Commit Graph

2544 Commits (fb664cf159d1d6c5d150726cc365debf911f7e74)

Author SHA1 Message Date
Maxwell G 12611bfcdd
Add support for pydantic v2 via pydantic.v1 compat module (#16332)
While maintaining support with pydantic v1.
2023-09-25 15:19:08 +00:00
Patrick Cloke c9a0e1673a
Add missing license header. (#16359) 2023-09-21 09:47:29 -04:00
Patrick Cloke 7ec0a141b4
Convert more cached return values to immutable types (#16356) 2023-09-20 07:48:55 -04:00
Hanadi eef2b9e344
Filter locked users in the admin API (#16328)
Co-authored-by: Hanadi Tamimi <hanadi.tamimi@sdui.de>
2023-09-18 15:37:51 +01:00
Patrick Cloke c1e244c8f7
Make cached account data/tags/admin types immutable (#16325) 2023-09-18 09:55:04 -04:00
Patrick Cloke 63d28a88c1
Additional validation of receipts (#16327)
Reject invalid receipts with a reasonable error message &
expands tests for receipts.
2023-09-18 13:02:12 +00:00
Mathieu Velten dd44ee00b6
Add automatic purge after all users forget a room (#15488)
Also add restore of purge/shutdown rooms after a synapse restart.

Co-authored-by:  Eric Eastwood <erice@matrix.org>
Co-authored-by: Erik Johnston <erikj@matrix.org>
2023-09-15 15:37:44 +02:00
Erik Johnston 954921736b
Refactor `get_user_by_id` (#16316) 2023-09-14 12:46:30 +01:00
Patrick Cloke d38d0dffc9
Use StrCollection in additional places. (#16301) 2023-09-13 07:57:19 -04:00
Patrick Cloke 9400dc0535
Add the List-Unsubscribe header for notification emails. (#16274)
Adds both the List-Unsubscribe (RFC2369) and List-Unsubscribe-Post (RFC8058)
headers to push notification emails, which together should:

* Show an "Unsubscribe" link in the MUA UI when viewing Synapse notification emails.
* Enable "one-click" unsubscribe (the user never leaves their MUA, which automatically
  makes a POST request to the specified endpoint).
2023-09-11 09:49:48 -04:00
Patrick Cloke 69b74d9330
Avoid temporary storage of sensitive information. (#16272)
During the UI auth process, avoid storing sensitive information
into the database.
2023-09-08 08:57:56 -04:00
Erik Johnston d23c394669
Reduce CPU overhead of change password endpoint (#16264) 2023-09-08 13:06:00 +01:00
Erik Johnston 8940d1b28e
Add `/notifications` endpoint to workers (#16265) 2023-09-07 09:26:07 +00:00
Patrick Cloke 55c20da4a3 Merge remote-tracking branch 'origin/release-v1.91' into release-v1.92 2023-09-06 11:25:28 -04:00
Quentin Gliech 1940d990a3
Revert MSC3861 introspection cache, admin impersonation and account lock (#16258) 2023-09-06 15:19:51 +01:00
Mathieu Velten dcb2778341
Add last_seen_ts to the admin users API (#16218) 2023-09-04 18:13:28 +02:00
David Robertson 62a1a9be52
Describe which rate limiter was hit in logs (#16135) 2023-08-30 00:39:39 +01:00
dependabot[bot] 001fc7bd19
Bump ruff from 0.0.277 to 0.0.286 (#16198)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-29 09:41:43 -04:00
Patrick Cloke 40901af5e0
Pass the device ID around in the presence handler (#16171)
Refactoring to pass the device ID (in addition to the user ID) through
the presence handler (specifically the `user_syncing`, `set_state`,
and `bump_presence_active_time` methods and their replication
versions).
2023-08-28 13:08:49 -04:00
Patrick Cloke 82699428e3
Validate input to POST /key/v2/query endpoint. (#16183)
To avoid 500 internal server errors with garbage input.
2023-08-25 14:10:31 -04:00
Shay 69048f7b48
Add an admin endpoint to allow authorizing server to signal token revocations (#16125) 2023-08-22 14:15:34 +00:00
Alexander Fechler 54317d34b7
Allow filtering for admins in the list accounts admin API (#16114) 2023-08-18 12:26:38 +01:00
Erik Johnston 0aba4a4eaa
Add cache to `get_server_keys_json_for_remote` (#16123) 2023-08-18 11:05:01 +01:00
Mathieu Velten 8c3bcea2da
Rename pagination&purge locks and add comments explaining them (#16112) 2023-08-16 16:19:54 +02:00
Nick Mills-Barrett 614efc488b
Add linearizer on user ID to push rule PUT/DELETE requests (#16052)
See: #16053

Signed off by Nick @ Beeper (@Fizzadar)
2023-08-11 11:37:09 +00:00
Mathieu Velten dac97642e4
Implements admin API to lock an user (MSC3939) (#15870) 2023-08-10 09:10:55 +00:00
Shay 0328b56468
Support MSC3814: Dehydrated Devices Part 2 (#16010) 2023-08-08 12:04:46 -07:00
Shay 8af3f33d84
Fix endpoint improperly declaring support for MSC3814 (#16068) 2023-08-07 10:52:15 -07:00
Shay 84ae2e3f6f
Fix deletion for Dehydrated Devices (#16046) 2023-08-04 10:49:54 -07:00
Patrick Cloke d98a43d922
Stabilize support for MSC3970: updated transaction semantics (scope to `device_id`) (#15629)
For now this maintains compatible with old Synapses by falling back
to using transaction semantics on a per-access token. A future version
of Synapse will drop support for this.
2023-08-04 07:47:18 -04:00
Erik Johnston ae55cc1e6b
Add ability to wait for locks and add locks to purge history / room deletion (#15791)
c.f. #13476
2023-07-31 10:58:03 +01:00
Shay 641ff9ef7e
Support MSC3814: Dehydrated Devices (#15929)
Signed-off-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <89468146+nico-famedly@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
2023-07-24 08:23:19 -07:00
Patrick Cloke 6d81aec09f
Support room version 11 (#15912)
And fix a bug in the implementation of the updated redaction
format (MSC2174) where the top-level redacts field was not
properly added for backwards-compatibility.
2023-07-18 08:44:59 -04:00
Patrick Cloke 20ae617d14
Stop accepting 'user' parameter for application service registration. (#15928)
This is unspecced, but has existed for a very long time.
2023-07-13 07:23:56 -04:00
Michael Weimann c8e81898b6
Add not_user_type param to the list accounts admin API (#15844)
Signed-off-by: Michael Weimann <michaelw@element.io>
2023-07-04 15:03:20 -07:00
Erik Johnston 25c55a9d22
Add login spam checker API (#15838) 2023-06-26 14:12:20 +00:00
Eric Eastwood 0f02f0b4da
Remove experimental MSC2716 implementation to incrementally import history into existing rooms (#15748)
Context for why we're removing the implementation:

 - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1487441010
 - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1504262734

Anyone wanting to continue MSC2716, should also address these leftover tasks: https://github.com/matrix-org/synapse/issues/10737

Closes https://github.com/matrix-org/synapse/issues/10737 in the fact that it is not longer necessary to track those things.
2023-06-16 14:12:24 -05:00
Sean Quah dfd77f426e
Remove some unused `server_name` fields (#15723)
Signed-off-by: Sean Quah <seanq@matrix.org>
2023-06-06 12:32:29 +01:00
Patrick Cloke f880e64b11
Stabilize support for MSC3952: Intentional mentions. (#15520) 2023-06-06 09:11:07 +01:00
Shay d0c4257f14
`N + 3`: Read from column `full_user_id` rather than `user_id` of tables `profiles` and `user_filters` (#15649) 2023-06-02 17:24:13 -07:00
Hugh Nimmo-Smith d1693f0362
Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388)
Implements stable support for MSC3882; this involves updating Synapse's support to
match the MSC / the spec says.

Continue to support the unstable version to allow clients to transition.
2023-06-01 08:52:51 -04:00
Quentin Gliech e343125b38 Disable incompatible Admin API endpoints 2023-05-30 09:43:06 -04:00
Quentin Gliech 4d0231b364 Make AS tokens work & allow ASes to /register 2023-05-30 09:43:06 -04:00
Hugh Nimmo-Smith 249f4a338d Refactor config to be an experimental feature
Also enforce you can't combine it with incompatible config options
2023-05-30 09:43:06 -04:00
Quentin Gliech 31691d6151 Disable account related endpoints when using OAuth delegation 2023-05-30 09:43:06 -04:00
Quentin Gliech e82ec6d008 MSC2965: OIDC Provider discovery via well-known document 2023-05-30 09:43:06 -04:00
Quentin Gliech 8f576aa462 Expose the public keys used for client authentication on an endpoint 2023-05-30 09:43:06 -04:00
Shay 8839b6c2f8
Add requesting user id parameter to key claim methods in `TransportLayerClient` (#15663) 2023-05-24 13:23:26 -07:00
Patrick Cloke 7c9b91790c
Consolidate logic to check for deactivated users. (#15634)
This moves the deactivated user check to the method which
all login types call.

Additionally updates the application service tests to be more
realistic by removing invalid tests and fixing server names.
2023-05-23 10:35:43 -04:00
Patrick Cloke 89a23c9406
Do not allow deactivated users to login with JWT. (#15624)
To improve the organization of this code it moves the JWT login
checks to a separate handler and then fixes the bug (and a
deprecation warning).
2023-05-19 08:06:54 -04:00