Richard van der Hoff
e508145c9b
Add some more comments appservice user registration
...
Explain why we don't validate userids registered via app services
2017-11-10 12:39:45 +00:00
Richard van der Hoff
e0ebd1e4bd
Downcase userids for shared-secret registration
2017-11-10 12:39:05 +00:00
Richard van der Hoff
9b599bc18d
Downcase userid on registration
...
Force username to lowercase before attempting to register
https://github.com/matrix-org/synapse/issues/2660
2017-11-09 22:20:01 +00:00
Erik Johnston
4e2b2508af
Register group servlet
2017-11-09 15:49:42 +00:00
Erik Johnston
e8814410ef
Have an explicit API to update room config
2017-11-08 16:13:27 +00:00
Erik Johnston
94ff2cda73
Revert "Modify group room association API to allow modification of is_public"
2017-11-08 15:43:34 +00:00
Richard van der Hoff
6c3a02072b
support inhibit_login in /register
...
Allow things to pass inhibit_login when registering to ... inhibit logins.
2017-11-02 16:31:07 +00:00
David Baker
4f0488b307
Merge remote-tracking branch 'origin/develop' into rav/refactor_accesstoken_delete
2017-11-01 16:20:19 +00:00
David Baker
e5e930aec3
Merge pull request #2615 from matrix-org/rav/break_auth_device_dep
...
Break dependency of auth_handler on device_handler
2017-11-01 16:06:31 +00:00
Richard van der Hoff
dd13310fb8
Move access token deletion into auth handler
...
Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.
2017-11-01 15:46:22 +00:00
Richard van der Hoff
74c56f794c
Break dependency of auth_handler on device_handler
...
I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.
It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up.
2017-11-01 10:27:06 +00:00
Luke Barnard
20fe347906
Modify group room association API to allow modification of is_public
...
also includes renamings to make things more consistent.
2017-10-31 17:04:28 +00:00
Richard van der Hoff
4d83632009
Merge pull request #2591 from matrix-org/rav/device_delete_auth
...
Device deletion: check UI auth matches access token
2017-10-27 12:30:10 +01:00
Richard van der Hoff
110b373e9c
Merge pull request #2589 from matrix-org/rav/as_deactivate_account
...
Allow ASes to deactivate their own users
2017-10-27 12:29:32 +01:00
Luke Barnard
d8c26162a1
Merge pull request #2582 from matrix-org/luke/group-is-public
...
Add is_public to groups table to allow for private groups
2017-10-27 11:41:13 +01:00
Richard van der Hoff
7a6546228b
Device deletion: check UI auth matches access token
...
(otherwise there's no point in the UI auth)
2017-10-27 00:04:31 +01:00
Richard van der Hoff
785bd7fd75
Allow ASes to deactivate their own users
2017-10-27 00:01:00 +01:00
Luke Barnard
595fe67f01
delint
2017-10-26 17:20:24 +01:00
Luke Barnard
9b2feef9eb
Add is_public to groups table to allow for private groups
...
Prevent group API access to non-members for private groups
Also make all the group code paths consistent with `requester_user_id` always being the User ID of the requesting user.
2017-10-26 16:51:32 +01:00
Krombel
8299b323ee
add release endpoints for /thirdparty
2017-10-26 16:58:20 +02:00
Krombel
9b436c8b4c
register some /unstable endpoints in /r0 as well
2017-10-26 15:22:50 +02:00
Richard van der Hoff
eaaabc6c4f
replace 'except:' with 'except Exception:'
...
what could possibly go wrong
2017-10-23 15:52:32 +01:00
Richard van der Hoff
631d7b87b5
Remove pointless create() method
...
It just calls the constructor, so we may as well kill it rather than having
random codepaths.
2017-10-20 22:14:55 +01:00
David Baker
4e242b3e20
Merge pull request #2545 from matrix-org/dbkr/auto_join_rooms
...
Add config option to auto-join new users to rooms
2017-10-17 11:45:49 +01:00
David Baker
c05e6015cc
Add config option to auto-join new users to rooms
...
New users who register on the server will be dumped into all rooms in
auto_join_rooms in the config.
2017-10-16 17:57:27 +01:00
Luke Barnard
85f5674e44
Delint
2017-10-16 15:52:17 +01:00
Luke Barnard
2c5972f87f
Implement GET /groups/$groupId/invited_users
2017-10-16 15:31:11 +01:00
Erik Johnston
17b8e2bd02
Add remove room API
2017-09-26 15:52:41 +01:00
Erik Johnston
b5feaa5a49
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/groups_merged
2017-09-19 11:07:45 +01:00
Erik Johnston
69ef4987a6
Add left section to /keys/changes
2017-09-08 14:44:36 +01:00
Erik Johnston
53cc8ad35a
Send down device list change notif when member leaves/rejoins room
2017-09-07 15:08:39 +01:00
Erik Johnston
ba3ff7918b
Fixup
2017-08-11 13:42:42 +01:00
Erik Johnston
ef8e578677
Add bulk group publicised lookup API
2017-08-09 13:36:22 +01:00
Erik Johnston
b880ff190a
Allow update group publicity
2017-08-08 14:19:41 +01:00
Erik Johnston
09552f9d9c
Reduce spammy log line in synchrotrons
2017-08-02 17:29:51 +01:00
Erik Johnston
96917d5552
Merge pull request #2378 from matrix-org/erikj/group_sync_support
...
Add groups to sync stream
2017-07-21 11:05:39 +01:00
Erik Johnston
b238cf7f6b
Remove spurious content param
2017-07-20 17:49:55 +01:00
Erik Johnston
c544188ee3
Add groups to sync stream
2017-07-20 16:36:42 +01:00
Erik Johnston
6f443a74cf
Add update group profile API
2017-07-20 09:46:33 +01:00
Erik Johnston
14a34f12d7
Comments
2017-07-18 17:28:42 +01:00
Erik Johnston
3431ec55dc
Comments
2017-07-18 17:23:50 +01:00
Erik Johnston
2f9eafdd36
Add local group server support
2017-07-17 12:03:49 +01:00
Krombel
85b9f76f1d
split out reducing stuff; just make encode_* static
2017-07-11 13:14:35 +02:00
Krombel
2f82de18ee
fix test
2017-07-10 17:34:58 +02:00
Krombel
6e16aca8b0
encode sync-response statically; omit empty objects from sync-response
2017-07-10 16:42:17 +02:00
Erik Johnston
a9d6fa8b2b
Include users who share room with requester in user directory
2017-06-15 10:17:21 +01:00
Erik Johnston
63fda37e20
Add comments
2017-05-31 15:00:29 +01:00
Erik Johnston
535c99f157
Use POST
2017-05-31 14:15:45 +01:00
Erik Johnston
45a5df5914
Add REST API
2017-05-31 14:11:55 +01:00
Erik Johnston
b4f59c7e27
Add count of one time keys to sync stream
2017-05-19 15:47:55 +01:00
Pablo Saavedra
224137fcf9
Fixed syntax nits
2017-05-15 16:21:02 +02:00
Pablo Saavedra
627e6ea2b0
Fixed implementation errors
...
* Added HS as property in SyncRestServlet
* Fixed set_timeline_upper_limit function implementat¡ion
2017-05-15 14:51:43 +02:00
Pablo Saavedra
9da4316ca5
Configurable maximum number of events requested by /sync and /messages ( #2220 )
...
Set the limit on the returned events in the timeline in the get and sync
operations. The default value is -1, means no upper limit.
For example, using `filter_timeline_limit: 5000`:
POST /_matrix/client/r0/user/user:id/filter
{
room: {
timeline: {
limit: 1000000000000000000
}
}
}
GET /_matrix/client/r0/user/user:id/filter/filter:id
{
room: {
timeline: {
limit: 5000
}
}
}
The server cuts down the room.timeline.limit.
2017-05-13 18:17:54 +02:00
Luke Barnard
369195caa5
Modify register/available to be GET with query param
...
- GET is now the method for register/available
- a query parameter "username" is now used
Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
2017-05-10 17:23:55 +01:00
Luke Barnard
f7278e612e
Change register/available to POST (from GET)
2017-05-10 11:40:18 +01:00
Luke Barnard
3669065466
Appease the flake8 gods
2017-05-03 18:05:49 +01:00
Luke Barnard
34ed4f4206
Implement username availability checker
...
Outlined here: https://github.com/vector-im/riot-web/issues/3605#issuecomment-298679388
```HTTP
GET /_matrix/.../register/available
{
"username": "desiredlocalpart123"
}
```
If available, the response looks like
```HTTP
HTTP/1.1 200 OK
{
"available": true
}
```
Otherwise,
```HTTP
HTTP/1.1 429
{
"errcode": "M_LIMIT_EXCEEDED",
"error": "Too Many Requests",
"retry_after_ms": 2000
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_USER_IN_USE",
"error": "User ID already taken."
}
```
or
```HTTP
HTTP/1.1 400
{
"errcode": "M_INVALID_USERNAME",
"error": "Some reason for username being invalid"
}
```
2017-05-03 12:04:12 +01:00
Erik Johnston
46826bb078
Comment and remove spurious logging
2017-04-27 17:25:44 +01:00
Erik Johnston
34e682d385
Fix invite state to always include all events
2017-04-26 16:18:08 +01:00
Luke Barnard
3fb8784c92
m.read_marker -> m.fully_read ( #2128 )
...
Also:
- change the REST endpoint to have a "S" on the end (so it's now /read_markers)
- change the content of the m.read_up_to event to have the key "event_id" instead of "marker".
2017-04-18 17:46:15 +01:00
Luke Barnard
cf6121e3da
More null-guard changes
2017-04-12 14:02:03 +01:00
Luke Barnard
c0aba0a23e
Remove Unused ref to hs
2017-04-12 10:52:11 +01:00
Luke Barnard
b9676a75f6
Move a space
2017-04-12 10:51:17 +01:00
Luke Barnard
0127423027
flake8
2017-04-11 17:07:07 +01:00
Luke Barnard
d892079844
Finish implementing RM endpoint
...
- This change causes a 405 to be sent if "m.read_marker" is set via /account_data
- This also fixes-up the RM endpoint so that it actually Works.
2017-04-11 15:01:39 +01:00
lukebarnard
e263c26690
Initial commit of RM server-side impl
...
(See https://docs.google.com/document/d/1UWqdS-e1sdwkLDUY0wA4gZyIkRp-ekjsLZ8k6g_Zvso/edit#heading=h.lndohpg8at5u )
2017-04-11 11:55:30 +01:00
Erik Johnston
2a06b44be2
Merge pull request #1986 from matrix-org/matthew/enable_guest_3p
...
enable guest access for the 3pl/3pid APIs
2017-03-31 14:36:03 +01:00
Matthew Hodgson
9ee397b440
switch to allow_guest=True for authing 3Ps as per PR feedback
2017-03-31 13:54:26 +01:00
Richard van der Hoff
01fc847f7f
Merge pull request #2057 from matrix-org/rav/missing_yield_2
...
Add another missing yield on check_device_registered
2017-03-24 12:46:43 +00:00
Richard van der Hoff
13c8749ac9
Add another missing yield on check_device_registered
2017-03-23 22:18:53 +00:00
David Baker
a2dfab12c5
Fix token request for addition of phone numbers
2017-03-23 18:46:17 +00:00
Erik Johnston
a297155a97
Remove unused import
2017-03-15 14:49:25 +00:00
Erik Johnston
6c82de5100
Format presence events on the edges instead of reformatting them multiple times
2017-03-15 14:27:34 +00:00
Erik Johnston
7827251daf
Merge pull request #1994 from matrix-org/dbkr/msisdn_signin_2
...
Phone number registration / login support v2
2017-03-15 09:59:54 +00:00
David Baker
7b6ed9871e
Use extend instead of +=
2017-03-14 10:49:55 +00:00
David Baker
d79a687d85
Oops, remove print
2017-03-14 10:40:20 +00:00
Luke Barnard
bbeeb97f75
Implement _simple_delete_many_txn, use it to delete devices
...
(But this doesn't implement the same for deleting access tokens or e2e keys.
Also respond to code review.
2017-03-13 17:53:23 +00:00
David Baker
0a9945220e
Fix registration for broken clients
...
Only offer msisdn flows if the x_show_msisdn option is given.
2017-03-13 17:29:38 +00:00
David Baker
73a5f06652
Support registration / login with phone number
...
Changes from https://github.com/matrix-org/synapse/pull/1971
2017-03-13 17:27:51 +00:00
Luke Barnard
c077c3277b
Flake
2017-03-13 16:45:38 +00:00
Luke Barnard
c81f33f73d
Implement delete_devices API
...
This implements the proposal here https://docs.google.com/document/d/1C-25Gqz3TXy2jIAoeOKxpNtmme0jI4g3yFGqv5GlAAk for deleting multiple devices at once in a single request.
2017-03-13 16:33:51 +00:00
Erik Johnston
7eae6eaa2f
Revert "Support registration & login with phone number"
2017-03-13 09:59:33 +00:00
Matthew Hodgson
a61dd408ed
enable guest access for the 3pl/3pid APIs
2017-03-12 19:30:45 +00:00
David Baker
ece7e00048
Comment when our 3pids would be incomplete
2017-03-08 19:07:18 +00:00
David Baker
d4d3629aaf
Better error message
2017-03-08 17:01:26 +00:00
David Baker
1c99934b28
pep8
2017-03-08 11:58:20 +00:00
David Baker
85bb322333
Pull out datastore in initialiser
2017-03-08 11:51:25 +00:00
David Baker
65d43f3ca5
Minor fixes from PR feedback
2017-03-08 11:48:43 +00:00
David Baker
82c5e7de25
Typos
2017-03-08 11:42:44 +00:00
David Baker
2e27339add
Refector out assert_params_in_request
...
and replace requestEmailToken where we meant requestMsisdnToken
2017-03-08 11:37:34 +00:00
David Baker
88df6c0c9a
Factor out msisdn canonicalisation
...
Plus a couple of other minor fixes
2017-03-08 11:03:39 +00:00
David Baker
402a7bf63d
Fix pep8
2017-03-08 09:33:40 +00:00
David Baker
b0effa2160
Add msisdns as 3pids during registration
...
and support binding them with the bind_msisdn param
2017-03-03 18:34:39 +00:00
David Baker
ce3e583d94
WIP support for msisdn 3pid proxy methods
2017-02-14 15:05:55 +00:00
Erik Johnston
6826593b81
sets aren't JSON serializable
2017-02-02 14:55:54 +00:00
Erik Johnston
51adaac953
Fix email push in pusher worker
...
This was broken when device list updates were implemented, as Mailer
could no longer instantiate an AuthHandler due to a dependency on
federation sending.
2017-02-02 10:53:36 +00:00
Erik Johnston
7e919bdbd0
Include newly joined users in /keys/changes API
2017-02-01 17:33:16 +00:00
Erik Johnston
73d676dc8b
Comment
2017-02-01 13:17:17 +00:00
Erik Johnston
acb501c46d
Comment
2017-02-01 10:32:49 +00:00
Erik Johnston
97479d0c54
Implement /keys/changes
2017-02-01 10:30:03 +00:00
Erik Johnston
2367c5568c
Add basic implementation of local device list changes
2017-01-25 14:27:27 +00:00
David Baker
8c5009b628
Lowercase all email addresses before querying db
...
Since we store all emails in the DB in lowercase
(https://github.com/matrix-org/synapse/pull/1170 )
2017-01-18 13:25:56 +00:00
David Baker
0c88ab1844
Add /account/3pid/delete endpoint
...
Also fix a typo in a comment
2016-12-20 18:27:30 +00:00
Richard van der Hoff
abed247182
Remove unspecced GET endpoints for e2e keys
...
GET /keys/claim is a terrible idea, since it isn't idempotent; also it throws
500 errors if you call it without all the right params.
GET /keys/query is arguable, but it's unspecced, so let's get rid of it too to
stop people relying on unspecced APIs.
2016-12-12 12:31:40 +00:00
Richard van der Hoff
6841d8ff55
Fix doc-string
...
Remove refresh_token reference
2016-12-01 11:42:17 +00:00
Richard van der Hoff
aa09d6b8f0
Rip out more refresh_token code
...
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema.
2016-11-30 17:40:18 +00:00
Richard van der Hoff
dc4b23e1a1
Merge branch 'develop' into rav/no_more_refresh_tokens
2016-11-30 17:10:04 +00:00
Richard van der Hoff
77eca2487c
Merge pull request #1653 from matrix-org/rav/guest_e2e
...
Implement E2E for guests
2016-11-29 17:41:35 +00:00
Richard van der Hoff
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
Richard van der Hoff
f62b69e32a
Allow guest access to endpoints for E2E
...
Expose /devices, /keys, and /sendToDevice to guest users, so that they can use
E2E.
2016-11-25 15:26:34 +00:00
Richard van der Hoff
7f02e4d008
Give guest users a device_id
...
We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one.
2016-11-25 15:25:30 +00:00
Erik Johnston
feec718265
Shuffle receipt handler around so that worker apps don't need to load it
2016-11-23 15:14:24 +00:00
Kegsay
d4a459f7cb
Merge pull request #1638 from matrix-org/kegan/sync-event-fields
...
Implement "event_fields" in filters
2016-11-22 14:02:38 +00:00
Kegan Dougal
cea4e4e7b2
Glue only_event_fields into the sync rest servlet
2016-11-22 10:14:05 +00:00
Mark Haines
a289150943
Fix flake8
2016-11-18 17:15:02 +00:00
David Baker
544722bad2
Work around client replacing reg params
...
Works around https://github.com/vector-im/vector-android/issues/715
and equivalent for iOS
2016-11-18 17:07:35 +00:00
Kegan Dougal
3991b4cbdb
Clean transactions based on time. Add HttpTransactionCache tests.
2016-11-14 11:19:24 +00:00
Kegan Dougal
af4a1bac50
Move .observe() up to the cache to make things neater
2016-11-14 09:52:41 +00:00
Kegan Dougal
8ecaff51a1
Review comments
2016-11-11 17:47:03 +00:00
Kegan Dougal
c7daf3136c
Use observable deferreds because they are sane
2016-11-11 14:13:32 +00:00
Kegan Dougal
8a8ad46f48
Flake8
2016-11-10 15:22:11 +00:00
Kegan Dougal
2771447c29
Store Promise<Response> instead of Response for HTTP API transactions
...
This fixes a race whereby:
- User hits an endpoint.
- No cached transaction so executes main code.
- User hits same endpoint.
- No cache transaction so executes main code.
- Main code finishes executing and caches response and returns.
- Main code finishes executing and caches response and returns.
This race is common in the wild when Synapse is struggling under load.
This commit fixes the race by:
- User hits an endpoint.
- Caches the promise to execute the main code and executes main code.
- User hits same endpoint.
- Yields on the same promise as the first request.
- Main code finishes executing and returns, unblocking both requests.
2016-11-10 14:49:26 +00:00
Erik Johnston
78c083f159
Merge pull request #1164 from pik/error-codes
...
Clarify Error codes for GET /filter/
2016-10-19 14:26:17 +01:00
pik
e8b1d2a452
Refactor test_filter to use real DataStore
...
* add tests for filter api errors
2016-10-18 12:17:38 -05:00
Alexander Maznev
d9350b0db8
Error codes for filters
...
* add tests
Signed-off-by: Alexander Maznev <alexander.maznev@gmail.com>
2016-10-14 10:18:28 -05:00
Richard van der Hoff
9009143fb9
Handle delete device requests with no body
...
We should probably return a 401 rather than a 400 for existing clients that
don't know they have to do the UIA dance to delete a device.
2016-10-12 18:47:28 +01:00
Richard van der Hoff
fbd3866bc6
User-interactive auth on delete device
2016-10-12 16:16:31 +01:00
Richard van der Hoff
f382117852
window.postmessage for Interactive Auth fallback
...
If you're a webapp running the fallback in an iframe, you can't set set a
window.onAuthDone function. Let's post a message back to window.opener instead.
2016-10-06 18:16:59 +01:00
Mark Haines
18ab019a4a
Move the E2E key handling into the e2e handler
2016-09-13 11:35:35 +01:00
Mark Haines
949c2c5435
Add a timeout parameter for end2end key queries.
...
Add a timeout parameter for controlling how long synapse will wait
for responses from remote servers. For servers that fail include how
they failed to make it easier to debug.
Fetch keys from different servers in parallel rather than in series.
Set the default timeout to 10s.
2016-09-12 18:17:09 +01:00
Mark Haines
dbff7e9436
Merge pull request #1096 from matrix-org/markjh/get_access_token
...
Add helper function for getting access_tokens from requests
2016-09-09 17:09:27 +01:00
Mark Haines
8aee5aa068
Add helper function for getting access_tokens from requests
...
Rather than reimplementing the token parsing in the various places.
This will make it easier to change the token parsing to allow access_tokens
in HTTP headers.
2016-09-09 16:33:15 +01:00
Paul Evans
56f38d1776
Merge pull request #1091 from matrix-org/paul/third-party-lookup
...
Improvements to 3PE lookup API
2016-09-09 15:43:11 +01:00
Paul "LeoNerd" Evans
bdbcfc2a80
appease pep8
2016-09-09 13:31:39 +01:00
Paul "LeoNerd" Evans
6eb0c8a2e4
Python isn't JavaScript; have to quote dict keys
2016-09-09 13:31:17 +01:00
Paul "LeoNerd" Evans
25eb769b26
Efficiency fix for lookups of a single protocol
2016-09-09 13:25:02 +01:00
Paul "LeoNerd" Evans
3328428d05
Allow lookup of a single 3PE protocol query metadata
2016-09-09 13:19:04 +01:00
Matthew Hodgson
b8f84f99ff
Merge pull request #1081 from matrix-org/dbkr/notifications_only_highlight
...
Implement `only=highlight` on `/notifications`
2016-09-09 00:09:51 +01:00
David Baker
4ef222ab61
Implement only=highlight
on /notifications
2016-09-08 13:43:35 +01:00
Mark Haines
d4a35ada28
Send device messages over federation
2016-09-06 18:16:20 +01:00
Mark Haines
7ed5acacf4
Fix up the calls to the notifier for device messages
2016-09-01 18:08:40 +01:00
Mark Haines
1aa3e1d287
Add a replication stream for direct to device messages
2016-08-31 10:38:58 +01:00
Mark Haines
4bbef62124
Merge remote-tracking branch 'origin/develop' into markjh/direct_to_device
2016-08-26 14:35:31 +01:00
Paul "LeoNerd" Evans
1294d4a329
Move ThirdPartyEntityKind into api.constants so the expectation becomes that the value is significant
2016-08-25 18:34:47 +01:00
Mark Haines
ab34fdecb7
Merge branch 'develop' into markjh/direct_to_device
2016-08-25 18:34:46 +01:00
Mark Haines
b162cb2e41
Add some TODOs
2016-08-25 18:18:53 +01:00
Mark Haines
641efb6a39
Fix the deduplication of incoming direct-to-device messages
2016-08-25 18:14:02 +01:00
Mark Haines
e993925279
Add store-and-forward direct-to-device messaging
2016-08-25 17:35:37 +01:00
Paul Evans
d9dcb2ba3a
Merge pull request #1041 from matrix-org/paul/third-party-lookup
...
Extend 3PE lookup APIs for metadata query
2016-08-25 17:06:53 +01:00
Paul "LeoNerd" Evans
8e1ed09dff
Move static knowledge of protocol metadata into AS handler; cache the result
2016-08-24 13:01:53 +01:00