Add admin API for logging in as a user (#8617)

2025-05-02 22:14:55 -04:00 · 2020-11-17 10:51:25 +00:00 · 2020-11-17 10:51:25 +00:00 · f737368a26
commit f737368a26
parent 3dc1871219
25 changed files with 475 additions and 87 deletions
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@ -472,7 +472,7 @@ class EventCreationHandler:
        Returns:
            Tuple of created event, Context
        """
-        await self.auth.check_auth_blocking(requester.user.to_string())
+        await self.auth.check_auth_blocking(requester=requester)

        if event_dict["type"] == EventTypes.Create and event_dict["state_key"] == "":
            room_version = event_dict["content"]["room_version"]
@ -619,7 +619,13 @@ class EventCreationHandler:
        if requester.app_service is not None:
            return

-        user_id = requester.user.to_string()
+        user_id = requester.authenticated_entity
+        if not user_id.startswith("@"):
+            # The authenticated entity might not be a user, e.g. if it's the
+            # server puppetting the user.
+            return
+
+        user = UserID.from_string(user_id)

        # exempt the system notices user
        if (
@ -639,9 +645,7 @@ class EventCreationHandler:
        if u["consent_version"] == self.config.user_consent_version:
            return

-        consent_uri = self._consent_uri_builder.build_user_consent_uri(
-            requester.user.localpart
-        )
+        consent_uri = self._consent_uri_builder.build_user_consent_uri(user.localpart)
        msg = self._block_events_without_consent_error % {"consent_uri": consent_uri}
        raise ConsentNotGivenError(msg=msg, consent_uri=consent_uri)

@ -1252,7 +1256,7 @@ class EventCreationHandler:
        for user_id in members:
            if not self.hs.is_mine_id(user_id):
                continue
-            requester = create_requester(user_id)
+            requester = create_requester(user_id, authenticated_entity=self.server_name)
            try:
                event, context = await self.create_event(
                    requester,
@ -1273,11 +1277,6 @@ class EventCreationHandler:
                    requester, event, context, ratelimit=False, ignore_shadow_ban=True,
                )
                return True
-            except ConsentNotGivenError:
-                logger.info(
-                    "Failed to send dummy event into room %s for user %s due to "
-                    "lack of consent. Will try another user" % (room_id, user_id)
-                )
            except AuthError:
                logger.info(
                    "Failed to send dummy event into room %s for user %s due to "