0b6fbb28a8
Don't load the media repo when configured to use an external media repo ( #5754 )
2019-08-13 21:49:28 +10:00
edeae53221
Return 404 instead of 403 when retrieving an event without perms ( #5798 )
...
Part of fixing matrix-org/sytest#652
Sytest PR: matrix-org/sytest#667
2019-08-06 13:33:55 +01:00
336c546d6a
Merge branch 'cross-signing_hidden' into cross-signing_keys
2019-08-01 16:31:40 -04:00
f25f638c35
Lint
2019-08-01 12:19:08 +02:00
a4a9ded4d0
Allow defining HTML templates to serve the user on account renewal
2019-08-01 11:59:27 +02:00
c659b9f94f
allow uploading keys for cross-signing
2019-07-25 11:08:24 -04:00
baf081cd3b
Bugfixes
...
--------
- Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. ([\#5734](https://github.com/matrix-org/synapse/issues/5734 ))
-----BEGIN PGP SIGNATURE-----
iQJHBAABCgAxFiEEgQG31Z317NrSMt0QiISIDS7+X/QFAl04Ur0THGFuZHJld0Bh
bW9yZ2FuLnh5egAKCRCIhIgNLv5f9F4oD/0TY6S/SEd2uAmzor64ojmbX5BOwPzf
j/wzUTrfvuf40EvkNPDpnejNZSvy/ysbaGQaQusv0SQKlV3xrvdn4RuMvnOWVWck
kBsO+lvzOaUTR0KHDxN4y9F5eI2NdPbub4847PPVzyqSIHAd+kolxXS8kSBBhwpL
yfaICWV/AOy5L7xN+JZ9IQpnegVAvUj5DmgXzDHd6VdeiHDVJuARaBgrR5uCkwVS
ZoLRqZ95XV/qiguMAUvPOwyEqht2mwO64989MswP16YYm8oMkB5QA6I5nYnACsTP
qk9YcN/oNvEfQXUhttku6MxK1/4yUMPUhEoDBDH7ebc0440QDtWN+IHTdA6oPVZB
IuStL9YGY16m7Ltx37ZUA4URfNMiSeLHo3zKc/mCAcwxN4HyOjJewtxbG5zKQAOZ
SMs8UcDwGR4zL1hnt8ZDNYtWwfzJBQIdGjoHvjXJEY7/1csTv2lmAwewFTXiqSAr
30GW5ews94kotqBK53zZT6V0F5gHNqgGHniOz1ZpqLLxYLqO3LSAGe97CrqlWUdX
GkhA9tZyweknociD9fyyBmKdcFJ4mL4a+oGI5CMnSMph8UvCY8Y5XMb1T+iYEABI
tA9G3mBvgkLPj+5V+8QggNkBafSigW2Q4FX7enGsDmiiskZOtfeKrAcVkapD4ooi
3I7IW5aetZr2IQ==
=+JBn
-----END PGP SIGNATURE-----
Merge tag 'v1.2.0rc2' into develop
Bugfixes
--------
- Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. ([\#5734](https://github.com/matrix-org/synapse/issues/5734 ))
2019-07-24 13:47:51 +01:00
cf2972c818
Fix servlet metric names ( #5734 )
...
* Fix servlet metric names
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove redundant check
* Cover all return paths
2019-07-24 13:07:35 +01:00
4806651744
Replace returnValue with return ( #5736 )
2019-07-23 23:00:55 +10:00
b2a382efdb
Remove the ability to query relations when the original event was redacted. ( #5629 )
...
Fixes #5594
Forbid viewing relations on an event once it has been redacted.
2019-07-18 14:41:42 +01:00
24aa0e0a5b
fix typo: backgroud -> background
2019-07-12 15:29:40 +01:00
0a4001eba1
Clean up exception handling for access_tokens ( #5656 )
...
First of all, let's get rid of `TOKEN_NOT_FOUND_HTTP_STATUS`. It was a hack we
did at one point when it was possible to return either a 403 or a 401 if the
creds were missing. We always return a 401 in these cases now (thankfully), so
it's not needed.
Let's also stop abusing `AuthError` for these cases. Honestly they have nothing
that relates them to the other places that `AuthError` is used, other than the
fact that they are loosely under the 'Auth' banner. It makes no sense for them
to share exception classes.
Instead, let's add a couple of new exception classes: `InvalidClientTokenError`
and `MissingClientTokenError`, for the `M_UNKNOWN_TOKEN` and `M_MISSING_TOKEN`
cases respectively - and an `InvalidClientCredentialsError` base class for the
two of them.
2019-07-11 11:06:23 +01:00
f281714583
Don't bundle aggregations when retrieving the original event ( #5654 )
...
A fix for PR #5626 , which returned the original event content as part of a call to /relations.
Only problem was that we were attempting to aggregate the relations on top of it when we did so. We now set bundle_aggregations to False in the get_event call.
We also do this when pulling the relation events as well, because edits of edits are not something we'd like to support here.
2019-07-10 14:43:11 +01:00
d88421ab03
Include the original event in /relations ( #5626 )
...
When asking for the relations of an event, include the original event in the response. This will mostly be used for efficiently showing edit history, but could be useful in other circumstances.
2019-07-09 13:43:08 +01:00
824707383b
Remove access-token support from RegistrationHandler.register ( #5641 )
...
Nothing uses this now, so we can remove the dead code, and clean up the
API.
Since we're changing the shape of the return value anyway, we take the
opportunity to give the method a better name.
2019-07-08 19:01:08 +01:00
f9e99f9534
Factor out some redundant code in the login impl ( #5639 )
...
* Factor out some redundant code in the login impl
Also fixes a redundant access_token which was generated during jwt login.
* changelog
2019-07-08 23:54:22 +10:00
463b072b12
Move logging utilities out of the side drawer of util/ and into logging/ ( #5606 )
2019-07-04 00:07:04 +10:00
0ee9076ffe
Fix media repo breaking ( #5593 )
2019-07-02 19:01:28 +01:00
6eecb6e500
Complete the SAML2 implementation ( #5422 )
...
* SAML2 Improvements and redirect stuff
Signed-off-by: Alexander Trost <galexrt@googlemail.com>
* Code cleanups and simplifications.
Also: share the saml client between redirect and response handlers.
* changelog
* Revert redundant changes to static js
* Move all the saml stuff out to a centralised handler
* Add support for tracking SAML2 sessions.
This allows us to correctly handle `allow_unsolicited: False`.
* update sample config
* cleanups
* update sample config
* rename BaseSSORedirectServlet for consistency
* Address review comments
2019-07-02 11:18:11 +01:00
948488e115
Fix JWT login with new users ( #5586 )
...
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
2019-07-02 10:25:37 +01:00
b4914681a5
fix async/await consentresource ( #5585 )
...
Fixes #5582
2019-07-01 23:33:52 +10:00
b4fd86a9b4
Merge branch 'develop' into rav/saml2_client
2019-07-01 14:21:03 +01:00
f40a7dc41f
Make the http server handle coroutine-making REST servlets ( #5475 )
2019-06-29 17:06:55 +10:00
856ea04eb3
Fix JWT login ( #5555 )
...
* Fix JWT login with register
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Add pyjwt conditional dependency
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Added changelog file
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Improved changelog description
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
2019-06-27 12:02:41 +01:00
79b9d9076d
rename BaseSSORedirectServlet for consistency
2019-06-27 00:46:57 +01:00
3705322103
Move all the saml stuff out to a centralised handler
2019-06-26 22:52:02 +01:00
a4daa899ec
Merge branch 'develop' into rav/saml2_client
2019-06-26 22:34:41 +01:00
bfe84e051e
Split public rooms directory auth config in two
2019-06-24 15:42:31 +01:00
32e7c9e7f2
Run Black. ( #5482 )
2019-06-20 19:32:02 +10:00
e9344e0dee
Merge pull request #5390 from matrix-org/erikj/dont_log_on_fail_to_get_file
...
Don't log exception when failing to fetch remote content.
2019-06-14 14:25:14 +01:00
7e68691ce9
Merge branch 'master' of github.com:matrix-org/synapse into develop
2019-06-11 17:25:16 +01:00
10383e6e6f
Change password reset links to /_matrix.
2019-06-11 11:34:33 +01:00
2ddc13577c
Don't warn user about password reset disabling through config code ( #5387 )
...
Moves the warning about password resets being disabled to the point where a user actually tries to reset their password. Is this an appropriate place for it to happen?
Also removed the disabling of msisdn password resets when you don't have an email config, as that just doesn't make sense.
Also change the error a user receives upon disabled passwords to specify that only email-based password reset is disabled.
2019-06-11 00:25:07 +01:00
426049247b
Code cleanups and simplifications.
...
Also: share the saml client between redirect and response handlers.
2019-06-11 00:03:57 +01:00
69a43d9974
Merge remote-tracking branch 'origin/develop' into rav/saml2_client
2019-06-10 20:28:08 +01:00
26b62796c2
Merge pull request #5363 from matrix-org/babolivier/account_validity_send_mail_auth
...
Don't check whether the user's account is expired on /send_mail requests
2019-06-10 11:57:02 +01:00
95d38afe96
Don't log exception when failing to fetch remote content.
...
In particular, let's not log stack traces when we stop processing
becuase the response body was too large.
2019-06-07 12:39:10 +01:00
3719680ee4
Add ability to perform password reset via email without trusting the identity server ( #5377 )
...
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.
This PR is a culmination of 3 smaller PRs which have each been separately reviewed:
* #5308
* #5345
* #5368
2019-06-06 17:34:07 +01:00
fe13bd52ac
Don't check whether the user's account is expired on /send_mail requests
2019-06-05 16:35:05 +01:00
94f6c674df
Neilj/add r0.5 to versions ( #5360 )
...
* Update _matrix/client/versions to reference support for r0.5.0
2019-06-05 16:11:31 +01:00
cb683d3e3c
Merge pull request #5333 from matrix-org/rav/server_keys/09_improve_notary_server
...
Fixes for the key-notary server
2019-06-04 11:48:18 +01:00
b2b90b7d34
Hawkowl/fix missing auth ( #5328 )
2019-06-04 15:54:27 +10:00
c5d60eadd5
Notary server: make requests to origins in parallel
...
... else we're guaranteed to time out.
2019-06-04 00:16:56 +01:00
2889b05554
Unify v1 and v2 REST client APIs ( #5226 )
2019-06-03 21:28:59 +10:00
dc3e586938
SAML2 Improvements and redirect stuff
...
Signed-off-by: Alexander Trost <galexrt@googlemail.com>
2019-06-02 18:14:40 +02:00
8824325b82
Fix ignored filter field in `/messages` endpoint
...
This fixes a bug which were causing the "event_format" field to be
ignored in the filter of requests to the `/messages` endpoint of the
CS API.
Signed-off-by: Eisha Chen-yen-su <chenyensu0@gmail.com>
2019-05-30 16:58:53 +02:00
45f5d8f3fd
Merge pull request #5256 from aaronraimist/logout-correct-error
...
Show correct error when logging out and access token is missing
2019-05-30 13:33:44 +01:00
123918b739
Lint
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-29 14:44:28 -05:00
46c8f7a517
Implement the SHHS complexity API ( #5216 )
2019-05-30 01:47:16 +10:00
532b825ed9
Serve CAS login over r0 ( #5286 )
2019-05-30 00:55:18 +10:00
30858ff461
Fix error when downloading thumbnail with width/height param missing ( #5258 )
...
Fix error when downloading thumbnail with width/height param missing
Fixes #2748
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-29 14:27:41 +01:00
119c9c10b0
Get rid of try except
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-27 00:13:56 -05:00
56f07d980a
Show correct error when logging out and access token is missing
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-24 16:32:27 -05:00
d16f5574b6
Merge pull request #5220 from matrix-org/erikj/dont_bundle_live_events
...
Don't bundle aggregations with events in /sync or /events or state queries
2019-05-24 10:36:31 +01:00
8c41c04ee4
Merge pull request #5244 from matrix-org/rav/server_keys/00-factor-out-fetchers
...
Factor out KeyFetchers from KeyRing
2019-05-23 16:28:51 +01:00
6368150a74
Add config option for setting homeserver's default room version ( #5223 )
...
Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present.
That hardcoded value is now located in the server.py config file.
2019-05-23 15:00:20 +01:00
ec24108cc2
Fix remote_key_resource
2019-05-23 14:52:13 +01:00
de7672b78f
Don't bundle events in /sync or /events
...
As we'll send down the annotations too anyway, so this just ends up
confusing clients.
2019-05-21 13:54:09 +01:00
57ba3451b6
Merge pull request #5209 from matrix-org/erikj/reactions_base
...
Land basic reaction and edit support.
2019-05-20 14:06:40 +01:00
f89f688a55
Fix image orientation when generating thumbnail ( #5039 )
2019-05-16 19:04:26 +01:00
07cff7b121
Merge pull request #5174 from matrix-org/dbkr/add_dummy_flow_to_recaptcha_only
...
Re-order registration stages to do msisdn & email auth last
2019-05-16 17:27:39 +01:00
7a7eba8302
Move parsing of tokens out of storage layer
2019-05-16 14:26:23 +01:00
95f3fcda3c
Check that event is visible in new APIs
2019-05-16 14:19:06 +01:00
fafb936de5
Merge pull request #5187 from matrix-org/dbkr/only_check_threepid_not_in_use_if_actually_registering
...
Only check 3pids not in use when registering
2019-05-16 10:58:09 +01:00
a0603523d2
Add aggregations API
2019-05-16 09:37:20 +01:00
f1e5b41388
Make all the rate limiting options more consistent ( #5181 )
2019-05-15 12:06:04 -05:00
5f027a315f
Drop support for v2_alpha API prefix ( #5190 )
2019-05-15 17:37:46 +01:00
e6459c26b4
Actually implement idempotency
2019-05-15 17:28:33 +01:00
b50641e357
Add simple pagination API
2019-05-15 13:36:51 +01:00
efe3c7977a
Add simple send_relation API and track in DB
2019-05-15 13:36:51 +01:00
6ca88c4693
Only check 3pids not in use when registering
...
We checked that 3pids were not already in use before we checked if
we were going to return the account previously registered in the
same UI auth session, in which case the 3pids will definitely
be in use.
https://github.com/vector-im/riot-web/issues/9586
2019-05-14 19:04:59 +01:00
a80e6b53f9
Newsfile
2019-05-14 13:12:23 +01:00
b54b03f9e1
Allow client event serialization to be async
2019-05-14 11:58:01 +01:00
df2ebd75d3
Migrate all tests to use the dict-based config format instead of hanging items off HomeserverConfig ( #5171 )
2019-05-13 15:01:14 -05:00
9e99143c47
Merge remote-tracking branch 'origin/develop' into dbkr/add_dummy_flow_to_recaptcha_only
2019-05-13 15:37:03 +01:00
2f48c4e1ae
URL preview blacklisting fixes ( #5155 )
...
Prevents a SynapseError being raised inside of a IResolutionReceiver and instead opts to just return 0 results. This thus means that we have to lump a failed lookup and a blacklisted lookup together with the same error message, but the substitute should be generic enough to cover both cases.
2019-05-10 10:32:44 -07:00
04299132af
Re-order flows so that email auth is done last
...
It's more natural for the user if the bit that takes them away
from the registration flow comes last. Adding the dummy stage allows
us to do the stages in this order without the ambiguity.
2019-05-10 13:58:03 +01:00
9c61dce3c8
Comment
2019-05-10 11:14:55 +01:00
8714ff6d51
Add a DUMMY stage to captcha-only registration flow
...
This allows the client to complete the email last which is more
natual for the user. Without this stage, if the client would
complete the recaptcha (and terms, if enabled) stages and then the
registration request would complete because you've now completed a
flow, even if you were intending to complete the flow that's the
same except has email auth at the end.
Adding a dummy auth stage to the recaptcha-only flow means it's
always unambiguous which flow the client was trying to complete.
Longer term we should think about changing the protocol so the
client explicitly says which flow it's trying to complete.
vector-im/riot-web#9586
2019-05-10 11:09:53 +01:00
c2bb7476c9
Revert 085ae346ac
...
Accidentally went straight to develop
2019-05-10 11:08:01 +01:00
085ae346ac
Add a DUMMY stage to captcha-only registration flow
...
This allows the client to complete the email last which is more
natual for the user. Without this stage, if the client would
complete the recaptcha (and terms, if enabled) stages and then the
registration request would complete because you've now completed a
flow, even if you were intending to complete the flow that's the
same except has email auth at the end.
Adding a dummy auth stage to the recaptcha-only flow means it's
always unambiguous which flow the client was trying to complete.
Longer term we should think about changing the protocol so the
client explicitly says which flow it's trying to complete.
https://github.com/vector-im/riot-web/issues/9586
2019-05-10 10:52:24 +01:00
c0e0740bef
add options to require an access_token to GET /profile and /publicRooms on CS API ( #5083 )
...
This commit adds two config options:
* `restrict_public_rooms_to_local_users`
Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API.
* `require_auth_for_profile_requests`
When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301.
MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though.
Groups have been intentionally omitted from this commit.
2019-05-08 18:26:56 +01:00
59e2d2694d
Remove the requirement to authenticate for /admin/server_version. ( #5122 )
...
This endpoint isn't much use for its intended purpose if you first need to get
yourself an admin's auth token.
I've restricted it to the `/_synapse/admin` path to make it a bit easier to
lock down for those concerned about exposing this information. I don't imagine
anyone is using it in anger currently.
2019-05-07 09:29:30 +01:00
12f9d51e82
Add admin api for sending server_notices ( #5121 )
2019-05-02 11:59:16 +01:00
0836cbb9f5
Factor out an "assert_requester_is_admin" function ( #5120 )
...
Rather than copying-and-pasting the same four lines hundreds of times
2019-05-02 10:45:52 +01:00
f203c98794
fix examples
2019-05-01 17:49:56 +01:00
40e576e29c
Move admin api impl to its own package
...
It doesn't really belong under rest/client/v1 any more.
2019-05-01 15:44:30 +01:00
8e9ca83537
Move admin API to a new prefix
2019-05-01 15:44:30 +01:00
579b637b6c
Move admin API away from ClientV1RestServlet
2019-05-01 15:16:04 +01:00
788163e204
Remove log error for .well-known/matrix/client ( #4972 )
2019-04-24 17:44:06 +01:00
6b2b9a58c4
Prevent "producer not unregistered" message ( #5009 )
2019-04-24 17:37:32 +01:00
ca90336a69
Merge branch 'develop' of github.com:matrix-org/synapse into babolivier/account_expiration
2019-04-17 19:44:40 +01:00
eaf41a943b
Add management endpoints for account validity
2019-04-17 19:34:45 +01:00
91934025b9
Merge pull request #5047 from matrix-org/babolivier/account_expiration
...
Send out emails with links to extend an account's validity period
2019-04-17 14:57:39 +01:00
20f0617e87
Send out emails with links to extend an account's validity period
2019-04-17 14:42:20 +01:00
49ff74da9b
Merge pull request #5071 from matrix-org/babolivier/3pid-check
...
Make sure we're not registering the same 3pid twice
2019-04-17 14:37:42 +01:00
600ec04739
Make sure we're not registering the same 3pid twice
2019-04-17 14:23:01 +01:00
fd2fcb817c
Merge pull request #5070 from matrix-org/erikj/postpath
...
Remove usage of request.postpath
2019-04-17 09:03:26 +01:00
ad010f6306
Remove usage of request.postpath
...
This is an undocumented variable in twisted, and relies on the servlet
being mounted in the right way.
This also breaks getting push rules on workers.
2019-04-16 17:42:50 +01:00
6e27a8620f
Merge pull request #5063 from matrix-org/erikj/move_endpoints
...
Move some rest endpoints to client reader
2019-04-15 18:55:01 +01:00
ec638a1602
Only handle GET requests for /push_rules
2019-04-15 18:51:48 +01:00
caa76e6021
Remove periods from copyright headers ( #5046 )
2019-04-11 17:08:13 +01:00
c192bf8970
Add admin API for group deletion
2019-04-03 16:29:52 +01:00
4a4d5c4fd6
Fix grammar and document get_current_users_in_room ( #4998 )
2019-04-03 14:32:20 +01:00
e8419554ff
Remove presence lists ( #4989 )
...
Remove presence list support as per MSC 1819
2019-04-03 11:11:15 +01:00
8f549c1177
Merge pull request #4982 from matrix-org/erikj/msc1915
...
Implement MSC1915 - 3PID unbind APIs
2019-04-03 11:07:09 +01:00
862d6e5ba5
Add unbind API to /r0 as it is now stabalised
2019-04-01 15:25:19 +01:00
057715aaa2
Allowing specifying IS to use in unbind API.
...
By default the homeserver will use the identity server used during the
binding of the 3PID to unbind the 3PID. However, we need to allow
clients to explicitly ask the homeserver to unbind via a particular
identity server, for the case where the 3PID was bound out of band from
the homeserver.
Implements MSC915.
2019-04-01 15:25:18 +01:00
54a87a7b08
Collect room-version variations into one place ( #4969 )
...
Collect all the things that make room-versions different to one another into
one place, so that it's easier to define new room versions.
2019-04-01 10:24:38 +01:00
c7296bcb98
remove log line for password ( #4965 )
...
Remove log line for password.
2019-03-28 17:38:01 +00:00
bbd244c7b2
Support 3PID login in password providers ( #4931 )
...
Adds a new method, check_3pid_auth, which gives password providers
the chance to allow authentication with third-party identifiers such
as email or msisdn.
2019-03-26 17:48:30 +00:00
3959858eaa
Merge pull request #4904 from matrix-org/erikj/fix_shutdown
...
Fixup shutdown room API
2019-03-21 11:24:42 +00:00
aa959a6c07
Use flags
2019-03-20 17:40:29 +00:00
72a14860ab
Gracefully handle failing to kick user
2019-03-20 16:54:21 +00:00
6b28890543
Log new room ID
2019-03-20 16:52:28 +00:00
320667a479
Add option to disable searching in the user dir
...
We still populate it, as it can still be accessed via the admin API.
2019-03-19 16:40:19 +00:00
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
2326e00bc4
fix incorrect encoding of filenames with spaces in ( #2090 )
...
fixes https://github.com/vector-im/riot-web/issues/3155
2019-03-11 09:53:45 +00:00
b879870b2d
Send message after room has been shutdown
...
Currently the explanation message is sent to the abuse room before any
users are forced joined, which means it tends to get lost in the backlog
of joins.
So instead we send the message *after* we've forced joined everyone.
2019-03-06 17:35:11 +00:00
6f3cde8b25
Make registration ratelimiter separate from the main events one
2019-03-06 11:02:42 +00:00
f4195f4118
Revert "Split ratelimiters in two (one for events, one for registration)"
...
This reverts commit d7dbad3526
2019-03-06 10:55:22 +00:00
d7dbad3526
Split ratelimiters in two (one for events, one for registration)
2019-03-05 18:41:27 +00:00
16c8b4ecbd
Merge pull request #4772 from jbweston/jbweston/server-version-api
...
Add 'server_version' endpoint to admin API
2019-03-05 16:31:00 +00:00
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
1e8388b311
Add 'server_version' endpoint to admin API
...
This is required because the 'Server' HTTP header is not always
passed through proxies.
2019-03-01 09:56:58 +01:00
68f47d6744
Fix parsing of Content-Disposition headers ( #4763 )
...
* Fix parsing of Content-Disposition headers
TIL: filenames in content-dispostion headers can contain semicolons, and aren't
%-encoded.
* fix python2 incompatibility
* Fix docstrings
2019-02-27 14:29:10 -08:00
899a119c2b
Don't log stack trace when client has gone away during media download ( #4738 )
...
* Don't log stack trace when client has gone away during media download
* Newsfile
* Fixup newsfile
2019-02-25 11:17:22 -08:00
70ea2f4e1d
switch from google.com to recaptcha.net for reCAPTCHA ( #4731 )
...
* add trivial clarification about jemalloc
* switch from google.com to recaptcha.net
because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
2019-02-25 11:15:36 -08:00
dbdc565dfd
Fix registration on workers ( #4682 )
...
* Move RegistrationHandler init to HomeServer
* Move post registration actions to RegistrationHandler
* Add post regisration replication endpoint
* Newsfile
2019-02-20 18:47:31 +11:00
fc2c245a1f
Merge pull request #4666 from matrix-org/erikj/register_login_split
...
Split out registration to worker
2019-02-18 17:18:06 +00:00
af691e415c
Move register_device into handler
2019-02-18 16:49:38 +00:00
092b541401
Fixup
2019-02-18 15:52:26 +00:00
8b9ae6d3a6
Update docs
2019-02-18 15:26:13 +00:00
04dad5ac16
fix missig import
2019-02-18 15:59:23 +01:00
eb2b8523ae
Split out registration to worker
...
This allows registration to be handled by a worker, though the actual
write to the database still happens on master.
Note: due to the in-memory session map all registration requests must be
handled by the same worker.
2019-02-18 12:12:57 +00:00
bfcefbb230
tabs
2019-02-14 19:53:12 +00:00
6f47bc3fb2
set CORS on .well-known URI to unbreak modular
...
otherwise a riot/web running on foo.riot.im can't query
the .well-known on foo.modular.im...
2019-02-14 19:51:41 +00:00
719e073f00
Merge pull request #4580 from matrix-org/uhoreg/e2e_backup_add_updating
...
add updating of backup versions
2019-02-11 13:45:49 +00:00
2dc2b6e9f1
Allow "unavailable" presence status for /sync ( #4592 )
...
* Allow "unavailable" presence status for /sync
Closes #3772 , closes #3779
Signed-off-by: Valentin Anger <valentin.an.1999@gmail.com>
* Add changelog for PR 4592
2019-02-08 21:09:56 +00:00
afae8442b5
make sure version is in body and wrap in linearizer queue
...
also add tests
2019-02-08 01:32:45 -05:00
8248637173
add new endpoint to update backup versions
2019-02-06 17:57:10 -05:00
b37e8c9572
Merge branch 'neilj/room_capabilities' of github.com:matrix-org/synapse into neilj/room_capabilities
2019-01-30 10:56:47 +00:00
f834d98402
isort
2019-01-30 10:55:42 +00:00
ee4df7fd7a
Merge branch 'develop' into neilj/room_capabilities
2019-01-30 10:28:08 +00:00
9c850d9d5e
formatting and use constants where available
2019-01-30 10:23:26 +00:00
2f46804055
Populate default room version from Constants
2019-01-30 09:39:10 +00:00
c7837dce24
reflect that rooms v3 is a stable room version
2019-01-30 09:33:30 +00:00
e4bef9d470
rework format of change password capability
2019-01-29 18:04:56 +00:00
f03b3a7a3a
support change_password in capabilities end-point
2019-01-29 15:58:37 +00:00
e65a17b26f
Check consent dir path on startup
2019-01-29 15:30:33 +00:00
a124025dab
enforce auth for capabilities endpoint
2019-01-29 11:37:56 +00:00
327b992e17
register capabilities servlet
2019-01-29 10:28:35 +00:00
893107be78
backout v3
2019-01-25 17:27:36 +00:00
95f871fc0d
Support room version capabilities in CS API (MSC1804)
2019-01-25 11:16:29 +00:00
821b65aeb5
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/dm_room_upgrade
2019-01-25 11:09:53 +00:00
c99c2d58d7
move guard out of is_threepid_reserved and into register.py
2019-01-22 17:47:00 +00:00
d619b113ed
Fix None guard in config.server.is_threepid_reserved
2019-01-22 16:52:29 +00:00
25d64a846a
Fix typos
2019-01-22 11:00:04 +00:00
5349262302
Config option to disable requesting MSISDN on registration
2019-01-21 14:59:37 +00:00
b970cb0e96
Refactor request sending to have better excpetions ( #4358 )
...
* Correctly retry and back off if we get a HTTPerror response
* Refactor request sending to have better excpetions
MatrixFederationHttpClient blindly reraised exceptions to the caller
without differentiating "expected" failures (e.g. connection timeouts
etc) versus more severe problems (e.g. programming errors).
This commit adds a RequestSendFailed exception that is raised when
"expected" failures happen, allowing the TransactionQueue to log them as
warnings while allowing us to log other exceptions as actual exceptions.
2019-01-08 11:04:28 +00:00
bc1fa8cd01
Add GET account data routes ( #4303 )
...
As per https://github.com/matrix-org/matrix-doc/issues/1339
2019-01-07 10:27:54 +00:00
d7843f47b6
Remove v1 only REST APIs now we don't ship matrix console ( #4334 )
2018-12-29 23:12:30 +11:00
f85676cc93
Return well_known in /login response ( #4319 )
...
... as per MSC1730.
2018-12-24 10:44:33 +01:00
ea6abf6724
Fix IP URL previews on Python 3 ( #4215 )
2018-12-22 01:56:13 +11:00
d2f7c4e6b1
create support user ( #4141 )
...
Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
2018-12-14 18:20:59 +00:00
89ac2a5bdb
Add 'sandbox' to CSP for media repo ( #4284 )
...
* Add 'sandbox' to the CSP for media repo
* Changelog
2018-12-11 04:05:02 +11:00
fee831c040
Move imports to one line
2018-12-10 13:52:33 +00:00
466c1f3e01
Use `send_cors`
2018-12-10 13:11:37 +00:00
91206e09f2
changelog & isort
2018-12-09 17:39:44 +00:00
dbf736ba66
Make /config more CORS-y
2018-12-09 13:27:22 +00:00
30da50a5b8
Initialise user displayname from SAML2 data ( #4272 )
...
When we register a new user from SAML2 data, initialise their displayname
correctly.
2018-12-07 14:44:46 +01:00
c7401a697f
Implement SAML2 authentication ( #4267 )
...
This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.
What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader.
2018-12-07 13:11:11 +01:00
c588b9b9e4
Factor SSO success handling out of CAS login ( #4264 )
...
This is mostly factoring out the post-CAS-login code to somewhere we can reuse
it for other SSO flows, but it also fixes the userid mapping while we're at it.
2018-12-07 13:10:07 +01:00
b0c24a66ec
Rip out half-implemented m.login.saml2 support ( #4265 )
...
* Rip out half-implemented m.login.saml2 support
This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.
* drop undocumented dependency on dateutil
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
2018-12-06 19:44:38 +11:00
e8d98466b0
Implement .well-known handling ( #4262 )
...
Sometimes it's useful for synapse to generate its own .well-known file.
2018-12-05 14:38:58 +01:00
fd96dd75a3
Fix non-ASCII pushrules ( #4248 )
2018-12-04 12:44:02 +01:00
d3c61ef906
fix type error
2018-12-03 22:27:41 +11:00
7039ece8fb
Neilj/fix autojoin ( #4223 )
...
* Fix auto join failures for servers that require user consent
* Fix auto join failures for servers that require user consent
2018-11-28 22:24:57 +11:00
944d524f18
Support m.login.sso ( #4220 )
...
* Clean up the CSS for the fallback login form
I was finding this hard to work with, so simplify a bunch of things. Each
flow is now a form inside a div of class login_flow.
The login_flow class now has a fixed width, as that looks much better than each
flow having a differnt width.
* Support m.login.sso
MSC1721 renames m.login.cas to m.login.sso. This implements the change
(retaining support for m.login.cas for older clients).
* changelog
2018-11-27 18:51:52 +11:00
80cac86b2c
Fix fallback auth on Python 3 ( #4197 )
2018-11-19 12:27:33 -06:00
ab4526a153
Remove duplicate slashes in generated consent URLs
2018-11-15 20:41:53 -07:00
8b1affe7d5
Fix Content-Disposition in media repository ( #4176 )
2018-11-15 15:55:58 -06:00
df758e155d
Use <meta> tags to discover the per-page encoding of html previews ( #4183 )
2018-11-15 11:05:08 -06:00
c1efcd7c6a
Add a test for the public T&Cs form
2018-11-14 10:46:27 +00:00
83a5f459aa
Fix an internal server error when viewing the public privacy policy
2018-11-14 10:21:07 +00:00
2b075fb03a
Fix encoding error for consent form on python3
...
The form was rendering this as "b'01234....'".
-- richvdh
2018-11-08 11:05:39 +00:00
b3708830b8
Fix URL preview bugs (type error when loading cache from db, content-type including quotes) ( #4157 )
2018-11-08 01:37:43 +11:00
0f5e51f726
Add config variables for enabling terms auth and the policy name ( #4142 )
...
So people can still collect consent the old way if they want to.
2018-11-06 10:32:34 +00:00
f1087106cf
handle empty backups according to latest spec proposal ( #4123 )
...
fixes #4056
2018-11-05 17:59:29 -05:00
efdcbbe46b
Tests for user consent resource ( #4140 )
2018-11-06 05:53:44 +11:00
642505abc3
Fix logic error that prevented guests from seeing the privacy policy
2018-11-01 16:48:32 -06:00
a8d41c6aff
Include a version query string arg for the consent route
2018-10-31 13:19:28 -06:00
d1e7b9c44c
Merge branch 'develop' into travis/login-terms
2018-10-31 13:15:14 -06:00
f79f454485
Remove deprecated v1 key exchange endpoint ( #4119 )
2018-10-31 22:29:02 +11:00
4cd1c9f2ff
Delete the disused & unspecced identicon functionality ( #4106 )
2018-10-29 23:57:24 +11:00
193cadc988
Address review comments
...
Improve comments, get old room state from the context we already have
2018-10-26 17:10:30 +01:00
0f7d1c9906
Basic initial support for room upgrades
...
Currently just creates a new, empty, room, and sends a tombstone in the old
room.
2018-10-25 19:10:24 +01:00
cb53ce9d64
Refactor state group lookup to reduce DB hits ( #4011 )
...
Currently when fetching state groups from the data store we make two
hits two the database: once for members and once for non-members (unless
request is filtered to one or the other). This adds needless load to the
datbase, so this PR refactors the lookup to make only a single database
hit.
2018-10-25 17:49:55 +01:00
54def42c19
Merge branch 'develop' into travis/login-terms
2018-10-24 13:22:59 -06:00
ef771cc4c2
Fix a number of flake8 errors
...
Broadly three things here:
* disable W504 which seems a bit whacko
* remove a bunch of `as e` expressions from exception handlers that don't use
them
* use `r""` for strings which include backslashes
Also, we don't use pep8 any more, so we can get rid of the duplicate config
there.
2018-10-24 10:39:03 +01:00
cb23aa4c42
Merge pull request #4063 from matrix-org/erikj/cleaup_alias_creation
...
Clean up room alias creation
2018-10-24 09:40:27 +01:00
5c445114d3
Correctly account for cpu usage by background threads ( #4074 )
...
Wrap calls to deferToThread() in a thing which uses a child logcontext to
attribute CPU usage to the right request.
While we're in the area, remove the logcontext_tracer stuff, which is never
used, and afaik doesn't work.
Fixes #4064
2018-10-23 13:12:32 +01:00
74e7617083
Clean up room alias creation
2018-10-19 10:11:56 +01:00
49a044aa5f
Merge branch 'develop' into travis/login-terms
2018-10-18 09:57:58 -06:00
f6a0a02a62
Fix bug where we raised StopIteration in a generator
...
This made python 3.7 unhappy
2018-10-17 16:10:52 +01:00
a8ed93a4b5
pep8
2018-10-15 16:10:29 -06:00
f293d124b6
Merge branch 'develop' into travis/login-terms
2018-10-15 14:44:32 -06:00
5119818e9d
Rely on the lack of ?u to represent public access
...
also general cleanup
2018-10-12 18:03:17 -06:00
a45f2c3a00
missed one
2018-10-12 14:33:55 +01:00
bddfad253a
Don't mangle exceptions
2018-10-12 11:48:02 +01:00
86ef9760a7
Split /room_keys/version into 2 servlets
2018-10-12 11:35:08 +01:00
83e72bb2f0
PR feedback pt. 1
2018-10-12 11:26:18 +01:00
d3464ce708
isort
2018-10-09 10:33:59 +01:00
dc045ef202
Merge remote-tracking branch 'origin/develop' into dbkr/e2e_backups
2018-10-09 10:05:02 +01:00
537d0b7b36
Use a flag rather than a new route for the public policy
...
This also means that the template now has optional parameters, which will need to be documented somehow.
2018-10-03 17:50:11 -06:00
f9d34a763c
Auto-consent to the privacy policy if the user registered with terms
2018-10-03 17:39:45 -06:00
dfcad5fad5
Make the terms flow requried
2018-10-03 17:39:00 -06:00
3099d96dba
Flesh out the fallback auth for terms
2018-10-03 17:39:00 -06:00
fd99787162
Incorporate Dave's work for GDPR login flows
...
As per https://github.com/vector-im/riot-web/issues/7168#issuecomment-419996117
2018-10-03 15:57:42 -06:00
4c3e7eeec5
Merge pull request #3932 from matrix-org/erikj/auto_start_expiring_caches
...
Fix some instances of ExpiringCache not expiring cache items
2018-09-25 12:02:57 +01:00
6cf261930a
added "media-src: 'self'" to CSP for resources ( #3578 )
...
Synapse doesn’t allow for media resources to be played directly from
Chrome. It is a problem for users on other networks (e.g. IRC)
communicating with Matrix users through a gateway. The gateway sends
them the raw URL for the resource when a Matrix user uploads a video
and the video cannot be played directly in Chrome using that URL.
Chrome argues it is not authorized to play the video because of the
Content Security Policy. Chrome checks for the "media-src" policy which
is missing, and defauts to the "default-src" policy which is "none".
As Synapse already sends "object-src: 'self'" I thought it wouldn’t be
a problem to add "media-src: 'self'" to the CSP to fix this problem.
2018-09-25 11:55:02 +01:00
8601c24287
Fix some instances of ExpiringCache not expiring cache items
...
ExpiringCache required that `start()` be called before it would actually
start expiring entries. A number of places didn't do that.
This PR removes `start` from ExpiringCache, and automatically starts
backround reaping process on creation instead.
2018-09-21 14:19:46 +01:00
bc74925c5b
WIP e2e key backups
...
Continues from uhoreg's branch
This just fixed the errcode on /room_keys/version if no backup and
updates the schema delta to be on the latest so it gets run
2018-09-13 17:02:59 +01:00
546aee7e52
Merge pull request #3835 from krombel/fix_3821
...
fix VOIP crashes under Python 3
2018-09-12 20:44:18 +10:00
02aa41809b
Port rest/ to Python 3 ( #3823 )
2018-09-12 20:41:31 +10:00
7bc22539ff
fix VOIP crashes under Python 3 ( #3821 )
2018-09-10 14:30:08 +02:00
3801b8aa03
try to make flake8 and isort happy
2018-09-06 11:35:19 -04:00
dfba1d843d
Merge pull request #3790 from matrix-org/rav/respect_event_format_in_filter
...
Implement 'event_format' filter param in /sync
2018-09-05 16:24:14 +01:00
87c18d12ee
Implement 'event_format' filter param in /sync
...
This has been specced and part-implemented; let's implement it for /sync (but
no other endpoints yet :/).
2018-09-04 15:20:09 +01:00
bae37cd811
improve human readable error message
2018-09-04 12:07:00 +01:00
c42f7fd7b9
improve human readable error messages
2018-09-04 12:03:17 +01:00
0b01281e77
move threepid checker to config, add missing yields
2018-08-31 17:11:11 +01:00
09f3cf1a7e
ensure post registration auth checks do not fail erroneously
2018-08-31 15:42:51 +01:00
ea068d6f3c
fix bug where preserved threepid user comes to sign up and server is mau blocked
2018-08-31 10:49:14 +01:00
83caead95a
Merge branch 'develop' into e2e_backups
2018-08-24 11:44:26 -04:00
db10f553ba
Merge pull request #3724 from Half-Shot/hs/guest-fetch-event
...
Allow guests to use /rooms/:roomId/event/:eventId
2018-08-22 13:41:08 +01:00
f7bf181a90
fix another consent encoding fail
2018-08-21 23:14:25 +01:00
f7baff6f7b
Fix 500 error from /consent form
...
Fixes #3731
2018-08-21 22:47:07 +01:00
f89f6b7c09
Allow guests to access /rooms/:roomId/event/:eventId
2018-08-20 18:25:54 +01:00
324525f40c
Port over enough to get some sytests running on Python 3 ( #3668 )
2018-08-20 23:54:49 +10:00
c334ca67bb
Integrate presence from hotfixes ( #3694 )
2018-08-18 01:08:45 +10:00
04f5d2db62
Remove v1/register's broken shared secret functionality ( #3703 )
2018-08-18 00:55:01 +10:00
c151b32b1d
Add GET media/v1/config ( #3184 )
2018-08-16 14:23:38 +01:00
762a758fea
lazyload aware /messages ( #3589 )
2018-08-16 14:22:47 +01:00
3f543dc021
initial cut at a room summary API ( #3574 )
2018-08-16 09:46:50 +01:00
2f78f432c4
speed up /members and add at= and membership params ( #3568 )
2018-08-15 16:35:22 +01:00
fef2e65d12
Merge pull request #3667 from matrix-org/erikj/fixup_unbind
...
Don't fail requests to unbind 3pids for non supporting ID servers
2018-08-15 10:32:12 +01:00
4f7064f6b5
missing import
2018-08-12 19:14:31 -04:00
54ac18e832
use parse_string
2018-08-12 19:14:31 -04:00
72788cf9c1
support DELETE /version with no args
2018-08-12 19:14:31 -04:00
fe87890b18
implement remaining tests and make them work
2018-08-12 19:14:31 -04:00
93d174bcc4
improve docstring
2018-08-12 19:14:31 -04:00
14b3da63a3
add a tonne of docstring; make upload_room_keys properly assert version
2018-08-12 19:14:31 -04:00
9f500cb39e
more docstring for the e2e_room_keys rest
2018-08-12 19:14:31 -04:00
0abb205b47
blindly incorporate PR review - needs testing & fixing
2018-08-12 19:14:31 -04:00
69e51c7ba4
make /room_keys/version work
2018-08-12 19:14:31 -04:00
8ae64b270f
implement /room_keys/version too (untested)
2018-08-12 19:14:31 -04:00
cf1e2000f6
document the API
2018-08-12 19:13:09 -04:00
6b8c07abc2
make it work and fix pep8
2018-08-12 19:13:09 -04:00
0bc4627a73
interim WIP checkin; doesn't build yet
2018-08-12 18:23:10 -04:00
53ace904b2
total WIP skeleton for /room_keys API
2018-08-12 18:23:10 -04:00
b37c472419
Rename async to async_helpers because `async` is a keyword on Python 3.7 ( #3678 )
2018-08-10 23:50:21 +10:00
360ba89c50
Don't fail requests to unbind 3pids for non supporting ID servers
...
Older identity servers may not support the unbind 3pid request, so we
shouldn't fail the requests if we received one of 400/404/501. The
request still fails if we receive e.g. 500 responses, allowing clients
to retry requests on transient identity server errors that otherwise do
support the API.
Fixes #3661
2018-08-08 12:06:18 +01:00
1fa98495d0
Merge pull request #3639 from matrix-org/rav/refactor_error_handling
...
Clean up handling of errors from outbound requests
2018-08-02 17:38:24 +01:00
704c3e6239
Merge branch 'master' into develop
2018-08-02 15:43:30 +01:00
0bf5ec0db7
Check room visibility for /event/ requests
...
Make sure that the user has permission to view the requeseted event for
/event/{eventId} and /room/{roomId}/event/{eventId} requests.
Also check that the event is in the given room for
/room/{roomId}/event/{eventId}, for sanity.
2018-08-02 15:03:27 +01:00
b8d7d3996b
Merge pull request #3620 from fuzzmz/return-404-room-not-found
...
return 404 if room not found
2018-08-01 16:34:32 +01:00
018d75a148
Refactor code for turning HttpResponseException into SynapseError
...
This commit replaces SynapseError.from_http_response_exception with
HttpResponseException.to_synapse_error.
The new method actually returns a ProxiedRequestError, which allows us to pass
through additional metadata from the API call.
2018-08-01 16:02:46 +01:00
da7785147d
Python 3: Convert some unicode/bytes uses ( #3569 )
2018-08-02 00:54:06 +10:00
70af98e361
return NotFoundError if room not found
...
Per the Client-Server API[0] we should return
`M_NOT_FOUND` if the room isn't found instead
of generic SynapseError.
This ensures that /directory/list API returns
404 for room not found instead of 400.
[0]: https://matrix.org/docs/spec/client_server/unstable.html#get-matrix-client-r0-directory-list-room-roomid
Signed-off-by: Serban Constantin <serban.constantin@gmail.com>
2018-07-31 21:47:23 +03:00
e9b2d047f6
make /context lazyload & filter aware ( #3567 )
...
make /context lazyload & filter aware.
2018-07-27 15:12:50 +01:00
03751a6420
Fix some looping_call calls which were broken in #3604
...
It turns out that looping_call does check the deferred returned by its
callback, and (at least in the case of client_ips), we were relying on this,
and I broke it in #3604 .
Update run_as_background_process to return the deferred, and make sure we
return it to clock.looping_call.
2018-07-26 11:48:08 +01:00
371da42ae4
Wrap a number of things that run in the background
...
This will reduce the number of "Starting db connection from sentinel context"
warnings, and will help with our metrics.
2018-07-25 09:41:12 +01:00
0b0b24cb82
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/client_apis_move
2018-07-23 13:21:15 +01:00
e1a237eaab
Admin API for creating new users ( #3415 )
2018-07-20 22:41:13 +10:00
a97c845271
Move v1-only APIs into their own module & isolate deprecated ones ( #3460 )
2018-07-19 20:03:33 +10:00
bacdf0cbf9
Move RoomContextHandler out of Handlers
...
This is in preparation for moving GET /context/ to a worker
2018-07-18 15:33:03 +01:00
8cb8df55e9
Split MessageHandler into read only and writers
...
This will let us call the read only parts from workers, and so be able
to move some APIs off of master, e.g. the `/state` API.
2018-07-18 15:33:03 +01:00
bc006b3c9d
Refactor REST API tests to use explicit reactors ( #3351 )
2018-07-17 20:43:18 +10:00
78a9ddcf9a
rerun isort with latest version
2018-07-16 14:23:25 +02:00
4a27000548
check isort by travis
2018-07-16 13:57:33 +02:00
8a4f05fefb
Fix develop because I broke it :( ( #3535 )
2018-07-14 09:51:00 +10:00
8532953c04
Merge pull request #3534 from krombel/use_parse_and_asserts_from_servlet
...
Use parse and asserts from http.servlet
2018-07-14 09:09:19 +10:00
a2374b2c7f
fix sytests
2018-07-14 07:52:58 +10:00
33b60c01b5
Make auth & transactions more testable ( #3499 )
2018-07-14 07:34:49 +10:00
516f960ad8
add changelog
2018-07-13 22:19:19 +02:00
3366b9c534
rename assert_params_in_request to assert_params_in_dict
...
the method "assert_params_in_request" does handle dicts and not
requests. A request body has to be parsed to json before this method
can be used
2018-07-13 21:53:01 +02:00
32fd6910d0
Use parse_{int,str} and assert from http.servlet
...
parse_integer and parse_string can take a request and raise errors
in case we have wrong or missing params.
This PR tries to use them more to deduplicate some code and make it
better readable
2018-07-13 21:40:14 +02:00
482d17b58b
Merge branch 'develop' into rav/enforce_report_api
2018-07-12 09:56:28 +01:00
49af402019
run isort
2018-07-09 16:09:20 +10:00
6350bf925e
Attempt to be more performant on PyPy ( #3462 )
2018-06-28 14:49:57 +01:00
9570aa82eb
update doc for deactivate API
2018-06-26 10:42:50 +01:00
1e788db430
add GDPR erase param to deactivate API
2018-06-26 10:26:54 +01:00
244484bf3c
Revert "Revert "Merge pull request #3431 from matrix-org/rav/erasure_visibility""
...
This reverts commit 1d009013b3
2018-06-25 13:42:55 +01:00
1d009013b3
Revert "Merge pull request #3431 from matrix-org/rav/erasure_visibility"
...
This reverts commit ce0d911156b4a5d767a9
2018-06-22 16:35:10 +01:00
ce0d911156
Merge pull request #3431 from matrix-org/rav/erasure_visibility
...
Support hiding events from deleted users
2018-06-22 15:06:44 +01:00
77ac14b960
Pass around the reactor explicitly ( #3385 )
2018-06-22 09:37:10 +01:00
a61738b316
Remove run_on_reactor ( #3395 )
2018-06-14 18:27:37 +10:00
f1023ebf4b
mark accounts as erased when requested
2018-06-12 09:53:18 +01:00
187a546bff
Merge pull request #3276 from matrix-org/dbkr/unbind
...
Remove email addresses / phone numbers from ID servers when they're removed from synapse
2018-06-11 16:02:00 +01:00
f4caf3f83d
fix log
2018-06-07 00:26:38 +01:00
0546715c18
Fix event-purge-by-ts admin API
...
This got completely broken in 0.30.
Fixes #3300 .
2018-06-07 00:15:49 +01:00
7e15410f02
Enforce the specified API for report_event
...
as per
https://matrix.org/docs/spec/client_server/unstable.html#post-matrix-client-r0-rooms-roomid-report-eventid
2018-05-31 18:17:11 +01:00
c936a52a9e
Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy ( #3307 )
2018-05-31 19:03:47 +10:00
1f69693347
Merge pull request #3244 from NotAFile/py3-six-4
...
replace some iteritems with six
2018-05-24 13:04:07 -05:00
36501068d8
Merge pull request #3247 from NotAFile/py3-misc
...
Misc Python3 fixes
2018-05-24 12:58:37 -05:00
77a23e2e05
Merge remote-tracking branch 'origin/develop' into dbkr/unbind
2018-05-24 16:20:53 +01:00
46345187cc
Merge pull request #3243 from NotAFile/py3-six-3
...
Replace some more comparisons with six
2018-05-24 16:08:57 +01:00
9700d15611
pep8
2018-05-24 11:23:15 +01:00
b3bff53178
Unbind 3pids when they're deleted too
2018-05-24 11:08:05 +01:00
7b36d06a69
Add a 'has_consented' template var to consent forms
...
fixes #3260
2018-05-22 14:58:34 +01:00
669400e22f
Enable auto-escaping for the consent templates
...
... to reduce the risk of somebody introducing an html injection attack...
2018-05-22 14:58:34 +01:00
8810685df9
Stub out ServerNoticesSender on the workers
...
... and have the sync endpoints call it directly rather than obsure indirection
via PresenceHandler
2018-05-22 11:54:51 +01:00
d5dca9a04f
Move consent config parsing into ConsentConfig
...
turns out we need to reuse this, so it's better in the config class.
2018-05-22 11:54:51 +01:00
d14d7b8fdc
Rename 'version' param on user consent config
...
we're going to use it for the version we require too.
2018-05-22 11:54:51 +01:00
6e1cb54a05
Fix logcontext leak in HttpTransactionCache
...
ONE DAY I WILL PURGE THE WORLD OF THIS EVIL
2018-05-21 16:58:20 +01:00
6d6e7288fe
Stop the transaction cache caching failures
...
The transaction cache has some code which tries to stop it caching failures,
but if the callback function failed straight away, then things would happen
backwards and we'd end up with the failure stuck in the cache.
2018-05-21 16:49:59 +01:00
933bf2dd35
replace some iteritems with six
...
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-05-19 17:59:26 +02:00
d9fe2b2d9d
Replace some more comparisons with six
...
plus a bonus b"" string I missed last time
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-05-19 17:56:31 +02:00
aafb0f6b0d
py3-ize url preview
2018-05-19 17:35:20 +02:00
fa30ac38cc
Merge pull request #3221 from matrix-org/erikj/purge_token
...
Make purge_history operate on tokens
2018-05-18 10:35:23 +01:00
c46367d0d7
Move RoomCreationHandler out of synapse.handlers.Handlers
...
Handlers is deprecated nowadays, so let's move this out before I add a new
dependency on it.
Also fix the docstrings on create_room.
2018-05-17 09:08:42 +01:00
8030a825c8
Merge pull request #3213 from matrix-org/rav/consent_handler
...
ConsentResource to gather policy consent from users
2018-05-16 07:19:18 +01:00
5f27ed75ad
Make purge_history operate on tokens
...
As we're soon going to change how topological_ordering works
2018-05-15 16:23:50 +01:00
47815edcfa
ConsentResource to gather policy consent from users
...
Hopefully there are enough comments and docs in this that it makes sense on its
own.
2018-05-15 15:11:59 +01:00
318711e139
Set Server header in SynapseRequest
...
(instead of everywhere that writes a response. Or rather, the subset of places
which write responses where we haven't forgotten it).
This also means that we don't have to have the mysterious version_string
attribute in anything with a request handler.
Unfortunately it does mean that we have to pass the version string wherever we
instantiate a SynapseSite, which has been c&ped 150 times, but that is code
that ought to be cleaned up anyway really.
2018-05-10 18:50:27 +01:00
645cb4bf06
Remove redundant request_handler decorator
...
This is needless complexity; we might as well use the wrapper directly.
Also rename wrap_request_handler->wrap_json_request_handler.
2018-05-10 12:19:53 +01:00
88868b2839
notifications: Convert next_token to string according to the spec
...
Currently the parameter is serialized as an integer.
Signed-off-by: Konstantinos Sideris <sideris.konstantin@gmail.com>
2018-05-05 12:55:02 +03:00
902673e356
Merge pull request #3161 from NotAFile/remove-v1auth
...
Make Client-Server API return 403 for invalid token
2018-05-03 10:10:57 +01:00
be31adb036
Fix logcontext leak in media repo
...
Make FileResponder.write_to_consumer uphold the logcontext contract
2018-05-02 16:14:50 +01:00
6495dbb326
Burminate v1auth
...
This closes #2602
v1auth was created to account for the differences in status code between
the v1 and v2_alpha revisions of the protocol (401 vs 403 for invalid
tokens). However since those protocols were merged, this makes the r0
version/endpoint internally inconsistent, and violates the
specification for the r0 endpoint.
This might break clients that rely on this inconsistency with the
specification. This is said to affect the legacy angular reference
client. However, I feel that restoring parity with the spec is more
important. Either way, it is critical to inform developers about this
change, in case they rely on the illegal behaviour.
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-30 22:20:43 +02:00
576b71dd3d
add guard for None on purge_history api
2018-04-30 14:29:48 +02:00
dbf6f28d64
Merge pull request #3155 from NotAFile/py3-bytes-1
...
more bytes strings
2018-04-30 00:38:21 +01:00
aab2e4da60
Merge pull request #3140 from matrix-org/rav/use_run_in_background
...
Use run_in_background in preference to preserve_fn
2018-04-30 00:34:28 +01:00
1315d374cc
Merge pull request #3156 from NotAFile/py3-hmac-bytes
...
Construct HMAC as bytes on py3
2018-04-30 00:33:20 +01:00
9e2601f830
Merge pull request #3108 from NotAFile/py3-six-urlparse
...
Use six.moves.urlparse
2018-04-30 00:33:05 +01:00
122593265b
Construct HMAC as bytes on py3
...
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-29 00:19:41 +02:00
e9143b6593
more bytes strings
...
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-29 00:13:57 +02:00
fc149b4eeb
Merge remote-tracking branch 'origin/develop' into rav/use_run_in_background
2018-04-27 14:31:23 +01:00
2a13af23bc
Use run_in_background in preference to preserve_fn
...
While I was going through uses of preserve_fn for other PRs, I converted places
which only use the wrapped function once to use run_in_background, to avoid
creating the function object.
2018-04-27 12:55:51 +01:00
9255a6cb17
Improve exception handling for background processes
...
There were a bunch of places where we fire off a process to happen in the
background, but don't have any exception handling on it - instead relying on
the unhandled error being logged when the relevent deferred gets
garbage-collected.
This is unsatisfactory for a number of reasons:
- logging on garbage collection is best-effort and may happen some time after
the error, if at all
- it can be hard to figure out where the error actually happened.
- it is logged as a scary CRITICAL error which (a) I always forget to grep for
and (b) it's not really CRITICAL if a background process we don't care about
fails.
So this is an attempt to add exception handling to everything we fire off into
the background.
2018-04-27 11:07:40 +01:00
2a3c33ff03
Use six.moves.urlparse
...
The imports were shuffled around a bunch in py3
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-15 21:22:43 +02:00
eaa2ebf20b
Merge pull request #3079 from matrix-org/erikj/limit_concurrent_sends
...
Limit concurrent event sends for a room
2018-04-10 16:43:58 +01:00
a3599dda97
Merge pull request #2996 from krombel/allow_auto_join_rooms
...
move handling of auto_join_rooms to RegisterHandler
2018-04-10 01:11:00 +01:00
87478c5a60
Merge pull request #3061 from NotAFile/add-some-byte-strings
...
Add b prefixes to some strings that are bytes in py3
2018-04-09 23:54:05 +01:00
c508b2f2f0
Merge pull request #3073 from NotAFile/use-six-reraise
...
Replace old-style raise with six.reraise
2018-04-09 23:53:40 +01:00
37354b55c9
Merge pull request #2938 from dklug/develop
...
Return 401 for invalid access_token on logout
2018-04-09 23:52:56 +01:00
56b0589865
Use create_and_send_nonmember_event everywhere
2018-04-09 12:04:18 +01:00
4f40d058cc
Replace old-style raise with six.reraise
...
The old style raise is invalid syntax in python3. As noted in the docs,
this adds one more frame in the traceback, but I think this is
acceptable:
<ipython-input-7-bcc5cba3de3f> in <module>()
16 except:
17 pass
---> 18 six.reraise(*x)
/usr/lib/python3.6/site-packages/six.py in reraise(tp, value, tb)
691 if value.__traceback__ is not tb:
692 raise value.with_traceback(tb)
--> 693 raise value
694 finally:
695 value = None
<ipython-input-7-bcc5cba3de3f> in <module>()
9
10 try:
---> 11 x()
12 except:
13 x = sys.exc_info()
Also note that this uses six, which is not formally a dependency yet,
but is included indirectly since most packages depend on it.
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-06 23:06:24 +02:00
c7f0969731
Merge pull request #2986 from jplatte/join_reponse_room_id
...
Add room_id to the response of `rooms/{roomId}/join`
2018-04-05 17:29:06 +01:00
104c0bc1d5
Use "/settings/" (plural)
2018-04-05 14:07:16 +01:00
6168351877
Add b prefixes to some strings that are bytes in py3
...
This has no effect on python2
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-04 13:48:51 +02:00
eb8d8d6f57
Use join_policy API instead of joinable
...
The API is now under
/groups/$group_id/setting/m.join_policy
and expects a JSON blob of the shape
```json
{
"m.join_policy": {
"type": "invite"
}
}
```
where "invite" could alternatively be "open".
2018-04-03 16:16:40 +01:00
c5de6987c2
This should probably be a PUT
2018-03-28 16:44:11 +01:00
79452edeee
Add joinability for groups
...
Adds API to set the 'joinable' flag, and corresponding flag in the
table.
2018-03-28 14:03:37 +01:00
6152e253d8
Merge branch 'develop' of into allow_auto_join_rooms
2018-03-28 14:45:28 +02:00
fa72803490
Merge branch 'master' of github.com:matrix-org/synapse into develop
2018-03-19 11:41:01 +00:00
a8ce159be4
Replace some ujson with simplejson to make it work
2018-03-16 00:27:09 +00:00
926ba76e23
Replace ujson with simplejson
2018-03-15 23:43:31 +00:00
91ea0202e6
move handling of auto_join_rooms to RegisterHandler
...
Currently the handling of auto_join_rooms only works when a user
registers itself via public register api. Registrations via
registration_shared_secret and ModuleApi do not work
This auto_joins the users in the registration handler which enables
the auto join feature for all 3 registration paths.
This is related to issue #2725
Signed-Off-by: Matthias Kesler <krombel@krombel.de>
2018-03-14 16:45:37 +01:00
47ce527f45
Add room_id to the response of `rooms/{roomId}/join`
...
Fixes #2349
2018-03-13 14:48:12 +01:00
f5160d4a3e
RoomMembershipRestServlet doesn't handle /forget
...
Due to the order we register the REST handlers `/forget` was handled by
the correct handler.
2018-03-13 12:12:55 +00:00
e48c7aac4d
Add transactional API to history purge
...
Make the purge request return quickly, and allow scripts to poll for updates.
2018-03-12 16:22:55 +00:00
f8bfcd7e0d
Provide a means to pass a timestamp to purge_history
2018-03-05 14:37:23 +00:00
af7ed8e1ef
Return 401 for invalid access_token on logout
...
Signed-off-by: Duncan Klug <dklug@ucmerced.edu>
2018-03-02 22:01:27 -08:00
784f036306
Move RoomMemberHandler out of Handlers
2018-03-01 14:36:50 +00:00
92c52df702
Make store_file use store_into_file
2018-02-14 17:55:18 +00:00
c0c9327fe0
Merge pull request #2854 from matrix-org/erikj/event_create_worker
...
Create a worker for event creation
2018-02-13 18:07:10 +00:00
8fd1a32456
Fix typos in purge api & doc
...
* It's supposed to be purge_local_events, not ..._history
* Fix the doc to have valid json
2018-02-13 13:09:39 +00:00
1026690cd2
Merge pull request #2857 from matrix-org/erikj/upload_store
...
Tell storage providers about new file so they can upload
2018-02-12 13:52:58 +00:00
10b34dbb9a
Merge pull request #2858 from matrix-org/rav/purge_updates
...
delete_local_events for purge_room_history
2018-02-09 14:11:00 +00:00
74fcbf741b
delete_local_events for purge_history
...
Add a flag which makes the purger delete local events
2018-02-09 13:07:41 +00:00
5fa571a91b
Tell storage providers about new file so they can upload
2018-02-07 13:35:08 +00:00
8ec2e638be
Add event_creator worker
2018-02-07 10:32:32 +00:00
3e1e69ccaf
Update copyright
2018-02-06 16:40:38 +00:00
3fa362502c
Update places where we create events
2018-02-05 16:01:48 +00:00
1f881e0746
Merge pull request #2791 from matrix-org/erikj/media_storage_refactor
...
Ensure media is in local cache before thumbnailing
2018-02-05 11:28:52 +00:00
9c9356512e
Merge pull request #2845 from matrix-org/rav/urlcache_error_handling
...
Handle url_previews with no content-type
2018-02-02 15:27:52 +01:00
6e87b34f7b
Merge branch 'develop' into travis/admin-list-media
2018-02-01 18:05:47 -07:00
d5352cbba8
Handle url_previews with no content-type
...
avoid failing with an exception if the remote server doesn't give us a
Content-Type header.
Also, clean up the exception handling a bit.
2018-02-02 00:53:46 +00:00
9a72b70630
fix thinko on 3pid whitelisting
2018-01-24 11:07:47 +01:00
d32385336f
add ?ts massaging for ASes ( #2754 )
...
blindly implement ?ts for AS. untested
2018-01-23 09:59:06 +01:00
ab9f844aaf
Add federation_domain_whitelist option ( #2820 )
...
Add federation_domain_whitelist
gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
2018-01-22 19:11:18 +01:00
d84f65255e
Merge pull request #2813 from matrix-org/matthew/registrations_require_3pid
...
add registrations_require_3pid and allow_local_3pids
2018-01-22 13:57:22 +00:00
5552ed9a7f
Add an admin route to get all the media in a room
...
This is intended to be used by administrators to monitor the media that is passing through their server, if they wish.
Signed-off-by: Travis Ralston <travpc@gmail.com>
2018-01-20 22:37:53 -07:00
49fce04624
fix typo (thanks sytest)
2018-01-19 19:55:38 +00:00
b0d9e633ee
Merge pull request #2814 from matrix-org/rav/fix_urlcache_thumbs
...
Use the right path for url_preview thumbnails
2018-01-19 18:57:15 +00:00
ad7ec63d08
Use the right path for url_preview thumbnails
...
This was introduced by #2627 : we were overwriting the original media for url
previews with the thumbnails :/
(fixes https://github.com/vector-im/riot-web/issues/6012 , hopefully)
2018-01-19 18:29:39 +00:00
62d7d66ae5
oops, check all login types
2018-01-19 18:23:56 +00:00
293380bef7
trailing commas
2018-01-19 15:38:53 +00:00
447f4f0d5f
rewrite based on PR feedback:
...
* [ ] split config options into allowed_local_3pids and registrations_require_3pid
* [ ] simplify and comment logic for picking registration flows
* [ ] fix docstring and move check_3pid_allowed into a new util module
* [ ] use check_3pid_allowed everywhere
@erikjohnston PTAL
2018-01-19 15:33:55 +00:00
9d332e0f79
fix up v1, and improve errors
2018-01-19 00:53:58 +00:00
0af58f14ee
fix pep8
2018-01-19 00:33:51 +00:00
28a6ccb49c
add registrations_require_3pid
...
lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails
2018-01-19 00:19:58 +00:00
cd871a3057
Fix storage provider bug introduced when renamed to store_local
2018-01-18 18:37:59 +00:00
8ff6726c0d
Merge pull request #2812 from matrix-org/erikj/media_storage_provider_config
...
Make storage providers configurable
2018-01-18 18:33:57 +00:00
3fe2bae857
Missing staticmethod
2018-01-18 17:11:45 +00:00
aae77da73f
Fixup comments
2018-01-18 17:11:29 +00:00
9a89dae8c5
Fix typo in thumbnail resource causing access times to be incorrect
2018-01-18 15:06:24 +00:00
0af5dc63a8
Make storage providers more configurable
2018-01-18 14:07:21 +00:00
2cf6a7bc20
Use better file consumer
2018-01-18 12:00:46 +00:00
4a53f3a3e8
Ensure media is in local cache before thumbnailing
2018-01-18 12:00:46 +00:00
300edc2348
Update last access time when thumbnails are viewed
2018-01-17 10:24:43 +00:00
05f98a2224
Keep track of last access time for local media
2018-01-17 10:24:43 +00:00
d728c47142
Add docstring
2018-01-17 10:06:14 +00:00
d863f68cab
Use local vars
2018-01-16 16:24:15 +00:00
6368e5c0ab
Change _generate_thumbnails to take media_type
2018-01-16 16:17:38 +00:00
0a90d9ede4
Move setting of file_id up to caller
2018-01-16 16:03:05 +00:00
5dfc83704b
Fix typo
2018-01-16 14:32:56 +00:00
307f88dfb6
Fix up log lines
2018-01-16 13:53:52 +00:00
9795b9ebb1
Correctly use server_name/file_id when generating/fetching remote thumbnails
2018-01-16 12:02:06 +00:00
c5b589f2e8
Log when we respond with 404
2018-01-16 12:01:40 +00:00
a4c5e4a645
Fix thumbnailing remote files
2018-01-16 11:37:50 +00:00
1159abbdd2
Merge pull request #2767 from matrix-org/erikj/media_storage_refactor
...
Refactor MediaRepository to separate out storage
2018-01-16 10:23:50 +00:00
21bf87a146
Reinstate media download on thumbnail request
...
We need to actually download the remote media when we get a request for a
thumbnail.
2018-01-12 15:38:06 +00:00
694f1c1b18
Fix up comments
2018-01-12 15:02:46 +00:00
e21370ba54
Correctly reraise exception
2018-01-12 14:44:02 +00:00
85a4d78213
Make Responder a context manager
2018-01-12 13:32:03 +00:00
dcc8eded41
Add missing class var
2018-01-12 13:16:27 +00:00
81391fa162
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/media_storage_refactor
2018-01-12 11:28:49 +00:00
1e4edd1717
Remove unnecessary condition
2018-01-12 11:28:32 +00:00
c6c009603c
Remove unused variables
2018-01-12 11:24:05 +00:00
4d88958cf6
Make class var local
2018-01-12 11:23:54 +00:00
227c491510
Comments
2018-01-12 11:22:41 +00:00
5f23b6d5ea
Merge pull request #2766 from matrix-org/rav/room_event
...
Add /room/{id}/event/{id} to synapse
2018-01-11 14:47:18 +00:00
8f03aa9f61
Add StorageProvider concept
2018-01-09 16:16:12 +00:00
2442e9876c
Make PreviewUrlResource use MediaStorage
2018-01-09 16:15:07 +00:00
9d30a7691c
Make ThumbnailResource use MediaStorage
2018-01-09 16:15:07 +00:00
9e20840e02
Use MediaStorage for remote media
2018-01-09 16:15:07 +00:00
dd3092c3a3
Use MediaStorage for local files
2018-01-09 16:15:07 +00:00
ada470bccb
Add MediaStorage class
2018-01-09 16:15:07 +00:00
1ee787912b
Add some helper classes
2018-01-09 16:15:07 +00:00
47ca5eb882
Split out add_file_headers
2018-01-09 16:15:07 +00:00
b6c9deffda
Remove dead TODO
2018-01-09 15:53:23 +00:00
51c9d9ed65
Add /room/{id}/event/{id} to synapse
...
Turns out that there is a valid usecase for retrieving event by id (notably
having received a push), but event ids should be scoped to room, so /event/{id}
is wrong.
2018-01-09 14:39:12 +00:00
b30cd5b107
Remove dead code related to default thumbnails
2018-01-09 14:38:33 +00:00
75c1b8df01
Better logging when login can't find a 3pid
2017-12-20 19:31:00 +00:00
16ec3805e5
Fix error when deleting devices
...
This was introduced in d7ea8c4#2728
2017-12-05 09:49:22 +00:00
d7ea8c4800
Factor out a validate_user_via_ui_auth method
...
Collect together all the places that validate a logged-in user via UI auth.
2017-12-05 09:42:30 +00:00
d5f9fb06b0
Refactor UI auth implementation
...
Instead of returning False when auth is incomplete, throw an exception which
can be caught with a wrapper.
2017-12-05 09:40:05 +00:00
ad7e570d07
Delete devices in various logout situations
...
Make sure that we delete devices whenever a user is logged out due to any of
the following situations:
* /logout
* /logout_all
* change password
* deactivate account (by the user or by an admin)
* invalidate access token from a dynamic module
Fixes #2672 .
2017-11-29 16:44:35 +00:00
ae31f8ce45
Move set_password into its own handler
...
Non-functional refactoring to move set_password. This means that we'll be able
to properly deactivate devices and access tokens without introducing a
dependency loop.
2017-11-29 16:44:35 +00:00
7ca5c68233
Move deactivate_account into its own handler
...
Non-functional refactoring to move deactivate_account. This means that we'll be
able to properly deactivate devices and access tokens without introducing a
dependency loop.
2017-11-29 16:44:35 +00:00
ab1b2d0ff2
Allow guest access to group APIs for reading
2017-11-28 11:23:00 +00:00
5a4da5bf78
Merge pull request #2697 from matrix-org/rav/fix_urlcache_index_error
...
Fix error on sqlite 3.7
2017-11-27 12:25:48 +00:00
8132a6b7ac
Fix OPTIONS on preview_url
...
Fixes #2706
2017-11-23 17:52:31 +00:00
2908f955d1
Check database in has_completed_background_updates
...
so that the right thing happens on workers.
2017-11-22 18:02:15 +00:00
7098b65cb8
Fix error on sqlite 3.7
...
Create the url_cache index on local_media_repository as a background update, so
that we can detect whether we are on sqlite or not and create a partial or
complete index accordingly.
To avoid running the cleanup job before we have built the index, add a bailout
which will defer the cleanup if the bg updates are still running.
Fixes https://github.com/matrix-org/synapse/issues/2572 .
2017-11-21 11:14:17 +00:00
30d2730ee2
Declare support for r0.3.0
2017-11-15 16:24:22 +00:00
7bd6c87eca
Merge pull request #2668 from turt2live/travis/whoami
...
Add a route for determining who you are
2017-11-14 09:54:21 +00:00
812c191939
Remove redundent call
...
Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-11-13 12:44:21 -07:00
2d314b771f
Add a route for determining who you are
...
Useful for applications which may have an access token, but no idea as to who owns it.
Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-11-12 23:39:38 -07:00
5d15abb120
Bit more logging
2017-11-10 16:58:04 +00:00
46790f50cf
Cache failures in url_preview handler
...
Reshuffle the caching logic in the url_preview handler so that failures are
cached (and to generally simplify things and fix the logcontext leaks).
2017-11-10 16:50:50 +00:00
e508145c9b
Add some more comments appservice user registration
...
Explain why we don't validate userids registered via app services
2017-11-10 12:39:45 +00:00
e0ebd1e4bd
Downcase userids for shared-secret registration
2017-11-10 12:39:05 +00:00
9b599bc18d
Downcase userid on registration
...
Force username to lowercase before attempting to register
https://github.com/matrix-org/synapse/issues/2660
2017-11-09 22:20:01 +00:00
4e2b2508af
Register group servlet
2017-11-09 15:49:42 +00:00
e8814410ef
Have an explicit API to update room config
2017-11-08 16:13:27 +00:00
94ff2cda73
Revert "Modify group room association API to allow modification of is_public"
2017-11-08 15:43:34 +00:00
3db5ff69b2
Merge pull request #2576 from maximevaillancourt/exclude-noscript-url-preview
...
Ignore <noscript> tags when generating URL preview descriptions
2017-11-07 11:09:22 +00:00
6c3a02072b
support inhibit_login in /register
...
Allow things to pass inhibit_login when registering to ... inhibit logins.
2017-11-02 16:31:07 +00:00
4c8f94ac94
Allow password_auth_providers to return a callback
...
... so that they have a way to record access tokens.
2017-11-01 16:51:03 +00:00
4f0488b307
Merge remote-tracking branch 'origin/develop' into rav/refactor_accesstoken_delete
2017-11-01 16:20:19 +00:00
e5e930aec3
Merge pull request #2615 from matrix-org/rav/break_auth_device_dep
...
Break dependency of auth_handler on device_handler
2017-11-01 16:06:31 +00:00
dd13310fb8
Move access token deletion into auth handler
...
Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.
2017-11-01 15:46:22 +00:00
0bb253f37b
Apparently this is python
2017-11-01 14:02:52 +00:00
59e7e62c4b
Log login requests
...
Carefully though, to avoid logging passwords
2017-11-01 13:58:01 +00:00
74c56f794c
Break dependency of auth_handler on device_handler
...
I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.
It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up.
2017-11-01 10:27:06 +00:00
20fe347906
Modify group room association API to allow modification of is_public
...
also includes renamings to make things more consistent.
2017-10-31 17:04:28 +00:00
1b65ae00ac
Refactor some logic from LoginRestServlet into AuthHandler
...
I'm going to need some more flexibility in handling login types in password
auth providers, so as a first step, move some stuff from LoginRestServlet into
AuthHandler.
In particular, we pass everything other than SAML, JWT and token logins down to
the AuthHandler, which now has responsibility for checking the login type and
fishing the password out of the login dictionary, as well as qualifying the
user_id if need be. Ideally SAML, JWT and token would go that way too, but
there's no real need for it right now and I'm trying to minimise impact.
This commit *should* be non-functional.
2017-10-31 10:48:41 +00:00
4d83632009
Merge pull request #2591 from matrix-org/rav/device_delete_auth
...
Device deletion: check UI auth matches access token
2017-10-27 12:30:10 +01:00
110b373e9c
Merge pull request #2589 from matrix-org/rav/as_deactivate_account
...
Allow ASes to deactivate their own users
2017-10-27 12:29:32 +01:00
d8c26162a1
Merge pull request #2582 from matrix-org/luke/group-is-public
...
Add is_public to groups table to allow for private groups
2017-10-27 11:41:13 +01:00
7a6546228b
Device deletion: check UI auth matches access token
...
(otherwise there's no point in the UI auth)
2017-10-27 00:04:31 +01:00
785bd7fd75
Allow ASes to deactivate their own users
2017-10-27 00:01:00 +01:00
595fe67f01
delint
2017-10-26 17:20:24 +01:00
9b2feef9eb
Add is_public to groups table to allow for private groups
...
Prevent group API access to non-members for private groups
Also make all the group code paths consistent with `requester_user_id` always being the User ID of the requesting user.
2017-10-26 16:51:32 +01:00
8299b323ee
add release endpoints for /thirdparty
2017-10-26 16:58:20 +02:00
9b436c8b4c
register some /unstable endpoints in /r0 as well
2017-10-26 15:22:50 +02:00
5287e57c86
Ignore noscript tags when generating URL previews
2017-10-25 20:44:34 -04:00
eaaabc6c4f
replace 'except:' with 'except Exception:'
...
what could possibly go wrong
2017-10-23 15:52:32 +01:00
d03cfc4258
Fix a logcontext leak in the media repo
2017-10-23 14:34:27 +01:00
631d7b87b5
Remove pointless create() method
...
It just calls the constructor, so we may as well kill it rather than having
random codepaths.
2017-10-20 22:14:55 +01:00
bd5718d0ad
Fix typo in thumbnail generation
2017-10-19 10:27:18 +01:00
fe6e9f580b
Merge pull request #2550 from krombel/fix_thumbnail_2548
...
fix thumbnailing (#2548 )
2017-10-17 15:35:18 +01:00
4e242b3e20
Merge pull request #2545 from matrix-org/dbkr/auto_join_rooms
...
Add config option to auto-join new users to rooms
2017-10-17 11:45:49 +01:00
a6245478c8
fix thumbnailing ( #2548 )
...
in commit 0e28281a
2017-10-17 12:45:33 +02:00
c05e6015cc
Add config option to auto-join new users to rooms
...
New users who register on the server will be dumped into all rooms in
auto_join_rooms in the config.
2017-10-16 17:57:27 +01:00
85f5674e44
Delint
2017-10-16 15:52:17 +01:00
2c5972f87f
Implement GET /groups/$groupId/invited_users
2017-10-16 15:31:11 +01:00
1b6b0b1e66
Add try/finally block to close t_byte_source
2017-10-13 15:34:08 +01:00
6b725cf56a
Remove old comment
2017-10-13 15:23:41 +01:00
2b24416e90
Don't reuse source but instead copy from primary media store to backup
2017-10-13 14:11:34 +01:00
b92a8e6e4a
PEP8
2017-10-13 13:58:57 +01:00
31aa7bd8d1
Move type into key
2017-10-13 13:47:38 +01:00
ad1911bbf4
Comment
2017-10-13 13:47:05 +01:00
c021c39cbd
Remove spurious addition
2017-10-13 13:46:53 +01:00
1f43d22397
Don't needlessly rename variable
2017-10-13 11:42:07 +01:00
a675bd08bd
Add paths back in...
2017-10-13 11:41:06 +01:00
4d7e1dde70
Remove unnecessary diff
2017-10-13 11:36:32 +01:00
ae5d18617a
Make things be absolute paths again
2017-10-13 11:35:44 +01:00
9732ec6797
s/write_to_file/write_to_file_and_backup/
2017-10-13 11:34:41 +01:00
0e28281a02
Fix up
2017-10-13 11:33:49 +01:00
505371414f
Fix up thumbnailing function
2017-10-13 11:23:53 +01:00
e3428d26ca
Fix typo
2017-10-13 10:39:59 +01:00
35332298ef
Fix up comments
2017-10-13 10:39:32 +01:00
64db043a71
Move makedirs to thread
2017-10-13 10:25:01 +01:00
b60859d6cc
Use make_deferred_yieldable
2017-10-13 10:24:19 +01:00
d76621a47b
Fix comments
2017-10-12 18:16:25 +01:00
4ae85ae121
Don't close prematurely..
2017-10-12 17:57:31 +01:00
cc505b4b5e
getvalue closes buffer
2017-10-12 17:52:30 +01:00
1259a76047
Get len before close
2017-10-12 17:39:23 +01:00
802ca12d05
Don't close file prematurely
2017-10-12 17:37:21 +01:00
e283b555b1
Copy everything to backup
2017-10-12 17:31:24 +01:00
b77a13812c
Typo
2017-10-12 15:32:32 +01:00
6dfde6d485
Remove dead code
2017-10-12 15:30:26 +01:00
c8eeef6947
Fix typos
2017-10-12 15:28:24 +01:00
67cb89fbdf
Fix typo
2017-10-12 15:23:41 +01:00
bf4fb1fb40
Basic implementation of backup media store
2017-10-12 15:20:59 +01:00
27955056e0
Merge branch 'develop' into erikj/groups_merged
2017-10-02 16:20:41 +01:00
d5694ac5fa
Only log if we've removed media
2017-09-28 16:08:08 +01:00
7cc483aa0e
Clear up expired url cache every 10s
2017-09-28 13:56:53 +01:00
e1e7d76cf1
Actually assign result to variable
2017-09-28 13:55:29 +01:00
5f501ec7e2
Fix typo in url cache expiry timer
2017-09-28 12:59:01 +01:00
ace8079086
Support new and old style media id formats
2017-09-28 12:52:51 +01:00
ae79764fe5
Change expires column to expires_ts
2017-09-28 12:37:53 +01:00
9ccb4226ba
Delete expired url cache data
2017-09-28 12:18:06 +01:00
8090fd4664
Fix /joined_members to work with AS users
2017-09-28 10:09:32 +01:00
adec03395d
Fix bug where /joined_members didn't check user was in room
2017-09-27 15:14:39 +01:00
17b8e2bd02
Add remove room API
2017-09-26 15:52:41 +01:00
b5feaa5a49
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/groups_merged
2017-09-19 11:07:45 +01:00
69ef4987a6
Add left section to /keys/changes
2017-09-08 14:44:36 +01:00
53cc8ad35a
Send down device list change notif when member leaves/rejoins room
2017-09-07 15:08:39 +01:00
bf81f3cf2c
Split out profile handler to fix tests
2017-08-25 14:34:56 +01:00
ba3ff7918b
Fixup
2017-08-11 13:42:42 +01:00
ef8e578677
Add bulk group publicised lookup API
2017-08-09 13:36:22 +01:00
b880ff190a
Allow update group publicity
2017-08-08 14:19:41 +01:00
eae04f1952
fix english
2017-08-04 23:56:42 +01:00
5699b05072
typo
2017-08-04 23:44:37 +01:00
09552f9d9c
Reduce spammy log line in synchrotrons
2017-08-02 17:29:51 +01:00
96917d5552
Merge pull request #2378 from matrix-org/erikj/group_sync_support
...
Add groups to sync stream
2017-07-21 11:05:39 +01:00
b238cf7f6b
Remove spurious content param
2017-07-20 17:49:55 +01:00
c544188ee3
Add groups to sync stream
2017-07-20 16:36:42 +01:00
6f443a74cf
Add update group profile API
2017-07-20 09:46:33 +01:00
14a34f12d7
Comments
2017-07-18 17:28:42 +01:00
3431ec55dc
Comments
2017-07-18 17:23:50 +01:00
2f9eafdd36
Add local group server support
2017-07-17 12:03:49 +01:00
85b9f76f1d
split out reducing stuff; just make encode_* static
2017-07-11 13:14:35 +02:00
2f82de18ee
fix test
2017-07-10 17:34:58 +02:00
6e16aca8b0
encode sync-response statically; omit empty objects from sync-response
2017-07-10 16:42:17 +02:00
5a7f561a9b
Fix bug where pusherpool didn't start and broke some rooms
...
Since we didn't instansiate the PusherPool at start time it could fail
at run time, which it did for some users.
This may or may not fix things for those users, but it should happen at
start time and stop the server from starting.
2017-07-06 17:55:51 +01:00
7fe8ed1787
Store URL cache preview downloads seperately
...
This makes it easier to clear old media out at a later date
2017-06-23 11:14:11 +01:00
b8b936a6ea
Add API to quarantine media
2017-06-19 17:39:21 +01:00
36e51aad3c
Remove unused import
2017-06-19 14:42:21 +01:00
b490299a3b
Change to create new room and join other users
2017-06-19 14:10:13 +01:00
5db7070dd1
Forget room
2017-06-19 12:40:29 +01:00
d7fe6b356c
Add shutdown room API
2017-06-19 12:37:27 +01:00
a9d6fa8b2b
Include users who share room with requester in user directory
2017-06-15 10:17:21 +01:00
48d2949416
Throw exception when not retrying when downloading media
2017-06-13 10:23:14 +01:00
63fda37e20
Add comments
2017-05-31 15:00:29 +01:00
535c99f157
Use POST
2017-05-31 14:15:45 +01:00
45a5df5914
Add REST API
2017-05-31 14:11:55 +01:00
9a804b2812
Merge pull request #2243 from matrix-org/matthew/fix-url-preview-length-again
...
actually trim oversize og:description meta
2017-05-23 13:26:28 +01:00
836d5c44b6
actually trim oversize og:description meta
2017-05-22 21:14:20 +01:00
b4f59c7e27
Add count of one time keys to sync stream
2017-05-19 15:47:55 +01:00
2c9475b58e
Merge pull request #2221 from psaavedra/sync_timeline_limit_filter_by_name
...
Configurable maximum number of events requested by /sync and /messages
2017-05-15 16:08:46 +01:00
d12ae7fd1c
Don't log exceptions for NotRetryingDestination
2017-05-15 15:42:18 +01:00
224137fcf9
Fixed syntax nits
2017-05-15 16:21:02 +02:00
627e6ea2b0
Fixed implementation errors
...
* Added HS as property in SyncRestServlet
* Fixed set_timeline_upper_limit function implementat¡ion
2017-05-15 14:51:43 +02:00
9da4316ca5
Configurable maximum number of events requested by /sync and /messages ( #2220 )
...
Set the limit on the returned events in the timeline in the get and sync
operations. The default value is -1, means no upper limit.
For example, using `filter_timeline_limit: 5000`:
POST /_matrix/client/r0/user/user:id/filter
{
room: {
timeline: {
limit: 1000000000000000000
}
}
}
GET /_matrix/client/r0/user/user:id/filter/filter:id
{
room: {
timeline: {
limit: 5000
}
}
}
The server cuts down the room.timeline.limit.
2017-05-13 18:17:54 +02:00
369195caa5
Modify register/available to be GET with query param
...
- GET is now the method for register/available
- a query parameter "username" is now used
Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
2017-05-10 17:23:55 +01:00
f7278e612e
Change register/available to POST (from GET)
2017-05-10 11:40:18 +01:00
6aa423a1a8
Merge pull request #2183 from matrix-org/luke/username-availability
...
Implement username availability checker
2017-05-04 09:58:40 +01:00
3669065466
Appease the flake8 gods
2017-05-03 18:05:49 +01:00
34ed4f4206
Implement username availability checker
...
Outlined here: https://github.com/vector-im/riot-web/issues/3605#issuecomment-298679388
```HTTP
GET /_matrix/.../register/available
{
"username": "desiredlocalpart123"
}
```
If available, the response looks like
```HTTP
HTTP/1.1 200 OK
{
"available": true
}
```
Otherwise,
```HTTP
HTTP/1.1 429
{
"errcode": "M_LIMIT_EXCEEDED",
"error": "Too Many Requests",
"retry_after_ms": 2000
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_USER_IN_USE",
"error": "User ID already taken."
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_INVALID_USERNAME",
"error": "Some reason for username being invalid"
}
```
2017-05-03 12:04:12 +01:00
3e5a62ecd8
Add more granular event send metrics
2017-05-02 14:23:26 +01:00
25a96e0c63
Merge pull request #2163 from matrix-org/erikj/fix_invite_state
...
Fix invite state to always include all events
2017-04-27 17:36:30 +01:00
46826bb078
Comment and remove spurious logging
2017-04-27 17:25:44 +01:00
d3c150411c
Merge pull request #2130 from APwhitehat/roomexists
...
Check that requested room_id exists
2017-04-27 09:20:26 +01:00
34e682d385
Fix invite state to always include all events
2017-04-26 16:18:08 +01:00
d9aa645f86
Reduce size of joined_user cache
...
The _get_joined_users_from_context cache stores a mapping from user_id
to avatar_url and display_name. Instead of storing those in a dict,
store them in a namedtuple as that uses much less memory.
We also try converting the string to ascii to further reduce the size.
2017-04-25 14:38:51 +01:00
e6e2627636
Fix code for reporting old verify keys in synapse
2017-04-24 18:51:25 +01:00
3fb8784c92
m.read_marker -> m.fully_read ( #2128 )
...
Also:
- change the REST endpoint to have a "S" on the end (so it's now /read_markers)
- change the content of the m.read_up_to event to have the key "event_id" instead of "marker".
2017-04-18 17:46:15 +01:00
574d573ac2
Check that requested room_id exists
2017-04-14 23:50:59 +05:30
cf6121e3da
More null-guard changes
2017-04-12 14:02:03 +01:00
c0aba0a23e
Remove Unused ref to hs
2017-04-12 10:52:11 +01:00
b9676a75f6
Move a space
2017-04-12 10:51:17 +01:00
0127423027
flake8
2017-04-11 17:07:07 +01:00
d892079844
Finish implementing RM endpoint
...
- This change causes a 405 to be sent if "m.read_marker" is set via /account_data
- This also fixes-up the RM endpoint so that it actually Works.
2017-04-11 15:01:39 +01:00
e263c26690
Initial commit of RM server-side impl
...
(See https://docs.google.com/document/d/1UWqdS-e1sdwkLDUY0wA4gZyIkRp-ekjsLZ8k6g_Zvso/edit#heading=h.lndohpg8at5u )
2017-04-11 11:55:30 +01:00
142b6b4abf
Merge pull request #2011 from matrix-org/matthew/turn_allow_guests
...
add setting (on by default) to support TURN for guests
2017-03-31 14:37:09 +01:00
2a06b44be2
Merge pull request #1986 from matrix-org/matthew/enable_guest_3p
...
enable guest access for the 3pl/3pid APIs
2017-03-31 14:36:03 +01:00
9ee397b440
switch to allow_guest=True for authing 3Ps as per PR feedback
2017-03-31 13:54:26 +01:00
01fc847f7f
Merge pull request #2057 from matrix-org/rav/missing_yield_2
...
Add another missing yield on check_device_registered
2017-03-24 12:46:43 +00:00
13c8749ac9
Add another missing yield on check_device_registered
2017-03-23 22:18:53 +00:00
a2dfab12c5
Fix token request for addition of phone numbers
2017-03-23 18:46:17 +00:00
6957bfdca6
Don't recreate so many sets
2017-03-16 11:54:26 +00:00
a297155a97
Remove unused import
2017-03-15 14:49:25 +00:00
6c82de5100
Format presence events on the edges instead of reformatting them multiple times
2017-03-15 14:27:34 +00:00
0ad44acb5a
Merge pull request #1997 from matrix-org/dbkr/cas_partialdownload
...
Handle PartialDownloadError in CAS login
2017-03-15 13:52:34 +00:00
e0ff66251f
add setting (on by default) to support TURN for guests
2017-03-15 12:22:18 +00:00
7827251daf
Merge pull request #1994 from matrix-org/dbkr/msisdn_signin_2
...
Phone number registration / login support v2
2017-03-15 09:59:54 +00:00
f2ed64eaaf
Merge pull request #1992 from matrix-org/rav/fix_media_loop
...
Fix routing loop when fetching remote media
2017-03-14 23:40:35 +00:00
1d09586599
Address review comments
...
- don't blindly proxy all HTTPRequestExceptions
- log unexpected exceptions at error
- avoid `isinstance`
- improve docs on `from_http_response_exception`
2017-03-14 14:15:37 +00:00
1ece06273e
Handle PartialDownloadError in CAS login
2017-03-14 13:37:36 +00:00
7b6ed9871e
Use extend instead of +=
2017-03-14 10:49:55 +00:00
d79a687d85
Oops, remove print
2017-03-14 10:40:20 +00:00
bbeeb97f75
Implement _simple_delete_many_txn, use it to delete devices
...
(But this doesn't implement the same for deleting access tokens or e2e keys.
Also respond to code review.
2017-03-13 17:53:23 +00:00
0a9945220e
Fix registration for broken clients
...
Only offer msisdn flows if the x_show_msisdn option is given.
2017-03-13 17:29:38 +00:00
73a5f06652
Support registration / login with phone number
...
Changes from https://github.com/matrix-org/synapse/pull/1971
2017-03-13 17:27:51 +00:00
c077c3277b
Flake
2017-03-13 16:45:38 +00:00
c81f33f73d
Implement delete_devices API
...
This implements the proposal here https://docs.google.com/document/d/1C-25Gqz3TXy2jIAoeOKxpNtmme0jI4g3yFGqv5GlAAk for deleting multiple devices at once in a single request.
2017-03-13 16:33:51 +00:00
170ccc9de5
Fix routing loop when fetching remote media
...
When we proxy a media request to a remote server, add a query-param, which will
tell the remote server to 404 if it doesn't recognise the server_name.
This should fix a routing loop where the server keeps forwarding back to
itself.
Also improves the error handling on remote media fetches, so that we don't
always return a rather obscure 502.
2017-03-13 16:30:36 +00:00
7eae6eaa2f
Revert "Support registration & login with phone number"
2017-03-13 09:59:33 +00:00
a61dd408ed
enable guest access for the 3pl/3pid APIs
2017-03-12 19:30:45 +00:00
ece7e00048
Comment when our 3pids would be incomplete
2017-03-08 19:07:18 +00:00
727124a762
Not any more, it doesn't
2017-03-08 19:00:23 +00:00
d4d3629aaf
Better error message
2017-03-08 17:01:26 +00:00
1c99934b28
pep8
2017-03-08 11:58:20 +00:00
85bb322333
Pull out datastore in initialiser
2017-03-08 11:51:25 +00:00
65d43f3ca5
Minor fixes from PR feedback
2017-03-08 11:48:43 +00:00
82c5e7de25
Typos
2017-03-08 11:42:44 +00:00
2e27339add
Refector out assert_params_in_request
...
and replace requestEmailToken where we meant requestMsisdnToken
2017-03-08 11:37:34 +00:00
88df6c0c9a
Factor out msisdn canonicalisation
...
Plus a couple of other minor fixes
2017-03-08 11:03:39 +00:00
402a7bf63d
Fix pep8
2017-03-08 09:33:40 +00:00
00466e2feb
Support new login format
...
https://docs.google.com/document/d/1-6ZSSW5YvCGhVFDyD2QExAUAdpCWjccvJT5xiyTTG2Y/edit#
2017-03-07 16:37:23 +00:00
b0effa2160
Add msisdns as 3pids during registration
...
and support binding them with the bind_msisdn param
2017-03-03 18:34:39 +00:00
3557cf34dc
Merge remote-tracking branch 'origin/develop' into dbkr/msisdn_signin
2017-03-01 17:20:37 +00:00
acf6d4d2e3
Merge pull request #1945 from jkolo/fix_dynamic_thumbnails_aspect
...
Fix #1677 (dynamic thumbnails aspect)
2017-02-27 09:51:52 +00:00
aea5461488
Fix dynamic thumbnails aspect
2017-02-24 22:43:27 +01:00
17673404fb
Remove unused param
2017-02-20 15:02:01 +00:00
fa467e62a9
Merge pull request #1917 from matrix-org/dbkr/make_ban_reasons_work
...
Make kick & ban reasons work
2017-02-14 16:10:06 +00:00
355d62c499
Make kick & ban reasons work
...
We somehow specced APIs with reason strings, preserve the content
in the events and even have the clients display them, but failed
to actually pass the parameter through to the event content.
2017-02-14 15:10:55 +00:00
ce3e583d94
WIP support for msisdn 3pid proxy methods
2017-02-14 15:05:55 +00:00
d0497425f8
Ordering is important on errbacks so add the cleanup func before creating an ObservableDeferred
2017-02-13 13:49:44 +00:00
808ddf0ae7
Pop the txn from the map in case it has already been deleted somehow
2017-02-13 13:36:15 +00:00
feb15dc99f
Don't cache errors at all
2017-02-13 13:33:12 +00:00
ecd7e36047
http txns: Do not cache error responses
...
Previously we did. This meant that, amongst other errors, rate-limiting errors
would be cached and prevent messages with that txn ID being sent.
2017-02-13 13:16:48 +00:00
af6da6db2d
Merge pull request #1784 from morteza-araby/user-admin
...
Administration functionalities
2017-02-06 16:21:10 +01:00
6826593b81
sets aren't JSON serializable
2017-02-02 14:55:54 +00:00
2849d3f29d
admin,storage: added more administrator functionalities
...
administrators can now:
- Set displayname of users
- Update user avatars
- Search for users by user_id
- Browse all users in a paginated API
- Reset user passwords
- Deactivate users
Helpers for doing paginated queries has also been added to storage
Signed-off-by: Morteza Araby <morteza.araby@ericsson.com>
2017-02-02 14:02:26 +01:00
51adaac953
Fix email push in pusher worker
...
This was broken when device list updates were implemented, as Mailer
could no longer instantiate an AuthHandler due to a dependency on
federation sending.
2017-02-02 10:53:36 +00:00
7e919bdbd0
Include newly joined users in /keys/changes API
2017-02-01 17:33:16 +00:00
73d676dc8b
Comment
2017-02-01 13:17:17 +00:00
acb501c46d
Comment
2017-02-01 10:32:49 +00:00
97479d0c54
Implement /keys/changes
2017-02-01 10:30:03 +00:00
2367c5568c
Add basic implementation of local device list changes
2017-01-25 14:27:27 +00:00
1e38be3a7a
Added username and password for turn server
...
It makes it possible to use a turn server that needs a username and
password instead of a token.
2017-01-19 14:08:20 +01:00
8c5009b628
Lowercase all email addresses before querying db
...
Since we store all emails in the DB in lowercase
(https://github.com/matrix-org/synapse/pull/1170 )
2017-01-18 13:25:56 +00:00
ebf94aff8d
Fix spurious Unhandled Error log lines
2017-01-12 17:19:47 +00:00
32019c9897
Log which files we saved attachments to in the media_repository
2017-01-10 14:19:50 +00:00
7d0981b312
Merge pull request #1787 from matrix-org/erikj/linearize_member
...
Linearize updates to membership via PUT /state/
2017-01-10 14:04:54 +00:00
6823fe5241
Linearize updates to membership via PUT /state/
2017-01-09 18:25:13 +00:00
f7085ac84f
Name linearizer's for better logs
2017-01-09 17:17:10 +00:00
0c88ab1844
Add /account/3pid/delete endpoint
...
Also fix a typo in a comment
2016-12-20 18:27:30 +00:00
24c16fc349
Fix crash in url preview when html tag has no text
...
Signed-off-by: Marcin Bachry <hegel666@gmail.com>
2016-12-14 22:38:18 +01:00
1574b839e0
Merge pull request #1676 from matrix-org/erikj/room_list
...
Add new API appservice specific public room list
2016-12-12 17:00:10 +00:00
abed247182
Remove unspecced GET endpoints for e2e keys
...
GET /keys/claim is a terrible idea, since it isn't idempotent; also it throws
500 errors if you call it without all the right params.
GET /keys/query is arguable, but it's unspecced, so let's get rid of it too to
stop people relying on unspecced APIs.
2016-12-12 12:31:40 +00:00
52d12ca782
Add /room/<room_id>/joined_members API
...
This returns the currently joined members in the room with their display
names and avatar urls. This is more efficient than /members for large
rooms where you don't need the full events.
2016-12-08 13:32:07 +00:00
de796f27e6
Add joined_rooms servlet
2016-12-08 11:39:03 +00:00
f32fb65552
Add new API appservice specific public room list
2016-12-06 16:12:27 +00:00
32c8b5507c
preview_url_resource: Ellipsis must be in unicode string
...
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-01 13:12:13 +01:00
6841d8ff55
Fix doc-string
...
Remove refresh_token reference
2016-12-01 11:42:17 +00:00
aa09d6b8f0
Rip out more refresh_token code
...
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema.
2016-11-30 17:40:18 +00:00
dc4b23e1a1
Merge branch 'develop' into rav/no_more_refresh_tokens
2016-11-30 17:10:04 +00:00
321fe5c44c
Merge pull request #1656 from matrix-org/rav/remove_time_caveat
...
Stop putting a time caveat on access tokens
2016-11-30 16:53:20 +00:00
77eca2487c
Merge pull request #1653 from matrix-org/rav/guest_e2e
...
Implement E2E for guests
2016-11-29 17:41:35 +00:00
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
f62b69e32a
Allow guest access to endpoints for E2E
...
Expose /devices, /keys, and /sendToDevice to guest users, so that they can use
E2E.
2016-11-25 15:26:34 +00:00
7f02e4d008
Give guest users a device_id
...
We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one.
2016-11-25 15:25:30 +00:00
feec718265
Shuffle receipt handler around so that worker apps don't need to load it
2016-11-23 15:14:24 +00:00
d4a459f7cb
Merge pull request #1638 from matrix-org/kegan/sync-event-fields
...
Implement "event_fields" in filters
2016-11-22 14:02:38 +00:00
cea4e4e7b2
Glue only_event_fields into the sync rest servlet
2016-11-22 10:14:05 +00:00
a289150943
Fix flake8
2016-11-18 17:15:02 +00:00
544722bad2
Work around client replacing reg params
...
Works around https://github.com/vector-im/vector-android/issues/715
and equivalent for iOS
2016-11-18 17:07:35 +00:00
3991b4cbdb
Clean transactions based on time. Add HttpTransactionCache tests.
2016-11-14 11:19:24 +00:00
af4a1bac50
Move .observe() up to the cache to make things neater
2016-11-14 09:52:41 +00:00
8ecaff51a1
Review comments
2016-11-11 17:47:03 +00:00
f6c48802f5
More flake8
2016-11-11 15:08:24 +00:00
a88bc67f88
Flake8 and fix whoopsie
2016-11-11 15:02:29 +00:00
42c43cfafd
Use ObservableDeferreds instead of Deferreds as they behave as intended
2016-11-11 14:54:10 +00:00
c7daf3136c
Use observable deferreds because they are sane
2016-11-11 14:13:32 +00:00
8a8ad46f48
Flake8
2016-11-10 15:22:11 +00:00
2771447c29
Store Promise<Response> instead of Response for HTTP API transactions
...
This fixes a race whereby:
- User hits an endpoint.
- No cached transaction so executes main code.
- User hits same endpoint.
- No cache transaction so executes main code.
- Main code finishes executing and caches response and returns.
- Main code finishes executing and caches response and returns.
This race is common in the wild when Synapse is struggling under load.
This commit fixes the race by:
- User hits an endpoint.
- Caches the promise to execute the main code and executes main code.
- User hits same endpoint.
- Yields on the same promise as the first request.
- Main code finishes executing and returns, unblocking both requests.
2016-11-10 14:49:26 +00:00
b1c27975d0
Set CORs headers on responses from the media repo
2016-11-02 11:29:25 +00:00
78c083f159
Merge pull request #1164 from pik/error-codes
...
Clarify Error codes for GET /filter/
2016-10-19 14:26:17 +01:00
e8b1d2a452
Refactor test_filter to use real DataStore
...
* add tests for filter api errors
2016-10-18 12:17:38 -05:00
d9350b0db8
Error codes for filters
...
* add tests
Signed-off-by: Alexander Maznev <alexander.maznev@gmail.com>
2016-10-14 10:18:28 -05:00
f7aed3d7a2
Merge pull request #1168 from matrix-org/rav/ui_auth_on_device_delete
...
User-interactive auth on delete device
2016-10-13 09:38:41 +01:00
9009143fb9
Handle delete device requests with no body
...
We should probably return a 401 rather than a 400 for existing clients that
don't know they have to do the UIA dance to delete a device.
2016-10-12 18:47:28 +01:00
fbd3866bc6
User-interactive auth on delete device
2016-10-12 16:16:31 +01:00
9e18e0b1cb
Merge pull request #1167 from matrix-org/markjh/fingerprints
...
Add config option for adding additional TLS fingerprints
2016-10-12 15:27:44 +01:00
0af6213019
Improve comment formatting
2016-10-12 14:45:13 +01:00
6e9f3ab415
Add config option for adding additional TLS fingerprints
2016-10-11 19:14:46 +01:00
a2f2516199
Merge pull request #1157 from Rugvip/nolimit
...
Remove rate limiting from app service senders and fix get_or_create_user requester
2016-10-11 11:20:54 +01:00
7b5546d077
rest/client/v1/register: use the correct requester in createUser
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 22:12:32 +02:00
f382117852
window.postmessage for Interactive Auth fallback
...
If you're a webapp running the fallback in an iframe, you can't set set a
window.onAuthDone function. Let's post a message back to window.opener instead.
2016-10-06 18:16:59 +01:00
9bfc617791
storage/appservice: make appservice methods only relying on the cache synchronous
2016-10-06 15:24:59 +02:00
22578545a0
Time out typing over federation
2016-09-23 14:00:52 +01:00
87528f0756
Support /initialSync in synchrotron worker
2016-09-21 11:46:28 +01:00
ddc89df89d
Enable guest access to POST /publicRooms
2016-09-17 15:55:24 +01:00
2e67cabd7f
Make POST /publicRooms require auth
2016-09-16 11:32:51 +01:00
c33b25fd8d
Change the way we calculate new_limit in /publicRooms and add POST API
2016-09-15 17:35:20 +01:00
68c1ed4d1a
Remove default public rooms limit
2016-09-15 13:56:20 +01:00
1d98cf26be
By default limit /publicRooms to 100 entries
2016-09-15 13:18:35 +01:00
5810cffd33
Pass since/from parameters over federation
2016-09-15 10:36:19 +01:00
f3eead0660
Allow paginating both forwards and backwards
2016-09-15 10:15:37 +01:00
4131381123
Remove support for aggregate room lists
2016-09-15 09:28:15 +01:00
18ab019a4a
Move the E2E key handling into the e2e handler
2016-09-13 11:35:35 +01:00
949c2c5435
Add a timeout parameter for end2end key queries.
...
Add a timeout parameter for controlling how long synapse will wait
for responses from remote servers. For servers that fail include how
they failed to make it easier to debug.
Fetch keys from different servers in parallel rather than in series.
Set the default timeout to 10s.
2016-09-12 18:17:09 +01:00
29205e9596
Conform better to the CAS protocol specification
...
Redirect to CAS's /login endpoint properly, and
don't require an <attributes> element.
Signed-off-by: Shell Turner <cam.turn@gmail.com>
2016-09-09 21:20:14 +01:00
dbff7e9436
Merge pull request #1096 from matrix-org/markjh/get_access_token
...
Add helper function for getting access_tokens from requests
2016-09-09 17:09:27 +01:00
8aee5aa068
Add helper function for getting access_tokens from requests
...
Rather than reimplementing the token parsing in the various places.
This will make it easier to change the token parsing to allow access_tokens
in HTTP headers.
2016-09-09 16:33:15 +01:00
56f38d1776
Merge pull request #1091 from matrix-org/paul/third-party-lookup
...
Improvements to 3PE lookup API
2016-09-09 15:43:11 +01:00
d271383e63
Filter returned events for client-facing format
2016-09-09 14:40:15 +01:00
0fc0a3bdff
Allow clients to specify the format a room state event is returned in
2016-09-09 14:34:29 +01:00
bdbcfc2a80
appease pep8
2016-09-09 13:31:39 +01:00
6eb0c8a2e4
Python isn't JavaScript; have to quote dict keys
2016-09-09 13:31:17 +01:00
25eb769b26
Efficiency fix for lookups of a single protocol
2016-09-09 13:25:02 +01:00
3328428d05
Allow lookup of a single 3PE protocol query metadata
2016-09-09 13:19:04 +01:00
b8f84f99ff
Merge pull request #1081 from matrix-org/dbkr/notifications_only_highlight
...
Implement `only=highlight` on `/notifications`
2016-09-09 00:09:51 +01:00
257025ac89
Merge pull request #1082 from matrix-org/erikj/remote_public_rooms
...
Add server param to /publicRooms
2016-09-08 16:04:22 +01:00
3f9889bfd6
Use parse_string
2016-09-08 15:51:10 +01:00
fa9d36e050
Merge branch 'develop' into markjh/direct_to_device_federation
2016-09-08 13:43:43 +01:00
4ef222ab61
Implement `only=highlight` on `/notifications`
2016-09-08 13:43:35 +01:00
791658b576
Add server param to /publicRooms
2016-09-08 11:53:05 +01:00
d4a35ada28
Send device messages over federation
2016-09-06 18:16:20 +01:00
d51b8a1674
Add quotes and be explicity about script-src
2016-09-05 17:35:01 +01:00
662b031a30
Allow PDF to be rendered from media repo
2016-09-05 17:25:26 +01:00
7ed5acacf4
Fix up the calls to the notifier for device messages
2016-09-01 18:08:40 +01:00
1aa3e1d287
Add a replication stream for direct to device messages
2016-08-31 10:38:58 +01:00
4bbef62124
Merge remote-tracking branch 'origin/develop' into markjh/direct_to_device
2016-08-26 14:35:31 +01:00
1294d4a329
Move ThirdPartyEntityKind into api.constants so the expectation becomes that the value is significant
2016-08-25 18:34:47 +01:00
ab34fdecb7
Merge branch 'develop' into markjh/direct_to_device
2016-08-25 18:34:46 +01:00
b162cb2e41
Add some TODOs
2016-08-25 18:18:53 +01:00
641efb6a39
Fix the deduplication of incoming direct-to-device messages
2016-08-25 18:14:02 +01:00
e993925279
Add store-and-forward direct-to-device messaging
2016-08-25 17:35:37 +01:00
d9dcb2ba3a
Merge pull request #1041 from matrix-org/paul/third-party-lookup
...
Extend 3PE lookup APIs for metadata query
2016-08-25 17:06:53 +01:00
8e1ed09dff
Move static knowledge of protocol metadata into AS handler; cache the result
2016-08-24 13:01:53 +01:00
965f33c901
Declare 'gitter' known protocol, with user lookup
2016-08-24 12:34:03 +01:00
9899824b85
Initial hack at the 3PN protocols metadata lookup API
2016-08-24 12:33:01 +01:00
9219139351
Preserve some logcontexts
2016-08-24 11:58:40 +01:00
63c19e1df9
Move 3PU/3PL lookup APIs into /thirdparty containing entity
2016-08-24 11:55:57 +01:00
4b31426a02
Pass through user-supplied content in /join/$room_id
...
It was always intended to allow custom keys on the join event, but this has
at some point been lost. Restore it.
If the user specifies keys like "avatar_url" then they will be clobbered.
2016-08-23 16:32:04 +01:00
6e80c03d45
Merge branch 'develop' into dbkr/notifications_api
2016-08-20 00:16:18 +01:00
0acdd0f1ea
Use tuple comparison
...
Hopefully easier to read
2016-08-18 17:51:08 +01:00
b515f844ee
Avoid so much copypasta between 3PU and 3PL query by unifying around a ThirdPartyEntityKind enumeration
2016-08-18 17:19:55 +01:00
602c84cd9c
Merge remote-tracking branch 'origin/develop' into dbkr/notifications_api
2016-08-18 17:15:26 +01:00
105ff162d4
Authenticate 3PE lookup requests
2016-08-18 16:19:23 +01:00
06964c4a0a
Copypasta the 3PU support code to also do 3PL
2016-08-18 16:09:50 +01:00
f3afd6ef1a
Remove TODO note about request fields being strings - they're always strings
2016-08-18 15:53:01 +01:00
d5bf7a4a99
Merge remote-tracking branch 'origin/develop' into paul/thirdpartylookup
2016-08-18 14:21:01 +01:00
3856582741
Ensure that 3PU lookup request fields actually get passed in
2016-08-18 14:06:02 +01:00
0af9e1a637
Set `Content-Security-Policy` on media repo
...
This is to inform browsers that they should sandbox the returned
media. This is particularly cruical for javascript/HTML files.
2016-08-17 16:27:39 +01:00
fa87c981e1
Thread 3PU lookup through as far as the AS API object; which currently noöps it
2016-08-17 16:17:28 +01:00
f90b3d83a3
Add None check to _iterate_over_text
2016-08-17 15:17:17 +01:00
e3e3fbc23a
Initial empty implementation that just registers an API endpoint handler
2016-08-17 12:46:49 +01:00
109a560905
Flake8
2016-08-16 14:57:21 +01:00
48b5829aea
Fix up preview URL API. Add tests.
...
This includes:
- Splitting out methods of a class into stand alone functions, to make
them easier to test.
- Adding unit tests to split out functions, testing HTML -> preview.
- Handle the fact that elements in lxml may have tail text.
2016-08-16 14:53:24 +01:00
4e1cebd56f
Make synchrotron accept /events
2016-08-12 15:31:44 +01:00
866a5320de
Dont invoke get_handlers fromClientV1RestServlet
...
hs.get_handlers() can not be invoked from split out processes. Moving
the invocations down a level means that we can slowly split out
individual servlets.
2016-08-12 10:03:19 +01:00
b4ecf0b886
Merge remote-tracking branch 'origin/develop' into dbkr/notifications_api
2016-08-11 14:09:13 +01:00
2510db3e76
Don't change status_msg on /sync
2016-08-10 12:59:59 +01:00
fa1ce4d8ad
Don't print stack traces when failing to get remote keys
2016-08-10 10:44:37 +01:00
cd41c6ece2
Merge pull request #995 from matrix-org/rav/clean_up_cas_login
...
Clean up CAS login code
2016-08-09 10:21:56 +01:00
65666fedd5
Clean up CAS login code
...
Remove some apparently unused code.
Clean up parse_cas_response, mostly to catch the exception if the CAS response
isn't valid XML.
2016-08-08 17:17:25 +01:00
0682ca04b3
Fix CAS login
...
Attempting to log in with CAS was giving a 500 error.
2016-08-08 17:01:30 +01:00
5bcccfde6c
Don't include html comments in description
2016-08-05 14:45:11 +01:00
b5525c76d1
Typo
2016-08-04 16:10:08 +01:00
e97648c4e2
Test summarization
2016-08-04 16:09:09 +01:00
b3682df2ca
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/xpath_fix
2016-08-04 15:29:45 +01:00
530bc862dc
Merge branch 'rav/null_default_device_displayname' into develop
2016-08-03 14:30:32 +01:00
4fec5e57be
Default device_display_name to null
...
It turns out that it's more useful to return a null device display name (and
let clients decide how to handle it: eg, falling back to device_id) than using
a constant string like "unknown device".
2016-08-03 11:53:00 +01:00
921f17f938
Merge branch 'develop' into rav/refactor_device_query
2016-08-03 11:12:47 +01:00
58c9653c6b
Don't infer paragrahs from newlines
2016-08-02 18:50:24 +01:00
6b58ade2f0
Comment on why we clone
2016-08-02 18:41:22 +01:00
9e66c58ceb
Spelling.
2016-08-02 18:37:31 +01:00
f83f5fbce8
Make it actually compile
2016-08-02 18:32:42 +01:00
aecaec3e10
Change the way we summarize URLs
...
Using XPath is slow on some machines (for unknown reasons), so use a
different approach to get a list of text nodes.
Try to generate a summary that respect paragraph and then word
boundaries, adding ellipses when appropriate.
2016-08-02 18:25:53 +01:00
986615b0b2
Move e2e query logic into a handler
2016-08-01 18:02:07 +01:00
271d3e7865
Fix adding emails on registration
...
Synapse was not adding email addresses to accounts registered with an email address, due to too many different variables called 'result'. Rename both of them. Also remove the defer.returnValue() with no params because that's not a thing.
2016-07-29 15:25:24 +01:00
f6f8f81a48
Add r0.1.0 to the "supported versions" list
2016-07-28 10:14:07 +01:00
fda078f995
Add r0.2.0 to the "supported versions" list
2016-07-28 09:14:21 +01:00
ccec25e2c6
key upload tweaks
...
1. Add v2_alpha URL back in, since things seem to be using it.
2. Don't reject the request if the device_id in the upload request fails to
match that in the access_token.
2016-07-27 16:41:06 +01:00
d47115ff8b
Delete e2e keys on device delete
2016-07-27 12:24:52 +01:00
2e3d90d67c
Make the device id on e2e key upload optional
...
We should now be able to get our device_id from the access_token, so the
device_id on the upload request is optional. Where it is supplied, we should
check that it matches.
For active access_tokens without an associated device_id, we ought to register
the device in the devices table.
Also update the table on upgrade so that all of the existing e2e keys are
associated with real devices.
2016-07-26 23:38:12 +01:00
eb359eced4
Add `create_requester` function
...
Wrap the `Requester` constructor with a function which provides sensible
defaults, and use it throughout
2016-07-26 16:46:53 +01:00
012b4c1913
Implement updating devices
...
You can update the displayname of devices now.
2016-07-26 07:35:48 +01:00
436bffd15f
Implement deleting devices
2016-07-26 07:35:48 +01:00
2c28e25bda
Merge pull request #943 from matrix-org/rav/get_device_api
...
Implement GET /device/{deviceId}
2016-07-21 13:41:42 +01:00
1e6e370b76
Merge pull request #942 from matrix-org/rav/fix_register_deviceid
...
Preserve device_id from first call to /register
2016-07-21 13:16:31 +01:00
406f7aa0f6
Implement GET /device/{deviceId}
2016-07-21 12:00:29 +01:00
1a64dffb00
Preserve device_id from first call to /register
...
device_id may only be passed in the first call to /register, so make sure we
fish it out of the register `params` rather than the body of the final call.
2016-07-21 11:34:16 +01:00
7314bf4682
Merge branch 'develop' into rav/get_devices_api
...
(pick up PR #938 in the hope of fixing the UTs)
2016-07-20 17:40:00 +01:00
bc8f265f0a
GET /devices endpoint
...
implement a GET /devices endpoint which lists all of the user's devices.
It also returns the last IP where we saw that device, so there is some dancing
to fish that out of the user_ips table.
2016-07-20 16:42:32 +01:00
b97a1356b1
Register a device_id in the /v2/register flow.
...
This doesn't cover *all* of the registration flows, but it does cover the most
common ones: in particular: shared_secret registration, appservice
registration, and normal user/pass registration.
Pull device_id from the registration parameters. Register the device in the
devices table. Associate the device with the returned access and refresh
tokens. Profit.
2016-07-20 16:38:27 +01:00
c68518dfbb
Merge pull request #933 from matrix-org/rav/type_annotations
...
Type annotations
2016-07-20 12:26:32 +01:00
e967bc86e7
Merge pull request #932 from matrix-org/rav/register_refactor
...
Further registration refactoring
2016-07-20 11:03:33 +01:00
1e2a7f18a1
Merge pull request #922 from matrix-org/erikj/file_api2
...
Feature: Add filter to /messages. Add 'contains_url' to filter.
2016-07-20 10:40:48 +01:00
3413f1e284
Type annotations
...
Add some type annotations to help PyCharm (in particular) to figure out the
types of a bunch of things.
2016-07-19 18:56:16 +01:00
40cbffb2d2
Further registration refactoring
...
* `RegistrationHandler.appservice_register` no longer issues an access token:
instead it is left for the caller to do it. (There are two of these, one in
`synapse/rest/client/v1/register.py`, which now simply calls
`AuthHandler.issue_access_token`, and the other in
`synapse/rest/client/v2_alpha/register.py`, which is covered below).
* In `synapse/rest/client/v2_alpha/register.py`, move the generation of
access_tokens into `_create_registration_details`. This means that the normal
flow no longer needs to call `AuthHandler.issue_access_token`; the
shared-secret flow can tell `RegistrationHandler.register` not to generate a
token; and the appservice flow continues to work despite the above change.
2016-07-19 18:46:19 +01:00
b9e997f561
Merge pull request #931 from matrix-org/rav/refactor_register
...
rest/client/v2_alpha/register.py: Refactor flow somewhat.
2016-07-19 16:13:45 +01:00
8f6281ab0c
Don't bind email unless threepid contains expected fields
2016-07-19 15:50:01 +01:00
0da0d0a29d
rest/client/v2_alpha/register.py: Refactor flow somewhat.
...
This is meant to be an *almost* non-functional change, with the exception that
it fixes what looks a lot like a bug in that it only calls
`auth_handler.add_threepid` and `add_pusher` once instead of three times.
The idea is to move the generation of the `access_token` out of
`registration_handler.register`, because `access_token`s now require a
device_id, and we only want to generate a device_id once registration has been
successful.
2016-07-19 13:12:22 +01:00
f863a52cea
Add device_id support to /login
...
Add a 'devices' table to the storage, as well as a 'device_id' column to
refresh_tokens.
Allow the client to pass a device_id, and initial_device_display_name, to
/login. If login is successful, then register the device in the devices table
if it wasn't known already. If no device_id was supplied, make one up.
Associate the device_id with the access token and refresh token, so that we can
get at it again later. Ensure that the device_id is copied from the refresh
token to the access_token when the token is refreshed.
2016-07-18 16:39:44 +01:00
93efcb8526
Merge pull request #928 from matrix-org/rav/refactor_login
...
Refactor login flow
2016-07-18 16:12:35 +01:00
dcfd71aa4c
Refactor login flow
...
Make sure that we have the canonical user_id *before* calling
get_login_tuple_for_user_id.
Replace login_with_password with a method which just validates the password,
and have the caller call get_login_tuple_for_user_id. This brings the password
flow into line with the other flows, and will give us a place to register the
device_id if necessary.
2016-07-18 15:23:54 +01:00
511a52afc8
Use body.get to check for 'user'
2016-07-16 18:44:08 +01:00
e885e2a623
Fall back to 'username' if 'user' is not given for appservice reg.
2016-07-16 18:33:48 +01:00
a3036ac37e
Merge pull request #921 from matrix-org/erikj/account_deactivate
...
Feature: Add an /account/deactivate endpoint
2016-07-14 17:25:15 +01:00
a98d215204
Add filter param to /messages API
2016-07-14 16:30:56 +01:00
209e04fa11
Merge pull request #918 from negzi/bugfix_for_token_expiry
...
Bug fix: expire invalid access tokens
2016-07-14 15:51:52 +01:00
848d3bf2e1
Add hs object
2016-07-14 10:25:52 +01:00
b55c770271
Only accept password auth
2016-07-14 10:00:38 +01:00
d543b72562
Add an /account/deactivate endpoint
2016-07-14 09:56:53 +01:00
0136a522b1
Bug fix: expire invalid access tokens
2016-07-13 15:00:37 +02:00
c55ad2e375
be more pythonic
2016-07-12 14:15:10 +01:00
aaa9d9f0e1
on_OPTIONS isn't neccessary
2016-07-12 14:13:14 +01:00
75fa7f6b3c
Remove other debug logging
2016-07-12 14:08:57 +01:00
a5db0026ed
Separate out requestTokens to separate handlers
2016-07-11 09:57:07 +01:00
9c491366c5
Oops, remove debug logging
2016-07-11 09:07:40 +01:00
385aec4010
Implement https://github.com/matrix-org/matrix-doc/pull/346/files
2016-07-08 17:42:48 +01:00
67f2c901ea
Add rest servlet. Fix SQL.
2016-07-06 15:56:59 +01:00
a17e7caeb7
Merge branch 'erikj/shared_secret' into erikj/test2
2016-07-06 14:46:31 +01:00
76b18df3d9
Check that there are no null bytes in user and passsword
2016-07-06 11:17:53 +01:00
0da24cac8b
Add null separator to hmac
2016-07-06 11:05:16 +01:00
651faee698
Add an admin option to shared secret registration
2016-07-05 17:30:22 +01:00
caf33b2d9b
Protect password when registering using shared secret
2016-07-05 17:18:19 +01:00
2d21d43c34
Add purge_history API
2016-07-05 10:28:51 +01:00
bb069079bb
Fix style violations
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-04 22:07:11 +09:00
2e5a31f197
Use .get() instead of [] to access password_hash
2016-07-04 22:00:13 +09:00
fc8007dbec
Optionally include password hash in createUser endpoint
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-03 15:08:15 +09:00
f328d95cef
Feature: Add deactivate account admin API
...
Allows server admins to "deactivate" accounts, which:
- Revokes all access tokens
- Removes all threepids
- Removes password
The API is a POST to `/admin/deactivate/<user_id>`
2016-06-30 15:40:58 +01:00
f52cb4cd78
Remove race
2016-06-29 15:24:50 +01:00
a70688445d
Implement purge_media_cache admin API
2016-06-29 14:57:59 +01:00
314b146b2e
Track approximate last access time for remote media
2016-06-29 11:41:20 +01:00
13e334506c
Remove the legacy v0 content upload API.
...
The existing content can still be downloaded. The last upload to the
matrix.org server was in January 2015, so it is probably safe to remove
the upload API.
2016-06-21 11:47:39 +01:00
09a17f965c
Line lengths
2016-06-15 16:58:12 +01:00
1e9026e484
Handle floats as img widths
2016-06-15 16:58:05 +01:00
a60169ea09
Handle og props with not content
2016-06-15 16:57:48 +01:00
eba4ff1bcb
502 on /thumbnail when can't contact remote server
2016-06-09 11:29:43 +01:00
95f305c35a
Remove redundant exception log in /events
2016-06-09 11:15:04 +01:00
690029d1a3
Don't make rooms visibile by default
2016-06-08 14:47:42 +01:00
efeabd3180
Log user that is making /publicRooms calls
2016-06-08 14:23:15 +01:00
6a0afa582a
Load push rules in storage layer, so that they get cached
2016-06-03 11:10:00 +01:00
1f31cc37f8
Working unsubscribe links going straight to the HS
...
and authed by macaroons that let you delete pushers and nothing else
2016-06-02 17:21:31 +01:00
3a3fb2f6f9
Merge branch 'dbkr/split_out_auth_handler' into dbkr/email_unsubscribe
2016-06-02 13:35:25 +01:00
4a10510cd5
Split out the auth handler
2016-06-02 13:31:45 +01:00
Amber Brown