Don't check whether the user's account is expired on /send_mail requests

2024-10-01 08:25:44 -04:00 · 2019-06-05 16:35:05 +01:00 · 2019-06-05 16:35:05 +01:00 · fe13bd52ac
commit fe13bd52ac
parent 2f62e1f6ff
3 changed files with 44 additions and 3 deletions
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@ -184,7 +184,13 @@ class Auth(object):
        return event_auth.get_public_keys(invite_event)

    @defer.inlineCallbacks
-    def get_user_by_req(self, request, allow_guest=False, rights="access"):
+    def get_user_by_req(
+        self,
+        request,
+        allow_guest=False,
+        rights="access",
+        allow_expired=False,
+    ):
        """ Get a registered user's ID.

        Args:
@ -229,7 +235,7 @@ class Auth(object):
            is_guest = user_info["is_guest"]

            # Deny the request if the user account has expired.
-            if self._account_validity.enabled:
+            if self._account_validity.enabled and not allow_expired:
                user_id = user.to_string()
                expiration_ts = yield self.store.get_expiration_ts_for_user(user_id)
                if expiration_ts is not None and self.clock.time_msec() >= expiration_ts:
--- a/synapse/rest/client/v2_alpha/account_validity.py
+++ b/synapse/rest/client/v2_alpha/account_validity.py
@ -79,7 +79,7 @@ class AccountValiditySendMailServlet(RestServlet):
        if not self.account_validity.renew_by_email_enabled:
            raise AuthError(403, "Account renewal via email is disabled on this server.")

-        requester = yield self.auth.get_user_by_req(request)
+        requester = yield self.auth.get_user_by_req(request, allow_expired=True)
        user_id = requester.user.to_string()
        yield self.account_activity_handler.send_renewal_email_to_user(user_id)

--- a/tests/rest/client/v2_alpha/test_register.py
+++ b/tests/rest/client/v2_alpha/test_register.py
@ -427,6 +427,41 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):

        self.assertEqual(len(self.email_attempts), 1)

+    def test_manual_email_send_expired_account(self):
+        user_id = self.register_user("kermit", "monkey")
+        tok = self.login("kermit", "monkey")
+
+        # We need to manually add an email address otherwise the handler will do
+        # nothing.
+        now = self.hs.clock.time_msec()
+        self.get_success(
+            self.store.user_add_threepid(
+                user_id=user_id,
+                medium="email",
+                address="kermit@example.com",
+                validated_at=now,
+                added_at=now,
+            )
+        )
+
+        # Make the account expire.
+        self.reactor.advance(datetime.timedelta(days=8).total_seconds())
+
+        # Ignore all emails sent by the automatic background task and only focus on the
+        # ones sent manually.
+        self.email_attempts = []
+
+        # Test that we're still able to manually trigger a mail to be sent.
+        request, channel = self.make_request(
+            b"POST",
+            "/_matrix/client/unstable/account_validity/send_mail",
+            access_token=tok,
+        )
+        self.render(request)
+        self.assertEquals(channel.result["code"], b"200", channel.result)
+
+        self.assertEqual(len(self.email_attempts), 1)
+

 class AccountValidityBackgroundJobTestCase(unittest.HomeserverTestCase):