From 3d2cca67620e630ba17dc14f8b7b92ff0fa92774 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Wed, 24 Sep 2014 11:17:43 +0100 Subject: Fix test. --- tests/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/utils.py') diff --git a/tests/utils.py b/tests/utils.py index bc5d35e56b..bb8e9964dd 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -262,7 +262,7 @@ class MemoryDataStore(object): return defer.succeed("invite") def get_ops_levels(self, room_id): - return defer.succeed((5, 5)) + return defer.succeed((5, 5, 5)) def _format_call(args, kwargs): -- cgit 1.4.1 From 0fdf3088743b25e9fcc39b7b3b4c7f6e8332e26c Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Fri, 26 Sep 2014 16:36:24 +0100 Subject: Track the IP users connect with. Add an admin column to users table. --- synapse/api/auth.py | 10 +++++++++- synapse/rest/register.py | 8 +------- synapse/server.py | 12 ++++++++++++ synapse/storage/__init__.py | 12 +++++++++++- synapse/storage/schema/delta/v5.sql | 13 +++++++++++++ synapse/storage/schema/users.sql | 11 +++++++++++ tests/rest/test_presence.py | 6 +++++- tests/rest/test_profile.py | 4 ++-- tests/utils.py | 3 +++ 9 files changed, 67 insertions(+), 12 deletions(-) create mode 100644 synapse/storage/schema/delta/v5.sql (limited to 'tests/utils.py') diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 9bfd25c86e..6f8146ec3a 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -206,6 +206,7 @@ class Auth(object): defer.returnValue(True) + @defer.inlineCallbacks def get_user_by_req(self, request): """ Get a registered user's ID. @@ -218,7 +219,14 @@ class Auth(object): """ # Can optionally look elsewhere in the request (e.g. headers) try: - return self.get_user_by_token(request.args["access_token"][0]) + access_token = request.args["access_token"][0] + user = yield self.get_user_by_token(access_token) + + ip_addr = self.hs.get_ip_from_request(request) + if user and access_token and ip_addr: + self.store.insert_client_ip(user, access_token, ip_addr) + + defer.returnValue(user) except KeyError: raise AuthError(403, "Missing access token.") diff --git a/synapse/rest/register.py b/synapse/rest/register.py index 4935e323d9..804117ee09 100644 --- a/synapse/rest/register.py +++ b/synapse/rest/register.py @@ -195,13 +195,7 @@ class RegisterRestServlet(RestServlet): raise SynapseError(400, "Captcha response is required", errcode=Codes.CAPTCHA_NEEDED) - # May be an X-Forwarding-For header depending on config - ip_addr = request.getClientIP() - if self.hs.config.captcha_ip_origin_is_x_forwarded: - # use the header - if request.requestHeaders.hasHeader("X-Forwarded-For"): - ip_addr = request.requestHeaders.getRawHeaders( - "X-Forwarded-For")[0] + ip_addr = self.hs.get_ip_from_request(request) handler = self.handlers.registration_handler yield handler.check_recaptcha( diff --git a/synapse/server.py b/synapse/server.py index cdea49e6ab..e5b048ede0 100644 --- a/synapse/server.py +++ b/synapse/server.py @@ -143,6 +143,18 @@ class BaseHomeServer(object): def serialize_event(self, e): return serialize_event(self, e) + def get_ip_from_request(self, request): + # May be an X-Forwarding-For header depending on config + ip_addr = request.getClientIP() + if self.config.captcha_ip_origin_is_x_forwarded: + # use the header + if request.requestHeaders.hasHeader("X-Forwarded-For"): + ip_addr = request.requestHeaders.getRawHeaders( + "X-Forwarded-For" + )[0] + + return ip_addr + # Build magic accessors for every dependency for depname in BaseHomeServer.DEPENDENCIES: BaseHomeServer._make_dependency_method(depname) diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py index 15919eb580..d53c090a91 100644 --- a/synapse/storage/__init__.py +++ b/synapse/storage/__init__.py @@ -63,7 +63,7 @@ SCHEMAS = [ # Remember to update this number every time an incompatible change is made to # database schema files, so the users will be informed on server restarts. -SCHEMA_VERSION = 4 +SCHEMA_VERSION = 5 class _RollbackButIsFineException(Exception): @@ -294,6 +294,16 @@ class DataStore(RoomMemberStore, RoomStore, defer.returnValue(self.min_token) + def insert_client_ip(self, user, access_token, ip): + return self._simple_insert( + "user_ips", + { + "user": user.to_string(), + "access_token": access_token, + "ip": ip + } + ) + def snapshot_room(self, room_id, user_id, state_type=None, state_key=None): """Snapshot the room for an update by a user Args: diff --git a/synapse/storage/schema/delta/v5.sql b/synapse/storage/schema/delta/v5.sql new file mode 100644 index 0000000000..380eec6f35 --- /dev/null +++ b/synapse/storage/schema/delta/v5.sql @@ -0,0 +1,13 @@ + +CREATE TABLE IF NOT EXISTS user_ips ( + user TEXT NOT NULL, + access_token TEXT NOT NULL, + ip TEXT NOT NULL, + CONSTRAINT user_ip UNIQUE (user, access_token, ip) ON CONFLICT IGNORE +); + +CREATE INDEX IF NOT EXISTS user_ips_user ON user_ips(user); + +ALTER TABLE users ADD COLUMN admin BOOL DEFAULT 0 NOT NULL; + +PRAGMA user_version = 5; diff --git a/synapse/storage/schema/users.sql b/synapse/storage/schema/users.sql index 2519702971..89eab8babe 100644 --- a/synapse/storage/schema/users.sql +++ b/synapse/storage/schema/users.sql @@ -17,6 +17,7 @@ CREATE TABLE IF NOT EXISTS users( name TEXT, password_hash TEXT, creation_ts INTEGER, + admin BOOL DEFAULT 0 NOT NULL, UNIQUE(name) ON CONFLICT ROLLBACK ); @@ -29,3 +30,13 @@ CREATE TABLE IF NOT EXISTS access_tokens( FOREIGN KEY(user_id) REFERENCES users(id), UNIQUE(token) ON CONFLICT ROLLBACK ); + +CREATE TABLE IF NOT EXISTS user_ips ( + user TEXT NOT NULL, + access_token TEXT NOT NULL, + ip TEXT NOT NULL, + CONSTRAINT user_ip UNIQUE (user, access_token, ip) ON CONFLICT IGNORE +); + +CREATE INDEX IF NOT EXISTS user_ips_user ON user_ips(user); + diff --git a/tests/rest/test_presence.py b/tests/rest/test_presence.py index ea3478ac5d..1b3e6759c2 100644 --- a/tests/rest/test_presence.py +++ b/tests/rest/test_presence.py @@ -51,10 +51,12 @@ class PresenceStateTestCase(unittest.TestCase): datastore=Mock(spec=[ "get_presence_state", "set_presence_state", + "insert_client_ip", ]), http_client=None, resource_for_client=self.mock_resource, resource_for_federation=self.mock_resource, + config=Mock(), ) hs.handlers = JustPresenceHandlers(hs) @@ -131,10 +133,12 @@ class PresenceListTestCase(unittest.TestCase): "set_presence_list_accepted", "del_presence_list", "get_presence_list", + "insert_client_ip", ]), http_client=None, resource_for_client=self.mock_resource, - resource_for_federation=self.mock_resource + resource_for_federation=self.mock_resource, + config=Mock(), ) hs.handlers = JustPresenceHandlers(hs) diff --git a/tests/rest/test_profile.py b/tests/rest/test_profile.py index e6e51f6dd0..b0f48e7fd8 100644 --- a/tests/rest/test_profile.py +++ b/tests/rest/test_profile.py @@ -50,10 +50,10 @@ class ProfileTestCase(unittest.TestCase): datastore=None, ) - def _get_user_by_token(token=None): + def _get_user_by_req(request=None): return hs.parse_userid(myid) - hs.get_auth().get_user_by_token = _get_user_by_token + hs.get_auth().get_user_by_req = _get_user_by_req hs.get_handlers().profile_handler = self.mock_handler diff --git a/tests/utils.py b/tests/utils.py index bb8e9964dd..ae97621147 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -264,6 +264,9 @@ class MemoryDataStore(object): def get_ops_levels(self, room_id): return defer.succeed((5, 5, 5)) + def insert_client_ip(self, user, access_token, ip_addr): + return defer.succeed(None) + def _format_call(args, kwargs): return ", ".join( -- cgit 1.4.1 From d96cb61f26fa5ed3f0aab9b4c461e9656d986194 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Mon, 29 Sep 2014 15:35:57 +0100 Subject: Unbreak tests after changing storage API --- tests/rest/test_presence.py | 12 +++++++++-- tests/rest/test_rooms.py | 41 ++++++++++++++++++++++++++++++++------ tests/storage/test_registration.py | 4 ++-- tests/utils.py | 8 ++++++-- 4 files changed, 53 insertions(+), 12 deletions(-) (limited to 'tests/utils.py') diff --git a/tests/rest/test_presence.py b/tests/rest/test_presence.py index 1b3e6759c2..e2dc3dec81 100644 --- a/tests/rest/test_presence.py +++ b/tests/rest/test_presence.py @@ -67,7 +67,11 @@ class PresenceStateTestCase(unittest.TestCase): self.datastore.get_presence_list = get_presence_list def _get_user_by_token(token=None): - return hs.parse_userid(myid) + return { + "user": hs.parse_userid(myid), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token @@ -151,7 +155,11 @@ class PresenceListTestCase(unittest.TestCase): self.datastore.has_presence_state = has_presence_state def _get_user_by_token(token=None): - return hs.parse_userid(myid) + return { + "user": hs.parse_userid(myid), + "admin": False, + "device_id": None, + } room_member_handler = hs.handlers.room_member_handler = Mock( spec=[ diff --git a/tests/rest/test_rooms.py b/tests/rest/test_rooms.py index 4ea5828d4f..1ce9b8a83d 100644 --- a/tests/rest/test_rooms.py +++ b/tests/rest/test_rooms.py @@ -69,7 +69,11 @@ class RoomPermissionsTestCase(RestTestCase): hs.get_handlers().federation_handler = Mock() def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token self.auth_user_id = self.rmcreator_id @@ -425,7 +429,11 @@ class RoomsMemberListTestCase(RestTestCase): self.auth_user_id = self.user_id def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token synapse.rest.room.register_servlets(hs, self.mock_resource) @@ -508,7 +516,11 @@ class RoomsCreateTestCase(RestTestCase): hs.get_handlers().federation_handler = Mock() def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token synapse.rest.room.register_servlets(hs, self.mock_resource) @@ -605,7 +617,11 @@ class RoomTopicTestCase(RestTestCase): hs.get_handlers().federation_handler = Mock() def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token synapse.rest.room.register_servlets(hs, self.mock_resource) @@ -715,7 +731,16 @@ class RoomMemberStateTestCase(RestTestCase): hs.get_handlers().federation_handler = Mock() def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token synapse.rest.room.register_servlets(hs, self.mock_resource) @@ -847,7 +872,11 @@ class RoomMessagesTestCase(RestTestCase): hs.get_handlers().federation_handler = Mock() def _get_user_by_token(token=None): - return hs.parse_userid(self.auth_user_id) + return { + "user": hs.parse_userid(self.auth_user_id), + "admin": False, + "device_id": None, + } hs.get_auth().get_user_by_token = _get_user_by_token synapse.rest.room.register_servlets(hs, self.mock_resource) diff --git a/tests/storage/test_registration.py b/tests/storage/test_registration.py index 91e221d53e..84bfde7568 100644 --- a/tests/storage/test_registration.py +++ b/tests/storage/test_registration.py @@ -53,7 +53,7 @@ class RegistrationStoreTestCase(unittest.TestCase): ) self.assertEquals( - self.user_id, + {"admin": 0, "device_id": None, "name": self.user_id}, (yield self.store.get_user_by_token(self.tokens[0])) ) @@ -63,7 +63,7 @@ class RegistrationStoreTestCase(unittest.TestCase): yield self.store.add_access_token_to_user(self.user_id, self.tokens[1]) self.assertEquals( - self.user_id, + {"admin": 0, "device_id": None, "name": self.user_id}, (yield self.store.get_user_by_token(self.tokens[1])) ) diff --git a/tests/utils.py b/tests/utils.py index ae97621147..e7c4bc4cad 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -167,7 +167,11 @@ class MemoryDataStore(object): def get_user_by_token(self, token): try: - return self.tokens_to_users[token] + return { + "name": self.tokens_to_users[token], + "admin": 0, + "device_id": None, + } except: raise StoreError(400, "User does not exist.") @@ -264,7 +268,7 @@ class MemoryDataStore(object): def get_ops_levels(self, room_id): return defer.succeed((5, 5, 5)) - def insert_client_ip(self, user, access_token, ip_addr): + def insert_client_ip(self, user, device_id, access_token, ip, user_agent): return defer.succeed(None) -- cgit 1.4.1