2849d3f29d
admin,storage: added more administrator functionalities
...
administrators can now:
- Set displayname of users
- Update user avatars
- Search for users by user_id
- Browse all users in a paginated API
- Reset user passwords
- Deactivate users
Helpers for doing paginated queries has also been added to storage
Signed-off-by: Morteza Araby <morteza.araby@ericsson.com>
2017-02-02 14:02:26 +01:00
51adaac953
Fix email push in pusher worker
...
This was broken when device list updates were implemented, as Mailer
could no longer instantiate an AuthHandler due to a dependency on
federation sending.
2017-02-02 10:53:36 +00:00
1e38be3a7a
Added username and password for turn server
...
It makes it possible to use a turn server that needs a username and
password instead of a token.
2017-01-19 14:08:20 +01:00
8c5009b628
Lowercase all email addresses before querying db
...
Since we store all emails in the DB in lowercase
(https://github.com/matrix-org/synapse/pull/1170 )
2017-01-18 13:25:56 +00:00
6823fe5241
Linearize updates to membership via PUT /state/
2017-01-09 18:25:13 +00:00
1574b839e0
Merge pull request #1676 from matrix-org/erikj/room_list
...
Add new API appservice specific public room list
2016-12-12 17:00:10 +00:00
52d12ca782
Add /room/<room_id>/joined_members API
...
This returns the currently joined members in the room with their display
names and avatar urls. This is more efficient than /members for large
rooms where you don't need the full events.
2016-12-08 13:32:07 +00:00
de796f27e6
Add joined_rooms servlet
2016-12-08 11:39:03 +00:00
f32fb65552
Add new API appservice specific public room list
2016-12-06 16:12:27 +00:00
dc4b23e1a1
Merge branch 'develop' into rav/no_more_refresh_tokens
2016-11-30 17:10:04 +00:00
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
3991b4cbdb
Clean transactions based on time. Add HttpTransactionCache tests.
2016-11-14 11:19:24 +00:00
af4a1bac50
Move .observe() up to the cache to make things neater
2016-11-14 09:52:41 +00:00
8ecaff51a1
Review comments
2016-11-11 17:47:03 +00:00
f6c48802f5
More flake8
2016-11-11 15:08:24 +00:00
a88bc67f88
Flake8 and fix whoopsie
2016-11-11 15:02:29 +00:00
42c43cfafd
Use ObservableDeferreds instead of Deferreds as they behave as intended
2016-11-11 14:54:10 +00:00
8a8ad46f48
Flake8
2016-11-10 15:22:11 +00:00
2771447c29
Store Promise<Response> instead of Response for HTTP API transactions
...
This fixes a race whereby:
- User hits an endpoint.
- No cached transaction so executes main code.
- User hits same endpoint.
- No cache transaction so executes main code.
- Main code finishes executing and caches response and returns.
- Main code finishes executing and caches response and returns.
This race is common in the wild when Synapse is struggling under load.
This commit fixes the race by:
- User hits an endpoint.
- Caches the promise to execute the main code and executes main code.
- User hits same endpoint.
- Yields on the same promise as the first request.
- Main code finishes executing and returns, unblocking both requests.
2016-11-10 14:49:26 +00:00
7b5546d077
rest/client/v1/register: use the correct requester in createUser
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 22:12:32 +02:00
9bfc617791
storage/appservice: make appservice methods only relying on the cache synchronous
2016-10-06 15:24:59 +02:00
22578545a0
Time out typing over federation
2016-09-23 14:00:52 +01:00
87528f0756
Support /initialSync in synchrotron worker
2016-09-21 11:46:28 +01:00
ddc89df89d
Enable guest access to POST /publicRooms
2016-09-17 15:55:24 +01:00
2e67cabd7f
Make POST /publicRooms require auth
2016-09-16 11:32:51 +01:00
c33b25fd8d
Change the way we calculate new_limit in /publicRooms and add POST API
2016-09-15 17:35:20 +01:00
68c1ed4d1a
Remove default public rooms limit
2016-09-15 13:56:20 +01:00
1d98cf26be
By default limit /publicRooms to 100 entries
2016-09-15 13:18:35 +01:00
5810cffd33
Pass since/from parameters over federation
2016-09-15 10:36:19 +01:00
f3eead0660
Allow paginating both forwards and backwards
2016-09-15 10:15:37 +01:00
4131381123
Remove support for aggregate room lists
2016-09-15 09:28:15 +01:00
29205e9596
Conform better to the CAS protocol specification
...
Redirect to CAS's /login endpoint properly, and
don't require an <attributes> element.
Signed-off-by: Shell Turner <cam.turn@gmail.com>
2016-09-09 21:20:14 +01:00
dbff7e9436
Merge pull request #1096 from matrix-org/markjh/get_access_token
...
Add helper function for getting access_tokens from requests
2016-09-09 17:09:27 +01:00
8aee5aa068
Add helper function for getting access_tokens from requests
...
Rather than reimplementing the token parsing in the various places.
This will make it easier to change the token parsing to allow access_tokens
in HTTP headers.
2016-09-09 16:33:15 +01:00
d271383e63
Filter returned events for client-facing format
2016-09-09 14:40:15 +01:00
0fc0a3bdff
Allow clients to specify the format a room state event is returned in
2016-09-09 14:34:29 +01:00
3f9889bfd6
Use parse_string
2016-09-08 15:51:10 +01:00
791658b576
Add server param to /publicRooms
2016-09-08 11:53:05 +01:00
4b31426a02
Pass through user-supplied content in /join/$room_id
...
It was always intended to allow custom keys on the join event, but this has
at some point been lost. Restore it.
If the user specifies keys like "avatar_url" then they will be clobbered.
2016-08-23 16:32:04 +01:00
4e1cebd56f
Make synchrotron accept /events
2016-08-12 15:31:44 +01:00
866a5320de
Dont invoke get_handlers fromClientV1RestServlet
...
hs.get_handlers() can not be invoked from split out processes. Moving
the invocations down a level means that we can slowly split out
individual servlets.
2016-08-12 10:03:19 +01:00
cd41c6ece2
Merge pull request #995 from matrix-org/rav/clean_up_cas_login
...
Clean up CAS login code
2016-08-09 10:21:56 +01:00
65666fedd5
Clean up CAS login code
...
Remove some apparently unused code.
Clean up parse_cas_response, mostly to catch the exception if the CAS response
isn't valid XML.
2016-08-08 17:17:25 +01:00
0682ca04b3
Fix CAS login
...
Attempting to log in with CAS was giving a 500 error.
2016-08-08 17:01:30 +01:00
436bffd15f
Implement deleting devices
2016-07-26 07:35:48 +01:00
c68518dfbb
Merge pull request #933 from matrix-org/rav/type_annotations
...
Type annotations
2016-07-20 12:26:32 +01:00
e967bc86e7
Merge pull request #932 from matrix-org/rav/register_refactor
...
Further registration refactoring
2016-07-20 11:03:33 +01:00
1e2a7f18a1
Merge pull request #922 from matrix-org/erikj/file_api2
...
Feature: Add filter to /messages. Add 'contains_url' to filter.
2016-07-20 10:40:48 +01:00
3413f1e284
Type annotations
...
Add some type annotations to help PyCharm (in particular) to figure out the
types of a bunch of things.
2016-07-19 18:56:16 +01:00
40cbffb2d2
Further registration refactoring
...
* `RegistrationHandler.appservice_register` no longer issues an access token:
instead it is left for the caller to do it. (There are two of these, one in
`synapse/rest/client/v1/register.py`, which now simply calls
`AuthHandler.issue_access_token`, and the other in
`synapse/rest/client/v2_alpha/register.py`, which is covered below).
* In `synapse/rest/client/v2_alpha/register.py`, move the generation of
access_tokens into `_create_registration_details`. This means that the normal
flow no longer needs to call `AuthHandler.issue_access_token`; the
shared-secret flow can tell `RegistrationHandler.register` not to generate a
token; and the appservice flow continues to work despite the above change.
2016-07-19 18:46:19 +01:00
f863a52cea
Add device_id support to /login
...
Add a 'devices' table to the storage, as well as a 'device_id' column to
refresh_tokens.
Allow the client to pass a device_id, and initial_device_display_name, to
/login. If login is successful, then register the device in the devices table
if it wasn't known already. If no device_id was supplied, make one up.
Associate the device_id with the access token and refresh token, so that we can
get at it again later. Ensure that the device_id is copied from the refresh
token to the access_token when the token is refreshed.
2016-07-18 16:39:44 +01:00
dcfd71aa4c
Refactor login flow
...
Make sure that we have the canonical user_id *before* calling
get_login_tuple_for_user_id.
Replace login_with_password with a method which just validates the password,
and have the caller call get_login_tuple_for_user_id. This brings the password
flow into line with the other flows, and will give us a place to register the
device_id if necessary.
2016-07-18 15:23:54 +01:00
a98d215204
Add filter param to /messages API
2016-07-14 16:30:56 +01:00
0136a522b1
Bug fix: expire invalid access tokens
2016-07-13 15:00:37 +02:00
67f2c901ea
Add rest servlet. Fix SQL.
2016-07-06 15:56:59 +01:00
a17e7caeb7
Merge branch 'erikj/shared_secret' into erikj/test2
2016-07-06 14:46:31 +01:00
76b18df3d9
Check that there are no null bytes in user and passsword
2016-07-06 11:17:53 +01:00
0da24cac8b
Add null separator to hmac
2016-07-06 11:05:16 +01:00
651faee698
Add an admin option to shared secret registration
2016-07-05 17:30:22 +01:00
caf33b2d9b
Protect password when registering using shared secret
2016-07-05 17:18:19 +01:00
2d21d43c34
Add purge_history API
2016-07-05 10:28:51 +01:00
bb069079bb
Fix style violations
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-04 22:07:11 +09:00
2e5a31f197
Use .get() instead of [] to access password_hash
2016-07-04 22:00:13 +09:00
fc8007dbec
Optionally include password hash in createUser endpoint
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-03 15:08:15 +09:00
f328d95cef
Feature: Add deactivate account admin API
...
Allows server admins to "deactivate" accounts, which:
- Revokes all access tokens
- Removes all threepids
- Removes password
The API is a POST to `/admin/deactivate/<user_id>`
2016-06-30 15:40:58 +01:00
a70688445d
Implement purge_media_cache admin API
2016-06-29 14:57:59 +01:00
95f305c35a
Remove redundant exception log in /events
2016-06-09 11:15:04 +01:00
690029d1a3
Don't make rooms visibile by default
2016-06-08 14:47:42 +01:00
efeabd3180
Log user that is making /publicRooms calls
2016-06-08 14:23:15 +01:00
6a0afa582a
Load push rules in storage layer, so that they get cached
2016-06-03 11:10:00 +01:00
1f31cc37f8
Working unsubscribe links going straight to the HS
...
and authed by macaroons that let you delete pushers and nothing else
2016-06-02 17:21:31 +01:00
3a3fb2f6f9
Merge branch 'dbkr/split_out_auth_handler' into dbkr/email_unsubscribe
2016-06-02 13:35:25 +01:00
4a10510cd5
Split out the auth handler
2016-06-02 13:31:45 +01:00
991af8b0d6
WIP on unsubscribing email notifs without logging in
2016-06-01 17:40:52 +01:00
d240796ded
Basic, un-cached support for secondary_directory_servers
2016-05-31 17:20:07 +01:00
887c6e6f05
Split out the room list handler
...
So I can use it from federation bits without pulling in all the handlers.
2016-05-31 11:05:16 +01:00
332d7e9b97
Allow clients to specify a server_name to avoid 'No known servers'
...
Multiple server_names are supported via ?server_name=foo&server_name=bar
2016-05-19 13:50:52 +01:00
0cb441fedd
Move typing handler out of the Handlers object
2016-05-17 15:58:46 +01:00
3b86ecfa79
Move the presence handler out of the Handlers object
2016-05-16 18:56:37 +01:00
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
52ecbc2843
Make pyjwt dependency optional
2016-04-25 14:30:15 +01:00
b9675ef6e6
Merge pull request #687 from nikriek/jwt-fix
...
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
565c2edb0a
Fix issues with JWT login
2016-04-21 18:10:48 +02:00
a04c076b7f
Make the /set part mandatory
2016-04-12 13:54:41 +01:00
7b39bcdaae
Mis-named function
2016-04-12 13:35:08 +01:00
d937f342bb
Split into separate servlet classes
2016-04-12 13:33:30 +01:00
8a76094965
Add get endpoint for pushers
...
As per https://github.com/matrix-org/matrix-doc/pull/308
2016-04-11 18:00:03 +01:00
08a8514b7a
Remove spurious comment
2016-03-30 15:05:33 +01:00
fddb6fddc1
Require user to have left room to forget room
...
This dramatically simplifies the forget API code - in particular it no
longer generates a leave event.
2016-03-30 11:03:00 +01:00
3f9948a069
Add JWT support
2016-03-29 14:36:36 +02:00
3e7fac0d56
Add published room list edit API
2016-03-21 15:06:07 +00:00
2cd9260500
Update aliases event after deletion
...
Attempt to update the appropriate `m.room.aliases` event after deleting
an alias. This may fail due to the deleter not being in the room.
Will also check if the canonical alias of the event is set to the
deleted alias, and if so will attempt to delete it.
2016-03-17 11:42:00 +00:00
12904932c4
Hook up adding a pusher to the notifier for replication.
2016-03-15 17:42:03 +00:00
398cd1edfb
Fix regression where synapse checked whether push rules were valid JSON before the compatibility hack that handled clients sending invalid JSON
2016-03-14 14:16:41 +00:00
494d0c8e02
Merge pull request #642 from matrix-org/erikj/logout
...
Implement logout
2016-03-11 20:16:25 +00:00
e9c1cabac2
Use parse_json_object_from_request to parse JSON out of request bodies
2016-03-11 16:41:03 +00:00
b13035cc91
Implement logout
2016-03-11 16:27:50 +00:00
b7dbe5147a
Add a parse_json_object function
...
to deduplicate all the copy+pasted _parse_json functions. Also document
the parse_.* functions.
2016-03-09 11:26:26 +00:00
7076082ae6
Fix relative imports so they work in both py3 and py27
2016-03-08 11:45:50 +00:00
239badea9b
Use syntax that works on both py2.7 and py3
2016-03-07 20:13:10 +00:00
ec7460b4f2
Merge branch 'develop' into markjh/pushrule_stream
2016-03-04 14:44:34 +00:00
1b4f4a936f
Hook up the push rules stream to account_data in /sync
2016-03-04 14:44:01 +00:00
dd463e246d
Merge pull request #614 from matrix-org/erikj/alias_delete
...
Allow alias creators to delete aliases
2016-03-04 09:02:33 +00:00
b4022cc487
Pass whole requester to ratelimiting
...
This will enable more detailed decisions
2016-03-03 16:43:42 +00:00
3406eba4ef
Move the code for formatting push rules into a separate function
2016-03-03 16:11:59 +00:00
ddf9e7b302
Hook up the push rules to the notifier
2016-03-03 14:57:45 +00:00
f9af8962f8
Allow alias creators to delete aliases
2016-03-01 14:46:31 +00:00
de27f7fc79
Add support for changing the actions for default rules
...
See matrix-org/matrix-doc#283
Works by adding dummy rules to the push rules table with a negative priority class and then using those rules to clobber the default rule actions when adding the default rules in ``list_with_base_rules``
2016-02-26 14:28:19 +00:00
87acd8fb07
Fix to appease the PEP8 dragon
2016-02-26 12:05:38 +01:00
a53774721a
Add error codes for malformed/bad JSON in /login
...
Signed-off-by: Gergely Polonkai <gergely@polonkaieu>
2016-02-26 10:22:35 +01:00
15c2ac2cac
Make sure we return a JSON object when returning the values of specif…
...
…ic keys from a push rule
2016-02-25 15:13:07 +00:00
9892d017b2
Remove unused get_rule_attr method
2016-02-24 16:31:07 +00:00
869580206d
Ignore invalid POST bodies when joining rooms
2016-02-24 08:50:28 +00:00
577951b032
Allow third_party_signed to be specified on /join
2016-02-23 15:11:25 +00:00
e5ad2e5267
Merge pull request #582 from matrix-org/erikj/presence
...
Rewrite presence for performance.
2016-02-19 09:37:50 +00:00
e12ec335a5
"You are not..."
2016-02-18 17:01:53 +00:00
b9977ea667
Remove dead code for setting device specific rules.
...
It wasn't possible to hit the code from the API because of a typo
in parsing the request path. Since no-one was using the feature
we might as well remove the dead code.
2016-02-18 16:05:13 +00:00
7e90fb6a57
Merge branch 'develop' into daniel/roomcleanupincremental
...
Conflicts:
synapse/rest/client/v1/room.py
2016-02-17 15:53:59 +00:00
591af2d074
Some cleanup
...
I'm not particularly happy with the "action" switching, but there's no
convenient way to defer the work that needs to happen after it, so... :(
2016-02-17 15:50:13 +00:00
e5999bfb1a
Initial cut
2016-02-17 15:40:50 +00:00
71d5d2c669
client/v1/room: include event_id in response to state event PUT, in accordance with the spec
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-02-17 11:53:43 +01:00
458782bf67
Fix typo in request validation for adding push rules.
2016-02-16 18:00:30 +00:00
4bfb32f685
Branch off member and non member sends
...
Unclean, needs tidy-up, but works
2016-02-15 18:21:30 +00:00
1a2197d7bf
Simplify room creation code
2016-02-15 18:19:01 +00:00
e560045cfd
Simplify room creation code
2016-02-15 18:18:39 +00:00
150fcde0dc
Reuse update_membership from /join
2016-02-15 16:16:03 +00:00
e71095801f
Merge implementation of /join by alias or ID
...
This code is kind of rough (passing the remote servers down a long
chain), but is a step towards improvement.
2016-02-15 15:39:16 +00:00
dbeed36dec
Merge some room joining codepaths
...
Force joining by alias to go through the send_membership_event checks,
rather than bypassing them straight into _do_join. This is the first of
many stages of cleanup.
2016-02-15 14:38:27 +00:00
4de08a4672
Revert "Merge two of the room join codepaths"
...
This reverts commit cf81375b94
2016-02-12 16:17:24 +00:00
cf81375b94
Merge two of the room join codepaths
...
There's at least one more to merge in.
Side-effects:
* Stop reporting None as displayname and avatar_url in some cases
* Joining a room by alias populates guest-ness in join event
* Remove unspec'd PUT version of /join/<room_id_or_alias> which has not
been called on matrix.org according to logs
* Stop recording access_token_id on /join/room_id - currently we don't
record it on /join/room_alias; I can try to thread it through at some
point.
2016-02-12 15:11:49 +00:00
58c9f20692
Catch the exceptions thrown by twisted when you write to a closed connection
2016-02-12 13:46:59 +00:00
ebaa999f92
Revert "Reject additional path segments"
...
This reverts commit 1d19a5ec0f
2016-02-09 12:46:52 +00:00
1d19a5ec0f
Reject additional path segments
2016-02-08 10:50:55 +00:00
34dda7cc7f
Merge pull request #557 from matrix-org/dbkr/profile_dont_return_null
...
Omit keys rather then returning null in profile API
2016-02-04 15:39:12 +00:00
709e09e1c3
Remove old log line
2016-02-03 16:32:20 +00:00
156cea5b45
No braces here
2016-02-03 15:04:51 +00:00
24277fbb97
Don't return null if profile display name / avatar url isn't set: omit them instead
2016-02-03 14:59:19 +00:00
5054806ec1
Rename config field to reflect yaml name
2016-02-03 14:42:01 +00:00
d83d004ccd
Fix flake8 warnings for new flake8
2016-02-02 17:18:50 +00:00
8c94833b72
Fix adding push rules relative to other rules
2016-01-27 10:24:20 +00:00
e18257f0e5
Add missing yield in push_rules set enabled
2016-01-25 16:51:56 +00:00
da417aa56d
Allow non-guests to peek on rooms using /events
2016-01-20 15:34:07 +00:00
0d241e1114
Take a deepcopy of push rules before mutating them
2016-01-19 10:15:12 +00:00
d1f56f732e
Use static for const dicts
2016-01-18 15:17:56 +00:00
0e39dcd135
Remove internal ids
2016-01-18 14:50:17 +00:00
ac5a4477ad
Require unbanning before other membership changes
2016-01-15 16:27:26 +00:00
2978053d16
Merge branch 'release-v0.12.1' into develop
2016-01-14 15:04:08 +00:00
a7927c13fd
Fix enabling & disabling push rules
2016-01-14 10:53:44 +00:00
49f33f6438
Add 'event' result to 'context' endpoint
...
... because the context isn't much use without the event.
2016-01-13 16:42:14 +00:00
9c1f853d58
Rename 'user_name' to 'user_id' in push to make it consistent with the rest of the code
2016-01-13 13:32:59 +00:00
2110e35fd6
Introduce a Requester object
...
This tracks data about the entity which made the request. This is
instead of passing around a tuple, which requires call-site
modifications every time a new piece of optional context is passed
around.
I tried to introduce a User object. I gave up.
2016-01-11 17:48:45 +00:00
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
32d9fd0b26
Expose /login under r0
...
The spec says /login should be available at r0 and 'unstable', so make it so.
2016-01-02 17:24:28 +00:00
515548a47a
Missing yield
2015-12-10 17:54:23 +00:00
7a8ba4c9a0
Actually host r0 and unstable prefixes
2015-12-08 15:26:52 +00:00
9c9b2829ae
also do more structured logging
2015-12-07 12:01:00 +00:00
50e5886de1
pep8
2015-12-07 11:57:48 +00:00
ba1d740239
Add logging to pushers API to log the body of the request
2015-12-07 11:52:20 +00:00
41905784f7
Take object not bool
...
Allows bool as legacy fallback
See https://github.com/matrix-org/matrix-doc/pull/212
2015-12-07 10:44:33 +00:00
ac213c2e08
Merge pull request #415 from matrix-org/daniel/endpoints
...
Merge pull request #415 from matrix-org/daniel/endpoints
2015-12-03 12:19:12 +00:00
526bc33e02
Fix implementation of /admin/whois
2015-12-02 17:29:47 +00:00
872c134807
Update endpoints to reflect current spec
2015-12-02 15:45:04 +00:00
37b2d69bbc
Reuse a single http client, rather than creating new ones
2015-12-02 11:36:02 +00:00
14d7acfad4
Host /unstable and /r0 versions of r0 APIs
2015-12-01 17:34:32 +00:00
31069ecf6a
Rename presence_handler.send_invite to presence_handler.send_presence_invite to distinguish it from normal invites
2015-12-01 15:59:45 +00:00
c6a15f5026
Merge pull request #385 from matrix-org/daniel/forgetrooms
...
Allow users to forget rooms
2015-11-20 18:07:26 +00:00
e3dae653e8
Comment
2015-11-20 14:05:22 +00:00
37de8a7f4a
Remove m.login.token from advertised flows.
2015-11-19 16:16:49 +00:00
ba26eb3d5d
Allow users to forget rooms
2015-11-17 17:17:30 -05:00
f5e25c5f35
Merge branch 'develop' into sh-cas-auth-via-homeserver
2015-11-17 10:55:41 +00:00
9c3f4f8dfd
Allow guests to /room/:room_id/{join,leave}
2015-11-13 11:56:58 +00:00
0d08670f61
Merge pull request #360 from matrix-org/daniel/guestroominitialsync
...
Merge pull request #360 from matrix-org/daniel/guestroominitialsync
Allow guest access to room initialSync
2015-11-12 15:19:55 +00:00
0a93df5f9c
Allow guests to set their display names
...
Depends: https://github.com/matrix-org/synapse/pull/363
Tests in https://github.com/matrix-org/sytest/pull/66
2015-11-12 13:44:39 +00:00
e93d550b79
Allow guests to access room context API
2015-11-11 17:49:44 +00:00
f15ba926cc
Allow guest access to room initialSync
2015-11-11 17:13:24 +00:00
ffdc8e5e1c
Snakes not camels
2015-11-11 14:26:47 +00:00
2b779af10f
Minor review fixes
2015-11-11 11:21:43 +00:00
38d82edf0e
Allow guest users to join and message rooms
2015-11-10 16:57:13 +00:00
82e8a2d763
Merge pull request #356 from matrix-org/daniel/3pidyetagain
...
Get display name from identity server, not client
2015-11-10 12:44:17 +00:00
0d63dc3ec9
Get display name from identity server, not client
2015-11-09 17:26:43 +00:00
9107ed23b7
Add a couple of unit tests for room/<x>/messages
...
... merely because I was trying to figure out how it worked, and couldn't.
2015-11-09 16:16:43 +00:00
fece2f5c77
Merge branch 'develop' into sh-cas-auth-via-homeserver
2015-11-05 20:59:45 +00:00
6be1b4b113
Merge pull request #350 from matrix-org/erikj/search
...
Implement pagination, order by and groups in search
2015-11-05 17:52:32 +00:00
2cebe53545
Exchange 3pid invites for m.room.member invites
2015-11-05 16:43:19 +00:00
729ea933ea
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/search
2015-11-05 15:43:52 +00:00
7301e05122
Implement basic pagination for search results
2015-11-05 15:04:08 +00:00
ca2f90742d
Open up /events to anonymous users for room events only
...
Squash-merge of PR #345 from daniel/anonymousevents
2015-11-05 14:32:26 +00:00
414a4a71b4
Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response
2015-11-05 14:06:48 +00:00
f522f50a08
Allow guests to register and call /events?room_id=
...
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
5cb298c934
Add room context api
2015-10-28 13:45:56 +00:00
259d10f0e4
Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop
2015-10-23 11:11:56 +01:00
5025ba959f
Add config option to disable password login
2015-10-22 10:37:04 +01:00
ede07434e0
Use 403 and message to match handlers/auth
2015-10-21 09:42:07 +01:00
b02a342750
Don't 500 when the email doesn't map to a valid user ID.
2015-10-20 11:07:50 +01:00
e0bf0258ee
Merge pull request #307 from matrix-org/erikj/search
...
Add basic search API
2015-10-19 13:37:15 +01:00
9371a35e89
Merge pull request #306 from matrix-org/markjh/unused_methods
...
Remove some login classes from synapse.
2015-10-16 18:18:41 +01:00
33646eb000
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/search
2015-10-16 15:35:35 +01:00
1a934e8bfd
synapse.client.v1.login.LoginFallbackRestServlet and synapse.client.v1.login.PasswordResetRestServlet are unused
2015-10-15 11:09:57 +01:00
0c38e8637f
Remove unnecessary class-wrapping
2015-10-13 18:00:38 +01:00
14edea1aff
Move logic into handler
2015-10-13 17:47:58 +01:00
b68db61222
Add logging
2015-10-13 17:22:50 +01:00
17dffef5ec
Move event contents into third_party_layout field
2015-10-13 15:48:12 +01:00
32a453d7ba
Merge branch 'develop' into daniel/3pidinvites
2015-10-13 13:32:43 +01:00
f9340ea0d5
Merge branch 'erikj/store_engine' into erikj/search
2015-10-13 13:29:02 +01:00
739464fbc5
Add a comment to clarify why we split on closing curly brace when reading CAS attribute tags
2015-10-12 16:02:17 +01:00
f6fde343a1
Merge remote-tracking branch 'origin/develop' into erikj/search
2015-10-12 15:06:18 +01:00
83b464e4f7
Unpack dictionary in for loop for nicer syntax
2015-10-12 15:05:34 +01:00
7f8fdc9814
Remove not required parenthesis
2015-10-12 14:45:24 +01:00
01a5f1991c
Support multiple required attributes in CAS response, and in a nicer config format too
2015-10-12 14:43:17 +01:00
76421c496d
Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal
2015-10-12 11:11:49 +01:00
7845f62c22
Parse both user and attributes from CAS response
2015-10-12 10:55:13 +01:00
61561b9df7
Keep FTS indexes up to date. Only search through rooms currently joined
2015-10-12 10:49:53 +01:00
95f7661170
Raise LoginError if CasResponse doensn't contain user
2015-10-10 10:54:19 +01:00
a9c299c0be
Fix my broken line splitting
2015-10-10 10:54:19 +01:00
e52f4dc599
Use UserId to create FQ user id
2015-10-10 10:54:19 +01:00
625e13bfde
Add get_raw method to SimpleHttpClient, use this in CAS auth rather than requests
2015-10-10 10:54:19 +01:00
22112f8d14
Formatting changes
2015-10-10 10:49:42 +01:00
c33f5c1a24
Provide ability to login using CAS
2015-10-10 10:49:42 +01:00
c85c912562
Add basic full text search impl.
2015-10-09 15:48:31 +01:00
51ef725647
Use 'true' rather than '1' for archived flag
2015-10-08 18:13:02 +01:00
dc72021748
Add a flag to initial sync to indicate we want rooms that the user has left
2015-10-08 17:26:23 +01:00
fcd9ba8802
Fix lint errors
2015-10-06 10:13:05 -05:00
5b3e9713dd
Implement third party identifier invites
2015-10-01 17:49:52 +01:00
3c166a24c5
Remove undocumented and unimplemented 'feedback' parameter from the Client-Server API
2015-09-09 16:05:09 +01:00
bc8b25eb56
Allow users that have left the room to view the member list from the point they left
2015-09-09 15:42:16 +01:00
d3c0e48859
Merge erikj/user_dedup to develop
2015-08-26 13:42:45 +01:00
ee3fa1a99c
Merge pull request #248 from matrix-org/deviceid
...
Remove completely unused concepts from codebase
2015-08-25 17:19:06 +01:00
a0b181bd17
Remove completely unused concepts from codebase
...
Removes device_id and ClientInfo
device_id is never actually written, and the matrix.org DB has no
non-null entries for it. Right now, it's just cluttering up code.
This doesn't remove the columns from the database, because that's
fiddly.
2015-08-25 16:23:06 +01:00
78323ccdb3
Remove syutil dependency in favour of smaller single-purpose libraries
2015-08-24 16:17:38 +01:00
21b71b6d7c
Return fully qualified user_id as per spec
2015-08-20 21:54:53 +01:00
e8cf77fa49
Merge branch 'develop' into refresh
...
Conflicts:
synapse/rest/client/v1/login.py
2015-08-20 16:25:40 +01:00
cecbd636e9
/tokenrefresh POST endpoint
...
This allows refresh tokens to be exchanged for (access_token,
refresh_token).
It also starts issuing them on login, though no clients currently
interpret them.
2015-08-20 16:21:35 +01:00
4cf302de5b
Comma comma comma comma comma chameleon
2015-08-20 10:31:18 +01:00
c50ad14bae
Merge branch 'develop' into email_login
2015-08-20 10:16:01 +01:00
415c2f0549
Simplify LoginHander and AuthHandler
...
* Merge LoginHandler -> AuthHandler
* Add a bunch of documentation
* Improve some naming
* Remove unused branches
I will start merging the actual logic of the two handlers shortly
2015-08-12 15:49:37 +01:00
185ac7ee6c
Allow sign in using email address
2015-08-04 16:29:54 +01:00
ddef5ea126
Remove semicolon.
2015-07-20 14:02:36 +01:00
b6ee0585bd
Parse the ID given to /invite|ban|kick to make sure it looks like a user ID.
2015-07-20 13:55:19 +01:00
f3049d0b81
Small tweaks to SAML2 configuration.
...
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
8cd34dfe95
Make SAML2 optional and add some references/comments
2015-07-09 13:34:47 +05:30
d2caa5351a
code beautify
2015-07-09 12:58:15 +05:30
77c5db5977
code beautify
2015-07-08 16:05:20 +05:30
81682d0f82
Integrate SAML2 basic authentication - uses pysaml2
2015-07-08 15:36:54 +05:30
fb7def3344
Remove access_token from synapse.rest.client.v1.transactions {get,store}_response logging
2015-06-16 10:09:43 +01:00
a7b65bdedf
Add config option to turn off freezing events. Use new encode_json api and ujson.loads
2015-05-29 12:17:33 +01:00
a0bebeda8b
SYN-390: Don't modify the dictionary returned from the data store
2015-05-26 10:14:15 +01:00
c1a256cc4c
Allow multiple pushers for a single app ID & pushkey, honouring the 'append' flag in the API.
2015-03-25 19:06:22 +00:00
c7023f2155
1) Pushers are now associated with an access token
...
2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it.
2015-03-24 17:24:15 +00:00
f88db7ac0b
Factor out user id validation checks
2015-03-18 11:34:18 +00:00
Morteza Araby