a0d2d81cf9
Update to the stable SSO prefix for UI Auth. ( #7630 )
2020-06-05 10:50:08 -04:00
eea124370b
Fix type information on `assert_*_is_admin` methods ( #7645 )
...
These things don't return Deferreds.
2020-06-05 14:33:49 +01:00
b4f8dcb4bd
Remove some unused constants. ( #7644 )
2020-06-05 14:33:35 +01:00
f4e6495b5d
Performance improvements and refactor of Ratelimiter ( #7595 )
...
While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both:
* Rather undocumented, and
* causing a *lot* of config checks
This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation.
Best to be reviewed commit-by-commit.
2020-06-05 10:47:20 +01:00
08bc80ef09
Implement room version 6 (MSC2240). ( #7506 )
2020-05-15 09:30:10 -04:00
56b66db78a
Strictly enforce canonicaljson requirements in a new room version ( #7381 )
2020-05-14 13:24:01 -04:00
fef3ff5cc4
Enforce MSC2209: auth rules for notifications in power level event ( #7502 )
...
In a new room version, the "notifications" key of power level events are
subject to restricted auth rules.
2020-05-14 12:38:17 -04:00
225c165087
Allow expired accounts to logout ( #7443 )
2020-05-14 16:32:49 +01:00
7cb8b4bc67
Allow configuration of Synapse's cache without using synctl or environment variables ( #6391 )
2020-05-11 18:45:23 +01:00
aee9130a83
Stop Auth methods from polling the config on every req. ( #7420 )
2020-05-06 15:54:58 +01:00
6b22921b19
async/await is_server_admin ( #7363 )
2020-05-01 15:15:36 +01:00
71a1abb8a1
Stop the master relaying USER_SYNC for other workers ( #7318 )
...
Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication.
In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits.
Fixes (I hope) #7257 .
2020-04-22 22:39:04 +01:00
07b88c546d
Convert http.HTTPStatus objects to their int equivalent ( #7188 )
2020-04-03 14:26:07 +01:00
b9930d24a0
Support SAML in the user interactive authentication workflow. ( #7102 )
2020-04-01 08:48:00 -04:00
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
06eb5cae08
Remove special auth and redaction rules for aliases events in experimental room ver. ( #7037 )
2020-03-09 08:58:25 -04:00
13892776ef
Allow deleting an alias if the user has sufficient power level ( #6986 )
2020-03-04 11:30:46 -05:00
7dcbc33a1b
Validate the alt_aliases property of canonical alias events ( #6971 )
2020-03-03 07:12:45 -05:00
7936d2a96e
Publishing/removing from the directory requires a power level greater than canonical aliases.
2020-02-21 07:18:33 -05:00
a0a1fd0bec
Add `allow_departed_users` param to `check_in_room_or_world_readable`
...
... and set it everywhere it's called.
while we're here, rename it for consistency with `check_user_in_room` (and to
help check that I haven't missed any instances)
2020-02-19 08:52:51 +00:00
b58d17e44f
Refactor the membership check methods in Auth
...
these were getting a bit unwieldy, so let's combine `check_joined_room` and
`check_user_was_in_room` into a single `check_user_in_room`.
2020-02-18 23:21:44 +00:00
6475382d80
Fix detecting unknown devices from remote encrypted events. ( #6848 )
...
We were looking at the wrong event type (`m.room.encryption` vs
`m.room.encrypted`).
Also fixup the duplicate `EvenTypes` entries.
Introduced in #6776 .
2020-02-04 17:25:54 +00:00
08f41a6f05
Add `get_room_version` method
...
So that we can start factoring out some of this boilerplatey boilerplate.
2020-01-31 10:28:15 +00:00
49d3bca37b
Implement updated auth rules from MSC2260
2020-01-28 14:20:10 +00:00
a8ce7aeb43
Pass room version object into event_auth.check and check_redaction ( #6788 )
...
These are easier to work with than the strings and we normally have one around.
This fixes `FederationHander._persist_auth_tree` which was passing a
RoomVersion object into event_auth.check instead of a string.
2020-01-28 14:18:29 +00:00
0f6e525be3
Fixup synapse.api to pass mypy ( #6733 )
2020-01-20 17:34:13 +00:00
d386f2f339
Add StateMap type alias ( #6715 )
2020-01-16 13:31:22 +00:00
8f5d7302ac
Implement RedirectException ( #6687 )
...
Allow REST endpoint implemnentations to raise a RedirectException, which will
redirect the user's browser to a given location.
2020-01-15 15:58:55 +00:00
326c893d24
Kill off RegistrationError ( #6691 )
...
This is pretty pointless. Let's just use SynapseError.
2020-01-13 12:48:22 +00:00
98247c4a0e
Remove unused, undocumented "content repo" resource ( #6628 )
...
This looks like it got half-killed back in #888 .
Fixes #6567 .
2020-01-03 17:10:52 +00:00
fa780e9721
Change EventContext to use the Storage class ( #6564 )
2019-12-20 10:32:02 +00:00
3fbe5b7ec3
Add auth events as per spec. ( #6556 )
...
Previously we tried to be clever and filter out some unnecessary event
IDs to keep the auth chain small, but that had some annoying
interactions with state res v2 so we stop doing that for now.
2019-12-16 16:59:32 +00:00
c530f9af4d
Merge pull request #6329 from matrix-org/babolivier/context_filters
...
Filter state, events_before and events_after in /context requests
2019-12-04 15:24:16 +00:00
9dc84b7989
Merge branch 'develop' into babolivier/context_filters
2019-12-04 14:23:44 +00:00
54dd5dc12b
Add ephemeral messages support (MSC2228) ( #6409 )
...
Implement part [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228 ). The parts that differ are:
* the feature is hidden behind a configuration flag (`enable_ephemeral_messages`)
* self-destruction doesn't happen for state events
* only implement support for the `m.self_destruct_after` field (not the `m.self_destruct` one)
* doesn't send synthetic redactions to clients because for this specific case we consider the clients to be able to destroy an event themselves, instead we just censor it (by pruning its JSON) in the database
2019-12-03 19:19:45 +00:00
9e937c28ee
Merge branch 'develop' into babolivier/message_retention
2019-11-26 17:53:57 +00:00
bc29a19731
Replace instance variations of homeserver with correct case/spacing
2019-11-12 13:08:12 +00:00
8822b33111
Update copyrights
2019-11-05 14:46:35 +00:00
09957ce0e4
Implement per-room message retention policies
2019-11-04 17:09:22 +00:00
f496d25877
Merge pull request #6301 from matrix-org/babolivier/msc2326
...
Implement MSC2326 (label based filtering)
2019-11-01 17:04:45 +00:00
988d8d6507
Incorporate review
2019-11-01 16:22:44 +00:00
57cdb046e4
Lint
2019-11-01 10:39:14 +00:00
c6dbca2422
Incorporate review
2019-11-01 10:30:51 +00:00
54fef094b3
Remove usage of deprecated logger.warn method from codebase ( #6271 )
...
Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
2019-10-31 10:23:24 +00:00
e7943f660a
Add unit tests
2019-10-30 16:15:04 +00:00
acd16ad86a
Implement filtering
2019-10-30 15:56:33 +00:00
fa0dcbc8fa
Store labels for new events
2019-10-30 14:27:15 +00:00
2794b79052
Option to suppress resource exceeded alerting ( #6173 )
...
The expected use case is to suppress MAU limiting on small instances
2019-10-24 11:48:46 +01:00
93eaeec75a
Remove Auth.check method ( #6217 )
...
This method was somewhat redundant, and confusing.
2019-10-18 19:43:36 +02:00
0a9d22808c
Merge branch 'uhoreg/e2e_cross-signing_merged' into develop
2019-10-18 15:57:40 +01:00
Patrick Cloke