summary refs log tree commit diff
path: root/tests/rest (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add an admin API to manage ratelimit for a specific user (#9648)Dirk Klimpel2021-04-131-0/+284
|
* Require AppserviceRegistrationType (#9548)Will Hunt2021-04-121-4/+27
| | | This change ensures that the appservice registration behaviour follows the spec. We decided to do this for Dendrite, so it made sense to also make a PR for synapse to correct the behaviour.
* Use mock from the stdlib. (#9772)Patrick Cloke2021-04-0916-26/+16
|
* Bugbear: Add Mutable Parameter fixes (#9682)Jonathan de Jong2021-04-083-7/+17
| | | | | | | Part of #9366 Adds in fixes for B006 and B008, both relating to mutable parameter lint errors. Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>
* Update mypy configuration: `no_implicit_optional = True` (#9742)Jonathan de Jong2021-04-051-2/+5
|
* Add `order_by` to list user admin API (#9691)Dirk Klimpel2021-04-011-1/+120
|
* Consistently check whether a password may be set for a user. (#9636)Dirk Klimpel2021-03-181-55/+118
|
* Ensure we use a copy of the event content dict before modifying it in ↵Andrew Morgan2021-03-172-0/+124
| | | | | | | | | serialize_event (#9585) This bug was discovered by DINUM. We were modifying `serialized_event["content"]`, which - if you've got `USE_FROZEN_DICTS` turned on or are [using a third party rules module](https://github.com/matrix-org/synapse/blob/17cd48fe5171d50da4cb59db647b993168e7dfab/synapse/events/third_party_rules.py#L73-L76) - will raise a 500 if you try to a edit a reply to a message. `serialized_event["content"]` could be set to the edit event's content, instead of a copy of it, which is bad as we attempt to modify it. Instead, we also end up modifying the original event's content. DINUM uses a third party rules module, which meant the event's content got frozen and thus an exception was raised. To be clear, the problem is not that the event's content was frozen. In fact doing so helped us uncover the fact we weren't copying event content correctly.
* Return m.change_password.enabled=false if local database is disabled (#9588)Dirk Klimpel2021-03-161-4/+32
| | | | | Instead of if the user does not have a password hash. This allows a SSO user to add a password to their account, but only if the local password database is configured.
* Add support for stable MSC2858 API (#9617)Richard van der Hoff2021-03-161-16/+27
| | | | | The stable format uses different brand identifiers, so we need to support two identifiers for each IdP.
* Handle image transparency better when thumbnailing. (#9473)Patrick Cloke2021-03-091-8/+21
| | | | Properly uses RGBA mode for 1- and 8-bit images with transparency (instead of RBG mode).
* Fix additional type hints from Twisted upgrade. (#9518)Patrick Cloke2021-03-031-11/+24
|
* SSO: redirect to public URL before setting cookies (#9436)Richard van der Hoff2021-02-263-26/+60
| | | ... otherwise, we don't get the cookie back.
* Add an `order_by` field to list users' media admin API. (#8978)Dirk Klimpel2021-02-221-21/+225
|
* Remove cache for get_shared_rooms_for_users (#9416)Andrew Morgan2021-02-221-34/+41
| | | | | | | This PR remove the cache for the `get_shared_rooms_for_users` storage method (the db method driving the experimental "what rooms do I share with this user?" feature: [MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)). Currently subsequent requests to the endpoint will return the same result, even if your shared rooms with that user have changed. The cache was added in https://github.com/matrix-org/synapse/pull/7785, but we forgot to ensure it was invalidated appropriately. Upon attempting to invalidate it, I found that the cache had to be entirely invalidated whenever a user (remote or local) joined or left a room. This didn't make for a very useful cache, especially for a function that may or may not be called very often. Thus, I've opted to remove it instead of invalidating it.
* Add testErik Johnston2021-02-191-3/+66
|
* Parse ui_auth.session_timeout as a duration (instead of treating it as ms) ↵Rishabh Arya2021-02-181-1/+1
| | | | (#9426)
* Add the shadow-banning status to the display user admin API. (#9400)Dirk Klimpel2021-02-171-0/+2
|
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-1624-354/+951
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Handle missing data in power levels events during room upgrade. (#9395)Patrick Cloke2021-02-161-0/+153
|
* Convert additional test-cases to homeserver test case. (#9396)Patrick Cloke2021-02-161-158/+91
| | | And convert some inlineDeferreds to async-friendly functions.
* Merge tag 'v1.27.0rc2' into developPatrick Cloke2021-02-112-1/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.27.0rc2 (2021-02-11) ============================== Features -------- - Further improvements to the user experience of registration via single sign-on. ([\#9297](https://github.com/matrix-org/synapse/issues/9297)) Bugfixes -------- - Fix ratelimiting introduced in v1.27.0rc1 for invites to respect the `ratelimit` flag on application services. ([\#9302](https://github.com/matrix-org/synapse/issues/9302)) - Do not automatically calculate `public_baseurl` since it can be wrong in some situations. Reverts behaviour introduced in v1.26.0. ([\#9313](https://github.com/matrix-org/synapse/issues/9313)) Improved Documentation ---------------------- - Clarify the sample configuration for changes made to the template loading code. ([\#9310](https://github.com/matrix-org/synapse/issues/9310))
| * Backout changes for automatically calculating the public baseurl. (#9313)Patrick Cloke2021-02-112-1/+12
| | | | | | | | This breaks some people's configurations (if their Client-Server API is not accessed via port 443).
* | Convert some test cases to use HomeserverTestCase. (#9377)Patrick Cloke2021-02-111-28/+0
| | | | | | | | This has the side-effect of being able to remove use of `inlineCallbacks` in the test-cases for cleaner tracebacks.
* | Merge pull request #9150 from Yoric/develop-contextDavid Teller2021-02-081-0/+84
|\ \ | | | | | | New API /_synapse/admin/rooms/{roomId}/context/{eventId}
| * | FIXUP: linterDavid Teller2021-01-281-1/+3
| | |
| * | FIXUP: Now testing that the user is admin!David Teller2021-01-281-1/+35
| | |
| * | New API /_synapse/admin/rooms/{roomId}/context/{eventId}David Teller2021-01-281-0/+48
| | | | | | | | | | | | Signed-off-by: David Teller <davidt@element.io>
* | | Merge branch 'erikj/media_spam_checker' into developErik Johnston2021-02-041-0/+94
|\ \ \
| * | | Add check_media_file_for_spam spam checker hookErik Johnston2021-02-041-0/+94
| | |/ | |/|
* / | Social login UI polish (#9301)Richard van der Hoff2021-02-031-4/+12
|/ /
* | Add an admin API to get the current room state (#9168)Travis Ralston2021-02-021-0/+15
| | | | | | | | | | This could arguably replace the existing admin API for `/members`, however that is out of scope of this change. This sort of endpoint is ideal for moderation use cases as well as other applications, such as needing to retrieve various bits of information about a room to perform a task (like syncing power levels between two places). This endpoint exposes nothing more than an admin would be able to access with a `select *` query on their database.
* | Merge branch 'social_login' into developRichard van der Hoff2021-02-012-18/+18
|\ \
| * | Replace username picker with a template (#9275)Richard van der Hoff2021-02-011-3/+2
| | | | | | | | | | | | | | | There's some prelimiary work here to pull out the construction of a jinja environment to a separate function. I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.
| * | Fix SSO on workers (#9271)Richard van der Hoff2021-02-012-16/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #8966. * Factor out build_synapse_client_resource_tree Start a function which will mount resources common to all workers. * Move sso init into build_synapse_client_resource_tree ... so that we don't have to do it for each worker * Fix SSO-login-via-a-worker Expose the SSO login endpoints on workers, like the documentation says. * Update workers config for new endpoints Add documentation for endpoints recently added (#8942, #9017, #9262) * remove submit_token from workers endpoints list this *doesn't* work on workers (yet). * changelog * Add a comment about the odd path for SAML2Resource
| * | Split out a separate endpoint to complete SSO registration (#9262)Richard van der Hoff2021-02-011-1/+13
| | | | | | | | | There are going to be a couple of paths to get to the final step of SSO reg, and I want the URL in the browser to consistent. So, let's move the final step onto a separate path, which we redirect to.
* | | Ratelimit invites by room and target user (#9258)Erik Johnston2021-01-291-0/+35
| | |
* | | Ratelimit 3PID /requestToken API (#9238)Erik Johnston2021-01-281-6/+84
| |/ |/|
* | Merge branch 'social_login' into developRichard van der Hoff2021-01-271-0/+92
|\|
| * Implement MSC2858 support (#9183)Richard van der Hoff2021-01-271-0/+92
| | | | | | Fixes #8928.
* | Add an admin API for shadow-banning users. (#9209)Patrick Cloke2021-01-252-6/+66
| | | | | | | | | | | | | | | | | | | | This expands the current shadow-banning feature to be usable via the admin API and adds documentation for it. A shadow-banned users receives successful responses to their client-server API requests, but the events are not propagated into rooms. Shadow-banning a user should be used as a tool of last resort and may lead to confusing or broken behaviour for the client.
* | Return a 404 if no valid thumbnail is found. (#9163)Patrick Cloke2021-01-211-1/+24
| | | | | | | | | | | | If no thumbnail of the requested type exists, return a 404 instead of erroring. This doesn't quite match the spec (which does not define what happens if no thumbnail can be found), but is consistent with what Synapse already does.
* | Add tests for List Users Admin API (#9045)Dirk Klimpel2021-01-211-27/+196
|/
* Prefix idp_id with "oidc-" (#9189)Richard van der Hoff2021-01-211-1/+1
| | | ... to avoid clashes with other SSO mechanisms
* Give `public_baseurl` a default value (#9159)Richard van der Hoff2021-01-201-9/+0
|
* Fix bugs in handling clientRedirectUrl, and improve OIDC tests (#9127, #9128)Richard van der Hoff2021-01-182-81/+127
| | | | | | | | | | | | | | | | * Factor out a common TestHtmlParser Looks like I'm doing this in a few different places. * Improve OIDC login test Complete the OIDC login flow, rather than giving up halfway through. * Ensure that OIDC login works with multiple OIDC providers * Fix bugs in handling clientRedirectUrl - don't drop duplicate query-params, or params with no value - allow utf-8 in query-params
* Fix test failure due to bad mergeRichard van der Hoff2021-01-151-1/+3
| | | | | | | 0dd2649c1 (#9112) changed the signature of `auth_via_oidc`. Meanwhile, 26d10331e (#9091) introduced a new test which relied on the old signature of `auth_via_oidc`. The two branches were never tested together until they landed in develop.
* Add an admin API endpoint to protect media. (#9086)Patrick Cloke2021-01-151-3/+5
| | | | | | Protecting media stops it from being quarantined when e.g. all media in a room is quarantined. This is useful for sticker packs and other media that is uploaded by server administrators, but used by many people.
* Improve UsernamePickerTestCase (#9112)Richard van der Hoff2021-01-153-7/+111
| | | | | * make the OIDC bits of the test work at a higher level - via the REST api instead of poking the OIDCHandler directly. * Move it to test_login.py, where I think it fits better.
* Add a test for wrong user returned by SSORichard van der Hoff2021-01-131-0/+27
|
* Add a test for UI-Auth-via-SSO (#9082)Richard van der Hoff2021-01-132-37/+199
| | | | | * Add complete test for UI-Auth-via-SSO. * review comments
* Remove user's avatar URL and displayname when deactivated. (#8932)Dirk Klimpel2021-01-123-3/+228
| | | This only applies if the user's data is to be erased.
* Also support remote users on the joined_rooms admin API. (#8948)David Teller2021-01-111-6/+52
| | | | For remote users, only the rooms which the server knows about are returned. Local users have all of their joined rooms returned.
* Removes unnecessary declarations in the tests for the admin API. (#9063)Dirk Klimpel2021-01-116-17/+0
|
* Add some tests for the IDP picker flowRichard van der Hoff2021-01-072-3/+191
|
* Fix type hints in test_login.pyRichard van der Hoff2021-01-071-24/+54
|
* black-format tests/rest/client/v1/test_login.pyRichard van der Hoff2021-01-071-11/+6
| | | | | black seems to want to reformat this, despite `black --check` being happy with it :/
* Skip unit tests which require optional dependencies (#9031)Richard van der Hoff2021-01-073-11/+33
| | | If we are lacking an optional dependency, skip the tests that rely on it.
* Combine the SSO Redirect Servlets (#9015)Richard van der Hoff2021-01-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement CasHandler.handle_redirect_request ... to make it match OidcHandler and SamlHandler * Clean up interface for OidcHandler.handle_redirect_request Make it accept `client_redirect_url=None`. * Clean up interface for `SamlHandler.handle_redirect_request` ... bring it into line with CAS and OIDC by making it take a Request parameter, move the magic for `client_redirect_url` for UIA into the handler, and fix the return type to be a `str` rather than a `bytes`. * Define a common protocol for SSO auth provider impls * Give SsoIdentityProvider an ID and register them * Combine the SSO Redirect servlets Now that the SsoHandler knows about the identity providers, we can combine the various *RedirectServlets into a single implementation which delegates to the right IdP. * changelog
* Drop the unused local_invites table. (#8979)Patrick Cloke2020-12-291-1/+0
| | | This table has been unused since Synapse v1.17.0.
* Support PyJWT v2.0.0. (#8986)Patrick Cloke2020-12-221-4/+12
| | | | Tests were broken due to an API changing. The code used in Synapse proper should be compatible with both versions already.
* Allow server admin to get admin bit in rooms where local user is an admin ↵Erik Johnston2020-12-181-0/+138
| | | | | | | (#8756) This adds an admin API that allows a server admin to get power in a room if a local user has power in a room. Will also invite the user if they're not in the room and its a private room. Can specify another user (rather than the admin user) to be granted power. Co-authored-by: Matthew Hodgson <matthew@matrix.org>
* Allow re-using a UI auth validation for a period of time (#8970)Patrick Cloke2020-12-181-31/+63
|
* Fix `UsersListTestCase` (#8964)Richard van der Hoff2020-12-171-6/+4
|
* Fix a bug that deactivated users appear in the directory (#8933)Dirk Klimpel2020-12-171-1/+49
| | | | | | | | | | Fixes a bug that deactivated users appear in the directory when their profile information was updated. To change profile information of deactivated users is neccesary for example you will remove displayname or avatar. But they should not appear in directory. They are deactivated. Co-authored-by: Erik Johnston <erikj@jki.re>
* Make search statement in List Room and User Admin API case-insensitive (#8931)Dirk Klimpel2020-12-172-3/+105
|
* Convert internal pusher dicts to attrs classes. (#8940)Patrick Cloke2020-12-161-1/+1
| | | This improves type hinting and should use less memory.
* Merge pull request #8951 from matrix-org/rav/username_picker_2Richard van der Hoff2020-12-161-1/+1
|\ | | | | More preparatory refactoring of the OidcHandler tests
| * Test `get_extra_attributes` fallbackRichard van der Hoff2020-12-151-1/+1
| | | | | | | | | | despite the warnings saying "don't implement get_extra_attributes", we had implemented it, so the tests weren't doing what we thought they were.
* | lintRichard van der Hoff2020-12-152-2/+1
| |
* | Remove spurious "SynapseRequest" result from `make_request"Richard van der Hoff2020-12-1536-861/+660
| | | | | | | | This was never used, so let's get rid of it.
* | Remove redundant reading of SynapseRequest.argsRichard van der Hoff2020-12-151-9/+1
| | | | | | | | this didn't seem to be doing a lot, so remove it.
* | remove 'response' result from `_get_shared_rooms`Richard van der Hoff2020-12-151-8/+9
| |
* | Replace `request.code` with `channel.code`Richard van der Hoff2020-12-155-11/+11
|/ | | | | | The two are equivalent, but really we want to check the HTTP result that got returned to the channel, not the code that the Request object *intended* to return to the channel.
* Add number of local devices to Room Details Admin API (#8886)Dirk Klimpel2020-12-111-0/+34
|
* Don't ratelimit autojoining of rooms (#8921)Erik Johnston2020-12-111-0/+16
| | | Fixes #8866
* Add X-Robots-Tag header to stop crawlers from indexing media (#8887)Aaron Raimist2020-12-081-0/+13
| | | | | | | Fixes / related to: https://github.com/matrix-org/synapse/issues/6533 This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Call set_avatar_url with target_user, not user_id (#8872)Will Hunt2020-12-071-1/+6
| | | | | | | | | | | | | | | | | | | | * Call set_avatar_url with target_user, not user_id Fixes https://github.com/matrix-org/synapse/issues/8871 * Create 8872.bugfix * Update synapse/rest/admin/users.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Testing * Update changelog.d/8872.bugfix Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Add additional validation to pusher URLs. (#8865)Patrick Cloke2020-12-041-1/+1
| | | | Pusher URLs now must end in `/_matrix/push/v1/notify` per the specification.
* Fix errorcode for disabled registration (#8867)Richard van der Hoff2020-12-031-0/+1
| | | | The spec says we should return `M_FORBIDDEN` when someone tries to register and registration is disabled.
* Merge pull request #8858 from matrix-org/rav/sso_uiaRichard van der Hoff2020-12-022-18/+192
|\ | | | | UIA: offer only available auth flows
| * UIA: offer only available auth flowsRichard van der Hoff2020-12-022-18/+192
| | | | | | | | | | | | | | During user-interactive auth, do not offer password auth to users with no password, nor SSO auth to users with no SSO. Fixes #7559.
* | remove unused FakeResponse (#8864)Richard van der Hoff2020-12-021-26/+0
| |
* | Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-027-8/+8
|/ | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* Allow specifying room version in 'RestHelper.create_room_as' and add typing ↵Andrew Morgan2020-12-021-2/+25
| | | | | (#8854) This PR adds a `room_version` argument to the `RestHelper`'s `create_room_as` function for tests. I plan to use this for testing knocking, which currently uses an unstable room version.
* Support "identifier" dicts in UIA (#8848)Richard van der Hoff2020-12-011-8/+25
| | | | | | | | | | The spec requires synapse to support `identifier` dicts for `m.login.password` user-interactive auth, which it did not (instead, it required an undocumented `user` parameter.) To fix this properly, we need to pull the code that interprets `identifier` into `AuthHandler.validate_login` so that it can be called from the UIA code. Fixes #5665.
* Fix broken testcase (#8851)Richard van der Hoff2020-12-011-1/+0
| | | | This test was broken by #8565. It doesn't need to set set `self.clock` here anyway - that is done by `setUp`.
* Simplify the way the `HomeServer` object caches its internal attributes. ↵Jonathan de Jong2020-11-302-9/+12
| | | | | (#8565) Changes `@cache_in_self` to use underscore-prefixed attributes.
* Remove deprecated `/_matrix/client/*/admin` endpoints (#8785)Dirk Klimpel2020-11-254-7/+115
| | | These are now only available via `/_synapse/admin/v1`.
* Fix tests on develop (#8777)Erik Johnston2020-11-181-16/+0
| | | This was broken due to #8617 and #8761.
* Merge pull request #8761 from matrix-org/rav/test_request_renderingRichard van der Hoff2020-11-1736-678/+57
|\ | | | | Make `make_request` actually render the request
| * Remove redundant `HomeserverTestCase.render`Richard van der Hoff2020-11-1632-587/+0
| |
| * Remove redundant calls to `render()`Richard van der Hoff2020-11-163-20/+8
| |
| * Make `make_request` actually render the requestRichard van der Hoff2020-11-166-59/+34
| | | | | | | | | | | | remove the stubbing out of `request.process`, so that `requestReceived` also renders the request via the appropriate resource. Replace render() with a stub for now.
| * Fix the URL in the URL preview testsRichard van der Hoff2020-11-161-19/+22
| | | | | | | | the preview resource is mointed at preview_url, not url_preview
* | Add admin API for logging in as a user (#8617)Erik Johnston2020-11-171-2/+243
|/
* Merge pull request #8757 from matrix-org/rav/pass_site_to_make_requestRichard van der Hoff2020-11-166-29/+97
|\ | | | | Pass a Site into `make_request`
| * Merge branch 'develop' into rav/pass_site_to_make_requestRichard van der Hoff2020-11-165-13/+7
| |\
| * | use global make_request() directly where we have a custom ResourceRichard van der Hoff2020-11-155-19/+71
| | | | | | | | | | | | | | | | | | Where we want to render a request against a specific Resource, call the global make_request() function rather than the one in HomeserverTestCase, allowing us to pass in an appropriate `Site`.
| * | pass a Site into make_requestRichard van der Hoff2020-11-151-6/+25
| | |
| * | pass a Site into RestHelperRichard van der Hoff2020-11-151-5/+6
| | |
* | | Move `wait_until_result` into `FakeChannel` (#8758)Richard van der Hoff2020-11-161-3/+3
| |/ |/| | | | | FakeChannel has everything we need, and this more accurately models the real flow.
* | Rename `create_test_json_resource` to `create_test_resource` (#8759)Richard van der Hoff2020-11-164-10/+6
| | | | | | | | | | The root resource isn't necessarily a JsonResource, so rename this method accordingly, and update a couple of test classes to use the method rather than directly manipulating self.resource.
* | Add a `custom_headers` param to `make_request` (#8760)Richard van der Hoff2020-11-161-4/+6
|/ | | | Some tests want to set some custom HTTP request headers, so provide a way to do that before calling requestReceived().
* Add an admin API for users' media statistics (#8700)Dirk Klimpel2020-11-051-0/+485
| | | | | | | | Add `GET /_synapse/admin/v1/statistics/users/media` to get statisics about local media usage by users. Related to #6094 It is the first API for statistics. Goal is to avoid/reduce usage of sql queries like [Wiki analyzing Synapse](https://github.com/matrix-org/synapse/wiki/SQL-for-analyzing-Synapse-PostgreSQL-database-stats) Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add `displayname` to Shared-Secret Registration for admins (#8722)Dirk Klimpel2020-11-051-2/+119
| | | Add `displayname` to Shared-Secret Registration for admins to `POST /_synapse/admin/v1/register`
* Consolidate purge table lists to prevent desyncronisation (#8713)Andrew Morgan2020-11-041-67/+38
| | | I idly noticed that these lists were out of sync with each other, causing us to miss a table in a test case (`local_invites`). Let's consolidate this list instead to prevent this from happening in the future.
* Fix unit tests (#8689)Erik Johnston2020-10-291-1/+1
| | | | | * Fix unit tests * Newsfile
* Add ability for access tokens to belong to one user but grant access to ↵Erik Johnston2020-10-291-0/+1
| | | | | | | | | | another user. (#8616) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
* Add an admin APIs to allow server admins to list users' pushers (#8610)Dirk Klimpel2020-10-281-0/+124
| | | Add an admin API `GET /_synapse/admin/v1/users/<user_id>/pushers` like https://matrix.org/docs/spec/client_server/latest#get-matrix-client-r0-pushers
* Add admin API to list users' local media (#8647)Dirk Klimpel2020-10-271-0/+282
| | | Add admin API `GET /_synapse/admin/v1/users/<user_id>/media` to get information of users' uploaded files.
* Split admin API for reported events into a detail and a list view (#8539)Dirk Klimpel2020-10-261-13/+183
| | | | | | | | | | | | Split admin API for reported events in detail und list view. API was introduced with #8217 in synapse v.1.21.0. It makes the list (`GET /_synapse/admin/v1/event_reports`) less complex and provides a better overview. The details can be queried with: `GET /_synapse/admin/v1/event_reports/<report_id>`. It is similar to room and users API. It is a kind of regression in `GET /_synapse/admin/v1/event_reports`. `event_json` was removed. But the api was introduced one version before and it is an admin API (not under spec). Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add an admin api to delete local media. (#8519)Dirk Klimpel2020-10-261-0/+568
| | | | | | Related to: #6459, #3479 Add `DELETE /_synapse/admin/v1/media/<server_name>/<media_id>` to delete a single file from server.
* Fix a bug in the joined_rooms admin API (#8643)Dirk Klimpel2020-10-261-1/+15
| | | | If the user was not in any rooms then the API returned the same error as if the user did not exist.
* Add field `total` to device list in admin API (#8644)Dirk Klimpel2020-10-261-0/+17
|
* Remove some extraneous @unittest.INFOs on unit tests (#8592)Andrew Morgan2020-10-202-2/+0
|
* guard against accidental modificationRichard van der Hoff2020-10-131-0/+20
|
* Allow ThirdPartyRules modules to replace event contentRichard van der Hoff2020-10-131-4/+4
| | | | Support returning a new event dict from `check_event_allowed`.
* Fix message duplication if something goes wrong after persisting the event ↵Erik Johnston2020-10-131-1/+1
| | | | | (#8476) Should fix #3365.
* Allow modules to create and send events into rooms (#8479)Andrew Morgan2020-10-091-1/+27
| | | | | This PR allows Synapse modules making use of the `ModuleApi` to create and send non-membership events into a room. This can useful to have modules send messages, or change power levels in a room etc. Note that they must send event through a user that's already in the room. The non-membership event limitation is currently arbitrary, as it's another chunk of work and not necessary at the moment.
* Remove the deprecated Handlers object (#8494)Patrick Cloke2020-10-094-4/+8
| | | All handlers now available via get_*_handler() methods on the HomeServer.
* Additional tests for third-party event rules (#8468)Richard van der Hoff2020-10-061-13/+71
| | | | | | | | | * Optimise and test state fetching for 3p event rules Getting all the events at once is much more efficient than getting them individually * Test that 3p event rules can modify events
* Merge pull request #8467 from matrix-org/rav/fix_3pevent_rulesRichard van der Hoff2020-10-061-1/+1
|\ | | | | Fix third-party event modules for `check_visibility_can_be_modified` check
| * Fix third-party event modules for `check_visibility_can_be_modified` checkRichard van der Hoff2020-10-051-1/+1
| | | | | | | | | | | | PR #8292 tried to maintain backwards compat with modules which don't provide a `check_visibility_can_be_modified` method, but the tests weren't being run, and the check didn't work.
* | Update default room version to 6 (#8461)Richard van der Hoff2020-10-051-1/+10
|/ | | | Per https://github.com/matrix-org/matrix-doc/pull/2788
* Allow ThirdPartyEventRules modules to manipulate public room state (#8292)Andrew Morgan2020-10-051-12/+19
| | | | | This PR allows `ThirdPartyEventRules` modules to view, manipulate and block changes to the state of whether a room is published in the public rooms directory. While the idea of whether a room is in the public rooms list is not kept within an event in the room, `ThirdPartyEventRules` generally deal with controlling which modifications can happen to a room. Public rooms fits within that idea, even if its toggle state isn't controlled through a state event.
* Make token serializing/deserializing async (#8427)Erik Johnston2020-09-301-8/+22
| | | The idea is that in future tokens will encode a mapping of instance to position. However, we don't want to include the full instance name in the string representation, so instead we'll have a mapping between instance name and an immutable integer ID in the DB that we can use instead. We'll then do the lookup when we serialize/deserialize the token (we could alternatively pass around an `Instance` type that includes both the name and ID, but that turns out to be a lot more invasive).
* Various clean ups to room stream tokens. (#8423)Erik Johnston2020-09-291-4/+4
|
* Only assert valid next_link params when provided (#8417)Andrew Morgan2020-09-291-0/+6
| | | | | | | Broken in https://github.com/matrix-org/synapse/pull/8275 and has yet to be put in a release. Fixes https://github.com/matrix-org/synapse/issues/8418. `next_link` is an optional parameter. However, we were checking whether the `next_link` param was valid, even if it wasn't provided. In that case, `next_link` was `None`, which would clearly not be a valid URL. This would prevent password reset and other operations if `next_link` was not provided, and the `next_link_domain_whitelist` config option was set.
* Fixed a bug with reactivating users with the admin API (#8362)Dirk Klimpel2020-09-221-0/+14
| | | | | | | Fixes: #8359 Trying to reactivate a user with the admin API (`PUT /_synapse/admin/v2/users/<user_name>`) causes an internal server error. Seems to be a regression in #8033.
* Admin API for reported events (#8217)Dirk Klimpel2020-09-221-0/+382
| | | Add an admin API to read entries of table `event_reports`. API: `GET /_synapse/admin/v1/event_reports`
* Create function to check for long names in devices (#8364)Dionysis Grigoropoulos2020-09-221-1/+1
| | | | | | | | | * Create a new function to verify that the length of a device name is under a certain threshold. * Refactor old code and tests to use said function. * Verify device name length during registration of device * Add a test for the above Signed-off-by: Dionysis Grigoropoulos <dgrig@erethon.com>
* Admin API for querying rooms where a user is a member (#8306)Dirk Klimpel2020-09-181-2/+94
| | | | Add a new admin API `GET /_synapse/admin/v1/users/<user_id>/joined_rooms` to list all rooms where a user is a member.
* Simplify super() calls to Python 3 syntax. (#8344)Patrick Cloke2020-09-181-1/+1
| | | | | | | This converts calls like super(Foo, self) -> super(). Generated with: sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
* Allow appservice users to /login (#8320)Will Hunt2020-09-181-1/+133
| | | | | Add ability for ASes to /login using the `uk.half-shot.msc2778.login.application_service` login `type`. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Add the topic and avatar to the room details admin API (#8305)Tulir Asokan2020-09-141-0/+2
|
* Show a confirmation page during user password reset (#8004)Andrew Morgan2020-09-101-1/+28
| | | | | This PR adds a confirmation step to resetting your user password between clicking the link in your email and your password actually being reset. This is to better align our password reset flow with the industry standard of requiring a confirmation from the user after email validation.
* Do not error when thumbnailing invalid files (#8236)Patrick Cloke2020-09-091-10/+29
| | | | If a file cannot be thumbnailed for some reason (e.g. the file is empty), then catch the exception and convert it to a reasonable error message for the client.
* Don't remember `enabled` of deleted push rules and properly return 404 for ↵reivilibre2020-09-091-0/+448
| | | | | | | missing push rules in `.../actions` and `.../enabled` (#7796) Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net> Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add a config option for validating 'next_link' parameters against a domain ↵Andrew Morgan2020-09-081-7/+96
| | | | | | | | | | | whitelist (#8275) This is a config option ported over from DINUM's Sydent: https://github.com/matrix-org/sydent/pull/285 They've switched to validating 3PIDs via Synapse rather than Sydent, and would like to retain this functionality. This original purpose for this change is phishing prevention. This solution could also potentially be replaced by a similar one to https://github.com/matrix-org/synapse/pull/8004, but across all `*/submit_token` endpoint. This option may still be useful to enterprise even with that safeguard in place though, if they want to be absolutely sure that their employees don't follow links to other domains.
* Allow for make_awaitable's return value to be re-used. (#8261)Patrick Cloke2020-09-081-3/+3
|
* Stop sub-classing object (#8249)Patrick Cloke2020-09-043-5/+5
|
* Re-implement unread counts (again) (#8059)Brendan Abolivier2020-09-021-2/+155
|
* Add /user/{user_id}/shared_rooms/ api (#7785)Will Hunt2020-09-021-0/+138
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add shared_rooms api * Add changelog * Add . * Wrap response in {"rooms": } * linting * Add unstable_features key * Remove options from isort that aren't part of 5.x `-y` and `-rc` are now default behaviour and no longer exist. `dont-skip` is no longer required https://timothycrosley.github.io/isort/CHANGELOG/#500-penny-july-4-2020 * Update imports to make isort happy * Add changelog * Update tox.ini file with correct invocation * fix linting again for isort * Vendor prefix unstable API * Fix to match spec * import Codes * import Codes * Use FORBIDDEN * Update changelog.d/7785.feature Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> * Implement get_shared_rooms_for_users * a comma * trailing whitespace * Handle the easy feedback * Switch to using runInteraction * Add tests * Feedback * Seperate unstable endpoint from v2 * Add upgrade node * a line * Fix style by adding a blank line at EOF. * Update synapse/storage/databases/main/user_directory.py Co-authored-by: Tulir Asokan <tulir@maunium.net> * Update synapse/storage/databases/main/user_directory.py Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> * Update UPGRADE.rst Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> * Fix UPGRADE/CHANGELOG unstable paths unstable unstable unstable Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Tulir Asokan <tulir@maunium.net> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Tulir Asokan <tulir@maunium.net>
* Do not yield on awaitables in tests. (#8193)Patrick Cloke2020-08-271-2/+6
|
* Convert stats and related calls to async/await (#8192)Patrick Cloke2020-08-271-5/+4
|
* Remove remaining is_guest argument uses from get_room_data calls (#8181)Andrew Morgan2020-08-261-10/+2
| | | | | | | #8174 removed the `is_guest` parameter from `get_room_data`, at the same time that #8157 was merged using it, colliding together to break unit tests on develop. This PR removes the `is_guest` parameter from the call in the broken test. Uses the same changelog as #8174.
* Do not propagate typing notifications from shadow-banned users. (#8176)Patrick Cloke2020-08-261-0/+48
|
* Remove unused parameter from, and add safeguard in, get_room_data (#8174)Andrew Morgan2020-08-261-1/+1
| | | | | | Small cleanup PR. * Removed the unused `is_guest` argument * Added a safeguard to a (currently) impossible code path, fixing static checking at the same time.
* Do not propagate profile changes of shadow-banned users into rooms. (#8157)Patrick Cloke2020-08-262-157/+274
|
* Fix rate limiting unit tests. (#8167)Patrick Cloke2020-08-261-13/+14
| | | | These were passing on the release-v1.19.1 branch but started failing once merged to develop.
* Merge tag 'v1.19.1rc1' into developBrendan Abolivier2020-08-252-4/+93
|\ | | | | | | | | | | | | | | | | | | | | Synapse 1.19.1rc1 (2020-08-25) ============================== Bugfixes -------- - Fix a bug introduced in v1.19.0 where appservices with ratelimiting disabled would still be ratelimited when joining rooms. ([\#8139](https://github.com/matrix-org/synapse/issues/8139)) - Fix a bug introduced in v1.19.0 that would cause e.g. profile updates to fail due to incorrect application of rate limits on join requests. ([\#8153](https://github.com/matrix-org/synapse/issues/8153))
| * Fix join ratelimiter breaking profile updates and idempotency (#8153)Brendan Abolivier2020-08-242-4/+93
| |
* | Stop shadow-banned users from sending non-member events. (#8142)Patrick Cloke2020-08-241-1/+54
| |
* | Allow capping a room's retention policy (#8104)Brendan Abolivier2020-08-241-28/+66
| |
* | Fix flaky shadow-ban tests. (#8152)Patrick Cloke2020-08-241-1/+3
| |
* | Stop shadow-banned users from sending invites. (#8095)Patrick Cloke2020-08-201-0/+100
| |
* | Switch the JSON byte producer from a pull to a push producer. (#8116)Patrick Cloke2020-08-192-13/+7
|/
* Add type hints to handlers.message and events.builder (#8067)Erik Johnston2020-08-121-1/+3
|
* Add health check endpoint (#8048)Erik Johnston2020-08-071-0/+34
|
* Revert #7736 (#8039)Brendan Abolivier2020-08-062-175/+2
|
* Convert synapse.api to async/await (#8031)Patrick Cloke2020-08-064-12/+14
|
* Improve performance of the register endpoint (#8009)Patrick Cloke2020-08-061-1/+1
|
* Rename database classes to make some sense (#8033)Erik Johnston2020-08-051-2/+2
|
* Prevent join->join membership transitions changing member count (#7977)Andrew Morgan2020-08-031-1/+23
| | | | | | | | | | | `StatsHandler` handles updates to the `current_state_delta_stream`, and updates room stats such as the amount of state events, joined users, etc. However, it counts every new join membership as a new user entering a room (and that user being in another room), whereas it's possible for a user's membership status to go from join -> join, for instance when they change their per-room profile information. This PR adds a check for join->join membership transitions, and bails out early, as none of the further checks are necessary at that point. Due to this bug, membership stats in many rooms have ended up being wildly larger than their true values. I am not sure if we also want to include a migration step which recalculates these statistics (possibly using the `_populate_stats_process_rooms` bg update). Bug introduced in the initial implementation https://github.com/matrix-org/synapse/pull/4338.
* Convert federation client to async/await. (#7975)Patrick Cloke2020-07-302-4/+4
|
* Re-implement unread counts (#7736)Brendan Abolivier2020-07-292-2/+175
|
* Add an option to disable purge in delete room admin API (#7964)Dirk Klimpel2020-07-281-2/+55
| | | | | | Add option ```purge``` to ```POST /_synapse/admin/v1/rooms/<room_id>/delete``` Fixes: #3761 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Convert tests/rest/admin/test_room.py to unix file endings (#7953)Andrew Morgan2020-07-271-1447/+1447
| | | | | Converts tests/rest/admin/test_room.py to have unix file endings after they were accidentally changed in #7613. Keeping the same changelog as #7613 as it hasn't gone out in a release yet.
* Support oEmbed for media previews. (#7920)Patrick Cloke2020-07-271-8/+134
| | | Fixes previews of Twitter URLs by using their oEmbed endpoint to grab content.
* Convert more of the media code to async/await (#7873)Patrick Cloke2020-07-241-1/+4
|
* Add admin endpoint to get members in a room. (#7842)Michael Albert2020-07-161-0/+46
|
* Allow accounts to be re-activated from the admin APIs. (#7847)Patrick Cloke2020-07-151-0/+47
|
* Return the proper 403 Forbidden error during errors with JWT logins. (#7844)Patrick Cloke2020-07-151-21/+22
|
* Add delete room admin endpoint (#7613)Dirk Klimpel2020-07-141-0/+395
| | | | | | | | | | | | | | | | | | The Delete Room admin API allows server admins to remove rooms from server and block these rooms. `DELETE /_synapse/admin/v1/rooms/<room_id>` It is a combination and improvement of "[Shutdown room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/shutdown_room.md)" and "[Purge room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/purge_room.md)" API. Fixes: #6425 It also fixes a bug in [synapse/storage/data_stores/main/room.py](synapse/storage/data_stores/main/room.py) in ` get_room_with_stats`. It should return `None` if the room is unknown. But it returns an `IndexError`. https://github.com/matrix-org/synapse/blob/901b1fa561e3cc661d78aa96d59802cf2078cb0d/synapse/storage/data_stores/main/room.py#L99-L105 Related to: - #5575 - https://github.com/Awesome-Technologies/synapse-admin/issues/17 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add the option to validate the `iss` and `aud` claims for JWT logins. (#7827)Patrick Cloke2020-07-141-6/+100
|
* Do not use canonicaljson to magically handle decoding bytes from JSON. (#7802)Patrick Cloke2020-07-101-1/+1
|
* Fix some spelling mistakes / typos. (#7811)Patrick Cloke2020-07-093-3/+3
|
* Stop populating unused table `local_invites`. (#7793)Richard van der Hoff2020-07-071-1/+0
| | | | | This table is no longer used, so we may as well stop populating it. Removing it would prevent people rolling back to older releases of Synapse, so that can happen in a future release.
* isort 5 compatibility (#7786)Will Hunt2020-07-051-3/+1
| | | The CI appears to use the latest version of isort, which is a problem when isort gets a major version bump. Rather than try to pin the version, I've done the necessary to make isort5 happy with synapse.
* Fix inconsistent handling of upper and lower cases of email addresses. (#7021)Dirk Klimpel2020-07-031-30/+145
| | | fixes #7016
* add org.matrix.login.jwt so that m.login.jwt can be deprecated (#7675)Sorunome2020-06-241-3/+7
|
* Allow local media to be marked as safe from being quarantined. (#7718)Patrick Cloke2020-06-221-72/+65
|
* Fetch from the r0 media path instead of the unspecced v1. (#7714)Patrick Cloke2020-06-171-1/+1
|
* Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-163-7/+6
|
* Allow new users to be registered via the admin API even if the monthly ↵Dirk Klimpel2020-06-051-15/+163
| | | | active user limit has been reached (#7263)
* Add device management to admin API (#7481)Dirk Klimpel2020-06-051-0/+541
| | | | | | | | | | - Admin is able to - change displaynames - delete devices - list devices - get device informations Fixes #7330
* Add support for webp thumbnailing (#7586)WGH2020-06-051-36/+99
| | | | | Closes #4382 Signed-off-by: Maxim Plotnikov <wgh@torlan.ru>
* Performance improvements and refactor of Ratelimiter (#7595)Andrew Morgan2020-06-055-37/+48
| | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit.
* Fix a bug in automatic user creation with m.login.jwt. (#7585)Olof Johansson2020-06-011-0/+153
|
* Email notifications for new users when creating via the Admin API. (#7267)Dirk Klimpel2020-06-011-0/+75
|
* Convert sending mail to async/await. (#7557)Erik Johnston2020-05-221-2/+2
| | | | Mainly because sometimes the email push code raises exceptions where the stack traces have gotten lost, which is hopefully fixed by this.
* Allow expired accounts to logout (#7443)Andrew Morgan2020-05-142-2/+103
|
* Merge tag 'v1.13.0rc2' into developRichard van der Hoff2020-05-141-45/+10
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0rc2 (2020-05-14) ============================== Bugfixes -------- - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) Internal Changes ---------------- - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470))
| * Do not validate that the client dict is stable during UI Auth. (#7483)Patrick Cloke2020-05-131-45/+10
| | | | | | | | This backs out some of the validation for the client dictionary and logs if this changes during a user interactive authentication session instead.
* | Merge branch 'release-v1.13.0' into developAndrew Morgan2020-05-111-88/+216
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * release-v1.13.0: Don't UPGRADE database rows RST indenting Put rollback instructions in upgrade notes Fix changelog typo Oh yeah, RST Absolute URL it is then Fix upgrade notes link Provide summary of upgrade issues in changelog. Fix ) Move next version notes from changelog to upgrade notes Changelog fixes 1.13.0rc1 Documentation on setting up redis (#7446) Rework UI Auth session validation for registration (#7455) Fix errors from malformed log line (#7454) Drop support for redis.dbid (#7450)
| * Rework UI Auth session validation for registration (#7455)Patrick Cloke2020-05-081-88/+216
| | | | | | | | Be less strict about validation of UI authentication sessions during registration to match client expecations.
* | Add room details admin endpoint (#7317)Manuel Stahl2020-05-071-0/+41
|/
* Persist user interactive authentication sessions (#7302)Patrick Cloke2020-04-301-0/+40
| | | | | By persisting the user interactive authentication sessions to the database, this fixes situations where a user hits different works throughout their auth session and also allows sessions to persist through restarts of Synapse.
* Fix limit logic for EventsStream (#7358)Richard van der Hoff2020-04-291-1/+1
| | | | | | | | | | | | | | | | | | | * Factor out functions for injecting events into database I want to add some more flexibility to the tools for injecting events into the database, and I don't want to clutter up HomeserverTestCase with them, so let's factor them out to a new file. * Rework TestReplicationDataHandler This wasn't very easy to work with: the mock wrapping was largely superfluous, and it's useful to be able to inspect the received rows, and clear out the received list. * Fix AssertionErrors being thrown by EventsStream Part of the problem was that there was an off-by-one error in the assertion, but also the limit logic was too simple. Fix it all up and add some tests.
* Return total number of users and profile attributes in admin users endpoint ↵Manuel Stahl2020-04-281-0/+2
| | | | | (#6881) Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
* Revert "Revert "Merge pull request #7315 from ↵Brendan Abolivier2020-04-232-1/+62
| | | | | | matrix-org/babolivier/request_token"" This reverts commit 1adf6a55870aa08de272591ff49db9dc49738076.
* Extend room admin api with additional attributes (#7225)Dirk Klimpel2020-04-222-592/+680
|
* Allow specifying the value of Accept-Language header for URL previews (#7265)Andrew Morgan2020-04-151-0/+55
|
* Fix the parameters of a test fixture (#7243)Zay11Zay2020-04-141-1/+1
|
* Default PL100 to enable encryption in a room (#7230)Andrew Morgan2020-04-092-4/+297
|
* Do not allow a deactivated user to login via SSO. (#7240)Patrick Cloke2020-04-091-3/+39
|
* Merge pull request #7157 from matrix-org/rev.outbound_device_pokes_testsRichard van der Hoff2020-03-302-4/+4
|\ | | | | Add tests for outbound device pokes
| * Remove spurious "name" parameter to `default_config`Richard van der Hoff2020-03-242-4/+4
| | | | | | | | | | this is never set to anything other than "test", and is a source of unnecessary boilerplate.
* | Always whitelist the login fallback for SSO (#7153)Richard van der Hoff2020-03-271-1/+8
| | | | | | | | | | | | | | That fallback sets the redirect URL to itself (so it can process the login token then return gracefully to the client). This would make it pointless to ask the user for confirmation, since the URL the confirmation page would be showing wouldn't be the client's.
* | Admin API to join users to a room. (#7051)Dirk Klimpel2020-03-271-0/+288
| |
* | Add options to prevent users from changing their profile. (#7096)Dirk Klimpel2020-03-271-0/+302
| |
* | Allow server admins to define and enforce a password policy (MSC2000). (#7118)Dirk Klimpel2020-03-261-0/+179
| |
* | Validate that the session is not modified during UI-Auth (#7068)Patrick Cloke2020-03-261-1/+67
| |
* | Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-8/+8
|/ | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
* Remove special casing of `m.room.aliases` events (#7034)Patrick Cloke2020-03-172-15/+33
|
* Revert "Add options to disable setting profile info for prevent changes. ↵Richard van der Hoff2020-03-171-303/+0
| | | | | | | (#7053)" This reverts commit 54dd28621b070ca67de9f773fe9a89e1f4dc19da, reversing changes made to 6640460d054e8f4444046a34bdf638921b31c01e.
* Add options to disable setting profile info for prevent changes. (#7053)Brendan Abolivier2020-03-101-0/+303
|\
| * lint, fix testsdklimpel2020-03-091-2/+2
| |
| * updates after reviewdklimpel2020-03-091-10/+7
| |
| * lintdklimpel2020-03-091-10/+8
| |
| * add testsdklimpel2020-03-091-0/+308
| |
* | Merge branch 'master' into developBrendan Abolivier2020-03-031-0/+111
|\ \
| * | Add a whitelist for the SSO confirmation step.Richard van der Hoff2020-03-021-3/+29
| | |
| * | Merge remote-tracking branch 'origin/release-v1.11.1' into release-v1.11.1Richard van der Hoff2020-03-021-28/+181
| |\ \
| | * | Fixed set a user as an admin with the new API (#6928)Dirk Klimpel2020-03-021-28/+181
| | | | | | | | | | | | | | | | Fix #6910
| * | | Add a confirmation step to the SSO login flowBrendan Abolivier2020-03-021-0/+85
| |/ /
* | / Validate the alt_aliases property of canonical alias events (#6971)Patrick Cloke2020-03-031-0/+160
| |/ |/|
* | Fixed set a user as an admin with the new API (#6928)Dirk Klimpel2020-02-281-32/+186
| | | | | | Fix #6910
* | Ensure 'deactivated' parameter is a boolean on user admin API, Fix error ↵Andrew Morgan2020-02-261-0/+59
| | | | | | | | handling of call to deactivate user (#6990)
* | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-211-13/+15
|/ | | | Ensure good comprehension hygiene using flake8-comprehensions.
* Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekableRichard van der Hoff2020-02-191-0/+17
|\ | | | | Make room alias lists peekable
| * Make room alias lists peekableRichard van der Hoff2020-02-191-0/+17
| | | | | | | | | | | | As per https://github.com/matrix-org/matrix-doc/pull/2432#pullrequestreview-360566830, make room alias lists accessible to users outside world_readable rooms.
* | Move MSC2432 stuff onto unstable prefix (#6948)Richard van der Hoff2020-02-191-3/+13
|/ | | it's not in the spec yet, so needs to be unstable. Also add a feature flag for it. Also add a test for admin users.
* Implement GET /_matrix/client/r0/rooms/{roomId}/aliases (#6939)Richard van der Hoff2020-02-181-1/+69
| | | | | per matrix-org/matrix-doc#2432
* Raise the default power levels for invites, tombstones and server acls (#6834)Andrew Morgan2020-02-171-1/+3
|
* Return a 404 for admin api user lookup if user not found (#6901)Andrew Morgan2020-02-121-0/+16
|
* Admin api to add an email address (#6789)Dirk Klimpel2020-02-071-2/+17
|
* MSC2260: Block direct sends of m.room.aliases events (#6794)Richard van der Hoff2020-01-302-33/+15
| | | | | as per MSC2260
* Admin API to list, filter and sort rooms (#6720)Andrew Morgan2020-01-221-4/+389
|
* Lint + changelogBrendan Abolivier2020-01-221-3/+1
|
* Remove unused importBrendan Abolivier2020-01-221-1/+1
|
* Add tests for thumbnailingBrendan Abolivier2020-01-221-3/+45
|
* Fix and add test to deprecated quarantine media admin api (#6756)Andrew Morgan2020-01-221-4/+11
|
* Fix `/events/:event_id` deprecated API. (#6731)Erik Johnston2020-01-201-0/+27
|
* Fix changing password via user admin API. (#6730)Erik Johnston2020-01-201-0/+13
|
* Fix purge_room admin API (#6711)Erik Johnston2020-01-151-3/+1
|
* Add `local_current_membership` table (#6655)Erik Johnston2020-01-152-12/+9
| | | | | | | Currently we rely on `current_state_events` to figure out what rooms a user was in and their last membership event in there. However, if the server leaves the room then the table may be cleaned up and that information is lost. So lets add a table that separately holds that information.
* Quarantine media by ID or user ID (#6681)Andrew Morgan2020-01-132-0/+378
|
* Allow admin users to create or modify users without a shared secret (#6495)Manuel Stahl2020-01-092-338/+465
| | | Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>