12972)Andrew Morgan2022-06-071-13/+96
|
* Remove remaining pieces of groups code. (#12966)Patrick Cloke2022-06-061-2/+0
| | | | | * Remove an unused stream ID generator. * Remove the now unused remote profile cache.
* Do not break URL previews if an image is unreachable. (#12950)Patrick Cloke2022-06-061-0/+35
| | | | Avoid breaking a URL preview completely if the chosen image 404s or is unreachable for some other reason (e.g. DNS).
* Implement MSC3816, consider the root event for thread participation. (#12766)Patrick Cloke2022-06-061-26/+59
| | | | As opposed to only considering a user to have "participated" if they replied to the thread.
* Improve URL previews for some pages (#12951)Patrick Cloke2022-06-031-1/+36
| | | | | * Skip `og` and `meta` tags where the value is empty. * Fallback to the favicon if there are no other images. * Ignore tags meant for navigation.
* Wait for lazy join to complete when getting current state (#12872)Erik Johnston2022-06-011-2/+6
|
* Remove remaining bits of groups code. (#12936)Patrick Cloke2022-06-014-6/+0
| | | | | | * Update worker docs to remove group endpoints. * Removes an unused parameter to `ApplicationService`. * Break dependency between media repo and groups. * Avoid copying `m.room.related_groups` state events during room upgrades.
* Add config options for media retention (#12732)Andrew Morgan2022-05-311-0/+238
|
* Rename storage classes (#12913)Erik Johnston2022-05-313-6/+8
|
* Fix invite notifications for users without pushers (#12840)DeepBlueV7.X2022-05-301-0/+91
| | | | Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de> Co-authored-by: Brendan Abolivier <github@brendanabolivier.com>
* Mutual rooms: Remove dependency on user directory (#12836)Jonathan de Jong2022-05-301-2/+0
|
* Add a background job to automatically delete stale devices (#12855)Brendan Abolivier2022-05-271-0/+43
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Additional constants for EDU types. (#12884)Patrick Cloke2022-05-276-8/+13
| | | Instead of hard-coding strings in many places.
* Merge tag 'v1.60.0rc2' into developSean Quah2022-05-271-0/+41
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.60.0rc2 (2022-05-27) ============================== This release of Synapse adds a unique index to the `state_group_edges` table, in order to prevent accidentally introducing duplicate information (for example, because a database backup was restored multiple times). If your Synapse database already has duplicate rows in this table, this could fail with an error and require manual remediation. Additionally, the signature of the `check_event_for_spam` module callback has changed. The previous signature has been deprecated and remains working for now. Module authors should update their modules to use the new signature where possible. See [the upgrade notes](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#upgrading-to-v1600) for more details. Features -------- - Add an option allowing users to use their password to reauthenticate for privileged actions even though password login is disabled. ([\#12883](https://github.com/matrix-org/synapse/issues/12883)) Bugfixes -------- - Explicitly close `ijson` coroutines once we are done with them, instead of leaving the garbage collector to close them. ([\#12875](https://github.com/matrix-org/synapse/issues/12875)) Internal Changes ---------------- - Improve URL previews by not including the content of media tags in the generated description. ([\#12887](https://github.com/matrix-org/synapse/issues/12887))
| * Add an option allowing users to use their password to reauthenticate even ↵reivilibre2022-05-271-0/+41
| | | | | | | | though password authentication is disabled. (#12883)
* | Remove user-visible groups/communities code (#12553)Patrick Cloke2022-05-252-145/+1
|/ | | | | | | | | Makes it so that groups/communities no longer exist from a user-POV. E.g. we remove: * All API endpoints (including Client-Server, Server-Server, and admin). * Documented configuration options (and the experimental flag, which is now unused). * Special handling during room upgrades. * The `groups` section of the `/sync` response.
* Prevent expired events from being filtered out when retention is disabled ↵Brendan Abolivier2022-05-232-8/+35
| | | | | | (#12611) Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Add a unit test for copying over arbitrary room types when upgrading a room ↵Andrew Morgan2022-05-191-1/+31
| | | | (#12792)
* Delete events from federation_inbound_events_staging table on purge (#12770)Mathieu Velten2022-05-171-0/+1
|
* Consolidate logic for parsing relations. (#12693)Patrick Cloke2022-05-161-2/+6
| | | | | | | | | | | | | Parse the `m.relates_to` event content field (which describes relations) in a single place, this is used during: * Event persistence. * Validation of the Client-Server API. * Fetching bundled aggregations. * Processing of push rules. Each of these separately implement the logic and each made slightly different assumptions about what was valid. Some had minor / potential bugs.
* SpamChecker metrics (#12513)Jess Porter2022-05-131-2/+4
| | | | | | | | | * add Measure blocks all over SpamChecker Signed-off-by: jesopo <github@lolnerd.net> * fix test_spam_checker_may_join_room and test_threepid_invite_spamcheck * better changelog entry
* add default_power_level_content_override config option. (#12618)Andy Balaam2022-05-121-0/+258
| | | Co-authored-by: Matthew Hodgson <matthew@matrix.org>
* No longer permit empty body when sending receipts (#12709)David Robertson2022-05-111-26/+4
|
* Convert stringy power levels to integers on room upgrade (#12657)David Robertson2022-05-071-0/+44
|
* Use `private` instead of `hidden` in MSC2285 related code. (#12635)Šimon Brandner2022-05-051-2/+2
|
* Edits/annotations should not have any bundled aggregations calculated. (#12633)Patrick Cloke2022-05-051-0/+31
| | | | | | Fixes a regression from 8b309adb436c162510ed1402f33b8741d71fc058 (#11660) and b65acead428653b988351ae8d7b22127a22039cd (#11752) where events which themselves were an edit or an annotation could have bundled aggregations calculated, which is not allowed.
* Implement changes to MSC2285 (hidden read receipts) (#12168)Šimon Brandner2022-05-041-17/+144
| | | | | * Changes hidden read receipts to be a separate receipt type (instead of a field on `m.read`). * Updates the `/receipts` endpoint to accept `m.fully_read`.
* Remove unstable/unspecced login types. (#12597)Patrick Cloke2022-05-041-3/+1
| | | | | | * `m.login.jwt`, which was never specced and has been deprecated since Synapse 1.16.0. (`org.matrix.login.jwt` can be used instead.) * `uk.half-shot.msc2778.login.application_service`, which was stabilized as part of the Matrix spec v1.2 release.
* Include bundled aggregations for the latest event in a thread. (#12273)Patrick Cloke2022-05-041-1/+107
| | | | | | The `latest_event` field of the bundled aggregations for `m.thread` relations did not include bundled aggregations itself. This resulted in clients needing to immediately request the event from the server (and thus making it useless that the latest event itself was serialized instead of just including an event ID).
* Remove unstable identifiers for MSC3069. (#12596)Patrick Cloke2022-05-031-6/+0
|
* Use constants for receipt types in tests. (#12582)Šimon Brandner2022-04-281-1/+2
|
* Prefer `make_awaitable` over `defer.succeed` in tests (#12505)Sean Quah2022-04-273-10/+8
| | | | | | | | | | | When configuring the return values of mocks, prefer awaitables from `make_awaitable` over `defer.succeed`. `Deferred`s are only awaitable once, so it is inappropriate for a mock to return the same `Deferred` multiple times. Also update `run_in_background` to support functions that return arbitrary awaitables. Signed-off-by: Sean Quah <seanq@element.io>
* Misc. clean-ups to the relations code (#12519)Patrick Cloke2022-04-251-40/+34
| | | | | * Corrects some typos / copy & paste errors in tests. * Clarifies docstrings. * Removes an unnecessary method.
* Remove unnecessary config overrides for MSC3666. (#12511)Patrick Cloke2022-04-201-4/+0
|
* Fix `/room/.../event/...` to return the *original* event after any edits ↵Richard van der Hoff2022-04-191-30/+62
| | | | | | (#12476) This is what the MSC (now) requires. Fixes https://github.com/matrix-org/synapse/issues/10310.
* Limit `device_id` size to 512B (#12454)Shay2022-04-131-1/+26
| | | *
* Fix missing sync events during historical batch imports (#12319)Nick Mills-Barrett2022-04-131-2/+123
| | | | | | | | Discovered after much in-depth investigation in #12281. Closes: #12281 Closes: #3305 Signed off by: Nick Mills-Barrett nick@beeper.com
* Disable groups/communities by default. (#12344)Patrick Cloke2022-04-121-0/+1
| | | | This disables the endpoints (and sync response fields) for groups/communities by default.
* Do not consider events by ignored users for bundled aggregations (#12235)Patrick Cloke2022-04-111-5/+68
| | | | | | | Consider the requester's ignored users when calculating the bundled aggregations. See #12285 / 4df10d32148ae29f792afc68ff774bcbd1915cea for corresponding changes for the `/relations` endpoint.
* Update the server notices user profile in room if changed. (#12115)Jorge Florian2022-04-081-0/+92
|
* Support the v1 endpoint for `/relations`. (#12403)Patrick Cloke2022-04-071-11/+11
| | | | Now that MSC2675 has passed FCP and the implementation is compliant with the final version.
* Add type hints for `tests/unittest.py`. (#12347)Richard van der Hoff2022-04-012-6/+17
| | | In particular, add type hints for get_success and friends, which are then helpful in a bunch of places.
* Remove redundant `get_success` calls in test code (#12346)Richard van der Hoff2022-04-012-10/+4
| | | There are a bunch of places we call get_success on an immediate value, which is unnecessary. Let's rip them out, and remove the redundant functionality in get_success and friends.
* Default to `private` room visibility rather than `public` when a client does ↵reivilibre2022-04-011-4/+7
| | | | not specify one, according to spec. (#12350)
* Move single-use methods out of `TestCase` (#12348)Richard van der Hoff2022-04-011-0/+11
| | | | These methods are only used by a single testcase, so they shouldn't be cluttering up the base `TestCase` class.
* Add a module callback to react to account data changes (#12327)Brendan Abolivier2022-04-011-0/+75
| | | | Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Move MSC2654 support behind an experimental configuration flag. (#12295)Patrick Cloke2022-03-311-0/+5
| | | To match the current thinking on disabling experimental features by default.
* Add a callback to react to 3PID associations (#12302)Brendan Abolivier2022-03-311-0/+41
|
* Ensure the type of URL attributes is always str when matching against ↵Brendan Abolivier2022-03-311-2/+41
| | | | preview blacklist (#12333)
* Remove the unused and unstable `/aggregations` endpoint. (#12293)Patrick Cloke2022-03-301-207/+0
| | | | | | | | | This endpoint was removed from MSC2675 before it was approved. It is currently unspecified (even in any MSCs) and therefore subject to removal. It is not implemented by any known clients. This also changes the bundled aggregation format for `m.annotation`, which previously included pagination tokens for the `/aggregations` endpoint, which are no longer useful.
* Remove references to "msc2403" (#12165)Andrew Morgan2022-03-301-1/+0
|
* Add a configuration to exclude rooms from sync response (#12310)Brendan Abolivier2022-03-301-0/+62
|
* Fix typechecker problems exposed by signedjson 1.1.2 (#12326)David Robertson2022-03-291-5/+11
|
* Always allow the empty string as an avatar_url. (#12261)David Robertson2022-03-251-0/+19
| | | | | Hopefully this fixes #12257. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Do not consider events by ignored users for relations (#12285)Patrick Cloke2022-03-241-1/+79
| | | | Filter the events returned from `/relations` for the requester's ignored users in a similar way to `/messages` (and `/sync`).
* Optionally include account validity in MSC3720 account status responses (#12266)Brendan Abolivier2022-03-241-1/+57
|
* Rename shared_rooms to mutual_rooms (#12036)Jonathan de Jong2022-03-231-15/+15
| | | Co-authored-by: reivilibre <olivier@librepush.net>
* Only fetch thread participation for events with threads. (#12228)Patrick Cloke2022-03-181-238/+271
| | | | | | | | | We fetch the thread summary in two phases: 1. The summary that is shared by all users (count of messages and latest event). 2. Whether the requesting user has participated in the thread. There's no use in attempting step 2 for events which did not return a summary from step 1.
* Merge branch 'release-v1.55' into developPatrick Cloke2022-03-161-0/+28
|\
| * Fix bundling aggregations if unsigned is not a returned event field. (#12234)Patrick Cloke2022-03-161-0/+28
| | | | | | | | | | | | | | An error occured if a filter was supplied with `event_fields` which did not include `unsigned`. In that case, bundled aggregations are still added as the spec states it is allowed for servers to add additional fields.
* | Refactor relations tests (#12232)Patrick Cloke2022-03-161-406/+363
| | | | | | | | | | * Moves the relation pagination tests to a separate class. * Move the assertion of the response code into the `_send_relation` helper. * Moves some helpers into the base-class.
* | Clean-up logic for rebasing URLs during URL preview. (#12219)Patrick Cloke2022-03-161-43/+11
|/ | | | By using urljoin from the standard library and reducing the number of places URLs are rebased.
* Add config settings for background update parameters (#11980)Shay2022-03-111-4/+5
|
* Add type hints to `tests/rest`. (#12208)Dirk Klimpel2022-03-113-84/+128
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Retention test: avoid relying on state at purged events (#12202)Richard van der Hoff2022-03-111-12/+17
| | | | This test was relying on poking events which weren't in the database into filter_events_for_client.
* Support stable identifiers for MSC3440: Threading (#12151)Patrick Cloke2022-03-102-16/+9
| | | | The unstable identifiers are still supported if the experimental configuration flag is enabled. The unstable identifiers will be removed in a future release.
* Allow retrieving the relations of a redacted event. (#12130)Patrick Cloke2022-03-101-5/+40
| | | | | | | | | This is allowed per MSC2675, although the original implementation did not allow for it and would return an empty chunk / not bundle aggregations. The main thing to improve is that the various caches get cleared properly when an event is redacted, and that edits must not leak if the original event is redacted (as that would presumably leak something similar to the original event content).
* Add third_party module callbacks to check if a user can delete a room and ↵Will Hunt2022-03-091-0/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | deactivate a user (#12028) * Add check_can_deactivate_user * Add check_can_shutdown_rooms * Documentation * callbacks, not functions * Various suggested tweaks * Add tests for test_check_can_shutdown_room and test_check_can_deactivate_user * Update check_can_deactivate_user to not take a Requester * Fix check_can_shutdown_room docs * Renegade and use `by_admin` instead of `admin_user_id` * fix lint * Update docs/modules/third_party_rules_callbacks.md Co-authored-by: Brendan Abolivier <babolivier@matrix.org> * Update docs/modules/third_party_rules_callbacks.md Co-authored-by: Brendan Abolivier <babolivier@matrix.org> * Update docs/modules/third_party_rules_callbacks.md Co-authored-by: Brendan Abolivier <babolivier@matrix.org> * Update docs/modules/third_party_rules_callbacks.md Co-authored-by: Brendan Abolivier <babolivier@matrix.org> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Fix a bug in background updates wherein background updates are never run ↵Shay2022-03-071-10/+8
| | | | using the default batch size (#12157)
* Invalidate caches when an event with a relation is redacted. (#12121)Patrick Cloke2022-03-071-42/+165
| | | | | The caches for the target of the relation must be cleared so that the bundled aggregations are re-calculated after the redaction is processed.
* Remove backwards compatibility with RelationPaginationToken. (#12138)Patrick Cloke2022-03-041-72/+1
|
* Add type hints to `tests/rest` (#12146)Dirk Klimpel2022-03-037-86/+102
| | | | | | | * Add type hints to `tests/rest` * newsfile * change import from `SigningKey`
* Use the proper serialization format when bundling aggregations. (#12090)Patrick Cloke2022-03-031-2/+0
| | | | This ensures that the `latest_event` field of the bundled aggregation for threads uses the same format as the other events in the response.
* Remove unused mocks from `test_typing` (#12136)David Robertson2022-03-021-31/+1
| | | | | | | | | | | * Remove unused mocks from `test_typing` It's not clear what these do. `get_user_by_access_token` has the wrong signature, including the return type. Tests all pass without these. I think we should nuke them. * Changelog * Fixup imports
* Add type hints to `tests/rest/client` (#12108)Dirk Klimpel2022-03-027-346/+422
| | | | | | | | | | | | | | | | | | | | | | | * Add type hints to `tests/rest/client` * newsfile * fix imports * add `test_account.py` * Remove one type hint in `test_report_event.py` * change `on_create_room` to `async` * update new functions in `test_third_party_rules.py` * Add `test_filter.py` * add `test_rooms.py` * change to `assertEquals` to `assertEqual` * lint
* Improve and refactor the tests for relations. (#12113)Patrick Cloke2022-03-021-208/+178
| | | | | | * Modernizes code (f-strings, etc.) * Fixes incorrect comments. * Splits the test case into two. * Factors out some duplicated code.
* Add module callbacks called for reacting to deactivation status change and ↵Brendan Abolivier2022-03-011-2/+217
| | | | profile update (#12062)
* Add type hints to `tests/rest/client` (#12094)Dirk Klimpel2022-02-283-61/+71
| | | | | | | | | * Add type hints to `tests/rest/client` * update `mypy.ini` * newsfile * add `test_register.py`
* Add type hints to `tests/rest/client` (#12084)Dirk Klimpel2022-02-2810-136/+196
|
* Replace assertEquals and friends with non-deprecated versions. (#12092)Patrick Cloke2022-02-2817-434/+432
|
* Add type hints to `tests/rest/client` (#12072)Dirk Klimpel2022-02-2410-102/+159
|
* Add type hints to `tests/rest/client` (#12066)Dirk Klimpel2022-02-234-119/+148
|
* Remove more references to `get_datastore` (#12067)Richard van der Hoff2022-02-231-1/+3
| | | | | These have snuck in since #12031 was started. Also a couple of other cleanups while we're in the area.
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-2321-56/+60
| | | | | | | The presence of this method was confusing, and mostly present for backwards compatibility. Let's get rid of it. Part of #11733
* Implement account status endpoints (MSC3720) (#12001)Brendan Abolivier2022-02-221-4/+200
| | | | | See matrix-org/matrix-doc#3720 Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Fix slow performance of `/logout` in some cases where refresh tokens are in ↵reivilibre2022-02-221-2/+91
| | | | use. The slowness existed since the initial implementation of refresh tokens. (#12056)
* Use stable MSC3069 `is_guest` flag on `/whoami`. (#12021)Travis Ralston2022-02-181-3/+6
| | | Keeping backwards compatibility with the unstable flag for now.
* Fix incorrect thread summaries when the latest event is edited. (#11992)Patrick Cloke2022-02-151-0/+42
| | | | | If the latest event in a thread was edited than the original event content was included in bundled aggregation for threads instead of the edited event content.
* Add some tests for propagation of device list changes between local users ↵Andrew Morgan2022-02-152-1/+160
| | | | (#11972)
* Support the MSC3715 for `/relations`. (#11941)Patrick Cloke2022-02-111-6/+31
| | | | This adds an unstable org.matrix.msc3715.dir parameter which acts like dir on /mesages.
* Remove deprecated user_may_create_room_with_invites callback (#11950)Brendan Abolivier2022-02-111-117/+2
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Fix to-device being dropped in limited sync in SQLite. (#11966)Erik Johnston2022-02-111-0/+40
| | | | | | | | | If ther are more than 100 to-device messages pending for a device `/sync` will only return the first 100, however the next batch token was incorrectly calculated and so all other pending messages would be dropped. This is due to `txn.rowcount` only returning the number of rows that *changed*, rather than the number *selected* in SQLite.
* Tests: replace mocked Authenticator with the real thing (#11913)Richard van der Hoff2022-02-111-4/+2
| | | | | | | | | | | | If we prepopulate the test homeserver with a key for a remote homeserver, we can make federation requests to it without having to stub out the authenticator. This has two advantages: * means that what we are testing is closer to reality (ie, we now have complete tests for the incoming-request-authorisation flow) * some tests require that other objects be signed by the remote server (eg, the event in `/send_join`), and doing that would require a whole separate set of mocking out. It's much simpler just to use real keys.
* Support the stable API endpoint for MSC3283: new settings in `/capabilities` ↵Dirk Klimpel2022-02-111-48/+21
| | | | endpoint (#11933)
* Support pagination tokens from /sync and /messages in the relations API. ↵Patrick Cloke2022-02-101-14/+137
| | | | (#11952)
* Implement a content type allow list for URL previews (#11936)Denis Kasak2022-02-101-0/+72
| | | | | | | This implements an allow list for content types for which Synapse will attempt URL preview. If a URL resolves to a resource with a content type which isn't in the list, the download will terminate immediately. This makes sense given that Synapse would never successfully generate a URL preview for such files in the first place, and helps prevent issues with streaming media servers, such as #8302. Signed-off-by: Denis Kasak dkasak@termina.org.uk
* Experimental support to include bundled aggregations in search results ↵Patrick Cloke2022-02-081-1/+38
| | | | (MSC3666) (#11837)
* Add a unit test for users receiving their own device list updates (#11909)Andrew Morgan2022-02-071-1/+56
|
* Stabilise MSC3231 (Token Based Registration) (#11867)Jonathan de Jong2022-02-041-1/+1
|
* Allow specifying the application service-specific `user_id` parameter in the ↵reivilibre2022-02-031-5/+26
| | | | `join` test helper. (#11616)
* Expose the registered device ID from the `register_appservice_user` test ↵reivilibre2022-02-021-1/+1
| | | | helper. (#11615)
* Add type hints to `tests/rest/admin` (#11851)Dirk Klimpel2022-01-313-229/+183
|
* Configurable limits on avatars (#11846)Brendan Abolivier2022-01-281-0/+156
| | | | | | Only allow files which file size and content types match configured limits to be set as avatar. Most of the inspiration from the non-test code comes from matrix-org/synapse-dinsic#19
* Improvements to bundling aggregations. (#11815)Patrick Cloke2022-01-261-1/+1
| | | | | | | | | | | This is some odds and ends found during the review of #11791 and while continuing to work in this code: * Return attrs classes instead of dictionaries from some methods to improve type safety. * Call `get_bundled_aggregations` fewer times. * Adds a missing assertion in the tests. * Do not return empty bundled aggregations for an event (preferring to not include the bundle at all, as the docstring states).
* Add a config flag to inhibit `M_USER_IN_USE` during registration (#11743)Brendan Abolivier2022-01-261-0/+41
| | | | | | | This is mostly motivated by the tchap use case, where usernames are automatically generated from the user's email address (in a way that allows figuring out the email address from the username). Therefore, it's an issue if we respond to requests on /register and /register/available with M_USER_IN_USE, because it can potentially leak email addresses (which include the user's real name and place of work). This commit adds a flag to inhibit the M_USER_IN_USE errors that are raised both by /register/available, and when providing a username early into the registration process. This error will still be raised if the user completes the registration process but the username conflicts. This is particularly useful when using modules (https://github.com/matrix-org/synapse/pull/11790 adds a module callback to set the username of users at registration) or SSO, since they can ensure the username is unique. More context is available in the PR that introduced this behaviour to synapse-dinsic: matrix-org/synapse-dinsic#48 - as well as the issue in the matrix-dinsic repo: matrix-org/matrix-dinsic#476
* Add admin API to get a list of federated rooms (#11658)Dirk Klimpel2022-01-251-25/+277
|
* Add admin API to reset connection timeouts for remote server (#11639)Dirk Klimpel2022-01-251-4/+51
| | | * Fix get federation status of destination if no error occured
* Support rendering previews with data: URLs in them (#11767)Patrick Cloke2022-01-242-8/+554
| | | | | Images which are data URLs will no longer break URL previews and will properly be "downloaded" and thumbnailed.
* Do not try to serialize raw aggregations dict. (#11791)Patrick Cloke2022-01-211-35/+73
|
* Drop unused table `public_room_list_stream`. (#11795)Richard van der Hoff2022-01-211-1/+0
| | | This is a follow-up to #10565.
* Include whether the requesting user has participated in a thread. (#11577)Patrick Cloke2022-01-181-0/+3
| | | | | | Per updates to MSC3440. This is implement as a separate method since it needs to be cached on a per-user basis, instead of a per-thread basis.
* Make pagination of rooms in admin api stable (#11737)Daniel Sonck2022-01-171-19/+28
| | | | | | | | | | | | | | Always add state.room_id after the configurable ORDER BY. Otherwise, for any sort, certain pages can contain results from other pages. (Especially when sorting by creator, since there may be many rooms by the same creator) * Document different order direction of numerical fields "joined_members", "joined_local_members", "version" and "state_events" are ordered in descending direction by default (dir=f). Added a note in tests to explain the differences in ordering. Signed-off-by: Daniël Sonck <daniel@sonck.nl>
* Remove the 'password_hash' from the Users Admin API endpoint response ↵Andrew Morgan2022-01-141-17/+33
| | | | dictionary (#11576)
* Replace uses of simple_insert_many with simple_insert_many_values. (#11742)Patrick Cloke2022-01-131-11/+4
| | | | This should be (slightly) more efficient and it is simpler to have a single method for inserting multiple values.
* Include bundled aggregations in the sync response cache. (#11659)Patrick Cloke2022-01-131-5/+5
|
* Test that bans win a join against a race when computing `/sync` response ↵David Robertson2022-01-071-0/+10
| | | | (#11701)
* Bundle aggregations outside of the serialization method. (#11612)Patrick Cloke2022-01-071-1/+1
| | | | | | | | This makes the serialization of events synchronous (and it no longer access the database), but we must manually calculate and provide the bundled aggregations. Overall this should cause no change in behavior, but is prep work for other improvements.
* Remove the /send_relation endpoint. (#11682)Patrick Cloke2022-01-061-13/+13
| | | | This was removed from MSC2674 before that was approved and is not used by any known clients.
* Fix get federation status of destination if no error occured (#11593)Dirk Klimpel2022-01-051-18/+57
|
* Add admin API to get users' account data (#11664)Dirk Klimpel2022-01-051-0/+90
| | | Co-authored-by: reivilibre <olivier@librepush.net>
* Merge remote-tracking branch 'origin/release-v1.49' into developRichard van der Hoff2021-12-201-5/+5
|\
| * Disable aggregation bundling on `/sync` responses (#11583)Richard van der Hoff2021-12-201-5/+5
| | | | | | | | | | | | | | | | | | | | | | * Disable aggregation bundling on `/sync` responses A partial revert of #11478. This turns out to have had a significant CPU impact on initial-sync handling. For now, let's disable it, until we find a more efficient way of achieving this. * Fix tests. Co-authored-by: Patrick Cloke <patrickc@matrix.org>
* | Add type hints to `synapse/tests/rest/admin` (#11590)Dirk Klimpel2021-12-165-57/+70
| |
* | Move HTML parsing to a separate file for URL previews. (#11566)Patrick Cloke2021-12-131-0/+1
| | | | | | | | | | | | | | * Splits the logic for parsing HTML from the resource handling code. * Fix a circular import in the oEmbed code (which uses the HTML parsing code). * Renames some of the HTML parsing methods to: * Make it clear which methods are "internal" to the module. * Clarify what the methods do.
* | Test to ensure we share the same `state_group` across the whole historical ↵Eric Eastwood2021-12-101-0/+180
| | | | | | | | | | | | | | | | batch (MSC2716) (#11487) Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716 We did some work on making sure the `state_groups` were shared in https://github.com/matrix-org/synapse/pull/10975
* | Ensure emails are canonicalized before fetching associated user. (#11547)Patrick Cloke2021-12-101-1/+2
| | | | | | | | This should fix pushers with an email in non-canonical form is used as the pushkey.
* | Do not allow cross-room relations, per MSC2674. (#11516)Patrick Cloke2021-12-091-0/+115
| |
* | Add missing `errcode` to `parse_string` and `parse_boolean` (#11542)Dirk Klimpel2021-12-094-10/+10
| |
* | Clean up `synapse.rest.admin` (#11535)Dirk Klimpel2021-12-081-1/+1
| |
* | Use HTTPStatus constants in place of literals in ↵reivilibre2021-12-081-47/+87
|/ | | | `tests.rest.client.test_auth`. (#11520)
* Fix 'delete room' admin api to work on incomplete rooms (#11523)Richard van der Hoff2021-12-071-17/+25
| | | | | If, for some reason, we don't have the create event, we should still be able to purge a room.
* Fix the test breakage introduced by #11435 as a result of concurrent PRs ↵reivilibre2021-12-071-1/+1
| | | | (#11522)
* Stabilise support for MSC2918 refresh tokens as they have now been merged ↵reivilibre2021-12-061-15/+15
| | | | into the Matrix specification. (#11435)
* Add admin API to get some information about federation status (#11407)Dirk Klimpel2021-12-061-0/+456
|
* Include bundled aggregations in /sync and related fixes (#11478)Patrick Cloke2021-12-061-39/+96
| | | | | | | | Due to updates to MSC2675 this includes a few fixes: * Include bundled aggregations for /sync. * Do not include bundled aggregations for /initialSync and /events. * Do not bundle aggregations for state events. * Clarifies comments and variable names.
* Support configuring the lifetime of non-refreshable access tokens separately ↵reivilibre2021-12-031-0/+76
| | | | to refreshable access tokens. (#11445)
* Add type hints to `synapse/tests/rest/admin` (#11501)Dirk Klimpel2021-12-039-225/+256
|
* Fix media repository failing when media store path contains symlinks (#11446)Sean Quah2021-12-021-1/+108
|
* Bundle relations of relations into the `/relations` result. (#11284)Patrick Cloke2021-11-301-0/+118
| | | | | Per updates to MSC2675 which now states that bundled aggregations should be included from the `/relations` endpoint.
* Remove unnecessary `json.dumps` from `tests.rest.admin` (#11461)Dirk Klimpel2021-11-301-41/+20
| | | | | The tests helpers automatically convert dictionaries to JSON payloads, no need to do it manually for each test.
* Convert status codes to `HTTPStatus` in `tests.rest.admin` (#11455)Dirk Klimpel2021-11-3011-557/+886
|
* Make background updates controllable via a plugin (#11306)Erik Johnston2021-11-291-1/+1
| | | Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Update MSC2918 refresh token support to confirm with the latest revision: ↵reivilibre2021-11-261-14/+44
| | | | accept the `refresh_tokens` parameter in the request body rather than in the URL parameters. (#11430)
* Support expiry of refresh tokens and expiry of the overall session when ↵reivilibre2021-11-261-1/+124
| | | | refresh tokens are in use. (#11425)
* Lower minumum batch size to 1 for background updates (#11422)Brendan Abolivier2021-11-241-8/+17
| | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Rename unstable `access_token_lifetime` configuration option to ↵reivilibre2021-11-231-1/+1
| | | | `refreshable_access_token_lifetime` to make it clear it only concerns refreshable access tokens. (#11388)
* Merge branch 'master' into developSean Quah2021-11-231-0/+250
|\
| * Prevent the media store from writing outside of the configured directorySean Quah2021-11-191-0/+250
| | | | | | | | | | Also tighten validation of server names by forbidding invalid characters in IPv6 addresses and empty domain labels.
* | Add config for customizing the claim used for JWT logins. (#11361)Kostas2021-11-221-32/+36
| | | | | | | | | | Allows specifying a different claim (from the default "sub") to use when calculating the localpart of the Matrix ID used during the JWT login.
* | Store arbitrary relations from events. (#11391)Patrick Cloke2021-11-221-0/+111
| | | | | | | | | | Instead of only known relation types. This also reworks the background update for thread relations to crawl events and search for any relation type, not just threaded relations.
* | Add an admin API to run background jobs. (#11352)Dirk Klimpel2021-11-191-8/+146
| | | | | | | | | | | | Instead of having admins poke into the database directly. Can currently run jobs to populate stats and to populate the user directory.
* | Add dedicated admin API for blocking a room (#11324)Dirk Klimpel2021-11-181-0/+228
| |
* | Do not allow MSC3440 threads to fork threads (#11161)Patrick Cloke2021-11-181-0/+62
| | | | | | | | | | | | | | | | | | | | | | Adds validation to the Client-Server API to ensure that the potential thread head does not relate to another event already. This results in not allowing a thread to "fork" into other threads. If the target event is unknown for some reason (maybe it isn't visible to your homeserver), but is the target of other events it is assumed that the thread can be created from it. Otherwise, it is rejected as an unknown event.
* | Rename `get_access_token_for_user_id` method to ↵reivilibre2021-11-172-6/+6
| | | | | | | | `create_access_token_for_user_id` (#11369)
* | Add ability to un-shadow-ban via the admin API. (#11347)Patrick Cloke2021-11-161-6/+20
| |
* | Misc typing fixes for tests, part 2 of N (#11330)David Robertson2021-11-161-9/+42
| |
* | Add support for the stable version of MSC2778 (#11335)Tulir Asokan2021-11-151-1/+4
| | | | | | | | | | | | | | | | | | * Add support for the stable version of MSC2778 Signed-off-by: Tulir Asokan <tulir@maunium.net> * Expect m.login.application_service in login and password provider tests Signed-off-by: Tulir Asokan <tulir@maunium.net>
* | Test room alias deletion (#11327)David Robertson2021-11-121-28/+77
| | | | | | | | | | | | | | | | | | | | * Prefer `HTTPStatus` over plain `int` This is an Opinion that no-one has seemed to object to yet. * `--disallow-untyped-defs` for `tests.rest.client.test_directory` * Improve synapse's annotations for deleting aliases * Test case for deleting a room alias * Changelog
* | Misc typing fixes for `tests`, part 1 of N (#11323)David Robertson2021-11-121-8/+14
| | | | | | | | | | | | | | | | | | | | * Annotate HomeserverTestCase.servlets * Correct annotation of federation_auth_origin * Use AnyStr custom_headers instead of a Union This allows (str, str) and (bytes, bytes). This disallows (str, bytes) and (bytes, str) * DomainSpecificString.SIGIL is a ClassVar
* | Convert delete room admin API to async endpoint (#11223)Dirk Klimpel2021-11-122-65/+709
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Allow admins to proactively block rooms (#11228)David Robertson2021-11-091-0/+28
| | | | | | | | Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* | Support filtering by relations per MSC3440 (#11236)Patrick Cloke2021-11-091-1/+153
|/ | | | Adds experimental support for `relation_types` and `relation_senders` fields for filters.
* Require body for read receipts with user-agent exceptions (#11157)rogersheu2021-11-091-2/+28
| | | Co-authored-by: reivilibre <olivier@librepush.net>
* Add some background update admin APIs (#11263)Erik Johnston2021-11-081-0/+218
| | | Fixes #11259
* Default value for `public_baseurl` (#11210)Richard van der Hoff2021-11-082-2/+0
| | | | | We might as well use a default value for `public_baseurl` based on `server_name` - in many cases, it will be correct.
* Add search by room ID and room alias to List Room admin API (#11099)Dirk Klimpel2021-11-021-39/+49
| | | | Fixes: #10874 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Handle missing Content-Type header when accessing remote media (#11200)Shay2021-11-011-2/+16
| | | | | | | | | | | | | | | | | | | | | * add code to handle missing content-type header and a test to verify that it works * add handling for missing content-type in the /upload endpoint as well * slightly refactor test code to put private method in approriate place * handle possible null value for content-type when pulling from the local db * add changelog * refactor test and add code to handle missing content-type in cached remote media * requested changes * Update changelog.d/11200.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Fix a bug in unit test `test_block_room_and_not_purge` (#11226)Dirk Klimpel2021-11-011-2/+2
|
* Make `check_event_allowed` module API callback not fail open (accept events) ↵reivilibre2021-11-011-13/+3
| | | | when an exception is raised (#11033)
* Remove deprecated delete room admin API (#11213)Dirk Klimpel2021-11-011-24/+15
| | | | | Remove deprecated delete room admin API, `POST /_synapse/admin/v1/rooms/<room_id>/delete`
* Support for serving server well-known files (#11211)Richard van der Hoff2021-11-011-6/+26
| | | | Fixes https://github.com/matrix-org/synapse/issues/8308
* Add knock information in admin exported data (#11171)Rafael Gonçalves2021-10-281-0/+29
| | | Signed-off-by: Rafael Goncalves <rafaelgoncalves@riseup.net>
* Implement an `on_new_event` callback (#11126)Brendan Abolivier2021-10-261-3/+90
| | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Enable changing user type via users admin API (#11174)Jason Robinson2021-10-261-0/+51
| | | | | | | | Users admin API can now also modify user type in addition to allowing it to be set on user creation. Signed-off-by: Jason Robinson <jasonr@matrix.org> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Add a thread relation type per MSC3440. (#11088)Patrick Cloke2021-10-211-6/+34
| | | | Adds experimental support for MSC3440's `io.element.thread` relation type (and the aggregation for it).
* Fix setting a user's external_id via the admin API returns 500 and deletes ↵Dirk Klimpel2021-10-211-3/+212
| | | | | users existing external mappings if that external ID is already mapped (#11051) Fixes #10846
* Show error when timestamp in seconds is provided to the /purge_media_cache ↵Aaron R2021-10-201-4/+102
| | | | API (#11101)
* Fix-up some type hints in the relations tests. (#11076)Patrick Cloke2021-10-141-28/+27
|
* Add a test for a workaround concerning the behaviour of third-party rule ↵reivilibre2021-10-141-6/+50
| | | | modules and `SynapseError`s. (#11071)
* Be more lenient when parsing the version for oEmbed responses. (#11065)Patrick Cloke2021-10-131-0/+51
|
* Simplify the user admin API tests (#11048)Dirk Klimpel2021-10-121-255/+146
|
* Add tests for `MediaFilePaths` (#11057)Sean Quah2021-10-121-0/+238
|
* Autodiscover oEmbed endpoint from returned HTML (#10822)Patrick Cloke2021-10-081-1/+99
| | | | | Searches the returned HTML for an oEmbed endpoint using the autodiscovery mechanism (`<link rel=...>`), and will request it to generate the preview.
* Add a spamchecker method to allow or deny 3pid invites (#10894)Brendan Abolivier2021-10-061-0/+70
| | | | | This is in the context of creating new module callbacks that modules in https://github.com/matrix-org/synapse-dinsic can use, in an effort to reconcile the spam checker API in synapse-dinsic with the one in mainline. Note that a module callback already exists for 3pid invites (https://matrix-org.github.io/synapse/develop/modules/third_party_rules_callbacks.html#check_threepid_can_be_invited) but it doesn't check whether the sender of the invite is allowed to send it.
* Add a spamchecker callback to allow or deny room joins (#10910)Brendan Abolivier2021-10-061-0/+101
| | | Co-authored-by: Erik Johnston <erik@matrix.org>
* Make is_public Optional[bool] for create_room_as test util (#10951) (#10963)AndrewFerr2021-10-041-6/+7
| | | Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
* Consistently exclude from user_directory (#10960)David Robertson2021-10-041-12/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Introduce `should_include_local_users_in_dir` We exclude three kinds of local users from the user_directory tables. At present we don't consistently exclude all three in the same places. This commit introduces a new function to gather those exclusion conditions together. Because we have to handle local and remote users in different ways, I've made that function only consider the case of remote users. It's the caller's responsibility to make the local versus remote distinction clear and correct. A test fixup is required. The test now hits a path which makes db queries against the users table. The expected rows were missing, because we were using a dummy user that hadn't actually been registered. We also add new test cases to covert the exclusion logic. ---- By my reading this makes these changes: * When an app service user registers or changes their profile, they will _not_ be added to the user directory. (Previously only support and deactivated users were excluded). This is consistent with the logic that rebuilds the user directory. See also [the discussion here](https://github.com/matrix-org/synapse/pull/10914#discussion_r716859548). * When rebuilding the directory, exclude support and disabled users from room sharing tables. Previously only appservice users were excluded. * Exclude all three categories of local users when rebuilding the directory. Previously `_populate_user_directory_process_users` didn't do any exclusion. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Use direct references for configuration variables (part 7). (#10959)Patrick Cloke2021-10-044-7/+7
|
* type-hint `HomeserverTestcase.setup_test_homeserver` (#10961)David Robertson2021-10-011-3/+3
| | | | | * type-hint `HomeserverTestcase.setup_test_homeserver` For better IDE completion. A small drive-by.
* Use direct references for configuration variables (part 6). (#10916)Patrick Cloke2021-09-295-8/+8
|
* Implement MSC3069: Guest support on whoami (#9655)Travis Ralston2021-09-291-5/+44
|
* Fix empty `url_cache_thumbnails/yyyy-mm-dd/` directories being left behind ↵Sean Quah2021-09-291-0/+31
| | | | (#10924)
* Avoid storing URL cache files in storage providers (#10911)Sean Quah2021-09-271-0/+130
| | | | | URL cache files are short-lived and it does not make sense to offload them (eg. to the cloud) or back them up.
* Add a spamchecker callback to allow or deny room creation based on invites ↵Brendan Abolivier2021-09-241-2/+117
| | | | | | | (#10898) This is in the context of creating new module callbacks that modules in https://github.com/matrix-org/synapse-dinsic can use, in an effort to reconcile the spam checker API in synapse-dinsic with the one in mainline. This adds a callback that's fairly similar to user_may_create_room except it also allows processing based on the invites sent at room creation.
* Use direct references for configuration variables (part 5). (#10897)Patrick Cloke2021-09-243-4/+4
|
* Add reactor to `SynapseRequest` and fix up types. (#10868)Erik Johnston2021-09-248-20/+24
|
* Allow `.` and `~` chars in registration tokens (#10887)Callum Brown2021-09-231-3/+5
| | | | Per updates to MSC3231 in order to use the same grammar as other identifiers.
* Use direct references for configuration variables (part 4). (#10893)Patrick Cloke2021-09-232-7/+7
|
* Use direct references for some configuration variables (part 3) (#10885)Patrick Cloke2021-09-232-2/+2
| | | | | | | | This avoids the overhead of searching through the various configuration classes by directly referencing the class that the attributes are in. It also improves type hints since mypy can now resolve the types of the configuration variables.
* Include more information in oEmbed previews. (#10819)Patrick Cloke2021-09-221-9/+21
| | | | | | | * Improved titles (fall back to the author name if there's not title) and include the site name. * Handle photo/video payloads. * Include the original URL in the Open Graph response. * Fix the expiration time (by properly converting from seconds to milliseconds).
* Add type hints for event streams. (#10856)Patrick Cloke2021-09-212-4/+16
|
* Refactor oEmbed previews (#10814)Patrick Cloke2021-09-211-13/+13
| | | | | | | | | | | | | The major change is moving the decision of whether to use oEmbed further up the call-stack. This reverts the _download_url method to being a "dumb" functionwhich takes a single URL and downloads it (as it was before #7920). This also makes more minor refactorings: * Renames internal variables for clarity. * Factors out shared code between the HTML and rich oEmbed previews. * Fixes tests to preview an oEmbed image.
* Test that state events sent by modules correctly end up in the room's state ↵Brendan Abolivier2021-09-211-0/+84
| | | | | | | (#10835) Test for #10830 Ideally the test would also make sure the new state event comes down sync, but this is probably good enough.
* Allow Synapse Admin API's Room Search to accept non-ASCII characters (#10859)Hillery Shay2021-09-211-0/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add tests for checking if room search works with non-ascii char * change encoding on parse_string to UTF-8 * lints * properly encode search term * lints * add changelog file * update changelog number * set changelog entry filetype to .bugfix * Revert "set changelog entry filetype to .bugfix" This reverts commit be8e5a314251438ec4ec7dbc59ba32162c93e550. * update changelog message and file type * change parse_string default encoding back to ascii and update room search admin api calll to parse string * refactor tests * Update tests/rest/admin/test_room.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Always add local users to the user directory (#10796)David Robertson2021-09-211-6/+6
| | | | | | | | | | | | | | | | | | | | | | | It's a simplification, but one that'll help make the user directory logic easier to follow with the other changes upcoming. It's not strictly required for those changes, but this will help simplify the resulting logic that listens for `m.room.member` events and generally make the logic easier to follow. This means the config option `search_all_users` ends up controlling the search query only, and not the data we store. The cost of doing so is an extra row in the `user_directory` and `user_directory_search` tables for each local user which - belongs to no public rooms - belongs to no private rooms of size ≥ 2 I think the cost of this will be marginal (since they'll already have entries in `users` and `profiles` anyway). As a small upside, a homeserver whose directory was built with this change can toggle `search_all_users` without having to rebuild their directory. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Allow sending a membership event to unban a user (#10807)Aaron Raimist2021-09-212-1/+97
| | | | | * Allow membership event to unban user Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Create a constant for a small png image in tests. (#10834)Patrick Cloke2021-09-165-80/+26
| | | To avoid duplicating it between a few tests.
* Use direct references for some configuration variables (#10798)Patrick Cloke2021-09-131-6/+12
| | | | Instead of proxying through the magic getter of the RootConfig object. This should be more performant (and is more explicit).
* Handle room upgrades for spaces (#10774)Patrick Cloke2021-09-101-4/+63
| | | | | By copying the `room_type` field of the create event and migrating any non-empty `m.space.child` events to the new room that is created.
* Remove unstable MSC2858 API, including `experimental.msc2858_enabled` config ↵Sean2021-09-091-58/+7
| | | | | option (#10693) Signed-off-by: Sean Quah <seanq@element.io>
* Request JSON for oEmbed requests (and ignore XML only providers). (#10759)Patrick Cloke2021-09-081-1/+54
| | | | | | | | This adds the format to the request arguments / URL to ensure that JSON data is returned (which is all that Synapse supports). This also adds additional error checking / filtering to the configuration file to ignore XML-only providers.
* Allow configuration of the oEmbed URLs. (#10714)Patrick Cloke2021-08-311-110/+102
| | | | | This adds configuration options (under an `oembed` section) to configure which URLs are matched to use oEmbed for URL previews.
* Merge branch 'master' into developRichard van der Hoff2021-08-312-1/+139
|\
| * Fix up unit tests (#10723)Richard van der Hoff2021-08-311-2/+15
| | | | | | These were broken in an incorrect merge of GHSA-jj53-8fmw-f2w2 (cb35df9)
| * Merge pull request from GHSA-jj53-8fmw-f2w2reivilibre2021-08-311-0/+43
| |
| * Merge pull request from GHSA-3x4c-pq33-4w3qreivilibre2021-08-311-1/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add some tests to characterise the problem Some failing. Current states: RoomsMemberListTestCase test_get_member_list ... [OK] test_get_member_list_mixed_memberships ... [OK] test_get_member_list_no_permission ... [OK] test_get_member_list_no_permission_former_member ... [OK] test_get_member_list_no_permission_former_member_with_at_token ... [FAIL] test_get_member_list_no_room ... [OK] test_get_member_list_no_permission_with_at_token ... [FAIL] * Correct the tests * Check user is/was member before divulging room membership * Pull out only the 1 membership event we want. * Update tests/rest/client/v1/test_rooms.py Co-authored-by: Erik Johnston <erik@matrix.org> * Fixup tests (following apply review suggestion) Co-authored-by: Erik Johnston <erik@matrix.org>
* | Improve ServerNoticeServlet to avoid duplicate requests (#10679)Dirk Klimpel2021-08-271-0/+450
| | | | | | Fixes: #9544
* | Validate new m.room.power_levels events (#10232)Aaron Raimist2021-08-261-0/+78
| | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Fix error when selecting between thumbnails with the same quality (#10684)Sean2021-08-251-1/+38
| | | | | | Fixes #10318
* | Merge branch 'master' into developErik Johnston2021-08-241-2/+2
|\|
| * Set room version 8 as preferred for restricted rooms. (#10571)Patrick Cloke2021-08-201-2/+2
| |
* | Implement MSC3231: Token authenticated registration (#10142)Callum Brown2021-08-212-0/+1144
| | | | | | | | | | Signed-off-by: Callum Brown <callum@calcuode.com> This is part of my GSoC project implementing [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
* | Flatten tests/rest/client/{v1,v2_alpha} too (#10667)David Robertson2021-08-2024-15/+2
| |
* | Simplify tests for the device admin rest API. (#10664)Dirk Klimpel2021-08-201-81/+18
| | | | | | | | By replacing duplicated code with parameterized tests and avoiding unnecessary dumping of JSON data.
* | Follow-up: format changelog, add licence (#10593)David Robertson2021-08-201-0/+14
| | | | | | | | Merged before approval; these comments from @clokep on that PR.
* | Validate device_keys for C-S /keys/query requests (#10593)David Robertson2021-08-201-0/+77
| | | | | | | | | | | | | | | | * Validate device_keys for C-S /keys/query requests Closes #10354 A small, not particularly critical fix. I'm interested in seeing if we can find a more systematic approach though. #8445 is the place for any discussion.
* | Support MSC3283: Expose `enable_set_displayname` in capabilities (#10452)Dirk Klimpel2021-08-191-23/+86
| |
* | Remove not needed database updates in modify user admin API (#10627)Dirk Klimpel2021-08-191-4/+58
| |
* | Remove deprecated Shutdown Room and Purge Room Admin API (#8830)Dirk Klimpel2021-08-171-162/+0
|/
* Flatten the synapse.rest.client package (#10600)reivilibre2021-08-1737-57/+44
|
* Allow to edit `external_ids` by Edit User admin API (#10598)Dirk Klimpel2021-08-171-30/+197
| | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add an admin API to check if a username is available (#10578)Will Hunt2021-08-171-0/+62
| | | This adds a new API GET /_synapse/admin/v1/username_available?username=foo to check if a username is available. It is the counterpart to https://matrix.org/docs/spec/client_server/r0.6.0#get-matrix-client-r0-register-available, except that it works even if registration is disabled.
* Admin API to delete media for a specific user (#10558)Dirk Klimpel2021-08-111-113/+208
|
* Fix type hints in space summary tests. (#10575)Patrick Cloke2021-08-111-3/+3
| | | And ensure that the file is checked via mypy.
* Fix exceptions in logs when failing to get remote room list (#10541)Erik Johnston2021-08-061-1/+91
|