Remove the 'password_hash' from the Users Admin API endpoint response dictionary (#11576)

2025-05-04 10:44:51 -04:00 · 2022-01-14 14:53:33 +00:00 · 2022-01-14 14:53:33 +00:00 · 18862f20b5
commit 18862f20b5
parent 904bb04409
5 changed files with 86 additions and 43 deletions
--- a/synapse/rest/admin/users.py
+++ b/synapse/rest/admin/users.py
@ -173,12 +173,11 @@ class UserRestServletV2(RestServlet):
        if not self.hs.is_mine(target_user):
            raise SynapseError(HTTPStatus.BAD_REQUEST, "Can only look up local users")

-        ret = await self.admin_handler.get_user(target_user)
-
-        if not ret:
+        user_info_dict = await self.admin_handler.get_user(target_user)
+        if not user_info_dict:
            raise NotFoundError("User not found")

-        return HTTPStatus.OK, ret
+        return HTTPStatus.OK, user_info_dict

    async def on_PUT(
        self, request: SynapseRequest, user_id: str
@ -399,10 +398,10 @@ class UserRestServletV2(RestServlet):
                    target_user, requester, body["avatar_url"], True
                )

-            user = await self.admin_handler.get_user(target_user)
-            assert user is not None
+            user_info_dict = await self.admin_handler.get_user(target_user)
+            assert user_info_dict is not None

-            return 201, user
+            return HTTPStatus.CREATED, user_info_dict


 class UserRegisterServlet(RestServlet):