Dirk Klimpel
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
Brendan Abolivier
90246344e3
Improve the UX of the login fallback when using SSO ( #7152 )
...
* Don't show the login forms if we're currently logging in with a
password or a token.
* Submit directly the SSO login form, showing only a spinner to the
user, in order to eliminate from the clunkiness of SSO through this
fallback.
2020-03-27 15:44:13 +01:00
Brendan Abolivier
63aea691a7
Update the wording of the config comment
2020-03-27 15:09:12 +01:00
Andrew Morgan
12aa5a7fa7
Ensure is_verified on /_matrix/client/r0/room_keys/keys is a boolean ( #7150 )
2020-03-27 13:30:22 +00:00
David Vo
fbf0782c63
Only import sqlite3 when type checking ( #7155 )
...
Fixes : #7127
Signed-off-by: David Vo <david@vovo.id.au>
2020-03-27 13:20:00 +00:00
David Baker
16ee97988a
Fix undefined variable & remove debug logging
2020-03-27 12:39:54 +00:00
David Baker
a07e03ce90
black
2020-03-27 12:35:32 +00:00
David Baker
09cc058a4c
Always send the user updates to their own device list
...
This will allow clients to notify users about new devices even if
the user isn't in any rooms (yet).
2020-03-27 12:26:47 +00:00
Jason Robinson
7496d3d2f6
Merge pull request #7151 from matrix-org/jaywink/saml-redirect-fix
...
Allow RedirectResponse in SAML response handler
2020-03-26 22:10:31 +02:00
Patrick Cloke
fa4f12102d
Refactor the CAS code (move the logic out of the REST layer to a handler) ( #7136 )
2020-03-26 15:05:26 -04:00
Brendan Abolivier
c2ab0b3066
Whitelist the login fallback by default for SSO
2020-03-26 18:58:58 +01:00
Nektarios Katakis
825fb5d0a5
Don't default to an invalid sqlite config if no database configuration is provided ( #6573 )
2020-03-26 17:13:14 +00:00
Jason Robinson
060e7dce09
Allow RedirectResponse in SAML response handler
...
Allow custom SAML handlers to redirect after processing an auth response.
Fixes #7149
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-03-26 19:02:35 +02:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
Patrick Cloke
1c1242acba
Validate that the session is not modified during UI-Auth ( #7068 )
2020-03-26 07:39:34 -04:00
Aaron Raimist
6ca5e56fd1
Remove unused captcha_bypass_secret option ( #7137 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2020-03-25 17:49:34 +00:00
Erik Johnston
4cff617df1
Move catchup of replication streams to worker. ( #7024 )
...
This changes the replication protocol so that the server does not send down `RDATA` for rows that happened before the client connected. Instead, the server will send a `POSITION` and clients then query the database (or master out of band) to get up to date.
2020-03-25 14:54:01 +00:00
Erik Johnston
b1cfaf08af
Merge pull request #7133 from matrix-org/erikj/fix_worker_startup
...
Fix starting workers when federation sending not split out.
2020-03-25 09:42:39 +00:00
Richard van der Hoff
39230d2171
Clean up some LoggingContext stuff ( #7120 )
...
* Pull Sentinel out of LoggingContext
... and drop a few unnecessary references to it
* Factor out LoggingContext.current_context
move `current_context` and `set_context` out to top-level functions.
Mostly this means that I can more easily trace what's actually referring to
LoggingContext, but I think it's generally neater.
* move copy-to-parent into `stop`
this really just makes `start` and `stop` more symetric. It also means that it
behaves correctly if you manually `set_log_context` rather than using the
context manager.
* Replace `LoggingContext.alive` with `finished`
Turn `alive` into `finished` and make it a bit better defined.
2020-03-24 14:45:33 +00:00
Naugrimm
1fcf9c6f95
Fix CAS redirect url ( #6634 )
...
Build the same service URL when requesting the CAS ticket and when calling the proxyValidate URL.
2020-03-24 11:59:04 +00:00
Erik Johnston
c816072d47
Fix starting workers when federation sending not split out.
2020-03-24 10:35:00 +00:00
Patrick Cloke
190ab593b7
Use the proper error code when a canonical alias that does not exist is used. ( #7109 )
2020-03-23 15:21:54 -04:00
Richard van der Hoff
a564b92d37
Convert *StreamRow
classes to inner classes ( #7116 )
...
This just helps keep the rows closer to their streams, so that it's easier to
see what the format of each stream is.
2020-03-23 13:59:11 +00:00
Richard van der Hoff
5126cb1253
Merge branch 'master' into develop
2020-03-23 13:54:29 +00:00
Richard van der Hoff
2fa55c0cc6
1.12.0
2020-03-23 12:13:09 +00:00
Richard van der Hoff
b3cee0ce67
Fix processing of groups
stream, and use symbolic names for streams ( #7117 )
...
`groups` != `receipts`
Introduced in #6964
2020-03-23 11:39:36 +00:00
Dionysis Grigoropoulos
96071eea8f
Set Referrer-Policy to no-referrer for media ( #7009 )
2020-03-23 09:48:28 +00:00
Patrick Cloke
477c4f5b1c
Clean-up some auth/login REST code ( #7115 )
2020-03-20 16:22:47 -04:00
Richard van der Hoff
c165c1233b
Improve database configuration docs ( #6988 )
...
Attempts to clarify the sample config for databases, and add some stuff about
tcp keepalives to `postgres.md`.
2020-03-20 15:24:22 +00:00
Erik Johnston
fdb1344716
Remove concept of a non-limited stream. ( #7011 )
2020-03-20 14:40:47 +00:00
Patrick Cloke
caec7d4fa0
Convert some of the media REST code to async/await ( #7110 )
2020-03-20 07:20:02 -04:00
Patrick Cloke
c2db6599c8
Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors ( #7089 ).
2020-03-19 08:22:56 -04:00
Erik Johnston
a319cb1dd1
Change device list streams to have one row per ID ( #7010 )
...
* Add 'device_lists_outbound_pokes' as extra table.
This makes sure we check all the relevant tables to get the current max
stream ID.
Currently not doing so isn't problematic as the max stream ID in
`device_lists_outbound_pokes` is the same as in `device_lists_stream`,
however that will change.
* Change device lists stream to have one row per id.
This will make it possible to process the streams more incrementally,
avoiding having to process large chunks at once.
* Change device list replication to match new semantics.
Instead of sending down batches of user ID/host tuples, send down a row
per entity (user ID or host).
* Newsfile
* Remove handling of multiple rows per ID
* Fix worker handling
* Comments from review
2020-03-19 11:36:53 +00:00
Richard van der Hoff
e43e78b985
1.12.0rc1
2020-03-19 11:07:16 +00:00
Richard van der Hoff
e913823a22
Fix concurrent modification errors in pusher metrics ( #7106 )
...
add a lock to try to make this metric actually work
2020-03-19 10:28:49 +00:00
Richard van der Hoff
8c75667ad7
Add prometheus metrics for the number of active pushers ( #7103 )
2020-03-19 10:00:24 +00:00
Richard van der Hoff
443162e577
Move pusherpool startup into _base.setup ( #7104 )
...
This should be safe to do on all workers/masters because it is guarded by
a config option which will ensure it is only actually done on the worker
assigned as a pusher.
2020-03-19 09:48:45 +00:00
Erik Johnston
4a17a647a9
Improve get auth chain difference algorithm. ( #7095 )
...
It was originally implemented by pulling the full auth chain of all
state sets out of the database and doing set comparison. However, that
can take a lot work if the state and auth chains are large.
Instead, lets try and fetch the auth chains at the same time and
calculate the difference on the fly, allowing us to bail early if all
the auth chains converge. Assuming that the auth chains do converge more
often than not, this should improve performance. Hopefully.
2020-03-18 16:46:41 +00:00
Patrick Cloke
88b41986db
Add an option to the set password API to choose whether to logout other devices. ( #7085 )
2020-03-18 07:50:00 -04:00
Erik Johnston
6e6476ef07
Comments from review
2020-03-18 10:13:55 +00:00
Richard van der Hoff
c37db0211e
Share SSL contexts for non-federation requests ( #7094 )
...
Extends #5794 etc to the SimpleHttpClient so that it also applies to non-federation requests.
Fixes #7092 .
2020-03-17 21:32:25 +00:00
The Stranjer
5e477c1deb
Set charset to utf-8 when adding headers for certain text content types ( #7044 )
...
Fixes #7043
2020-03-17 13:29:09 +00:00
Patrick Cloke
7581d30e9f
Remove unused federation endpoint (query_auth
) ( #7026 )
2020-03-17 08:04:49 -04:00
Patrick Cloke
60724c46b7
Remove special casing of m.room.aliases
events ( #7034 )
2020-03-17 07:37:04 -04:00
Richard van der Hoff
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b
, reversing
changes made to 6640460d05
.
2020-03-17 11:25:01 +00:00
Brendan Abolivier
7df04ca0e6
Populate the room version from state events ( #7070 )
...
Fixes #7065
This is basically the same as https://github.com/matrix-org/synapse/pull/6847 except it tries to populate events from `state_events` rather than `current_state_events`, since the latter might have been cleared from the state of some rooms too early, leaving them with a `NULL` room version.
2020-03-16 22:31:47 +00:00
Brendan Abolivier
beb19cf61a
Fix buggy condition in account validity handler ( #7074 )
2020-03-16 12:16:30 +00:00
Brendan Abolivier
d8d91983bc
Merge pull request #7067 from matrix-org/babolivier/saml_error_moar
...
Move the default SAML2 error HTML to a dedicated file
2020-03-13 19:53:19 +00:00
Brendan Abolivier
ebfcbbff9c
Use innerText instead of innerHTML
2020-03-13 19:09:22 +00:00
Patrick Cloke
77d0a4507b
Add type annotations and comments to auth handler ( #7063 )
2020-03-12 11:36:27 -04:00
Brendan Abolivier
0de9f9486a
Lint
2020-03-11 20:39:18 +00:00
Brendan Abolivier
f9e98176bf
Put the file in the templates directory
2020-03-11 20:31:42 +00:00
Brendan Abolivier
900bca9707
Update wording and config
2020-03-11 19:40:30 +00:00
Brendan Abolivier
b8cfe79ffc
Move the default SAML2 error HTML to a dedicated file
...
Also add some JS to it to process any error we might have in the URI
(see #6893 ).
2020-03-11 19:33:16 +00:00
Brendan Abolivier
8120a238a4
Refactor a bit
2020-03-11 18:49:41 +00:00
Brendan Abolivier
37a9873f63
Also don't fail on aliases events in this case
2020-03-11 18:43:41 +00:00
Brendan Abolivier
e38c44b418
Lint
2020-03-11 18:06:07 +00:00
Brendan Abolivier
2dce68c651
Also don't filter out events sent by ignored users when checking state visibility
2020-03-11 17:53:22 +00:00
Brendan Abolivier
9c0775e86a
Fix condition
2020-03-11 17:53:18 +00:00
Brendan Abolivier
69ce55c510
Don't filter out dummy events when we're checking the visibility of state
2020-03-11 17:52:54 +00:00
Brendan Abolivier
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
Dirk Klimpel
42ac4ca477
Update synapse/config/registration.py
...
Co-Authored-By: Brendan Abolivier <github@brendanabolivier.com>
2020-03-10 21:26:55 +01:00
Brendan Abolivier
8f826f98ac
Rephrase default message
2020-03-10 17:22:45 +00:00
Brendan Abolivier
dc6fb56c5f
Hopefully mypy is happy now
2020-03-10 14:40:28 +00:00
Brendan Abolivier
fe593ef990
Attempt at appeasing the gods of mypy
2020-03-10 14:19:06 +00:00
Brendan Abolivier
5ec2077bf9
Lint
2020-03-10 14:04:20 +00:00
Brendan Abolivier
6b0efe73e2
SAML2: render a comprehensible error page if something goes wrong
...
If an error happened while processing a SAML AuthN response, or a client
ends up doing a `GET` request to `/authn_response`, then render a
customisable error page rather than a confusing error.
2020-03-10 13:59:22 +00:00
dklimpel
39f6595b4a
lint, fix tests
2020-03-09 22:13:20 +01:00
dklimpel
885134529f
updates after review
2020-03-09 22:09:29 +01:00
Brendan Abolivier
14b2ebe767
Merge pull request #7055 from matrix-org/babolivier/get_time_of_last_push_action_before
...
Move get_time_of_last_push_action_before to the EventPushActionsWorkerStore
2020-03-09 14:53:50 +00:00
Brendan Abolivier
aee2bae952
Fix undefined room_id
in make_summary_text
...
This would break notifications about un-named rooms when processing
notifications in a batch.
2020-03-09 14:10:19 +00:00
Brendan Abolivier
87c65576e0
Move get_time_of_last_push_action_before
to the EventPushActionsWorkerStore
...
Fixes #7054
I also had a look at the rest of the functions in
`EventPushActionsStore` and in the push notifications send code and it
looks to me like there shouldn't be any other method with this issue in
this part of the codebase.
2020-03-09 13:58:38 +00:00
Patrick Cloke
06eb5cae08
Remove special auth and redaction rules for aliases events in experimental room ver. ( #7037 )
2020-03-09 08:58:25 -04:00
Brendan Abolivier
bbf725e7da
Merge pull request #7045 from matrix-org/babolivier/room_keys_check
...
Make sure that is_verified is a boolean when processing room keys
2020-03-09 09:54:48 +00:00
dklimpel
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
dklimpel
20545a2199
lint2
2020-03-08 15:28:00 +01:00
dklimpel
ce460dc31c
lint
2020-03-08 15:22:43 +01:00
dklimpel
fb078f921b
changelog
2020-03-08 15:19:07 +01:00
dklimpel
1f5f3ae8b1
Add options to disable setting profile info for prevent changes.
2020-03-08 14:49:33 +01:00
Neil Pilgrim
2bff4457d9
Add type hints to logging/context.py ( #6309 )
...
* Add type hints to logging/context.py
Signed-off-by: neiljp (Neil Pilgrim) <github@kepier.clara.net>
2020-03-07 17:57:26 +00:00
Neil Johnson
1d66dce83e
Break down monthly active users by appservice_id ( #7030 )
...
* Break down monthly active users by appservice_id and emit via prometheus.
Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
2020-03-06 18:14:19 +00:00
Brendan Abolivier
54b78a0e3b
Lint
2020-03-06 15:11:13 +00:00
Brendan Abolivier
297aaf4816
Mention the session ID in the error message
2020-03-06 15:07:41 +00:00
Brendan Abolivier
45df9d35a9
Lint
2020-03-06 11:10:52 +00:00
Brendan Abolivier
80e580ae92
Make sure that is_verified is a boolean when processing room keys
2020-03-06 11:05:00 +00:00
Patrick Cloke
87972f07e5
Convert remote key resource REST layer to async/await. ( #7020 )
2020-03-05 11:29:56 -05:00
Richard van der Hoff
78a15b1f9d
Store room_versions in EventBase objects ( #6875 )
...
This is a bit fiddly because it all has to be done on one fell swoop:
* Wherever we create a new event, pass in the room version (and check it matches the format version)
* When we prune an event, use the room version of the unpruned event to create the pruned version.
* When we pass an event over the replication protocol, pass the room version over alongside it, and use it when deserialising the event again.
2020-03-05 15:46:44 +00:00
Brendan Abolivier
31a2116331
Hide extremities dummy events from clients
2020-03-04 17:28:13 +00:00
Patrick Cloke
13892776ef
Allow deleting an alias if the user has sufficient power level ( #6986 )
2020-03-04 11:30:46 -05:00
Richard van der Hoff
8ef8fb2c1c
Read the room version from database when fetching events ( #6874 )
...
This is a precursor to giving EventBase objects the knowledge of which room version they belong to.
2020-03-04 13:11:04 +00:00
Brendan Abolivier
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
Brendan Abolivier
fd983fad96
v1.11.1
2020-03-03 14:58:37 +00:00
Patrick Cloke
7dcbc33a1b
Validate the alt_aliases property of canonical alias events ( #6971 )
2020-03-03 07:12:45 -05:00
Brendan Abolivier
a0178df104
Fix wrong handler being used in SAML handler
2020-03-03 11:29:07 +00:00
Brendan Abolivier
65c73cdfec
Factor out complete_sso_login and expose it to the Module API
2020-03-03 10:54:44 +00:00
Richard van der Hoff
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
Erik Johnston
65a941d1f8
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/fixup_devices_stream
2020-03-02 16:55:55 +00:00
Erik Johnston
b29474e0aa
Always return a deferred from get_current_state_deltas
. ( #7019 )
...
This currently causes presence notify code to log exceptions when there
is no state changes to process. This doesn't actually cause any problems
as we'd simply do nothing anyway.
2020-03-02 16:52:15 +00:00
Richard van der Hoff
27d099edd6
Merge remote-tracking branch 'origin/release-v1.11.1' into release-v1.11.1
2020-03-02 16:43:33 +00:00
Brendan Abolivier
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00