From 1f31cc37f8611f9ae5612ef5be82e63735fbdf34 Mon Sep 17 00:00:00 2001
From: David Baker <dave@matrix.org>
Date: Thu, 2 Jun 2016 17:21:31 +0100
Subject: Working unsubscribe links going straight to the HS

and authed by macaroons that let you delete pushers and nothing else
---
 synapse/api/auth.py | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'synapse/api')

diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 463bd8b692..31e1abb964 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -660,6 +660,13 @@ class Auth(object):
                     "is_guest": True,
                     "token_id": None,
                 }
+            elif rights == "delete_pusher":
+                # We don't store these tokens in the database
+                ret = {
+                    "user": user,
+                    "is_guest": False,
+                    "token_id": None,
+                }
             else:
                 # This codepath exists so that we can actually return a
                 # token ID, because we use token IDs in place of device
-- 
cgit 1.4.1