master/synapse
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
24,980 Commits 1 Branch 0 Tags 100 MiB
c7762cd55e
Commit Graph

128 Commits

Author SHA1 Message Date
reivilibre
a31d53b28f
Use twisted.internet.testing module in tests instead of deprecated twisted.test.proto_helpers. (#18728) 
Follows: #18727

---------

Signed-off-by: Olivier 'reivilibre <oliverw@matrix.org>
 2025-07-30 12:32:10 +01:00
Shay
11a11414c5
Add an option to issue redactions as admin user on admin redaction endpoint (#18671) 
Currently the [admin redaction
endpoint](https://element-hq.github.io/synapse/latest/admin_api/user_admin_api.html#redact-all-the-events-of-a-user)
defaults to puppeting the user being redacted. This PR adds an optional
param `use_admin`, which when provided issues the redactions as the
admin user instead.
 2025-07-21 16:40:45 +00:00
Andrew Ferrazzutti
2f9c9d5eba
Forbid locked users from using POST /login (#18594) 
Discussed in the [Synapse Dev
room](https://matrix.to/#/!vcyiEtMVHIhWXcJAfl:sw1v.org/$K4UojQtvaSpxSe35TWFXtKWGoAuHwHFcKo8qn2lwxSs?via=matrix.org&via=element.io&via=envs.net)

### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [x] Pull request is based on the develop branch
* [x] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [x] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct (run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
 2025-07-02 18:18:33 +02:00
Hugh Nimmo-Smith
a4d8da7a1b
Make user_type extensible and allow default user_type to be set (#18456) 2025-06-03 11:34:40 +00:00
dependabot[bot]
9d43bec326
Bump ruff from 0.7.3 to 0.11.10 (#18451) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 2025-05-20 15:23:30 +01:00
Shay
74e2f028bb
Fix admin redaction endpoint not redacting encrypted messages (#18434) 2025-05-19 09:48:46 +01:00
Shay
b5267678d2
Add a test to verify remote user messages can be redacted via admin api redaction endpoint if requester is admin in room (#18043) 2025-01-03 12:52:42 +00:00
Shay
8208186e3c
Add some useful endpoints to Admin API (#17948) 
- Fetch the number of invites the provided user has sent after a given
timestamp
- Fetch the number of rooms the provided user has joined after a given
timestamp, regardless if they have left/been banned from the rooms
subsequently
- Get report IDs of event reports where the provided user was the sender
of the reported event
 2024-12-16 13:27:34 -06:00
Travis Ralston
b90ad26ebc
Promote account suspension to stable (#17964) 
MSC: https://github.com/matrix-org/matrix-spec-proposals/pull/3823
 2024-12-04 17:56:42 -06:00
Shay
4587decd67
Return suspended status when querying user account (#17952) 2024-11-22 12:37:19 +00:00
Travis Ralston
d0a474d312
Enable authenticated media by default (#17889) 
Co-authored-by: Olivier 'reivilibre <oliverw@matrix.org>
 2024-11-20 14:48:22 +00:00
Benjamin Bouvier
bfb197c596
Fix typo in error message when a media ID isn't known (#17865) 2024-11-12 16:41:14 +00:00
Shay
58deef5eba
Add admin handler to list of handlers used for background tasks (#17847) 
Fixes #17823

While we're at it, makes a change where the redactions are sent as the
admin if the user is not a member of the server (otherwise these fail
with a "User must be our own" message).
 2024-10-29 13:50:13 -05:00
Shay
a5986ac229
Improvements to admin redact api (#17792) 
- better validation on user input
- fix an early task completion
- when checking membership in rooms, check for rooms user has been
banned from as well
 2024-10-08 14:23:21 +01:00
Shay
51dd4df0a3
Add an Admin API endpoint to redact all a user's events (#17506) 2024-09-18 10:08:01 +00:00
Shay
7a11c0ac4f
Add support for MSC3823 - Account Suspension Part 2 (#17255) 2024-06-24 14:21:22 +01:00
Alexander Fechler
48f59d3806
deactivated flag refactored to filter deactivated users. (#16874) 
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 2024-03-11 16:08:04 +00:00
Erik Johnston
23740eaa3d
Correctly mention previous copyright (#16820) 
During the migration the automated script to update the copyright
headers accidentally got rid of some of the existing copyright lines.
Reinstate them.
 2024-01-23 11:26:48 +00:00
Adam Jędrzejewski
c7d0d02be7
Search non ASCII display names using Admin API (#16767) 
Closes #16370

Signed-off-by: Adam Jedrzejewski <adamjedrzejewski@icloud.com>
 2024-01-04 09:36:57 +00:00
Dirk Klimpel
14ed84ac33
Enable user without password (#16770) 
Closes:
- https://github.com/matrix-org/synapse/issues/10397
- #10397 

An administrator should know whether he wants to set a password or not.
There are many uses cases where a blank password is required.

- Use of only some users with SSO.
- Use of bots with password, users with SSO
 2024-01-02 11:52:51 +00:00
Patrick Cloke
8e1e62c9e0 Update license headers 2023-11-21 15:29:58 -05:00
David Robertson
43d1aa75e8
Add an Admin API to temporarily grant the ability to update an existing cross-signing key without UIA (#16634) 2023-11-15 17:28:10 +00:00
Patrick Cloke
f2f2c7c1f0
Use full GitHub links instead of bare issue numbers. (#16637) 2023-11-15 08:02:11 -05:00
Patrick Cloke
ab3f1b3b53
Convert simple_select_one_txn and simple_select_one to return tuples. (#16612) 2023-11-09 11:13:31 -05:00
Patrick Cloke
26b960b08b
Register media servlets via regex. (#16419) 
This converts the media servlet URLs in the same way as
(most) of the rest of Synapse. This will give more flexibility
in the versions each endpoint exists under.
 2023-10-06 07:22:55 -04:00
Hanadi
eef2b9e344
Filter locked users in the admin API (#16328) 
Co-authored-by: Hanadi Tamimi <hanadi.tamimi@sdui.de>
 2023-09-18 15:37:51 +01:00
Mathieu Velten
dcb2778341
Add last_seen_ts to the admin users API (#16218) 2023-09-04 18:13:28 +02:00
Patrick Cloke
9ec3da06da
Bump mypy-zope & mypy. (#16188) 2023-08-29 10:38:56 -04:00
Patrick Cloke
daf11e26ef
Replace make_awaitable with AsyncMock (#16179) 
Python 3.8 provides a native AsyncMock, we can replace the
homegrown version we have.
 2023-08-24 19:38:46 -04:00
Alexander Fechler
54317d34b7
Allow filtering for admins in the list accounts admin API (#16114) 2023-08-18 12:26:38 +01:00
Mathieu Velten
dac97642e4
Implements admin API to lock an user (MSC3939) (#15870) 2023-08-10 09:10:55 +00:00
Shay
f08d05dd2c
Actually stop reading from column user_id of tables profiles (#15955) 2023-07-23 16:30:54 -07:00
Mathieu Velten
8eb7bb975e
Mark get_user_in_directory private since only used in tests (#15884) 2023-07-12 11:09:13 +02:00
Michael Weimann
c8e81898b6
Add not_user_type param to the list accounts admin API (#15844) 
Signed-off-by: Michael Weimann <michaelw@element.io>
 2023-07-04 15:03:20 -07:00
Shay
301b4156d5
Add column full_user_id to tables profiles and user_filters. (#15458) 2023-04-26 16:03:26 -07:00
Quentin Gliech
5b70f240cf
Make cleaning up pushers depend on the device_id instead of the token_id (#15280) 
This makes it so that we rely on the `device_id` to delete pushers on logout,
instead of relying on the `access_token_id`. This ensures we're not removing
pushers on token refresh, and prepares for a world without access token IDs
(also known as the OIDC).

This actually runs the `set_device_id_for_pushers` background update, which
was forgotten in #13831.

Note that for backwards compatibility it still deletes pushers based on the
`access_token` until the background update finishes.
 2023-03-24 11:09:39 -04:00
Patrick Cloke
4fc8875876
Refactor media modules. (#15146) 
* Removes the `v1` directory from `test.rest.media.v1`.
* Moves the non-REST code from `synapse.rest.media.v1` to `synapse.media`.
* Flatten the `v1` directory from `synapse.rest.media`,  but leave compatiblity
  with 3rd party media repositories and spam checkers.
 2023-02-27 08:26:05 -05:00
Patrick Cloke
42aea0d8af
Add final type hint to tests.unittest. (#15072) 
Adds a return type to HomeServerTestCase.make_homeserver and deal
with any variables which are no longer Any.
 2023-02-14 14:03:35 -05:00
Shay
03bccd542b
Add a class UnpersistedEventContext to allow for the batching up of storing state groups (#14675) 
* add class UnpersistedEventContext

* modify create new client event to create unpersistedeventcontexts

* persist event contexts after creation

* fix tests to persist unpersisted event contexts

* cleanup

* misc lints + cleanup

* changelog + fix comments

* lints

* fix batch insertion?

* reduce redundant calculation

* add unpersisted event classes

* rework compute_event_context, split into function that returns unpersisted event context and then persists it

* use calculate_context_info to create unpersisted event contexts

* update typing

* $%#^&*

* black

* fix comments and consolidate classes, use attr.s for class

* requested changes

* lint

* requested changes

* requested changes

* refactor to be stupidly explicit

* clearer renaming and flow

* make partial state non-optional

* update docstrings

---------

Co-authored-by: Erik Johnston <erik@matrix.org>
 2023-02-09 13:05:02 -08:00
Patrick Cloke
9d8a3234ba
Respond with proper error responses on unknown paths. (#14621) 
Returns a proper 404 with an errcode of M_RECOGNIZED for
unknown endpoints per MSC3743.
 2022-12-08 11:37:05 -05:00
Ashish Kumar
a3623af74e
Add an Admin API endpoint for looking up users based on 3PID (#14405) 2022-11-11 15:38:17 +00:00
Tadeusz Sośnierz
1433b5d5b6
Show erasure status when listing users in the Admin API (#14205) 
* Show erasure status when listing users in the Admin API

* Use USING when joining erased_users

* Add changelog entry

* Revert "Use USING when joining erased_users"

This reverts commit 30bd2bf106415caadcfdbdd1b234ef2b106cc394.

* Make the erased check work on postgres

* Add a testcase for showing erased user status

* Appease the style linter

* Explicitly convert `erased` to bool to make SQLite consistent with Postgres

This also adds us an easy way in to fix the other accidentally integered columns.

* Move erasure status test to UsersListTestCase

* Include user erased status when fetching user info via the admin API

* Document the erase status in user_admin_api

* Appease the linter and mypy

* Signpost comments in tests

Co-authored-by: Tadeusz Sośnierz <tadeusz@sosnierz.com>
Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
 2022-10-21 13:52:44 +01:00
Brendan Abolivier
be76cd8200
Allow admins to require a manual approval process before new accounts can be used (using MSC3866) (#13556) 2022-09-29 15:23:24 +02:00
Brendan Abolivier
8ae42ab8fa
Support enabling/disabling pushers (from MSC3881) (#13799) 
Partial implementation of MSC3881
 2022-09-21 14:39:01 +00:00
Quentin Gliech
74f60cec92
Add an admin API endpoint to find a user based on its external ID in an auth provider. (#13810) 2022-09-16 12:29:03 +00:00
Dirk Klimpel
f799eac7ea
Add timestamp to user's consent (#13741) 
Co-authored-by: reivilibre <olivier@librepush.net>
 2022-09-08 15:41:48 +00:00
Andrew Morgan
f9f03426de
Implement MSC3852: Expose last_seen_user_agent to users for their own devices; also expose to Admin API (#13549) 2022-08-19 16:17:10 +00:00
Dirk Klimpel
2281427175
Use literals in place of HTTPStatus constants in tests (#13488) 
* Use literals in place of `HTTPStatus` constants in tests

* newsfile

* code style

* code style
 2022-08-10 11:01:12 -07:00
Dirk Klimpel
1595052b26
Use literals in place of HTTPStatus constants in tests (#13479) 
Replace
- `HTTPStatus.NOT_FOUND`
- `HTTPStatus.FORBIDDEN`
- `HTTPStatus.UNAUTHORIZED`
- `HTTPStatus.CONFLICT`
- `HTTPStatus.CREATED`

Signed-off-by: Dirk Klimpel <dirk@klimpel.org>
 2022-08-09 14:56:43 +01:00
Dirk Klimpel
c97042f7ee
Use literals in place of HTTPStatus constants in tests (#13469) 2022-08-08 13:21:27 -07:00