d5f9fb06b0
Refactor UI auth implementation
...
Instead of returning False when auth is incomplete, throw an exception which
can be caught with a wrapper.
2017-12-05 09:40:05 +00:00
ad7e570d07
Delete devices in various logout situations
...
Make sure that we delete devices whenever a user is logged out due to any of
the following situations:
* /logout
* /logout_all
* change password
* deactivate account (by the user or by an admin)
* invalidate access token from a dynamic module
Fixes #2672 .
2017-11-29 16:44:35 +00:00
ae31f8ce45
Move set_password into its own handler
...
Non-functional refactoring to move set_password. This means that we'll be able
to properly deactivate devices and access tokens without introducing a
dependency loop.
2017-11-29 16:44:35 +00:00
7ca5c68233
Move deactivate_account into its own handler
...
Non-functional refactoring to move deactivate_account. This means that we'll be
able to properly deactivate devices and access tokens without introducing a
dependency loop.
2017-11-29 16:44:35 +00:00
ab1b2d0ff2
Allow guest access to group APIs for reading
2017-11-28 11:23:00 +00:00
30d2730ee2
Declare support for r0.3.0
2017-11-15 16:24:22 +00:00
812c191939
Remove redundent call
...
Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-11-13 12:44:21 -07:00
2d314b771f
Add a route for determining who you are
...
Useful for applications which may have an access token, but no idea as to who owns it.
Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-11-12 23:39:38 -07:00
e508145c9b
Add some more comments appservice user registration
...
Explain why we don't validate userids registered via app services
2017-11-10 12:39:45 +00:00
e0ebd1e4bd
Downcase userids for shared-secret registration
2017-11-10 12:39:05 +00:00
9b599bc18d
Downcase userid on registration
...
Force username to lowercase before attempting to register
https://github.com/matrix-org/synapse/issues/2660
2017-11-09 22:20:01 +00:00
4e2b2508af
Register group servlet
2017-11-09 15:49:42 +00:00
e8814410ef
Have an explicit API to update room config
2017-11-08 16:13:27 +00:00
94ff2cda73
Revert "Modify group room association API to allow modification of is_public"
2017-11-08 15:43:34 +00:00
6c3a02072b
support inhibit_login in /register
...
Allow things to pass inhibit_login when registering to ... inhibit logins.
2017-11-02 16:31:07 +00:00
4c8f94ac94
Allow password_auth_providers to return a callback
...
... so that they have a way to record access tokens.
2017-11-01 16:51:03 +00:00
4f0488b307
Merge remote-tracking branch 'origin/develop' into rav/refactor_accesstoken_delete
2017-11-01 16:20:19 +00:00
e5e930aec3
Merge pull request #2615 from matrix-org/rav/break_auth_device_dep
...
Break dependency of auth_handler on device_handler
2017-11-01 16:06:31 +00:00
dd13310fb8
Move access token deletion into auth handler
...
Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.
2017-11-01 15:46:22 +00:00
0bb253f37b
Apparently this is python
2017-11-01 14:02:52 +00:00
59e7e62c4b
Log login requests
...
Carefully though, to avoid logging passwords
2017-11-01 13:58:01 +00:00
74c56f794c
Break dependency of auth_handler on device_handler
...
I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.
It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up.
2017-11-01 10:27:06 +00:00
20fe347906
Modify group room association API to allow modification of is_public
...
also includes renamings to make things more consistent.
2017-10-31 17:04:28 +00:00
1b65ae00ac
Refactor some logic from LoginRestServlet into AuthHandler
...
I'm going to need some more flexibility in handling login types in password
auth providers, so as a first step, move some stuff from LoginRestServlet into
AuthHandler.
In particular, we pass everything other than SAML, JWT and token logins down to
the AuthHandler, which now has responsibility for checking the login type and
fishing the password out of the login dictionary, as well as qualifying the
user_id if need be. Ideally SAML, JWT and token would go that way too, but
there's no real need for it right now and I'm trying to minimise impact.
This commit *should* be non-functional.
2017-10-31 10:48:41 +00:00
4d83632009
Merge pull request #2591 from matrix-org/rav/device_delete_auth
...
Device deletion: check UI auth matches access token
2017-10-27 12:30:10 +01:00
110b373e9c
Merge pull request #2589 from matrix-org/rav/as_deactivate_account
...
Allow ASes to deactivate their own users
2017-10-27 12:29:32 +01:00
d8c26162a1
Merge pull request #2582 from matrix-org/luke/group-is-public
...
Add is_public to groups table to allow for private groups
2017-10-27 11:41:13 +01:00
7a6546228b
Device deletion: check UI auth matches access token
...
(otherwise there's no point in the UI auth)
2017-10-27 00:04:31 +01:00
785bd7fd75
Allow ASes to deactivate their own users
2017-10-27 00:01:00 +01:00
595fe67f01
delint
2017-10-26 17:20:24 +01:00
9b2feef9eb
Add is_public to groups table to allow for private groups
...
Prevent group API access to non-members for private groups
Also make all the group code paths consistent with `requester_user_id` always being the User ID of the requesting user.
2017-10-26 16:51:32 +01:00
8299b323ee
add release endpoints for /thirdparty
2017-10-26 16:58:20 +02:00
9b436c8b4c
register some /unstable endpoints in /r0 as well
2017-10-26 15:22:50 +02:00
eaaabc6c4f
replace 'except:' with 'except Exception:'
...
what could possibly go wrong
2017-10-23 15:52:32 +01:00
631d7b87b5
Remove pointless create() method
...
It just calls the constructor, so we may as well kill it rather than having
random codepaths.
2017-10-20 22:14:55 +01:00
4e242b3e20
Merge pull request #2545 from matrix-org/dbkr/auto_join_rooms
...
Add config option to auto-join new users to rooms
2017-10-17 11:45:49 +01:00
c05e6015cc
Add config option to auto-join new users to rooms
...
New users who register on the server will be dumped into all rooms in
auto_join_rooms in the config.
2017-10-16 17:57:27 +01:00
85f5674e44
Delint
2017-10-16 15:52:17 +01:00
2c5972f87f
Implement GET /groups/$groupId/invited_users
2017-10-16 15:31:11 +01:00
27955056e0
Merge branch 'develop' into erikj/groups_merged
2017-10-02 16:20:41 +01:00
8090fd4664
Fix /joined_members to work with AS users
2017-09-28 10:09:32 +01:00
adec03395d
Fix bug where /joined_members didn't check user was in room
2017-09-27 15:14:39 +01:00
17b8e2bd02
Add remove room API
2017-09-26 15:52:41 +01:00
b5feaa5a49
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/groups_merged
2017-09-19 11:07:45 +01:00
69ef4987a6
Add left section to /keys/changes
2017-09-08 14:44:36 +01:00
53cc8ad35a
Send down device list change notif when member leaves/rejoins room
2017-09-07 15:08:39 +01:00
bf81f3cf2c
Split out profile handler to fix tests
2017-08-25 14:34:56 +01:00
ba3ff7918b
Fixup
2017-08-11 13:42:42 +01:00
ef8e578677
Add bulk group publicised lookup API
2017-08-09 13:36:22 +01:00
b880ff190a
Allow update group publicity
2017-08-08 14:19:41 +01:00
eae04f1952
fix english
2017-08-04 23:56:42 +01:00
5699b05072
typo
2017-08-04 23:44:37 +01:00
09552f9d9c
Reduce spammy log line in synchrotrons
2017-08-02 17:29:51 +01:00
96917d5552
Merge pull request #2378 from matrix-org/erikj/group_sync_support
...
Add groups to sync stream
2017-07-21 11:05:39 +01:00
b238cf7f6b
Remove spurious content param
2017-07-20 17:49:55 +01:00
c544188ee3
Add groups to sync stream
2017-07-20 16:36:42 +01:00
6f443a74cf
Add update group profile API
2017-07-20 09:46:33 +01:00
14a34f12d7
Comments
2017-07-18 17:28:42 +01:00
3431ec55dc
Comments
2017-07-18 17:23:50 +01:00
2f9eafdd36
Add local group server support
2017-07-17 12:03:49 +01:00
85b9f76f1d
split out reducing stuff; just make encode_* static
2017-07-11 13:14:35 +02:00
2f82de18ee
fix test
2017-07-10 17:34:58 +02:00
6e16aca8b0
encode sync-response statically; omit empty objects from sync-response
2017-07-10 16:42:17 +02:00
5a7f561a9b
Fix bug where pusherpool didn't start and broke some rooms
...
Since we didn't instansiate the PusherPool at start time it could fail
at run time, which it did for some users.
This may or may not fix things for those users, but it should happen at
start time and stop the server from starting.
2017-07-06 17:55:51 +01:00
b8b936a6ea
Add API to quarantine media
2017-06-19 17:39:21 +01:00
36e51aad3c
Remove unused import
2017-06-19 14:42:21 +01:00
b490299a3b
Change to create new room and join other users
2017-06-19 14:10:13 +01:00
5db7070dd1
Forget room
2017-06-19 12:40:29 +01:00
d7fe6b356c
Add shutdown room API
2017-06-19 12:37:27 +01:00
a9d6fa8b2b
Include users who share room with requester in user directory
2017-06-15 10:17:21 +01:00
63fda37e20
Add comments
2017-05-31 15:00:29 +01:00
535c99f157
Use POST
2017-05-31 14:15:45 +01:00
45a5df5914
Add REST API
2017-05-31 14:11:55 +01:00
b4f59c7e27
Add count of one time keys to sync stream
2017-05-19 15:47:55 +01:00
224137fcf9
Fixed syntax nits
2017-05-15 16:21:02 +02:00
627e6ea2b0
Fixed implementation errors
...
* Added HS as property in SyncRestServlet
* Fixed set_timeline_upper_limit function implementat¡ion
2017-05-15 14:51:43 +02:00
9da4316ca5
Configurable maximum number of events requested by /sync and /messages ( #2220 )
...
Set the limit on the returned events in the timeline in the get and sync
operations. The default value is -1, means no upper limit.
For example, using `filter_timeline_limit: 5000`:
POST /_matrix/client/r0/user/user:id/filter
{
room: {
timeline: {
limit: 1000000000000000000
}
}
}
GET /_matrix/client/r0/user/user:id/filter/filter:id
{
room: {
timeline: {
limit: 5000
}
}
}
The server cuts down the room.timeline.limit.
2017-05-13 18:17:54 +02:00
369195caa5
Modify register/available to be GET with query param
...
- GET is now the method for register/available
- a query parameter "username" is now used
Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
2017-05-10 17:23:55 +01:00
f7278e612e
Change register/available to POST (from GET)
2017-05-10 11:40:18 +01:00
6aa423a1a8
Merge pull request #2183 from matrix-org/luke/username-availability
...
Implement username availability checker
2017-05-04 09:58:40 +01:00
3669065466
Appease the flake8 gods
2017-05-03 18:05:49 +01:00
34ed4f4206
Implement username availability checker
...
Outlined here: https://github.com/vector-im/riot-web/issues/3605#issuecomment-298679388
```HTTP
GET /_matrix/.../register/available
{
"username": "desiredlocalpart123"
}
```
If available, the response looks like
```HTTP
HTTP/1.1 200 OK
{
"available": true
}
```
Otherwise,
```HTTP
HTTP/1.1 429
{
"errcode": "M_LIMIT_EXCEEDED",
"error": "Too Many Requests",
"retry_after_ms": 2000
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_USER_IN_USE",
"error": "User ID already taken."
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_INVALID_USERNAME",
"error": "Some reason for username being invalid"
}
```
2017-05-03 12:04:12 +01:00
3e5a62ecd8
Add more granular event send metrics
2017-05-02 14:23:26 +01:00
25a96e0c63
Merge pull request #2163 from matrix-org/erikj/fix_invite_state
...
Fix invite state to always include all events
2017-04-27 17:36:30 +01:00
46826bb078
Comment and remove spurious logging
2017-04-27 17:25:44 +01:00
d3c150411c
Merge pull request #2130 from APwhitehat/roomexists
...
Check that requested room_id exists
2017-04-27 09:20:26 +01:00
34e682d385
Fix invite state to always include all events
2017-04-26 16:18:08 +01:00
d9aa645f86
Reduce size of joined_user cache
...
The _get_joined_users_from_context cache stores a mapping from user_id
to avatar_url and display_name. Instead of storing those in a dict,
store them in a namedtuple as that uses much less memory.
We also try converting the string to ascii to further reduce the size.
2017-04-25 14:38:51 +01:00
3fb8784c92
m.read_marker -> m.fully_read ( #2128 )
...
Also:
- change the REST endpoint to have a "S" on the end (so it's now /read_markers)
- change the content of the m.read_up_to event to have the key "event_id" instead of "marker".
2017-04-18 17:46:15 +01:00
574d573ac2
Check that requested room_id exists
2017-04-14 23:50:59 +05:30
cf6121e3da
More null-guard changes
2017-04-12 14:02:03 +01:00
c0aba0a23e
Remove Unused ref to hs
2017-04-12 10:52:11 +01:00
b9676a75f6
Move a space
2017-04-12 10:51:17 +01:00
0127423027
flake8
2017-04-11 17:07:07 +01:00
d892079844
Finish implementing RM endpoint
...
- This change causes a 405 to be sent if "m.read_marker" is set via /account_data
- This also fixes-up the RM endpoint so that it actually Works.
2017-04-11 15:01:39 +01:00
e263c26690
Initial commit of RM server-side impl
...
(See https://docs.google.com/document/d/1UWqdS-e1sdwkLDUY0wA4gZyIkRp-ekjsLZ8k6g_Zvso/edit#heading=h.lndohpg8at5u )
2017-04-11 11:55:30 +01:00
142b6b4abf
Merge pull request #2011 from matrix-org/matthew/turn_allow_guests
...
add setting (on by default) to support TURN for guests
2017-03-31 14:37:09 +01:00
2a06b44be2
Merge pull request #1986 from matrix-org/matthew/enable_guest_3p
...
enable guest access for the 3pl/3pid APIs
2017-03-31 14:36:03 +01:00
9ee397b440
switch to allow_guest=True for authing 3Ps as per PR feedback
2017-03-31 13:54:26 +01:00
01fc847f7f
Merge pull request #2057 from matrix-org/rav/missing_yield_2
...
Add another missing yield on check_device_registered
2017-03-24 12:46:43 +00:00
Richard van der Hoff