From 969ed2e49d9a68dc8b84ac0543036ccf341e5df5 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Thu, 12 Apr 2018 18:20:51 +0100 Subject: [PATCH 01/14] add the register_mxid_from_3pid setting (untested) --- synapse/config/registration.py | 8 ++++++ synapse/rest/client/v2_alpha/register.py | 36 ++++++++++++++++++------ 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/synapse/config/registration.py b/synapse/config/registration.py index c5384b3ad..a3d752f09 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -34,6 +34,7 @@ class RegistrationConfig(Config): self.registrations_require_3pid = config.get("registrations_require_3pid", []) self.allowed_local_3pids = config.get("allowed_local_3pids", []) self.registration_shared_secret = config.get("registration_shared_secret") + self.register_mxid_from_3pid = config.get("register_mxid_from_3pid") self.bcrypt_rounds = config.get("bcrypt_rounds", 12) self.trusted_third_party_id_servers = config["trusted_third_party_id_servers"] @@ -60,6 +61,13 @@ class RegistrationConfig(Config): # - email # - msisdn + # Derive the user's matrix ID from a type of 3PID used when registering. + # This overrides any matrix ID the user proposes when calling /register + # The 3PID type should be present in registrations_require_3pid to avoid + # users failing to register if they don't specify the right kind of 3pid. + # + # register_mxid_from_3pid: email + # Mandate that users are only allowed to associate certain formats of # 3PIDs with accounts on this server. # diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index f317c919d..8c64229cf 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -297,13 +297,6 @@ class RegisterRestServlet(RestServlet): session_id, "registered_user_id", None ) - if desired_username is not None: - yield self.registration_handler.check_username( - desired_username, - guest_access_token=guest_access_token, - assigned_user_id=registered_user_id, - ) - # Only give msisdn flows if the x_show_msisdn flag is given: # this is a hack to work around the fact that clients were shipped # that use fallback registration if they see any flows that they don't @@ -376,6 +369,25 @@ class RegisterRestServlet(RestServlet): Codes.THREEPID_DENIED, ) + if self.hs.config.register_mxid_from_3pid: + # override the desired_username based on the 3PID if any. + # reset it first to avoid folks picking their own username. + desired_username = None + + # we should always have an auth_result if we're going to progress + # to register the user (i.e. we haven't picked up a registered_user_id) + # from our session store + if auth_result and self.hs.config.register_mxid_from_3pid in auth_result: + address = auth_result[login_type]['address'] + desired_username = address.lower() + + if desired_username is not None: + yield self.registration_handler.check_username( + desired_username, + guest_access_token=guest_access_token, + assigned_user_id=registered_user_id, + ) + if registered_user_id is not None: logger.info( "Already registered user ID %r for this session", @@ -390,10 +402,18 @@ class RegisterRestServlet(RestServlet): raise SynapseError(400, "Missing password.", Codes.MISSING_PARAM) - desired_username = params.get("username", None) + if not self.hs.config.register_mxid_from_3pid: + desired_username = params.get("username", None) + else: + # we keep the original desired_username derived from the 3pid above + pass + new_password = params.get("password", None) guest_access_token = params.get("guest_access_token", None) + # XXX: don't we need to validate these for length etc like we did on + # the ones from the JSON body earlier on in the method? + if desired_username is not None: desired_username = desired_username.lower() From 240e940c3fcc59e331f3af2b4b14b26741e9c3b1 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Thu, 12 Apr 2018 18:30:32 +0100 Subject: [PATCH 02/14] handle medium checks correctly --- synapse/rest/client/v2_alpha/register.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index 8c64229cf..41a13ece7 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -377,9 +377,18 @@ class RegisterRestServlet(RestServlet): # we should always have an auth_result if we're going to progress # to register the user (i.e. we haven't picked up a registered_user_id) # from our session store - if auth_result and self.hs.config.register_mxid_from_3pid in auth_result: - address = auth_result[login_type]['address'] - desired_username = address.lower() + if auth_result: + if ( + ( + self.hs.config.register_mxid_from_3pid == 'email' and + LoginType.EMAIL_IDENTITY in auth_result + ) or ( + self.hs.config.register_mxid_from_3pid == 'msisdn' and + LoginType.MSISDN in auth_result + ) + ): + address = auth_result[login_type]['address'] + desired_username = address.replace('@', '.').lower() if desired_username is not None: yield self.registration_handler.check_username( From b22a53e3579e6f93a4081b57ebc5ebca18e04ecd Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Tue, 17 Apr 2018 09:32:42 +0100 Subject: [PATCH 03/14] turn @'s to -'s rather than .'s --- synapse/rest/client/v2_alpha/register.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index 41a13ece7..9ada3ca5c 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -388,7 +388,7 @@ class RegisterRestServlet(RestServlet): ) ): address = auth_result[login_type]['address'] - desired_username = address.replace('@', '.').lower() + desired_username = address.replace('@', '-').lower() if desired_username is not None: yield self.registration_handler.check_username( From 32e4420a6678f1cfa4a3e488cff2d219ca326950 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Thu, 3 May 2018 04:20:25 +0100 Subject: [PATCH 04/14] improve mxid & displayname selection for register_mxid_from_3pid * [x] strip invalid characters from generated mxid * [x] append numbers to disambiguate clashing mxids * [x] generate displayanames from 3pids using a dodgy heuristic * [x] get rid of the create_profile_with_localpart and instead explicitly set displaynames so they propagate correctly --- synapse/handlers/profile.py | 2 +- synapse/handlers/register.py | 45 ++++++++++++++------- synapse/rest/client/v2_alpha/register.py | 50 +++++++++++++++++++++--- synapse/storage/registration.py | 14 +------ synapse/types.py | 12 ++++++ 5 files changed, 90 insertions(+), 33 deletions(-) diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py index 7c5591056..b9898733d 100644 --- a/synapse/handlers/profile.py +++ b/synapse/handlers/profile.py @@ -208,7 +208,7 @@ class ProfileHandler(BaseHandler): @defer.inlineCallbacks def set_displayname(self, target_user, requester, new_displayname, by_admin=False): """target_user is the user whose displayname is to be changed; - auth_user is the user attempting to make this change.""" + requester is the user attempting to make this change.""" if not self.hs.is_mine(target_user): raise SynapseError(400, "User is not hosted on this Home Server") diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 5da03e0a0..9a1af53df 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -113,6 +113,7 @@ class RegistrationHandler(BaseHandler): generate_token=True, guest_access_token=None, make_guest=False, + display_name=None, admin=False, ): """Registers a new client on the server. @@ -128,6 +129,7 @@ class RegistrationHandler(BaseHandler): since it offers no means of associating a device_id with the access_token. Instead you should call auth_handler.issue_access_token after registration. + display_name (str): The displayname to set for this user, if any Returns: A tuple of (user_id, access_token). Raises: @@ -165,13 +167,20 @@ class RegistrationHandler(BaseHandler): password_hash=password_hash, was_guest=was_guest, make_guest=make_guest, - create_profile_with_localpart=( - # If the user was a guest then they already have a profile - None if was_guest else user.localpart - ), admin=admin, ) + if display_name is not None: + display_name = ( + # If the user was a guest then they already have a profile + None if was_guest else user.localpart + ) + + if display_name: + yield self.profile_handler.set_displayname( + user_id, user_id, display_name, by_admin=True, + ) + if self.hs.config.user_directory_search_all_users: profile = yield self.store.get_profileinfo(localpart) yield self.user_directory_handler.handle_local_profile_change( @@ -196,8 +205,12 @@ class RegistrationHandler(BaseHandler): token=token, password_hash=password_hash, make_guest=make_guest, - create_profile_with_localpart=user.localpart, ) + + yield self.profile_handler.set_displayname( + user_id, user_id, user.localpart, by_admin=True, + ) + except SynapseError: # if user id is taken, just generate another user = None @@ -241,8 +254,12 @@ class RegistrationHandler(BaseHandler): user_id=user_id, password_hash="", appservice_id=service_id, - create_profile_with_localpart=user.localpart, ) + + yield self.profile_handler.set_displayname( + user_id, user_id, user.localpart, by_admin=True, + ) + defer.returnValue(user_id) @defer.inlineCallbacks @@ -288,7 +305,10 @@ class RegistrationHandler(BaseHandler): user_id=user_id, token=token, password_hash=None, - create_profile_with_localpart=user.localpart, + ) + + yield self.profile_handler.set_displayname( + user_id, user_id, user.localpart, by_admin=True, ) except Exception as e: yield self.store.add_access_token_to_user(user_id, token) @@ -443,18 +463,15 @@ class RegistrationHandler(BaseHandler): user_id=user_id, token=token, password_hash=password_hash, - create_profile_with_localpart=user.localpart, ) + if displayname is not None: + yield self.profile_handler.set_displayname( + user_id, user_id, displayname, by_admin=True, + ) else: yield self._auth_handler.delete_access_tokens_for_user(user_id) yield self.store.add_access_token_to_user(user_id=user_id, token=token) - if displayname is not None: - logger.info("setting user display name: %s -> %s", user_id, displayname) - yield self.profile_handler.set_displayname( - user, requester, displayname, by_admin=True, - ) - defer.returnValue((user_id, token)) def auth_handler(self): diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index 9171dcee0..7dc0cea07 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -17,7 +17,7 @@ from twisted.internet import defer import synapse -import synapse.types +from synapse import types from synapse.api.auth import get_access_token_from_request, has_access_token from synapse.api.constants import LoginType from synapse.api.errors import SynapseError, Codes, UnrecognizedRequestError @@ -31,6 +31,8 @@ from ._base import client_v2_patterns, interactive_auth_handler import logging import hmac +import re +from string import capwords from hashlib import sha1 from synapse.util.async import run_on_reactor from synapse.util.ratelimitutils import FederationRateLimiter @@ -222,6 +224,8 @@ class RegisterRestServlet(RestServlet): raise SynapseError(400, "Invalid username") desired_username = body['username'] + desired_display_name = None + appservice = None if has_access_token(request): appservice = yield self.auth.get_appservice_by_req(request) @@ -374,9 +378,10 @@ class RegisterRestServlet(RestServlet): # reset it first to avoid folks picking their own username. desired_username = None - # we should always have an auth_result if we're going to progress - # to register the user (i.e. we haven't picked up a registered_user_id) - # from our session store + # we should have an auth_result at this point if we're going to progress + # to register the user (i.e. we haven't picked up a registered_user_id + # from our session store), in which case get ready and gen the + # desired_username if auth_result: if ( ( @@ -388,7 +393,41 @@ class RegisterRestServlet(RestServlet): ) ): address = auth_result[login_type]['address'] - desired_username = address.replace('@', '-').lower() + desired_username = types.strip_invalid_mxid_characters( + address.replace('@', '-').lower() + ) + + # find a unique mxid for the account, suffixing numbers + # if needed + while True: + try: + yield self.registration_handler.check_username( + desired_username, + guest_access_token=guest_access_token, + assigned_user_id=registered_user_id, + ) + # if we got this far we passed the check. + break + except SynapseError as e: + if e.errcode == Codes.USER_IN_USE: + m = re.match(r'^(.*)(\d+)$', desired_username) + if m: + desired_username = m.group(1) + str( + int(m.group(2)) + 1 + ) + else: + desired_username += "1" + else: + # something else went wrong. + break + + # XXX: a nasty heuristic to turn an email address into + # a displayname, as part of register_mxid_from_3pid + parts = address.replace('.', ' ').split('@') + desired_display_name = ( + capwords(parts[0]) + + " [" + capwords(parts[1].split(' ')[0]) + "]" + ) if desired_username is not None: yield self.registration_handler.check_username( @@ -431,6 +470,7 @@ class RegisterRestServlet(RestServlet): password=new_password, guest_access_token=guest_access_token, generate_token=False, + display_name=desired_display_name, ) # remember that we've now registered that user account, and with diff --git a/synapse/storage/registration.py b/synapse/storage/registration.py index 6b557ca0c..384c9977c 100644 --- a/synapse/storage/registration.py +++ b/synapse/storage/registration.py @@ -128,7 +128,7 @@ class RegistrationStore(RegistrationWorkerStore, def register(self, user_id, token=None, password_hash=None, was_guest=False, make_guest=False, appservice_id=None, - create_profile_with_localpart=None, admin=False): + admin=False): """Attempts to register an account. Args: @@ -142,8 +142,6 @@ class RegistrationStore(RegistrationWorkerStore, make_guest (boolean): True if the the new user should be guest, false to add a regular user account. appservice_id (str): The ID of the appservice registering the user. - create_profile_with_localpart (str): Optionally create a profile for - the given localpart. Raises: StoreError if the user_id could not be registered. """ @@ -156,7 +154,6 @@ class RegistrationStore(RegistrationWorkerStore, was_guest, make_guest, appservice_id, - create_profile_with_localpart, admin ) @@ -169,7 +166,6 @@ class RegistrationStore(RegistrationWorkerStore, was_guest, make_guest, appservice_id, - create_profile_with_localpart, admin, ): now = int(self.clock.time()) @@ -234,14 +230,6 @@ class RegistrationStore(RegistrationWorkerStore, (next_id, user_id, token,) ) - if create_profile_with_localpart: - # set a default displayname serverside to avoid ugly race - # between auto-joins and clients trying to set displaynames - txn.execute( - "INSERT INTO profiles(user_id, displayname) VALUES (?,?)", - (create_profile_with_localpart, create_profile_with_localpart) - ) - self._invalidate_cache_and_stream( txn, self.get_user_by_id, (user_id,) ) diff --git a/synapse/types.py b/synapse/types.py index cc7c182a7..46be4a071 100644 --- a/synapse/types.py +++ b/synapse/types.py @@ -229,6 +229,18 @@ def contains_invalid_mxid_characters(localpart): return any(c not in mxid_localpart_allowed_characters for c in localpart) +def strip_invalid_mxid_characters(localpart): + """Removes any invalid characters from an mxid + + Args: + localpart (basestring): the localpart to be stripped + + Returns: + localpart (basestring): the localpart having been stripped + """ + return filter(lambda c: c not in mxid_localpart_allowed_characters, localpart) + + class StreamToken( namedtuple("Token", ( "room_key", From 29921255618b882dfccb2645150a487c822ce8cc Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Thu, 3 May 2018 17:52:46 +0100 Subject: [PATCH 05/14] special case msisdns when deriving mxids from 3pids --- synapse/rest/client/v2_alpha/register.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index 7dc0cea07..b5704a39d 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -384,13 +384,8 @@ class RegisterRestServlet(RestServlet): # desired_username if auth_result: if ( - ( - self.hs.config.register_mxid_from_3pid == 'email' and - LoginType.EMAIL_IDENTITY in auth_result - ) or ( - self.hs.config.register_mxid_from_3pid == 'msisdn' and - LoginType.MSISDN in auth_result - ) + self.hs.config.register_mxid_from_3pid == 'email' and + LoginType.EMAIL_IDENTITY in auth_result ): address = auth_result[login_type]['address'] desired_username = types.strip_invalid_mxid_characters( @@ -428,6 +423,15 @@ class RegisterRestServlet(RestServlet): capwords(parts[0]) + " [" + capwords(parts[1].split(' ')[0]) + "]" ) + elif ( + self.hs.config.register_mxid_from_3pid == 'msisdn' and + LoginType.MSISDN in auth_result + ): + desired_username = auth_result[login_type]['address'] + else: + raise SynapseError( + 400, "Cannot derive mxid from 3pid; no recognised 3pid" + ) if desired_username is not None: yield self.registration_handler.check_username( From 5c74ab406445e2dca677b65d8545aeed2a79c4ae Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 00:53:56 +0100 Subject: [PATCH 06/14] fix user_id / user confusion --- synapse/handlers/register.py | 10 +++++----- synapse/types.py | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 9a1af53df..14031cea4 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -178,7 +178,7 @@ class RegistrationHandler(BaseHandler): if display_name: yield self.profile_handler.set_displayname( - user_id, user_id, display_name, by_admin=True, + user, user, display_name, by_admin=True, ) if self.hs.config.user_directory_search_all_users: @@ -208,7 +208,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user_id, user_id, user.localpart, by_admin=True, + user, user, user.localpart, by_admin=True, ) except SynapseError: @@ -257,7 +257,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user_id, user_id, user.localpart, by_admin=True, + user, user, user.localpart, by_admin=True, ) defer.returnValue(user_id) @@ -308,7 +308,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user_id, user_id, user.localpart, by_admin=True, + user, user, user.localpart, by_admin=True, ) except Exception as e: yield self.store.add_access_token_to_user(user_id, token) @@ -466,7 +466,7 @@ class RegistrationHandler(BaseHandler): ) if displayname is not None: yield self.profile_handler.set_displayname( - user_id, user_id, displayname, by_admin=True, + user, user, displayname, by_admin=True, ) else: yield self._auth_handler.delete_access_tokens_for_user(user_id) diff --git a/synapse/types.py b/synapse/types.py index 46be4a071..00e6e1c36 100644 --- a/synapse/types.py +++ b/synapse/types.py @@ -238,7 +238,7 @@ def strip_invalid_mxid_characters(localpart): Returns: localpart (basestring): the localpart having been stripped """ - return filter(lambda c: c not in mxid_localpart_allowed_characters, localpart) + return filter(lambda c: c in mxid_localpart_allowed_characters, localpart) class StreamToken( From 41b987cbc55299144b84b8ab1e08166b74bb27f6 Mon Sep 17 00:00:00 2001 From: Matrix Date: Thu, 3 May 2018 23:27:34 +0000 Subject: [PATCH 07/14] unbreak 3pid deletion --- synapse/rest/client/v2_alpha/account.py | 1 + 1 file changed, 1 insertion(+) diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py index 3738ad437..063d4f82f 100644 --- a/synapse/rest/client/v2_alpha/account.py +++ b/synapse/rest/client/v2_alpha/account.py @@ -363,6 +363,7 @@ class ThreepidDeleteRestServlet(RestServlet): def __init__(self, hs): super(ThreepidDeleteRestServlet, self).__init__() + self.hs = hs self.auth = hs.get_auth() self.auth_handler = hs.get_auth_handler() From 907a62df286eb013eb6475b1c47f285a7e5750e1 Mon Sep 17 00:00:00 2001 From: Matrix Date: Thu, 3 May 2018 23:54:20 +0000 Subject: [PATCH 08/14] fix strip_invalid_mxid_characters --- synapse/rest/client/v2_alpha/register.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index b5704a39d..36676c9fa 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -387,7 +387,7 @@ class RegisterRestServlet(RestServlet): self.hs.config.register_mxid_from_3pid == 'email' and LoginType.EMAIL_IDENTITY in auth_result ): - address = auth_result[login_type]['address'] + address = auth_result[LoginType.EMAIL_IDENTITY]['address'] desired_username = types.strip_invalid_mxid_characters( address.replace('@', '-').lower() ) @@ -427,7 +427,7 @@ class RegisterRestServlet(RestServlet): self.hs.config.register_mxid_from_3pid == 'msisdn' and LoginType.MSISDN in auth_result ): - desired_username = auth_result[login_type]['address'] + desired_username = auth_result[LoginType.MSISDN]['address'] else: raise SynapseError( 400, "Cannot derive mxid from 3pid; no recognised 3pid" From debf04556bcf7b156d9a5e94311e2c03185e6cea Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 01:15:15 +0100 Subject: [PATCH 09/14] fix user in user regexp --- synapse/rest/client/v2_alpha/register.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index 36676c9fa..31554e787 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -405,7 +405,7 @@ class RegisterRestServlet(RestServlet): break except SynapseError as e: if e.errcode == Codes.USER_IN_USE: - m = re.match(r'^(.*)(\d+)$', desired_username) + m = re.match(r'^(.*?)(\d+)$', desired_username) if m: desired_username = m.group(1) + str( int(m.group(2)) + 1 From fb47ce3e6af06c36bd8c430d79801307814d5909 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 01:46:26 +0100 Subject: [PATCH 10/14] make set_profile_* an upsert rather than update, now create_profile is gone --- synapse/storage/profile.py | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/synapse/storage/profile.py b/synapse/storage/profile.py index fcf3af7e5..da1db0eba 100644 --- a/synapse/storage/profile.py +++ b/synapse/storage/profile.py @@ -125,33 +125,28 @@ class ProfileWorkerStore(SQLBaseStore): class ProfileStore(ProfileWorkerStore): - def create_profile(self, user_localpart): - return self._simple_insert( - table="profiles", - values={"user_id": user_localpart}, - desc="create_profile", - ) - def set_profile_displayname(self, user_localpart, new_displayname, batchnum): - return self._simple_update_one( + return self._simple_upsert( table="profiles", keyvalues={"user_id": user_localpart}, - updatevalues={ + values={ "displayname": new_displayname, "batch": batchnum, }, desc="set_profile_displayname", + lock=False # we can do this because user_id has a unique index ) def set_profile_avatar_url(self, user_localpart, new_avatar_url, batchnum): - return self._simple_update_one( + return self._simple_upsert( table="profiles", keyvalues={"user_id": user_localpart}, - updatevalues={ + values={ "avatar_url": new_avatar_url, "batch": batchnum, }, desc="set_profile_avatar_url", + lock=False # we can do this because user_id has a unique index ) def add_remote_profile_cache(self, user_id, displayname, avatar_url): From b3e346f40c00268f4b9cf7e9d2b26b4864d17412 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 01:56:01 +0100 Subject: [PATCH 11/14] don't pass a requester if we don't have one to set_displayname --- synapse/handlers/profile.py | 9 +++++---- synapse/handlers/register.py | 10 +++++----- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py index 94bd5347a..a9c76f323 100644 --- a/synapse/handlers/profile.py +++ b/synapse/handlers/profile.py @@ -207,12 +207,12 @@ class ProfileHandler(BaseHandler): @defer.inlineCallbacks def set_displayname(self, target_user, requester, new_displayname, by_admin=False): - """target_user is the user whose displayname is to be changed; - requester is the user attempting to make this change.""" + """target_user is the UserID whose displayname is to be changed; + requester is the authenticated user attempting to make this change.""" if not self.hs.is_mine(target_user): raise SynapseError(400, "User is not hosted on this Home Server") - if not by_admin and target_user != requester.user: + if not by_admin and requester and target_user != requester.user: raise AuthError(400, "Cannot set another user's displayname") if not by_admin and self.hs.config.disable_set_displayname: @@ -239,7 +239,8 @@ class ProfileHandler(BaseHandler): target_user.to_string(), profile ) - yield self._update_join_states(requester, target_user) + if requester: + yield self._update_join_states(requester, target_user) # start a profile replication push run_in_background(self._replicate_profiles) diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 14031cea4..e308fcbb4 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -178,7 +178,7 @@ class RegistrationHandler(BaseHandler): if display_name: yield self.profile_handler.set_displayname( - user, user, display_name, by_admin=True, + user, None, display_name, by_admin=True, ) if self.hs.config.user_directory_search_all_users: @@ -208,7 +208,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user, user, user.localpart, by_admin=True, + user, None, user.localpart, by_admin=True, ) except SynapseError: @@ -257,7 +257,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user, user, user.localpart, by_admin=True, + user, None, user.localpart, by_admin=True, ) defer.returnValue(user_id) @@ -308,7 +308,7 @@ class RegistrationHandler(BaseHandler): ) yield self.profile_handler.set_displayname( - user, user, user.localpart, by_admin=True, + user, None, user.localpart, by_admin=True, ) except Exception as e: yield self.store.add_access_token_to_user(user_id, token) @@ -466,7 +466,7 @@ class RegistrationHandler(BaseHandler): ) if displayname is not None: yield self.profile_handler.set_displayname( - user, user, displayname, by_admin=True, + user, None, displayname, by_admin=True, ) else: yield self._auth_handler.delete_access_tokens_for_user(user_id) From 6372dff771413c2b9cd5648cbb6de01a679ef801 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 01:58:45 +0100 Subject: [PATCH 12/14] remove create_profile from tests --- tests/handlers/test_profile.py | 2 -- tests/storage/test_profile.py | 8 -------- 2 files changed, 10 deletions(-) diff --git a/tests/handlers/test_profile.py b/tests/handlers/test_profile.py index 8646c4e43..b898f9dc2 100644 --- a/tests/handlers/test_profile.py +++ b/tests/handlers/test_profile.py @@ -68,8 +68,6 @@ class ProfileTestCase(unittest.TestCase): self.bob = UserID.from_string("@4567:test") self.alice = UserID.from_string("@alice:remote") - yield self.store.create_profile(self.frank.localpart) - self.handler = hs.get_profile_handler() @defer.inlineCallbacks diff --git a/tests/storage/test_profile.py b/tests/storage/test_profile.py index 1bfabc15a..d17319578 100644 --- a/tests/storage/test_profile.py +++ b/tests/storage/test_profile.py @@ -35,10 +35,6 @@ class ProfileStoreTestCase(unittest.TestCase): @defer.inlineCallbacks def test_displayname(self): - yield self.store.create_profile( - self.u_frank.localpart - ) - yield self.store.set_profile_displayname( self.u_frank.localpart, "Frank", 1, ) @@ -50,10 +46,6 @@ class ProfileStoreTestCase(unittest.TestCase): @defer.inlineCallbacks def test_avatar_url(self): - yield self.store.create_profile( - self.u_frank.localpart - ) - yield self.store.set_profile_avatar_url( self.u_frank.localpart, "http://my.site/here", 1, ) From 9f2fd29c14616b64a07495a74847004e683ead73 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 02:11:22 +0100 Subject: [PATCH 13/14] fix double negative --- synapse/handlers/register.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index e308fcbb4..523cb6753 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -170,7 +170,7 @@ class RegistrationHandler(BaseHandler): admin=admin, ) - if display_name is not None: + if display_name is None: display_name = ( # If the user was a guest then they already have a profile None if was_guest else user.localpart From 0783801659d276304bcc2f47379370a0326f7a94 Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Fri, 4 May 2018 02:18:01 +0100 Subject: [PATCH 14/14] unbreak tests --- tests/handlers/test_profile.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/handlers/test_profile.py b/tests/handlers/test_profile.py index b898f9dc2..b2fd4b9af 100644 --- a/tests/handlers/test_profile.py +++ b/tests/handlers/test_profile.py @@ -121,7 +121,6 @@ class ProfileTestCase(unittest.TestCase): @defer.inlineCallbacks def test_incoming_fed_query(self): - yield self.store.create_profile("caroline") yield self.store.set_profile_displayname("caroline", "Caroline", 1) response = yield self.query_handlers["profile"](