Commit Graph

137 Commits

Author SHA1 Message Date
reivilibre
c06b2b7142
Faster Remote Room Joins: tell remote homeservers that we are unable to authorise them if they query a room which has partial state on our server. () 2022-09-23 11:47:16 +01:00
Will Hunt
502f075e96
Implement MSC3848: Introduce errcodes for specific event sending failures ()
Implements MSC3848
2022-07-27 13:44:40 +01:00
David Teller
11f811470f
Uniformize spam-checker API, part 5: expand other spam-checker callbacks to return Tuple[Codes, dict] ()
Signed-off-by: David Teller <davidt@element.io>
Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
2022-07-11 16:52:10 +00:00
Travis Ralston
d0e40dfe29
Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance () 2022-05-31 08:42:18 +01:00
Travis Ralston
bcfdfeb65d Revert "Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance ()"
This reverts commit e0fae823e9.
2022-05-30 20:29:40 -06:00
Travis Ralston
e0fae823e9
Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance ()
`M_` is a reserved namespace.
2022-05-31 02:27:19 +00:00
David Teller
af7db19e1e
Uniformize spam-checker API, part 3: Expand check_event_for_spam with the ability to return additional fields ()
Signed-off-by: David Teller <davidt@element.io>
2022-05-30 18:24:56 +02:00
David Teller
888eb736a1
Add code M_USER_ACCOUNT_SUSPENDED, as per MSC3823. ()
Signed-off-by: David Teller <davidt@element.io>
Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
2022-05-27 13:13:29 +00:00
David Teller
28199e9357
Uniformize spam-checker API, part 2: check_event_for_spam ()
Signed-off-by: David Teller <davidt@element.io>
2022-05-23 17:27:39 +00:00
David Teller
10280fc943
Uniformize spam-checker API, part 1: the Code enum. () 2022-05-20 14:53:25 +02:00
Tulir Asokan
4bc8cb4669
Implement MSC2815: allow room moderators to view redacted event content ()
Implements 

Signed-off-by: Tulir Asokan <tulir@maunium.net>
2022-04-20 12:57:39 +01:00
Michael Telatynski
54e74f8bde
Fix M_WRONG_ROOM_KEYS_VERSION error not including current_version field ()
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2022-02-14 19:28:00 +00:00
reivilibre
69ab3dddbc
Make check_event_allowed module API callback not fail open (accept events) when an exception is raised () 2021-11-01 15:45:56 +00:00
Patrick Cloke
3ab55d43bd
Add missing type hints to synapse.api. ()
* Convert UserPresenceState to attrs.
* Remove args/kwargs from error classes and explicitly pass msg/errorcode.
2021-10-18 15:01:10 -04:00
David Robertson
ee3b2ac59a
Validate device_keys for C-S /keys/query requests ()
* Validate device_keys for C-S /keys/query requests

Closes 

A small, not particularly critical fix. I'm interested in seeing if we
can find a more systematic approach though.  is the place for any discussion.
2021-08-20 15:47:03 +01:00
Patrick Cloke
228decfce1
Update the MSC3083 support to verify if joins are from an authorized server. () 2021-07-26 12:17:00 -04:00
Jonathan de Jong
bf72d10dbf
Use inline type hints in various other places (in synapse/) () 2021-07-15 11:02:43 +01:00
Sorunome
d936371b69
Implement knock feature ()
This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403

Signed-off-by: Sorunome mail@sorunome.de
Signed-off-by: Andrew Morgan andrewm@element.io
2021-06-09 19:39:51 +01:00
Jonathan de Jong
4b965c862d
Remove redundant "coding: utf-8" lines ()
Part of 

Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now.

`Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
2021-04-14 15:34:27 +01:00
Eric Eastwood
0a00b7ff14
Update black, and run auto formatting over the codebase ()
- Update black version to the latest
 - Run black auto formatting over the codebase
    - Run autoformatting according to [`docs/code_style.md
`](80d6dc9783/docs/code_style.md)
 - Update `code_style.md` docs around installing black to use the correct version
2021-02-16 22:32:34 +00:00
Patrick Cloke
8a4a4186de
Simplify super() calls to Python 3 syntax. ()
This converts calls like super(Foo, self) -> super().

Generated with:

    sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
2020-09-18 09:56:44 -04:00
Patrick Cloke
c619253db8
Stop sub-classing object () 2020-09-04 06:54:56 -04:00
Patrick Cloke
e259d63f73
Stop shadow-banned users from sending invites. () 2020-08-20 15:07:42 -04:00
Patrick Cloke
eebf52be06
Be stricter about JSON that is accepted by Synapse () 2020-08-19 07:26:03 -04:00
Patrick Cloke
66f24449dd
Improve performance of the register endpoint () 2020-08-06 08:09:55 -04:00
Patrick Cloke
35450519de
Ensure that calls to json.dumps are compatible with the standard library json. () 2020-07-15 13:40:54 -04:00
Patrick Cloke
4db1509516
Improve the type hints of synapse.api.errors. () 2020-07-14 07:03:58 -04:00
Patrick Cloke
66a4af8d96
Do not use canonicaljson to magically handle decoding bytes from JSON. () 2020-07-10 14:30:08 -04:00
Dagfinn Ilmari Mannsåker
a3f11567d9
Replace all remaining six usage with native Python 3 equivalents () 2020-06-16 08:51:47 -04:00
Patrick Cloke
bd6dc17221
Replace iteritems/itervalues/iterkeys with native versions. () 2020-06-15 07:03:36 -04:00
Andrew Morgan
07b88c546d
Convert http.HTTPStatus objects to their int equivalent () 2020-04-03 14:26:07 +01:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). () 2020-03-26 16:51:13 +00:00
Patrick Cloke
7dcbc33a1b
Validate the alt_aliases property of canonical alias events () 2020-03-03 07:12:45 -05:00
Richard van der Hoff
08f41a6f05 Add get_room_version method
So that we can start factoring out some of this boilerplatey boilerplate.
2020-01-31 10:28:15 +00:00
Richard van der Hoff
8f5d7302ac
Implement RedirectException ()
Allow REST endpoint implemnentations to raise a RedirectException, which will
redirect the user's browser to a given location.
2020-01-15 15:58:55 +00:00
Richard van der Hoff
326c893d24
Kill off RegistrationError ()
This is pretty pointless. Let's just use SynapseError.
2020-01-13 12:48:22 +00:00
Andrew Morgan
bc29a19731 Replace instance variations of homeserver with correct case/spacing 2019-11-12 13:08:12 +00:00
Hubert Chathi
cfc28325a6 Merge branch 'develop' into uhoreg/e2e_cross-signing_merged 2019-10-18 11:39:40 +01:00
Amber Brown
864f144543
Fix up some typechecking ()
* type checking fixes

* changelog
2019-10-02 05:29:01 -07:00
Hubert Chathi
e3d3fbf63f Merge branch 'uhoreg/e2e_cross-signing_merged' into cross-signing_keys 2019-08-28 17:36:46 -07:00
Andrew Morgan
72167fb394
Change user deactivated errcode to USER_DEACTIVATED and use it ()
This is intended as an amendment to  as using M_UNKNOWN as the errcode makes it hard for clients to differentiate between an invalid password and a deactivated user (the problem we were trying to solve in the first place).

M_UNKNOWN was originally chosen as it was presumed than an MSC would have to be carried out to add a new code, but as Synapse often is the testing bed for new MSC implementations, it makes sense to try it out first in the wild and then add it into the spec if it is successful. Thus this PR return a new M_USER_DEACTIVATED code when a deactivated user attempts to login.
2019-07-31 15:19:06 +01:00
Hubert Chathi
c659b9f94f allow uploading keys for cross-signing 2019-07-25 11:08:24 -04:00
Andrew Morgan
18c516698e
Return a different error from Invalid Password when a user is deactivated ()
Return `This account has been deactivated` instead of `Invalid password` when a user is deactivated.
2019-07-15 11:45:29 +01:00
Richard van der Hoff
5f158ec039
Implement access token expiry ()
Record how long an access token is valid for, and raise a soft-logout once it
expires.
2019-07-12 17:26:02 +01:00
Richard van der Hoff
0a4001eba1
Clean up exception handling for access_tokens ()
First of all, let's get rid of `TOKEN_NOT_FOUND_HTTP_STATUS`. It was a hack we
did at one point when it was possible to return either a 403 or a 401 if the
creds were missing. We always return a 401 in these cases now (thankfully), so
it's not needed.

Let's also stop abusing `AuthError` for these cases. Honestly they have nothing
that relates them to the other places that `AuthError` is used, other than the
fact that they are loosely under the 'Auth' banner. It makes no sense for them
to share exception classes.

Instead, let's add a couple of new exception classes: `InvalidClientTokenError`
and `MissingClientTokenError`, for the `M_UNKNOWN_TOKEN` and `M_MISSING_TOKEN`
cases respectively - and an `InvalidClientCredentialsError` base class for the
two of them.
2019-07-11 11:06:23 +01:00
Amber Brown
32e7c9e7f2
Run Black. () 2019-06-20 19:32:02 +10:00
Andrew Morgan
3719680ee4
Add ability to perform password reset via email without trusting the identity server ()
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.

This PR is a culmination of 3 smaller PRs which have each been separately reviewed:

* 
* 
* 
2019-06-06 17:34:07 +01:00
Richard van der Hoff
04d53794d6
Fix error handling for rooms whose versions are unknown. ()
If we remove support for a particular room version, we should behave more
gracefully. This should make client requests fail with a 400 rather than a 500,
and will ignore individiual PDUs in a federation transaction, rather than the
whole transaction.
2019-05-21 13:47:25 +01:00
Andrew Morgan
caa76e6021
Remove periods from copyright headers () 2019-04-11 17:08:13 +01:00
Brendan Abolivier
747aa9f8ca Add account expiration feature 2019-04-09 16:46:04 +01:00