Fixups

synapse/api/auth.py

@@ -523,6 +523,12 @@ class Auth(object):
 
     def get_appservice_by_req(self, request):
         (user_id, app_service) = self._get_appservice_user_id(request)
+        if not app_service:
+            raise AuthError(
+                self.TOKEN_NOT_FOUND_HTTP_STATUS,
+                "Unrecognised access token.",
+                errcode=Codes.UNKNOWN_TOKEN,
+            )
         request.authenticated_entity = app_service.sender
         return app_service
 

synapse/handlers/profile.py

@@ -20,6 +20,8 @@ from signedjson.sign import sign_json
 
 from twisted.internet import defer, reactor
 
+from six.moves import range
+
 from synapse.api.errors import (
     AuthError,
     CodeMessageException,
@@ -100,7 +102,7 @@ class BaseProfileHandler(BaseHandler):
             if repl_host not in host_batches:
                 host_batches[repl_host] = -1
             try:
-                for i in xrange(host_batches[repl_host] + 1, latest_batch + 1):
+                for i in range(host_batches[repl_host] + 1, latest_batch + 1):
                     yield self._replicate_host_profile_batch(repl_host, i)
             except Exception:
                 logger.exception(
@@ -272,14 +274,16 @@ class BaseProfileHandler(BaseHandler):
     @defer.inlineCallbacks
     def set_active(self, target_user, active, hide):
         """
-        Sets the 'active' flag on a user profile. If set to false, the user account is
-        considered deactivated or hidden.
-        If 'hide' is true, then we interpret active=False as a request to try to hide the
-        user rather than deactivating it.  This means withholding the profile from replication
-        (and mark it as inactive) rather than clearing the profile from the HS DB.
-        Note that unlike set_displayname and set_avatar_url, this does *not* perform
-        authorization checks! This is because the only place it's used currently is
-        in account deactivation where we've already done these checks anyway.
+        Sets the 'active' flag on a user profile. If set to false, the user
+        account is considered deactivated or hidden.
+
+        If 'hide' is true, then we interpret active=False as a request to try to
+        hide the user rather than deactivating it.  This means withholding the
+        profile from replication (and mark it as inactive) rather than clearing
+        the profile from the HS DB. Note that unlike set_displayname and
+        set_avatar_url, this does *not* perform authorization checks! This is
+        because the only place it's used currently is in account deactivation
+        where we've already done these checks anyway.
         """
         if len(self.hs.config.replicate_user_profiles_to) > 0:
             cur_batchnum = yield self.store.get_latest_profile_replication_batch_number()

synapse/util/threepids.py

@@ -48,7 +48,10 @@ def check_3pid_allowed(hs, medium, address):
             defer.returnValue(False)
 
         # Check if this user is intended to register for this homeserver
-        if data['hs'] != hs.config.server_name and data['shadow_hs'] != hs.config.server_name:
+        if (
+            data['hs'] != hs.config.server_name
+            and data['shadow_hs'] != hs.config.server_name
+        ):
             defer.returnValue(False)
 
         if data.get('requires_invite', False) and not data.get('invited', False):