5cf758cdd6
Merge branch 'release-v1.13.0' into develop
...
* release-v1.13.0:
Don't UPGRADE database rows
RST indenting
Put rollback instructions in upgrade notes
Fix changelog typo
Oh yeah, RST
Absolute URL it is then
Fix upgrade notes link
Provide summary of upgrade issues in changelog. Fix )
Move next version notes from changelog to upgrade notes
Changelog fixes
1.13.0rc1
Documentation on setting up redis (#7446 )
Rework UI Auth session validation for registration (#7455 )
Fix errors from malformed log line (#7454 )
Drop support for redis.dbid (#7450 )
2020-05-11 16:46:33 +01:00
0ad6d28b0d
Rework UI Auth session validation for registration ( #7455 )
...
Be less strict about validation of UI authentication sessions during
registration to match client expecations.
2020-05-08 16:08:58 -04:00
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00
a4a5ec4096
Add room details admin endpoint ( #7317 )
2020-05-07 15:33:07 -04:00
627b0f5f27
Persist user interactive authentication sessions ( #7302 )
...
By persisting the user interactive authentication sessions to the database, this fixes
situations where a user hits different works throughout their auth session and also
allows sessions to persist through restarts of Synapse.
2020-04-30 13:47:49 -04:00
04dd7d182d
Return total number of users and profile attributes in admin users endpoint ( #6881 )
...
Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
2020-04-28 18:19:36 +01:00
2e3b9a0fcb
Revert "Revert "Merge pull request #7315 from matrix-org/babolivier/request_token""
...
This reverts commit 1adf6a5587
2020-04-23 11:23:53 +02:00
6b6685db9f
Extend room admin api with additional attributes ( #7225 )
2020-04-22 13:38:41 +01:00
2aa5bf13c8
Merge branch 'release-v1.12.4' into develop
2020-04-22 13:09:23 +01:00
5308239d5d
Reduce logging verbosity of URL cache cleanup. ( #7295 )
2020-04-22 07:45:16 -04:00
974c0d726a
Support GET account_data requests on a worker ( #7311 )
2020-04-21 10:46:30 +01:00
054c231e58
Use a template for the SSO success page to allow for customization. ( #7279 )
2020-04-17 13:34:55 -04:00
a48138784e
Allow specifying the value of Accept-Language header for URL previews ( #7265 )
2020-04-15 13:35:29 +01:00
b21000a44f
Improve error responses when a remote server doesn't allow you to access its public rooms list ( #6899 )
2020-04-06 12:35:30 +01:00
694d8bed0e
Support CAS in UI Auth flows. ( #7186 )
2020-04-03 15:35:05 -04:00
b9930d24a0
Support SAML in the user interactive authentication workflow. ( #7102 )
2020-04-01 08:48:00 -04:00
fb69690761
Admin API to join users to a room. ( #7051 )
2020-03-27 19:16:43 +00:00
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
12aa5a7fa7
Ensure is_verified on /_matrix/client/r0/room_keys/keys is a boolean ( #7150 )
2020-03-27 13:30:22 +00:00
fa4f12102d
Refactor the CAS code (move the logic out of the REST layer to a handler) ( #7136 )
2020-03-26 15:05:26 -04:00
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
1c1242acba
Validate that the session is not modified during UI-Auth ( #7068 )
2020-03-26 07:39:34 -04:00
1fcf9c6f95
Fix CAS redirect url ( #6634 )
...
Build the same service URL when requesting the CAS ticket and when calling the proxyValidate URL.
2020-03-24 11:59:04 +00:00
96071eea8f
Set Referrer-Policy to no-referrer for media ( #7009 )
2020-03-23 09:48:28 +00:00
477c4f5b1c
Clean-up some auth/login REST code ( #7115 )
2020-03-20 16:22:47 -04:00
caec7d4fa0
Convert some of the media REST code to async/await ( #7110 )
2020-03-20 07:20:02 -04:00
88b41986db
Add an option to the set password API to choose whether to logout other devices. ( #7085 )
2020-03-18 07:50:00 -04:00
5e477c1deb
Set charset to utf-8 when adding headers for certain text content types ( #7044 )
...
Fixes #7043
2020-03-17 13:29:09 +00:00
60724c46b7
Remove special casing of `m.room.aliases` events ( #7034 )
2020-03-17 07:37:04 -04:00
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b6640460d05
2020-03-17 11:25:01 +00:00
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
6b0efe73e2
SAML2: render a comprehensible error page if something goes wrong
...
If an error happened while processing a SAML AuthN response, or a client
ends up doing a `GET` request to `/authn_response`, then render a
customisable error page rather than a confusing error.
2020-03-10 13:59:22 +00:00
885134529f
updates after review
2020-03-09 22:09:29 +01:00
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
87972f07e5
Convert remote key resource REST layer to async/await. ( #7020 )
2020-03-05 11:29:56 -05:00
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
65c73cdfec
Factor out complete_sso_login and expose it to the Module API
2020-03-03 10:54:44 +00:00
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
27d099edd6
Merge remote-tracking branch 'origin/release-v1.11.1' into release-v1.11.1
2020-03-02 16:43:33 +00:00
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
bbeee33d63
Fixed set a user as an admin with the new API ( #6928 )
...
Fix #6910
2020-03-02 13:28:50 +00:00
9b06d8f8a6
Fixed set a user as an admin with the new API ( #6928 )
...
Fix #6910
2020-02-28 09:58:05 +00:00
8c75b621bf
Ensure 'deactivated' parameter is a boolean on user admin API, Fix error handling of call to deactivate user ( #6990 )
2020-02-26 12:22:55 +00:00
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ( #6957 )
...
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
2fb7794e60
Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekable
...
Make room alias lists peekable
2020-02-19 11:19:11 +00:00
880aaac1d8
Move MSC2432 stuff onto unstable prefix ( #6948 )
...
it's not in the spec yet, so needs to be unstable. Also add a feature flag for it. Also add a test for admin users.
2020-02-19 10:40:27 +00:00
a0a1fd0bec
Add `allow_departed_users` param to `check_in_room_or_world_readable`
...
... and set it everywhere it's called.
while we're here, rename it for consistency with `check_user_in_room` (and to
help check that I haven't missed any instances)
2020-02-19 08:52:51 +00:00
adfaea8c69
Implement GET /_matrix/client/r0/rooms/{roomId}/aliases ( #6939 )
...
per matrix-org/matrix-doc#2432
2020-02-18 16:23:25 +00:00
dc3f998706
Remove m.lazy_load_members from unstable features since it is in CS r0.5.0 ( #6877 )
...
Fixes #5528
2020-02-13 12:02:32 +00:00
d8994942f2
Return a 404 for admin api user lookup if user not found ( #6901 )
2020-02-12 18:14:10 +00:00
56ca93ef59
Admin api to add an email address ( #6789 )
2020-02-07 10:29:36 +00:00
370080531e
Allow URL-encoded user IDs on user admin api paths ( #6825 )
2020-02-03 13:18:42 +00:00
184303b865
MSC2260: Block direct sends of m.room.aliases events ( #6794 )
...
as per MSC2260
2020-01-30 17:20:55 +00:00
8df862e45d
Add `rooms.room_version` column ( #6729 )
...
This is so that we don't have to rely on pulling it out from `current_state_events` table.
2020-01-27 14:30:57 +00:00
9f7aaf90b5
Validate client_secret parameter ( #6767 )
2020-01-24 14:28:40 +00:00
6b7462a13f
a bit of debugging for media storage providers ( #6757 )
...
* a bit of debugging for media storage providers
* changelog
2020-01-23 12:11:44 +00:00
5bd3cb7260
Minor fixes to user admin api ( #6761 )
...
* don't insist on a password (this is valid if you have an SSO login)
* fix reference to undefined `requester`
2020-01-23 12:03:58 +00:00
ce84dd9e20
Remove unnecessary abstractions in admin handler ( #6751 )
2020-01-22 15:09:57 +00:00
90a28fb475
Admin API to list, filter and sort rooms ( #6720 )
2020-01-22 13:36:43 +00:00
ed83c3a018
Fix typo in _select_thumbnail
2020-01-22 12:27:42 +00:00
aa9b00fb2f
Fix and add test to deprecated quarantine media admin api ( #6756 )
2020-01-22 11:05:50 +00:00
b0a66ab83c
Fixup synapse.rest to pass mypy ( #6732 )
2020-01-20 17:38:21 +00:00
74b74462f1
Fix `/events/:event_id` deprecated API. ( #6731 )
2020-01-20 17:38:09 +00:00
ceecedc68b
Fix changing password via user admin API. ( #6730 )
2020-01-20 17:23:59 +00:00
3b72bb780a
Merge pull request #6714 from matrix-org/babolivier/retention_select_event
...
Fix instantiation of message retention purge jobs
2020-01-17 14:23:51 +00:00
842c2cfbf1
Remove get_room_event_after_stream_ordering entirely
2020-01-16 20:24:17 +00:00
38e0e59f42
Add org.matrix.e2e_cross_signing to unstable_features in /versions as per MSC1756 ( #6712 )
2020-01-16 09:46:14 +00:00
edc244eec4
Remove duplicate session check in web fallback servlet ( #6702 )
2020-01-15 18:05:18 +00:00
1177d3f3a3
Quarantine media by ID or user ID ( #6681 )
2020-01-13 18:10:43 +00:00
d2906fe666
Allow admin users to create or modify users without a shared secret ( #6495 )
...
Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
2020-01-09 13:31:00 +00:00
573fee759c
Back out ill-advised notary server hackery ( #6657 )
...
This was ill-advised. We can't modify verify_keys here, because the response
object has already been signed by the requested key.
Furthermore, it's somewhat unnecessary because existing versions of Synapse
(which get upset that the notary key isn't present in verify_keys) will fall
back to a direct fetch via `/key/v2/server`.
Also: more tests for fetching keys via perspectives: it would be nice if we actually tested when our fetcher can't talk to our notary impl.
2020-01-08 13:24:10 +00:00
18674eebb1
Workaround for error when fetching notary's own key ( #6620 )
...
* Kill off redundant SynapseRequestFactory
We already get the Site via the Channel, so there's no need for a dedicated
RequestFactory: we can just use the right constructor.
* Workaround for error when fetching notary's own key
As a notary server, when we return our own keys, include all of our signing
keys in verify_keys.
This is a workaround for #6596 .
2020-01-06 12:28:58 +00:00
98247c4a0e
Remove unused, undocumented "content repo" resource ( #6628 )
...
This looks like it got half-killed back in #888 .
Fixes #6567 .
2020-01-03 17:10:52 +00:00
d6752ce5da
Clean up startup for the pusher ( #6558 )
...
* Remove redundant python2 support code
`str.decode()` doesn't exist on python3, so presumably this code was doing
nothing
* Filter out pushers with corrupt data
When we get a row with unparsable json, drop the row, rather than returning a
row with null `data`, which will then cause an explosion later on.
* Improve logging when we can't start a pusher
Log the ID to help us understand the problem
* Make email pusher setup more robust
We know we'll have a `data` member, since that comes from the database. What we
*don't* know is if that is a dict, and if that has a `brand` member, and if
that member is a string.
2019-12-18 14:26:58 +00:00
72acca6a32
Back out change preventing setting null avatar URLs
2019-12-11 11:46:55 +00:00
5e8abe9013
Better errors regarding changing avatar_url ( #6497 )
2019-12-09 14:54:33 +00:00
2ace775d88
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/make_database_class
2019-12-06 11:33:34 +00:00
649b6bc088
Replace /admin/v1/users_paginate endpoint with /admin/v2/users ( #5925 )
2019-12-05 18:12:23 +00:00
9c41ba4c5f
Port rest.client.v2
2019-12-05 16:56:23 +00:00
1a0997bbd5
Port rest/v1 to async/await
2019-12-05 15:57:28 +00:00
4a33a6dd19
Move background update handling out of store
2019-12-05 11:11:26 +00:00
9dc84b7989
Merge branch 'develop' into babolivier/context_filters
2019-12-04 14:23:44 +00:00
81731c6e75
Fix: Pillow error when uploading RGBA image ( #3325 ) ( #6241 )
...
Signed-Off-By: Filip Štědronský <g@regnarg.cz>
2019-12-02 12:12:55 +00:00
23ea572125
Add User-Interactive Auth to /account/3pid/add ( #6119 )
2019-11-29 13:51:14 +00:00
69d8fb83c6
MSC2367 Allow reason field on all member events
2019-11-28 11:02:04 +00:00
0d27aba900
add etag and count to key backup endpoints ( #5858 )
2019-11-27 16:14:44 -05:00
ef1a85e773
Fix startup error when http proxy is defined. ( #6421 )
...
Guess I only tested this on python 2 :/
Fixes #6419 .
2019-11-26 18:10:50 +00:00
3916e1b97a
Clean up newline quote marks around the codebase ( #6362 )
2019-11-21 12:00:14 +00:00
4f5ca455bf
Move admin endpoints into separate files ( #6308 )
2019-11-20 11:49:11 +00:00
83446a18fb
Merge pull request #6335 from matrix-org/erikj/rc_login_cleanups
...
Only do `rc_login` ratelimiting on succesful login.
2019-11-20 09:52:38 +00:00
271c322d08
Lint
2019-11-20 09:29:48 +00:00
c7376cdfe3
Apply suggestions from code review
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
2019-11-18 17:10:16 +00:00
541f1b92d9
Only do `rc_login` ratelimiting on succesful login.
...
We were doing this in a number of places which meant that some login
code paths incremented the counter multiple times.
It was also applying ratelimiting to UIA endpoints, which was probably
not intentional.
In particular, some custom auth modules were calling
`check_user_exists`, which incremented the counters, meaning that people
would fail to login sometimes.
2019-11-06 11:08:58 +00:00
5570d1c93f
Merge pull request #6334 from matrix-org/rav/url_preview_limit_title_2
...
Fix exception when OpenGraph tag values are ints
2019-11-05 17:28:11 +00:00
81d49cbb07
Fix exception when OpenGraph tag values are ints
2019-11-05 17:22:58 +00:00
55a7da247a
Merge branch 'develop' into rav/url_preview_limit_title
2019-11-05 17:08:07 +00:00
e78167c94b
Apply suggestions from code review
...
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-11-05 16:46:39 +00:00
e9bfe719ba
Strip overlong OpenGraph data from url preview
...
... to stop people causing DoSes with malicious web pages
2019-11-05 15:51:18 +00:00
8822b33111
Update copyrights
2019-11-05 14:46:35 +00:00
f496d25877
Merge pull request #6301 from matrix-org/babolivier/msc2326
...
Implement MSC2326 (label based filtering)
2019-11-01 17:04:45 +00:00
Andrew Morgan