Return a 404 for admin api user lookup if user not found (#6901)
Andrew Morgan
GitHub
parent
47acbc519f
commit
d8994942f2
|
|
@ -0,0 +1 @@
|
|||
Return a 404 instead of 200 for querying information of a non-existant user through the admin API.
|
||||
|
|
@ -21,7 +21,7 @@ from six import text_type
|
|||
from six.moves import http_client
|
||||
|
||||
from synapse.api.constants import UserTypes
|
||||
from synapse.api.errors import Codes, SynapseError
|
||||
from synapse.api.errors import Codes, NotFoundError, SynapseError
|
||||
from synapse.http.servlet import (
|
||||
RestServlet,
|
||||
assert_params_in_dict,
|
||||
|
|
@ -152,6 +152,9 @@ class UserRestServletV2(RestServlet):
|
|||
|
||||
ret = await self.admin_handler.get_user(target_user)
|
||||
|
||||
if not ret:
|
||||
raise NotFoundError("User not found")
|
||||
|
||||
return 200, ret
|
||||
|
||||
async def on_PUT(self, request, user_id):
|
||||
|
|
|
|||
|
|
@ -401,6 +401,22 @@ class UserRestTestCase(unittest.HomeserverTestCase):
|
|||
self.assertEqual(403, int(channel.result["code"]), msg=channel.result["body"])
|
||||
self.assertEqual("You are not a server admin", channel.json_body["error"])
|
||||
|
||||
def test_user_does_not_exist(self):
|
||||
"""
|
||||
Tests that a lookup for a user that does not exist returns a 404
|
||||
"""
|
||||
self.hs.config.registration_shared_secret = None
|
||||
|
||||
request, channel = self.make_request(
|
||||
"GET",
|
||||
"/_synapse/admin/v2/users/@unknown_person:test",
|
||||
access_token=self.admin_user_tok,
|
||||
)
|
||||
self.render(request)
|
||||
|
||||
self.assertEqual(404, channel.code, msg=channel.json_body)
|
||||
self.assertEqual("M_NOT_FOUND", channel.json_body["errcode"])
|
||||
|
||||
def test_requester_is_admin(self):
|
||||
"""
|
||||
If the user is a server admin, a new user is created.
|
||||
|
|
|
|||
Loading…
Reference in New Issue