summary refs log tree commit diff
path: root/tests/rest (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add admin API to get some information about federation status (#11407)Dirk Klimpel2021-12-061-0/+456
|
* Include bundled aggregations in /sync and related fixes (#11478)Patrick Cloke2021-12-061-39/+96
| | | | | | | | Due to updates to MSC2675 this includes a few fixes: * Include bundled aggregations for /sync. * Do not include bundled aggregations for /initialSync and /events. * Do not bundle aggregations for state events. * Clarifies comments and variable names.
* Support configuring the lifetime of non-refreshable access tokens separately ↵reivilibre2021-12-031-0/+76
| | | | to refreshable access tokens. (#11445)
* Add type hints to `synapse/tests/rest/admin` (#11501)Dirk Klimpel2021-12-039-225/+256
|
* Fix media repository failing when media store path contains symlinks (#11446)Sean Quah2021-12-021-1/+108
|
* Bundle relations of relations into the `/relations` result. (#11284)Patrick Cloke2021-11-301-0/+118
| | | | | Per updates to MSC2675 which now states that bundled aggregations should be included from the `/relations` endpoint.
* Remove unnecessary `json.dumps` from `tests.rest.admin` (#11461)Dirk Klimpel2021-11-301-41/+20
| | | | | The tests helpers automatically convert dictionaries to JSON payloads, no need to do it manually for each test.
* Convert status codes to `HTTPStatus` in `tests.rest.admin` (#11455)Dirk Klimpel2021-11-3011-557/+886
|
* Make background updates controllable via a plugin (#11306)Erik Johnston2021-11-291-1/+1
| | | Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Update MSC2918 refresh token support to confirm with the latest revision: ↵reivilibre2021-11-261-14/+44
| | | | accept the `refresh_tokens` parameter in the request body rather than in the URL parameters. (#11430)
* Support expiry of refresh tokens and expiry of the overall session when ↵reivilibre2021-11-261-1/+124
| | | | refresh tokens are in use. (#11425)
* Lower minumum batch size to 1 for background updates (#11422)Brendan Abolivier2021-11-241-8/+17
| | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Rename unstable `access_token_lifetime` configuration option to ↵reivilibre2021-11-231-1/+1
| | | | `refreshable_access_token_lifetime` to make it clear it only concerns refreshable access tokens. (#11388)
* Merge branch 'master' into developSean Quah2021-11-231-0/+250
|\
| * Prevent the media store from writing outside of the configured directorySean Quah2021-11-191-0/+250
| | | | | | | | | | Also tighten validation of server names by forbidding invalid characters in IPv6 addresses and empty domain labels.
* | Add config for customizing the claim used for JWT logins. (#11361)Kostas2021-11-221-32/+36
| | | | | | | | | | Allows specifying a different claim (from the default "sub") to use when calculating the localpart of the Matrix ID used during the JWT login.
* | Store arbitrary relations from events. (#11391)Patrick Cloke2021-11-221-0/+111
| | | | | | | | | | Instead of only known relation types. This also reworks the background update for thread relations to crawl events and search for any relation type, not just threaded relations.
* | Add an admin API to run background jobs. (#11352)Dirk Klimpel2021-11-191-8/+146
| | | | | | | | | | | | Instead of having admins poke into the database directly. Can currently run jobs to populate stats and to populate the user directory.
* | Add dedicated admin API for blocking a room (#11324)Dirk Klimpel2021-11-181-0/+228
| |
* | Do not allow MSC3440 threads to fork threads (#11161)Patrick Cloke2021-11-181-0/+62
| | | | | | | | | | | | | | | | | | | | | | Adds validation to the Client-Server API to ensure that the potential thread head does not relate to another event already. This results in not allowing a thread to "fork" into other threads. If the target event is unknown for some reason (maybe it isn't visible to your homeserver), but is the target of other events it is assumed that the thread can be created from it. Otherwise, it is rejected as an unknown event.
* | Rename `get_access_token_for_user_id` method to ↵reivilibre2021-11-172-6/+6
| | | | | | | | `create_access_token_for_user_id` (#11369)
* | Add ability to un-shadow-ban via the admin API. (#11347)Patrick Cloke2021-11-161-6/+20
| |
* | Misc typing fixes for tests, part 2 of N (#11330)David Robertson2021-11-161-9/+42
| |
* | Add support for the stable version of MSC2778 (#11335)Tulir Asokan2021-11-151-1/+4
| | | | | | | | | | | | | | | | | | * Add support for the stable version of MSC2778 Signed-off-by: Tulir Asokan <tulir@maunium.net> * Expect m.login.application_service in login and password provider tests Signed-off-by: Tulir Asokan <tulir@maunium.net>
* | Test room alias deletion (#11327)David Robertson2021-11-121-28/+77
| | | | | | | | | | | | | | | | | | | | * Prefer `HTTPStatus` over plain `int` This is an Opinion that no-one has seemed to object to yet. * `--disallow-untyped-defs` for `tests.rest.client.test_directory` * Improve synapse's annotations for deleting aliases * Test case for deleting a room alias * Changelog
* | Misc typing fixes for `tests`, part 1 of N (#11323)David Robertson2021-11-121-8/+14
| | | | | | | | | | | | | | | | | | | | * Annotate HomeserverTestCase.servlets * Correct annotation of federation_auth_origin * Use AnyStr custom_headers instead of a Union This allows (str, str) and (bytes, bytes). This disallows (str, bytes) and (bytes, str) * DomainSpecificString.SIGIL is a ClassVar
* | Convert delete room admin API to async endpoint (#11223)Dirk Klimpel2021-11-122-65/+709
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Allow admins to proactively block rooms (#11228)David Robertson2021-11-091-0/+28
| | | | | | | | Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* | Support filtering by relations per MSC3440 (#11236)Patrick Cloke2021-11-091-1/+153
|/ | | | Adds experimental support for `relation_types` and `relation_senders` fields for filters.
* Require body for read receipts with user-agent exceptions (#11157)rogersheu2021-11-091-2/+28
| | | Co-authored-by: reivilibre <olivier@librepush.net>
* Add some background update admin APIs (#11263)Erik Johnston2021-11-081-0/+218
| | | Fixes #11259
* Default value for `public_baseurl` (#11210)Richard van der Hoff2021-11-082-2/+0
| | | | | We might as well use a default value for `public_baseurl` based on `server_name` - in many cases, it will be correct.
* Add search by room ID and room alias to List Room admin API (#11099)Dirk Klimpel2021-11-021-39/+49
| | | | Fixes: #10874 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Handle missing Content-Type header when accessing remote media (#11200)Shay2021-11-011-2/+16
| | | | | | | | | | | | | | | | | | | | | * add code to handle missing content-type header and a test to verify that it works * add handling for missing content-type in the /upload endpoint as well * slightly refactor test code to put private method in approriate place * handle possible null value for content-type when pulling from the local db * add changelog * refactor test and add code to handle missing content-type in cached remote media * requested changes * Update changelog.d/11200.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Fix a bug in unit test `test_block_room_and_not_purge` (#11226)Dirk Klimpel2021-11-011-2/+2
|
* Make `check_event_allowed` module API callback not fail open (accept events) ↵reivilibre2021-11-011-13/+3
| | | | when an exception is raised (#11033)
* Remove deprecated delete room admin API (#11213)Dirk Klimpel2021-11-011-24/+15
| | | | | Remove deprecated delete room admin API, `POST /_synapse/admin/v1/rooms/<room_id>/delete`
* Support for serving server well-known files (#11211)Richard van der Hoff2021-11-011-6/+26
| | | | Fixes https://github.com/matrix-org/synapse/issues/8308
* Add knock information in admin exported data (#11171)Rafael Gonçalves2021-10-281-0/+29
| | | Signed-off-by: Rafael Goncalves <rafaelgoncalves@riseup.net>
* Implement an `on_new_event` callback (#11126)Brendan Abolivier2021-10-261-3/+90
| | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Enable changing user type via users admin API (#11174)Jason Robinson2021-10-261-0/+51
| | | | | | | | Users admin API can now also modify user type in addition to allowing it to be set on user creation. Signed-off-by: Jason Robinson <jasonr@matrix.org> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Add a thread relation type per MSC3440. (#11088)Patrick Cloke2021-10-211-6/+34
| | | | Adds experimental support for MSC3440's `io.element.thread` relation type (and the aggregation for it).
* Fix setting a user's external_id via the admin API returns 500 and deletes ↵Dirk Klimpel2021-10-211-3/+212
| | | | | users existing external mappings if that external ID is already mapped (#11051) Fixes #10846
* Show error when timestamp in seconds is provided to the /purge_media_cache ↵Aaron R2021-10-201-4/+102
| | | | API (#11101)
* Fix-up some type hints in the relations tests. (#11076)Patrick Cloke2021-10-141-28/+27
|
* Add a test for a workaround concerning the behaviour of third-party rule ↵reivilibre2021-10-141-6/+50
| | | | modules and `SynapseError`s. (#11071)
* Be more lenient when parsing the version for oEmbed responses. (#11065)Patrick Cloke2021-10-131-0/+51
|
* Simplify the user admin API tests (#11048)Dirk Klimpel2021-10-121-255/+146
|
* Add tests for `MediaFilePaths` (#11057)Sean Quah2021-10-121-0/+238
|
* Autodiscover oEmbed endpoint from returned HTML (#10822)Patrick Cloke2021-10-081-1/+99
| | | | | Searches the returned HTML for an oEmbed endpoint using the autodiscovery mechanism (`<link rel=...>`), and will request it to generate the preview.
* Add a spamchecker method to allow or deny 3pid invites (#10894)Brendan Abolivier2021-10-061-0/+70
| | | | | This is in the context of creating new module callbacks that modules in https://github.com/matrix-org/synapse-dinsic can use, in an effort to reconcile the spam checker API in synapse-dinsic with the one in mainline. Note that a module callback already exists for 3pid invites (https://matrix-org.github.io/synapse/develop/modules/third_party_rules_callbacks.html#check_threepid_can_be_invited) but it doesn't check whether the sender of the invite is allowed to send it.
* Add a spamchecker callback to allow or deny room joins (#10910)Brendan Abolivier2021-10-061-0/+101
| | | Co-authored-by: Erik Johnston <erik@matrix.org>
* Make is_public Optional[bool] for create_room_as test util (#10951) (#10963)AndrewFerr2021-10-041-6/+7
| | | Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
* Consistently exclude from user_directory (#10960)David Robertson2021-10-041-12/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Introduce `should_include_local_users_in_dir` We exclude three kinds of local users from the user_directory tables. At present we don't consistently exclude all three in the same places. This commit introduces a new function to gather those exclusion conditions together. Because we have to handle local and remote users in different ways, I've made that function only consider the case of remote users. It's the caller's responsibility to make the local versus remote distinction clear and correct. A test fixup is required. The test now hits a path which makes db queries against the users table. The expected rows were missing, because we were using a dummy user that hadn't actually been registered. We also add new test cases to covert the exclusion logic. ---- By my reading this makes these changes: * When an app service user registers or changes their profile, they will _not_ be added to the user directory. (Previously only support and deactivated users were excluded). This is consistent with the logic that rebuilds the user directory. See also [the discussion here](https://github.com/matrix-org/synapse/pull/10914#discussion_r716859548). * When rebuilding the directory, exclude support and disabled users from room sharing tables. Previously only appservice users were excluded. * Exclude all three categories of local users when rebuilding the directory. Previously `_populate_user_directory_process_users` didn't do any exclusion. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Use direct references for configuration variables (part 7). (#10959)Patrick Cloke2021-10-044-7/+7
|
* type-hint `HomeserverTestcase.setup_test_homeserver` (#10961)David Robertson2021-10-011-3/+3
| | | | | * type-hint `HomeserverTestcase.setup_test_homeserver` For better IDE completion. A small drive-by.
* Use direct references for configuration variables (part 6). (#10916)Patrick Cloke2021-09-295-8/+8
|
* Implement MSC3069: Guest support on whoami (#9655)Travis Ralston2021-09-291-5/+44
|
* Fix empty `url_cache_thumbnails/yyyy-mm-dd/` directories being left behind ↵Sean Quah2021-09-291-0/+31
| | | | (#10924)
* Avoid storing URL cache files in storage providers (#10911)Sean Quah2021-09-271-0/+130
| | | | | URL cache files are short-lived and it does not make sense to offload them (eg. to the cloud) or back them up.
* Add a spamchecker callback to allow or deny room creation based on invites ↵Brendan Abolivier2021-09-241-2/+117
| | | | | | | (#10898) This is in the context of creating new module callbacks that modules in https://github.com/matrix-org/synapse-dinsic can use, in an effort to reconcile the spam checker API in synapse-dinsic with the one in mainline. This adds a callback that's fairly similar to user_may_create_room except it also allows processing based on the invites sent at room creation.
* Use direct references for configuration variables (part 5). (#10897)Patrick Cloke2021-09-243-4/+4
|
* Add reactor to `SynapseRequest` and fix up types. (#10868)Erik Johnston2021-09-248-20/+24
|
* Allow `.` and `~` chars in registration tokens (#10887)Callum Brown2021-09-231-3/+5
| | | | Per updates to MSC3231 in order to use the same grammar as other identifiers.
* Use direct references for configuration variables (part 4). (#10893)Patrick Cloke2021-09-232-7/+7
|
* Use direct references for some configuration variables (part 3) (#10885)Patrick Cloke2021-09-232-2/+2
| | | | | | | | This avoids the overhead of searching through the various configuration classes by directly referencing the class that the attributes are in. It also improves type hints since mypy can now resolve the types of the configuration variables.
* Include more information in oEmbed previews. (#10819)Patrick Cloke2021-09-221-9/+21
| | | | | | | * Improved titles (fall back to the author name if there's not title) and include the site name. * Handle photo/video payloads. * Include the original URL in the Open Graph response. * Fix the expiration time (by properly converting from seconds to milliseconds).
* Add type hints for event streams. (#10856)Patrick Cloke2021-09-212-4/+16
|
* Refactor oEmbed previews (#10814)Patrick Cloke2021-09-211-13/+13
| | | | | | | | | | | | | The major change is moving the decision of whether to use oEmbed further up the call-stack. This reverts the _download_url method to being a "dumb" functionwhich takes a single URL and downloads it (as it was before #7920). This also makes more minor refactorings: * Renames internal variables for clarity. * Factors out shared code between the HTML and rich oEmbed previews. * Fixes tests to preview an oEmbed image.
* Test that state events sent by modules correctly end up in the room's state ↵Brendan Abolivier2021-09-211-0/+84
| | | | | | | (#10835) Test for #10830 Ideally the test would also make sure the new state event comes down sync, but this is probably good enough.
* Allow Synapse Admin API's Room Search to accept non-ASCII characters (#10859)Hillery Shay2021-09-211-0/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add tests for checking if room search works with non-ascii char * change encoding on parse_string to UTF-8 * lints * properly encode search term * lints * add changelog file * update changelog number * set changelog entry filetype to .bugfix * Revert "set changelog entry filetype to .bugfix" This reverts commit be8e5a314251438ec4ec7dbc59ba32162c93e550. * update changelog message and file type * change parse_string default encoding back to ascii and update room search admin api calll to parse string * refactor tests * Update tests/rest/admin/test_room.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Always add local users to the user directory (#10796)David Robertson2021-09-211-6/+6
| | | | | | | | | | | | | | | | | | | | | | | It's a simplification, but one that'll help make the user directory logic easier to follow with the other changes upcoming. It's not strictly required for those changes, but this will help simplify the resulting logic that listens for `m.room.member` events and generally make the logic easier to follow. This means the config option `search_all_users` ends up controlling the search query only, and not the data we store. The cost of doing so is an extra row in the `user_directory` and `user_directory_search` tables for each local user which - belongs to no public rooms - belongs to no private rooms of size ≥ 2 I think the cost of this will be marginal (since they'll already have entries in `users` and `profiles` anyway). As a small upside, a homeserver whose directory was built with this change can toggle `search_all_users` without having to rebuild their directory. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Allow sending a membership event to unban a user (#10807)Aaron Raimist2021-09-212-1/+97
| | | | | * Allow membership event to unban user Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Create a constant for a small png image in tests. (#10834)Patrick Cloke2021-09-165-80/+26
| | | To avoid duplicating it between a few tests.
* Use direct references for some configuration variables (#10798)Patrick Cloke2021-09-131-6/+12
| | | | Instead of proxying through the magic getter of the RootConfig object. This should be more performant (and is more explicit).
* Handle room upgrades for spaces (#10774)Patrick Cloke2021-09-101-4/+63
| | | | | By copying the `room_type` field of the create event and migrating any non-empty `m.space.child` events to the new room that is created.
* Remove unstable MSC2858 API, including `experimental.msc2858_enabled` config ↵Sean2021-09-091-58/+7
| | | | | option (#10693) Signed-off-by: Sean Quah <seanq@element.io>
* Request JSON for oEmbed requests (and ignore XML only providers). (#10759)Patrick Cloke2021-09-081-1/+54
| | | | | | | | This adds the format to the request arguments / URL to ensure that JSON data is returned (which is all that Synapse supports). This also adds additional error checking / filtering to the configuration file to ignore XML-only providers.
* Allow configuration of the oEmbed URLs. (#10714)Patrick Cloke2021-08-311-110/+102
| | | | | This adds configuration options (under an `oembed` section) to configure which URLs are matched to use oEmbed for URL previews.
* Merge branch 'master' into developRichard van der Hoff2021-08-312-1/+139
|\
| * Fix up unit tests (#10723)Richard van der Hoff2021-08-311-2/+15
| | | | | | These were broken in an incorrect merge of GHSA-jj53-8fmw-f2w2 (cb35df9)
| * Merge pull request from GHSA-jj53-8fmw-f2w2reivilibre2021-08-311-0/+43
| |
| * Merge pull request from GHSA-3x4c-pq33-4w3qreivilibre2021-08-311-1/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add some tests to characterise the problem Some failing. Current states: RoomsMemberListTestCase test_get_member_list ... [OK] test_get_member_list_mixed_memberships ... [OK] test_get_member_list_no_permission ... [OK] test_get_member_list_no_permission_former_member ... [OK] test_get_member_list_no_permission_former_member_with_at_token ... [FAIL] test_get_member_list_no_room ... [OK] test_get_member_list_no_permission_with_at_token ... [FAIL] * Correct the tests * Check user is/was member before divulging room membership * Pull out only the 1 membership event we want. * Update tests/rest/client/v1/test_rooms.py Co-authored-by: Erik Johnston <erik@matrix.org> * Fixup tests (following apply review suggestion) Co-authored-by: Erik Johnston <erik@matrix.org>
* | Improve ServerNoticeServlet to avoid duplicate requests (#10679)Dirk Klimpel2021-08-271-0/+450
| | | | | | Fixes: #9544
* | Validate new m.room.power_levels events (#10232)Aaron Raimist2021-08-261-0/+78
| | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Fix error when selecting between thumbnails with the same quality (#10684)Sean2021-08-251-1/+38
| | | | | | Fixes #10318
* | Merge branch 'master' into developErik Johnston2021-08-241-2/+2
|\|
| * Set room version 8 as preferred for restricted rooms. (#10571)Patrick Cloke2021-08-201-2/+2
| |
* | Implement MSC3231: Token authenticated registration (#10142)Callum Brown2021-08-212-0/+1144
| | | | | | | | | | Signed-off-by: Callum Brown <callum@calcuode.com> This is part of my GSoC project implementing [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
* | Flatten tests/rest/client/{v1,v2_alpha} too (#10667)David Robertson2021-08-2024-15/+2
| |
* | Simplify tests for the device admin rest API. (#10664)Dirk Klimpel2021-08-201-81/+18
| | | | | | | | By replacing duplicated code with parameterized tests and avoiding unnecessary dumping of JSON data.
* | Follow-up: format changelog, add licence (#10593)David Robertson2021-08-201-0/+14
| | | | | | | | Merged before approval; these comments from @clokep on that PR.
* | Validate device_keys for C-S /keys/query requests (#10593)David Robertson2021-08-201-0/+77
| | | | | | | | | | | | | | | | * Validate device_keys for C-S /keys/query requests Closes #10354 A small, not particularly critical fix. I'm interested in seeing if we can find a more systematic approach though. #8445 is the place for any discussion.
* | Support MSC3283: Expose `enable_set_displayname` in capabilities (#10452)Dirk Klimpel2021-08-191-23/+86
| |
* | Remove not needed database updates in modify user admin API (#10627)Dirk Klimpel2021-08-191-4/+58
| |
* | Remove deprecated Shutdown Room and Purge Room Admin API (#8830)Dirk Klimpel2021-08-171-162/+0
|/
* Flatten the synapse.rest.client package (#10600)reivilibre2021-08-1737-57/+44
|
* Allow to edit `external_ids` by Edit User admin API (#10598)Dirk Klimpel2021-08-171-30/+197
| | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add an admin API to check if a username is available (#10578)Will Hunt2021-08-171-0/+62
| | | This adds a new API GET /_synapse/admin/v1/username_available?username=foo to check if a username is available. It is the counterpart to https://matrix.org/docs/spec/client_server/r0.6.0#get-matrix-client-r0-register-available, except that it works even if registration is disabled.
* Admin API to delete media for a specific user (#10558)Dirk Klimpel2021-08-111-113/+208
|
* Fix type hints in space summary tests. (#10575)Patrick Cloke2021-08-111-3/+3
| | | And ensure that the file is checked via mypy.
* Fix exceptions in logs when failing to get remote room list (#10541)Erik Johnston2021-08-061-1/+91
|
* Add a setting to disable TLS for sending email (#10546)Richard van der Hoff2021-08-062-18/+27
| | | This is mostly useful in case the server offers TLS, but doesn't present a valid certificate.
* Don't fail on empty bodies when sending out read receipts (#10531)Brendan Abolivier2021-08-041-0/+12
| | | | | Fixes a bug introduced in rc1 that would cause Synapse to 400 on read receipts requests with empty bodies. Broken in #10413
* Support for MSC2285 (hidden read receipts) (#10413)Šimon Brandner2021-07-281-2/+95
| | | Implementation of matrix-org/matrix-doc#2285
* Support MSC2033: Device ID on whoami (#9918)Travis Ralston2021-07-271-1/+42
| | | | | | | | | | * Fix no-access-token bug in deactivation tests * Support MSC2033: Device ID on whoami * Test for appservices too MSC: https://github.com/matrix-org/matrix-doc/pull/2033 The MSC has passed FCP, which means stable endpoints can be used.
* Add `creation_ts` to list users admin API (#10448)Dirk Klimpel2021-07-221-18/+27
| | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add type hints to additional servlet functions (#10437)Patrick Cloke2021-07-211-2/+2
| | | | | | | | | Improves type hints for: * parse_{boolean,integer} * parse_{boolean,integer}_from_args * parse_json_{value,object}_from_request And fixes any incorrect calls that resulted from unknown types.
* MSC3244 room capabilities implementation (#10283)Michael Telatynski2021-07-201-0/+46
|
* Port the ThirdPartyEventRules module interface to the new generic interface ↵Brendan Abolivier2021-07-201-24/+108
| | | | | (#10386) Port the third-party event rules interface to the generic module interface introduced in v1.37.0
* Add a new version of the R30 phone-home metric, which removes a false ↵reivilibre2021-07-191-3/+27
| | | | | impression of retention given by the old R30 metric (#10332) Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* Use inline type hints in `tests/` (#10350)Jonathan de Jong2021-07-132-10/+8
| | | | | | | | This PR is tantamount to running: python3.8 -m com2ann -v 6 tests/ (com2ann requires python 3.8 to run)
* [pyupgrade] `tests/` (#10347)Jonathan de Jong2021-07-136-24/+22
|
* Remove functionality associated with unused historical stats tables (#9721)Cristina2021-07-081-1/+0
| | | Fixes #9602
* Fix deactivate a user if he does not have a profile (#10252)Dirk Klimpel2021-07-061-18/+68
|
* Add SSO `external_ids` to Query User Account admin API (#10261)Dirk Klimpel2021-07-011-84/+140
| | | Related to #10251
* Do not recurse into non-spaces in the spaces summary. (#10256)Patrick Cloke2021-06-291-1/+2
| | | | | Previously m.child.room events in non-space rooms would be treated as part of the room graph, but this is no longer supported.
* MSC2918 Refresh tokens implementation (#9450)Quentin Gliech2021-06-241-1/+219
| | | | | | | | | | This implements refresh tokens, as defined by MSC2918 This MSC has been implemented client side in Hydrogen Web: vector-im/hydrogen-web#235 The basics of the MSC works: requesting refresh tokens on login, having the access tokens expire, and using the refresh token to get a new one. Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
* Re-introduce "Leave out optional keys from /sync" change (#10214)Andrew Morgan2021-06-231-29/+1
| | | Required some fixes due to merge conflicts with #6739, but nothing too hairy. The first commit is the same as the original (after merge conflict resolution) then two more for compatibility with the latest sync code.
* Standardise the module interface (#10062)Brendan Abolivier2021-06-181-0/+3
| | | This PR adds a common configuration section for all modules (see docs). These modules are then loaded at startup by the homeserver. Modules register their hooks and web resources using the new `register_[...]_callbacks` and `register_web_resource` methods of the module API.
* Ensure that we do not cache empty sync responses after a timeout (#10158)Richard van der Hoff2021-06-171-0/+50
| | | Fixes #8518 by telling the ResponseCache not to cache the /sync response if the next_batch param is the same as the since token.
* update black to 21.6b0 (#10197)Marcus2021-06-174-11/+11
| | | | | Reformat all files with the new version. Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
* Remove the experimental flag for knocking and use stable prefixes / ↵Patrick Cloke2021-06-151-4/+4
| | | | | | | endpoints. (#10167) * Room version 7 for knocking. * Stable prefixes and endpoints (both client and federation) for knocking. * Removes the experimental configuration flag.
* Implement knock feature (#6739)Sorunome2021-06-091-2/+93
| | | | | | This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403 Signed-off-by: Sorunome mail@sorunome.de Signed-off-by: Andrew Morgan andrewm@element.io
* r0.6.1 support: /rooms/:roomId/aliases endpoint (#9224)Travis Ralston2021-06-031-2/+1
| | | | | | [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432) added this endpoint originally but it has since been included in the spec for nearly a year. This is progress towards https://github.com/matrix-org/synapse/issues/8334
* Add new admin APIs to remove media by media ID from quarantine. (#10044)Dirk Klimpel2021-06-021-0/+128
| | | | | Related to: #6681, #5956, #10040 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-9/+9
|
* Make reason and score optional for report_event (#10077)Callum Brown2021-05-272-1/+97
| | | | | | Implements MSC2414: https://github.com/matrix-org/matrix-doc/pull/2414 See #8551 Signed-off-by: Callum Brown <callum@calcuode.com>
* Add an admin API for unprotecting local media from quarantine (#10040)Dirk Klimpel2021-05-261-0/+99
| | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Correctly ratelimit invites when creating a room (#9968)Brendan Abolivier2021-05-121-0/+37
| | | | | * Correctly ratelimit invites when creating a room Also allow ratelimiting for more than one action at a time.
* Tests for to-device messages (#9965)Richard van der Hoff2021-05-111-0/+201
|
* Revert "Leave out optional keys from /sync (#9919)" (#9940)Erik Johnston2021-05-061-1/+29
| | | This reverts commit e9eb3549d32a6f93d07de8dbd5e1ebe54c8d8278.
* Leave out optional keys from /sync (#9919)DeepBlueV7.X2021-05-051-29/+1
| | | | | | This leaves out all optional keys from /sync. This should be fine for all clients tested against conduit already, but it may break some clients, as such we should check, that at least most of them don't break horribly and maybe back out some of the individual changes. (We can probably always leave out groups for example, while the others may cause more issues.) Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
* Delete room endpoint (#9889)ThibF2021-04-291-19/+26
| | | | | | Support the delete of a room through DELETE request and mark previous request as deprecated through documentation. Signed-off-by: Thibault Ferrante <thibault.ferrante@pm.me>
* Remove various bits of compatibility code for Python <3.6 (#9879)Andrew Morgan2021-04-271-9/+6
| | | I went through and removed a bunch of cruft that was lying around for compatibility with old Python versions. This PR also will now prevent Synapse from starting unless you're running Python 3.6+.
* Split presence out of master (#9820)Erik Johnston2021-04-231-2/+3
|
* Limit length of accepted email addresses (#9855)Erik Johnston2021-04-221-0/+51
|
* Fix (final) Bugbear violations (#9838)Jonathan de Jong2021-04-206-16/+16
|
* Port "Allow users to click account renewal links multiple times without ↵Andrew Morgan2021-04-191-15/+37
| | | | | hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832) This attempts to be a direct port of https://github.com/matrix-org/synapse-dinsic/pull/74 to mainline. There was some fiddling required to deal with the changes that have been made to mainline since (mainly dealing with the split of `RegistrationWorkerStore` from `RegistrationStore`, and the changes made to `self.make_request` in test code).
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-1445-45/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Add an admin API to manage ratelimit for a specific user (#9648)Dirk Klimpel2021-04-131-0/+284
|
* Require AppserviceRegistrationType (#9548)Will Hunt2021-04-121-4/+27
| | | This change ensures that the appservice registration behaviour follows the spec. We decided to do this for Dendrite, so it made sense to also make a PR for synapse to correct the behaviour.
* Use mock from the stdlib. (#9772)Patrick Cloke2021-04-0916-26/+16
|
* Bugbear: Add Mutable Parameter fixes (#9682)Jonathan de Jong2021-04-083-7/+17
| | | | | | | Part of #9366 Adds in fixes for B006 and B008, both relating to mutable parameter lint errors. Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>
* Update mypy configuration: `no_implicit_optional = True` (#9742)Jonathan de Jong2021-04-051-2/+5
|
* Add `order_by` to list user admin API (#9691)Dirk Klimpel2021-04-011-1/+120
|
* Consistently check whether a password may be set for a user. (#9636)Dirk Klimpel2021-03-181-55/+118
|
* Ensure we use a copy of the event content dict before modifying it in ↵Andrew Morgan2021-03-172-0/+124
| | | | | | | | | serialize_event (#9585) This bug was discovered by DINUM. We were modifying `serialized_event["content"]`, which - if you've got `USE_FROZEN_DICTS` turned on or are [using a third party rules module](https://github.com/matrix-org/synapse/blob/17cd48fe5171d50da4cb59db647b993168e7dfab/synapse/events/third_party_rules.py#L73-L76) - will raise a 500 if you try to a edit a reply to a message. `serialized_event["content"]` could be set to the edit event's content, instead of a copy of it, which is bad as we attempt to modify it. Instead, we also end up modifying the original event's content. DINUM uses a third party rules module, which meant the event's content got frozen and thus an exception was raised. To be clear, the problem is not that the event's content was frozen. In fact doing so helped us uncover the fact we weren't copying event content correctly.
* Return m.change_password.enabled=false if local database is disabled (#9588)Dirk Klimpel2021-03-161-4/+32
| | | | | Instead of if the user does not have a password hash. This allows a SSO user to add a password to their account, but only if the local password database is configured.
* Add support for stable MSC2858 API (#9617)Richard van der Hoff2021-03-161-16/+27
| | | | | The stable format uses different brand identifiers, so we need to support two identifiers for each IdP.
* Handle image transparency better when thumbnailing. (#9473)Patrick Cloke2021-03-091-8/+21
| | | | Properly uses RGBA mode for 1- and 8-bit images with transparency (instead of RBG mode).
* Fix additional type hints from Twisted upgrade. (#9518)Patrick Cloke2021-03-031-11/+24
|
* SSO: redirect to public URL before setting cookies (#9436)Richard van der Hoff2021-02-263-26/+60
| | | ... otherwise, we don't get the cookie back.
* Add an `order_by` field to list users' media admin API. (#8978)Dirk Klimpel2021-02-221-21/+225
|
* Remove cache for get_shared_rooms_for_users (#9416)Andrew Morgan2021-02-221-34/+41
| | | | | | | This PR remove the cache for the `get_shared_rooms_for_users` storage method (the db method driving the experimental "what rooms do I share with this user?" feature: [MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)). Currently subsequent requests to the endpoint will return the same result, even if your shared rooms with that user have changed. The cache was added in https://github.com/matrix-org/synapse/pull/7785, but we forgot to ensure it was invalidated appropriately. Upon attempting to invalidate it, I found that the cache had to be entirely invalidated whenever a user (remote or local) joined or left a room. This didn't make for a very useful cache, especially for a function that may or may not be called very often. Thus, I've opted to remove it instead of invalidating it.
* Add testErik Johnston2021-02-191-3/+66
|
* Parse ui_auth.session_timeout as a duration (instead of treating it as ms) ↵Rishabh Arya2021-02-181-1/+1
| | | | (#9426)
* Add the shadow-banning status to the display user admin API. (#9400)Dirk Klimpel2021-02-171-0/+2
|
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-1624-354/+951
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Handle missing data in power levels events during room upgrade. (#9395)Patrick Cloke2021-02-161-0/+153
|
* Convert additional test-cases to homeserver test case. (#9396)Patrick Cloke2021-02-161-158/+91
| | | And convert some inlineDeferreds to async-friendly functions.
* Merge tag 'v1.27.0rc2' into developPatrick Cloke2021-02-112-1/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.27.0rc2 (2021-02-11) ============================== Features -------- - Further improvements to the user experience of registration via single sign-on. ([\#9297](https://github.com/matrix-org/synapse/issues/9297)) Bugfixes -------- - Fix ratelimiting introduced in v1.27.0rc1 for invites to respect the `ratelimit` flag on application services. ([\#9302](https://github.com/matrix-org/synapse/issues/9302)) - Do not automatically calculate `public_baseurl` since it can be wrong in some situations. Reverts behaviour introduced in v1.26.0. ([\#9313](https://github.com/matrix-org/synapse/issues/9313)) Improved Documentation ---------------------- - Clarify the sample configuration for changes made to the template loading code. ([\#9310](https://github.com/matrix-org/synapse/issues/9310))
| * Backout changes for automatically calculating the public baseurl. (#9313)Patrick Cloke2021-02-112-1/+12
| | | | | | | | This breaks some people's configurations (if their Client-Server API is not accessed via port 443).
* | Convert some test cases to use HomeserverTestCase. (#9377)Patrick Cloke2021-02-111-28/+0
| | | | | | | | This has the side-effect of being able to remove use of `inlineCallbacks` in the test-cases for cleaner tracebacks.
* | Merge pull request #9150 from Yoric/develop-contextDavid Teller2021-02-081-0/+84
|\ \ | | | | | | New API /_synapse/admin/rooms/{roomId}/context/{eventId}
| * | FIXUP: linterDavid Teller2021-01-281-1/+3
| | |
| * | FIXUP: Now testing that the user is admin!David Teller2021-01-281-1/+35
| | |
| * | New API /_synapse/admin/rooms/{roomId}/context/{eventId}David Teller2021-01-281-0/+48
| | | | | | | | | | | | Signed-off-by: David Teller <davidt@element.io>
* | | Merge branch 'erikj/media_spam_checker' into developErik Johnston2021-02-041-0/+94
|\ \ \
| * | | Add check_media_file_for_spam spam checker hookErik Johnston2021-02-041-0/+94
| | |/ | |/|
* / | Social login UI polish (#9301)Richard van der Hoff2021-02-031-4/+12
|/ /
* | Add an admin API to get the current room state (#9168)Travis Ralston2021-02-021-0/+15
| | | | | | | | | | This could arguably replace the existing admin API for `/members`, however that is out of scope of this change. This sort of endpoint is ideal for moderation use cases as well as other applications, such as needing to retrieve various bits of information about a room to perform a task (like syncing power levels between two places). This endpoint exposes nothing more than an admin would be able to access with a `select *` query on their database.
* | Merge branch 'social_login' into developRichard van der Hoff2021-02-012-18/+18
|\ \
| * | Replace username picker with a template (#9275)Richard van der Hoff2021-02-011-3/+2
| | | | | | | | | | | | | | | There's some prelimiary work here to pull out the construction of a jinja environment to a separate function. I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.
| * | Fix SSO on workers (#9271)Richard van der Hoff2021-02-012-16/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #8966. * Factor out build_synapse_client_resource_tree Start a function which will mount resources common to all workers. * Move sso init into build_synapse_client_resource_tree ... so that we don't have to do it for each worker * Fix SSO-login-via-a-worker Expose the SSO login endpoints on workers, like the documentation says. * Update workers config for new endpoints Add documentation for endpoints recently added (#8942, #9017, #9262) * remove submit_token from workers endpoints list this *doesn't* work on workers (yet). * changelog * Add a comment about the odd path for SAML2Resource
| * | Split out a separate endpoint to complete SSO registration (#9262)Richard van der Hoff2021-02-011-1/+13
| | | | | | | | | There are going to be a couple of paths to get to the final step of SSO reg, and I want the URL in the browser to consistent. So, let's move the final step onto a separate path, which we redirect to.
* | | Ratelimit invites by room and target user (#9258)Erik Johnston2021-01-291-0/+35
| | |
* | | Ratelimit 3PID /requestToken API (#9238)Erik Johnston2021-01-281-6/+84
| |/ |/|
* | Merge branch 'social_login' into developRichard van der Hoff2021-01-271-0/+92
|\|
| * Implement MSC2858 support (#9183)Richard van der Hoff2021-01-271-0/+92
| | | | | | Fixes #8928.
* | Add an admin API for shadow-banning users. (#9209)Patrick Cloke2021-01-252-6/+66
| | | | | | | | | | | | | | | | | | | | This expands the current shadow-banning feature to be usable via the admin API and adds documentation for it. A shadow-banned users receives successful responses to their client-server API requests, but the events are not propagated into rooms. Shadow-banning a user should be used as a tool of last resort and may lead to confusing or broken behaviour for the client.
* | Return a 404 if no valid thumbnail is found. (#9163)Patrick Cloke2021-01-211-1/+24
| | | | | | | | | | | | If no thumbnail of the requested type exists, return a 404 instead of erroring. This doesn't quite match the spec (which does not define what happens if no thumbnail can be found), but is consistent with what Synapse already does.
* | Add tests for List Users Admin API (#9045)Dirk Klimpel2021-01-211-27/+196
|/
* Prefix idp_id with "oidc-" (#9189)Richard van der Hoff2021-01-211-1/+1
| | | ... to avoid clashes with other SSO mechanisms
* Give `public_baseurl` a default value (#9159)Richard van der Hoff2021-01-201-9/+0
|
* Fix bugs in handling clientRedirectUrl, and improve OIDC tests (#9127, #9128)Richard van der Hoff2021-01-182-81/+127
| | | | | | | | | | | | | | | | * Factor out a common TestHtmlParser Looks like I'm doing this in a few different places. * Improve OIDC login test Complete the OIDC login flow, rather than giving up halfway through. * Ensure that OIDC login works with multiple OIDC providers * Fix bugs in handling clientRedirectUrl - don't drop duplicate query-params, or params with no value - allow utf-8 in query-params
* Fix test failure due to bad mergeRichard van der Hoff2021-01-151-1/+3
| | | | | | | 0dd2649c1 (#9112) changed the signature of `auth_via_oidc`. Meanwhile, 26d10331e (#9091) introduced a new test which relied on the old signature of `auth_via_oidc`. The two branches were never tested together until they landed in develop.
* Add an admin API endpoint to protect media. (#9086)Patrick Cloke2021-01-151-3/+5
| | | | | | Protecting media stops it from being quarantined when e.g. all media in a room is quarantined. This is useful for sticker packs and other media that is uploaded by server administrators, but used by many people.
* Improve UsernamePickerTestCase (#9112)Richard van der Hoff2021-01-153-7/+111
| | | | | * make the OIDC bits of the test work at a higher level - via the REST api instead of poking the OIDCHandler directly. * Move it to test_login.py, where I think it fits better.
* Add a test for wrong user returned by SSORichard van der Hoff2021-01-131-0/+27
|
* Add a test for UI-Auth-via-SSO (#9082)Richard van der Hoff2021-01-132-37/+199
| | | | | * Add complete test for UI-Auth-via-SSO. * review comments
* Remove user's avatar URL and displayname when deactivated. (#8932)Dirk Klimpel2021-01-123-3/+228
| | | This only applies if the user's data is to be erased.
* Also support remote users on the joined_rooms admin API. (#8948)David Teller2021-01-111-6/+52
| | | | For remote users, only the rooms which the server knows about are returned. Local users have all of their joined rooms returned.
* Removes unnecessary declarations in the tests for the admin API. (#9063)Dirk Klimpel2021-01-116-17/+0
|
* Add some tests for the IDP picker flowRichard van der Hoff2021-01-072-3/+191
|
* Fix type hints in test_login.pyRichard van der Hoff2021-01-071-24/+54
|
* black-format tests/rest/client/v1/test_login.pyRichard van der Hoff2021-01-071-11/+6
| | | | | black seems to want to reformat this, despite `black --check` being happy with it :/
* Skip unit tests which require optional dependencies (#9031)Richard van der Hoff2021-01-073-11/+33
| | | If we are lacking an optional dependency, skip the tests that rely on it.
* Combine the SSO Redirect Servlets (#9015)Richard van der Hoff2021-01-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement CasHandler.handle_redirect_request ... to make it match OidcHandler and SamlHandler * Clean up interface for OidcHandler.handle_redirect_request Make it accept `client_redirect_url=None`. * Clean up interface for `SamlHandler.handle_redirect_request` ... bring it into line with CAS and OIDC by making it take a Request parameter, move the magic for `client_redirect_url` for UIA into the handler, and fix the return type to be a `str` rather than a `bytes`. * Define a common protocol for SSO auth provider impls * Give SsoIdentityProvider an ID and register them * Combine the SSO Redirect servlets Now that the SsoHandler knows about the identity providers, we can combine the various *RedirectServlets into a single implementation which delegates to the right IdP. * changelog
* Drop the unused local_invites table. (#8979)Patrick Cloke2020-12-291-1/+0
| | | This table has been unused since Synapse v1.17.0.
* Support PyJWT v2.0.0. (#8986)Patrick Cloke2020-12-221-4/+12
| | | | Tests were broken due to an API changing. The code used in Synapse proper should be compatible with both versions already.
* Allow server admin to get admin bit in rooms where local user is an admin ↵Erik Johnston2020-12-181-0/+138
| | | | | | | (#8756) This adds an admin API that allows a server admin to get power in a room if a local user has power in a room. Will also invite the user if they're not in the room and its a private room. Can specify another user (rather than the admin user) to be granted power. Co-authored-by: Matthew Hodgson <matthew@matrix.org>
* Allow re-using a UI auth validation for a period of time (#8970)Patrick Cloke2020-12-181-31/+63
|
* Fix `UsersListTestCase` (#8964)Richard van der Hoff2020-12-171-6/+4
|
* Fix a bug that deactivated users appear in the directory (#8933)Dirk Klimpel2020-12-171-1/+49
| | | | | | | | | | Fixes a bug that deactivated users appear in the directory when their profile information was updated. To change profile information of deactivated users is neccesary for example you will remove displayname or avatar. But they should not appear in directory. They are deactivated. Co-authored-by: Erik Johnston <erikj@jki.re>
* Make search statement in List Room and User Admin API case-insensitive (#8931)Dirk Klimpel2020-12-172-3/+105
|
* Convert internal pusher dicts to attrs classes. (#8940)Patrick Cloke2020-12-161-1/+1
| | | This improves type hinting and should use less memory.
* Merge pull request #8951 from matrix-org/rav/username_picker_2Richard van der Hoff2020-12-161-1/+1
|\ | | | | More preparatory refactoring of the OidcHandler tests
| * Test `get_extra_attributes` fallbackRichard van der Hoff2020-12-151-1/+1
| | | | | | | | | | despite the warnings saying "don't implement get_extra_attributes", we had implemented it, so the tests weren't doing what we thought they were.
* | lintRichard van der Hoff2020-12-152-2/+1
| |
* | Remove spurious "SynapseRequest" result from `make_request"Richard van der Hoff2020-12-1536-861/+660
| | | | | | | | This was never used, so let's get rid of it.
* | Remove redundant reading of SynapseRequest.argsRichard van der Hoff2020-12-151-9/+1
| | | | | | | | this didn't seem to be doing a lot, so remove it.
* | remove 'response' result from `_get_shared_rooms`Richard van der Hoff2020-12-151-8/+9
| |
* | Replace `request.code` with `channel.code`Richard van der Hoff2020-12-155-11/+11
|/ | | | | | The two are equivalent, but really we want to check the HTTP result that got returned to the channel, not the code that the Request object *intended* to return to the channel.
* Add number of local devices to Room Details Admin API (#8886)Dirk Klimpel2020-12-111-0/+34
|
* Don't ratelimit autojoining of rooms (#8921)Erik Johnston2020-12-111-0/+16
| | | Fixes #8866
* Add X-Robots-Tag header to stop crawlers from indexing media (#8887)Aaron Raimist2020-12-081-0/+13
| | | | | | | Fixes / related to: https://github.com/matrix-org/synapse/issues/6533 This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Call set_avatar_url with target_user, not user_id (#8872)Will Hunt2020-12-071-1/+6
| | | | | | | | | | | | | | | | | | | | * Call set_avatar_url with target_user, not user_id Fixes https://github.com/matrix-org/synapse/issues/8871 * Create 8872.bugfix * Update synapse/rest/admin/users.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Testing * Update changelog.d/8872.bugfix Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Add additional validation to pusher URLs. (#8865)Patrick Cloke2020-12-041-1/+1
| | | | Pusher URLs now must end in `/_matrix/push/v1/notify` per the specification.
* Fix errorcode for disabled registration (#8867)Richard van der Hoff2020-12-031-0/+1
| | | | The spec says we should return `M_FORBIDDEN` when someone tries to register and registration is disabled.
* Merge pull request #8858 from matrix-org/rav/sso_uiaRichard van der Hoff2020-12-022-18/+192
|\ | | | | UIA: offer only available auth flows
| * UIA: offer only available auth flowsRichard van der Hoff2020-12-022-18/+192
| | | | | | | | | | | | | | During user-interactive auth, do not offer password auth to users with no password, nor SSO auth to users with no SSO. Fixes #7559.
* | remove unused FakeResponse (#8864)Richard van der Hoff2020-12-021-26/+0
| |
* | Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-027-8/+8
|/ | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* Allow specifying room version in 'RestHelper.create_room_as' and add typing ↵Andrew Morgan2020-12-021-2/+25
| | | | | (#8854) This PR adds a `room_version` argument to the `RestHelper`'s `create_room_as` function for tests. I plan to use this for testing knocking, which currently uses an unstable room version.
* Support "identifier" dicts in UIA (#8848)Richard van der Hoff2020-12-011-8/+25
| | | | | | | | | | The spec requires synapse to support `identifier` dicts for `m.login.password` user-interactive auth, which it did not (instead, it required an undocumented `user` parameter.) To fix this properly, we need to pull the code that interprets `identifier` into `AuthHandler.validate_login` so that it can be called from the UIA code. Fixes #5665.
* Fix broken testcase (#8851)Richard van der Hoff2020-12-011-1/+0
| | | | This test was broken by #8565. It doesn't need to set set `self.clock` here anyway - that is done by `setUp`.
* Simplify the way the `HomeServer` object caches its internal attributes. ↵Jonathan de Jong2020-11-302-9/+12
| | | | | (#8565) Changes `@cache_in_self` to use underscore-prefixed attributes.
* Remove deprecated `/_matrix/client/*/admin` endpoints (#8785)Dirk Klimpel2020-11-254-7/+115
| | | These are now only available via `/_synapse/admin/v1`.
* Fix tests on develop (#8777)Erik Johnston2020-11-181-16/+0
| | | This was broken due to #8617 and #8761.
* Merge pull request #8761 from matrix-org/rav/test_request_renderingRichard van der Hoff2020-11-1736-678/+57
|\ | | | | Make `make_request` actually render the request
| * Remove redundant `HomeserverTestCase.render`Richard van der Hoff2020-11-1632-587/+0
| |
| * Remove redundant calls to `render()`Richard van der Hoff2020-11-163-20/+8
| |
| * Make `make_request` actually render the requestRichard van der Hoff2020-11-166-59/+34
| | | | | | | | | | | | remove the stubbing out of `request.process`, so that `requestReceived` also renders the request via the appropriate resource. Replace render() with a stub for now.
| * Fix the URL in the URL preview testsRichard van der Hoff2020-11-161-19/+22
| | | | | | | | the preview resource is mointed at preview_url, not url_preview
* | Add admin API for logging in as a user (#8617)Erik Johnston2020-11-171-2/+243
|/
* Merge pull request #8757 from matrix-org/rav/pass_site_to_make_requestRichard van der Hoff2020-11-166-29/+97
|\ | | | | Pass a Site into `make_request`
| * Merge branch 'develop' into rav/pass_site_to_make_requestRichard van der Hoff2020-11-165-13/+7
| |\
| * | use global make_request() directly where we have a custom ResourceRichard van der Hoff2020-11-155-19/+71
| | | | | | | | | | | | | | | | | | Where we want to render a request against a specific Resource, call the global make_request() function rather than the one in HomeserverTestCase, allowing us to pass in an appropriate `Site`.
| * | pass a Site into make_requestRichard van der Hoff2020-11-151-6/+25
| | |
| * | pass a Site into RestHelperRichard van der Hoff2020-11-151-5/+6
| | |
* | | Move `wait_until_result` into `FakeChannel` (#8758)Richard van der Hoff2020-11-161-3/+3
| |/ |/| | | | | FakeChannel has everything we need, and this more accurately models the real flow.
* | Rename `create_test_json_resource` to `create_test_resource` (#8759)Richard van der Hoff2020-11-164-10/+6
| | | | | | | | | | The root resource isn't necessarily a JsonResource, so rename this method accordingly, and update a couple of test classes to use the method rather than directly manipulating self.resource.
* | Add a `custom_headers` param to `make_request` (#8760)Richard van der Hoff2020-11-161-4/+6
|/ | | | Some tests want to set some custom HTTP request headers, so provide a way to do that before calling requestReceived().
* Add an admin API for users' media statistics (#8700)Dirk Klimpel2020-11-051-0/+485
| | | | | | | | Add `GET /_synapse/admin/v1/statistics/users/media` to get statisics about local media usage by users. Related to #6094 It is the first API for statistics. Goal is to avoid/reduce usage of sql queries like [Wiki analyzing Synapse](https://github.com/matrix-org/synapse/wiki/SQL-for-analyzing-Synapse-PostgreSQL-database-stats) Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Add `displayname` to Shared-Secret Registration for admins (#8722)Dirk Klimpel2020-11-051-2/+119
| | | Add `displayname` to Shared-Secret Registration for admins to `POST /_synapse/admin/v1/register`
* Consolidate purge table lists to prevent desyncronisation (#8713)Andrew Morgan2020-11-041-67/+38
| | | I idly noticed that these lists were out of sync with each other, causing us to miss a table in a test case (`local_invites`). Let's consolidate this list instead to prevent this from happening in the future.
* Fix unit tests (#8689)Erik Johnston2020-10-291-1/+1
| | | | | * Fix unit tests * Newsfile
* Add ability for access tokens to belong to one user but grant access to ↵Erik Johnston2020-10-291-0/+1
| | | | | | | | | | another user. (#8616) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
* Add an admin APIs to allow server admins to list users' pushers (#8610)Dirk Klimpel2020-10-281-0/+124
| | | Add an admin API `GET /_synapse/admin/v1/users/<user_id>/pushers` like https://matrix.org/docs/spec/client_server/latest#get-matrix-client-r0-pushers