Merge branch 'develop' into e2e_backups

2025-12-15 22:13:52 -05:00 · 2018-08-24 11:44:26 -04:00 · 2018-08-24 11:44:26 -04:00 · 83caead95a
commit 83caead95a
parent 42a394caa2 897d976c1e
232 changed files with 7197 additions and 4107 deletions
--- a/synapse/rest/client/transactions.py
+++ b/synapse/rest/client/transactions.py
@ -17,7 +17,7 @@
 to ensure idempotency when performing PUTs using the REST API."""
 import logging

-from synapse.util.async import ObservableDeferred
+from synapse.util.async_helpers import ObservableDeferred
 from synapse.util.logcontext import make_deferred_yieldable, run_in_background

 logger = logging.getLogger(__name__)
@ -53,7 +53,7 @@ class HttpTransactionCache(object):
            str: A transaction key
        """
        token = self.auth.get_access_token_from_request(request)
-        return request.path + "/" + token
+        return request.path.decode('utf8') + "/" + token

    def fetch_or_execute_request(self, request, fn, *args, **kwargs):
        """A helper function for fetch_or_execute which extracts
--- a/synapse/rest/client/v1/admin.py
+++ b/synapse/rest/client/v1/admin.py
@ -391,10 +391,17 @@ class DeactivateAccountRestServlet(ClientV1RestServlet):
        if not is_admin:
            raise AuthError(403, "You are not a server admin")

-        yield self._deactivate_account_handler.deactivate_account(
+        result = yield self._deactivate_account_handler.deactivate_account(
            target_user_id, erase,
        )
-        defer.returnValue((200, {}))
+        if result:
+            id_server_unbind_result = "success"
+        else:
+            id_server_unbind_result = "no-support"
+
+        defer.returnValue((200, {
+            "id_server_unbind_result": id_server_unbind_result,
+        }))


 class ShutdownRoomRestServlet(ClientV1RestServlet):
--- a/synapse/rest/client/v1/presence.py
+++ b/synapse/rest/client/v1/presence.py
@ -84,7 +84,8 @@ class PresenceStatusRestServlet(ClientV1RestServlet):
        except Exception:
            raise SynapseError(400, "Unable to parse state")

-        yield self.presence_handler.set_state(user, state)
+        if self.hs.config.use_presence:
+            yield self.presence_handler.set_state(user, state)

        defer.returnValue((200, {}))

--- a/synapse/rest/client/v1/room.py
+++ b/synapse/rest/client/v1/room.py
@ -34,7 +34,7 @@ from synapse.http.servlet import (
    parse_string,
 )
 from synapse.streams.config import PaginationConfig
-from synapse.types import RoomAlias, RoomID, ThirdPartyInstanceID, UserID
+from synapse.types import RoomAlias, RoomID, StreamToken, ThirdPartyInstanceID, UserID

 from .base import ClientV1RestServlet, client_path_patterns

@ -384,15 +384,39 @@ class RoomMemberListRestServlet(ClientV1RestServlet):
    def on_GET(self, request, room_id):
        # TODO support Pagination stream API (limit/tokens)
        requester = yield self.auth.get_user_by_req(request)
-        events = yield self.message_handler.get_state_events(
+        handler = self.message_handler
+
+        # request the state as of a given event, as identified by a stream token,
+        # for consistency with /messages etc.
+        # useful for getting the membership in retrospect as of a given /sync
+        # response.
+        at_token_string = parse_string(request, "at")
+        if at_token_string is None:
+            at_token = None
+        else:
+            at_token = StreamToken.from_string(at_token_string)
+
+        # let you filter down on particular memberships.
+        # XXX: this may not be the best shape for this API - we could pass in a filter
+        # instead, except filters aren't currently aware of memberships.
+        # See https://github.com/matrix-org/matrix-doc/issues/1337 for more details.
+        membership = parse_string(request, "membership")
+        not_membership = parse_string(request, "not_membership")
+
+        events = yield handler.get_state_events(
            room_id=room_id,
            user_id=requester.user.to_string(),
+            at_token=at_token,
+            types=[(EventTypes.Member, None)],
        )

        chunk = []

        for event in events:
-            if event["type"] != EventTypes.Member:
+            if (
+                (membership and event['content'].get("membership") != membership) or
+                (not_membership and event['content'].get("membership") == not_membership)
+            ):
                continue
            chunk.append(event)

@ -401,6 +425,8 @@ class RoomMemberListRestServlet(ClientV1RestServlet):
        }))


+# deprecated in favour of /members?membership=join?
+# except it does custom AS logic and has a simpler return format
 class JoinedRoomMemberListRestServlet(ClientV1RestServlet):
    PATTERNS = client_path_patterns("/rooms/(?P<room_id>[^/]*)/joined_members$")

@ -505,7 +531,7 @@ class RoomEventServlet(ClientV1RestServlet):

    @defer.inlineCallbacks
    def on_GET(self, request, room_id, event_id):
-        requester = yield self.auth.get_user_by_req(request)
+        requester = yield self.auth.get_user_by_req(request, allow_guest=True)
        event = yield self.event_handler.get_event(requester.user, room_id, event_id)

        time_now = self.clock.time_msec()
--- a/synapse/rest/client/v1_only/register.py
+++ b/synapse/rest/client/v1_only/register.py
@ -129,12 +129,9 @@ class RegisterRestServlet(ClientV1RestServlet):
            login_type = register_json["type"]

            is_application_server = login_type == LoginType.APPLICATION_SERVICE
-            is_using_shared_secret = login_type == LoginType.SHARED_SECRET
-
            can_register = (
                self.enable_registration
                or is_application_server
-                or is_using_shared_secret
            )
            if not can_register:
                raise SynapseError(403, "Registration has been disabled")
@ -144,7 +141,6 @@ class RegisterRestServlet(ClientV1RestServlet):
                LoginType.PASSWORD: self._do_password,
                LoginType.EMAIL_IDENTITY: self._do_email_identity,
                LoginType.APPLICATION_SERVICE: self._do_app_service,
-                LoginType.SHARED_SECRET: self._do_shared_secret,
            }

            session_info = self._get_session_info(request, session)
@ -325,56 +321,6 @@ class RegisterRestServlet(ClientV1RestServlet):
            "home_server": self.hs.hostname,
        })

-    @defer.inlineCallbacks
-    def _do_shared_secret(self, request, register_json, session):
-        assert_params_in_dict(register_json, ["mac", "user", "password"])
-
-        if not self.hs.config.registration_shared_secret:
-            raise SynapseError(400, "Shared secret registration is not enabled")
-
-        user = register_json["user"].encode("utf-8")
-        password = register_json["password"].encode("utf-8")
-        admin = register_json.get("admin", None)
-
-        # Its important to check as we use null bytes as HMAC field separators
-        if b"\x00" in user:
-            raise SynapseError(400, "Invalid user")
-        if b"\x00" in password:
-            raise SynapseError(400, "Invalid password")
-
-        # str() because otherwise hmac complains that 'unicode' does not
-        # have the buffer interface
-        got_mac = str(register_json["mac"])
-
-        want_mac = hmac.new(
-            key=self.hs.config.registration_shared_secret.encode(),
-            digestmod=sha1,
-        )
-        want_mac.update(user)
-        want_mac.update(b"\x00")
-        want_mac.update(password)
-        want_mac.update(b"\x00")
-        want_mac.update(b"admin" if admin else b"notadmin")
-        want_mac = want_mac.hexdigest()
-
-        if compare_digest(want_mac, got_mac):
-            handler = self.handlers.registration_handler
-            user_id, token = yield handler.register(
-                localpart=user.lower(),
-                password=password,
-                admin=bool(admin),
-            )
-            self._remove_session(session)
-            defer.returnValue({
-                "user_id": user_id,
-                "access_token": token,
-                "home_server": self.hs.hostname,
-            })
-        else:
-            raise SynapseError(
-                403, "HMAC incorrect",
-            )
-

 class CreateUserRestServlet(ClientV1RestServlet):
    """Handles user creation via a server-to-server interface
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@ -209,10 +209,17 @@ class DeactivateAccountRestServlet(RestServlet):
        yield self.auth_handler.validate_user_via_ui_auth(
            requester, body, self.hs.get_ip_from_request(request),
        )
-        yield self._deactivate_account_handler.deactivate_account(
+        result = yield self._deactivate_account_handler.deactivate_account(
            requester.user.to_string(), erase,
        )
-        defer.returnValue((200, {}))
+        if result:
+            id_server_unbind_result = "success"
+        else:
+            id_server_unbind_result = "no-support"
+
+        defer.returnValue((200, {
+            "id_server_unbind_result": id_server_unbind_result,
+        }))


 class EmailThreepidRequestTokenRestServlet(RestServlet):
@ -364,7 +371,7 @@ class ThreepidDeleteRestServlet(RestServlet):
        user_id = requester.user.to_string()

        try:
-            yield self.auth_handler.delete_threepid(
+            ret = yield self.auth_handler.delete_threepid(
                user_id, body['medium'], body['address']
            )
        except Exception:
@ -374,7 +381,14 @@ class ThreepidDeleteRestServlet(RestServlet):
            logger.exception("Failed to remove threepid")
            raise SynapseError(500, "Failed to remove threepid")

-        defer.returnValue((200, {}))
+        if ret:
+            id_server_unbind_result = "success"
+        else:
+            id_server_unbind_result = "no-support"
+
+        defer.returnValue((200, {
+            "id_server_unbind_result": id_server_unbind_result,
+        }))


 class WhoamiRestServlet(RestServlet):
--- a/synapse/rest/client/v2_alpha/sync.py
+++ b/synapse/rest/client/v2_alpha/sync.py
@ -370,6 +370,7 @@ class SyncRestServlet(RestServlet):
            ephemeral_events = room.ephemeral
            result["ephemeral"] = {"events": ephemeral_events}
            result["unread_notifications"] = room.unread_notifications
+            result["summary"] = room.summary

        return result

--- a/synapse/rest/client/versions.py
+++ b/synapse/rest/client/versions.py
@ -27,11 +27,22 @@ class VersionsRestServlet(RestServlet):
    def on_GET(self, request):
        return (200, {
            "versions": [
+                # XXX: at some point we need to decide whether we need to include
+                # the previous version numbers, given we've defined r0.3.0 to be
+                # backwards compatible with r0.2.0.  But need to check how
+                # conscientious we've been in compatibility, and decide whether the
+                # middle number is the major revision when at 0.X.Y (as opposed to
+                # X.Y.Z).  And we need to decide whether it's fair to make clients
+                # parse the version string to figure out what's going on.
                "r0.0.1",
                "r0.1.0",
                "r0.2.0",
                "r0.3.0",
-            ]
+            ],
+            # as per MSC1497:
+            "unstable_features": {
+                "m.lazy_load_members": True,
+            }
        })