mirror of
https://mau.dev/maunium/synapse.git
synced 2024-11-16 15:01:23 +01:00
Merge pull request #5644 from matrix-org/babolivier/profile-allow-self
Allow newly-registered users to lookup their own profiles
This commit is contained in:
commit
af67c7c1de
3 changed files with 52 additions and 0 deletions
1
changelog.d/5644.bugfix
Normal file
1
changelog.d/5644.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix newly-registered users not being able to lookup their own profile without joining a room.
|
|
@ -303,6 +303,10 @@ class BaseProfileHandler(BaseHandler):
|
|||
if not self.hs.config.require_auth_for_profile_requests or not requester:
|
||||
return
|
||||
|
||||
# Always allow the user to query their own profile.
|
||||
if target_user.to_string() == requester.to_string():
|
||||
return
|
||||
|
||||
try:
|
||||
requester_rooms = yield self.store.get_rooms_for_user(requester.to_string())
|
||||
target_user_rooms = yield self.store.get_rooms_for_user(
|
||||
|
|
|
@ -288,3 +288,50 @@ class ProfilesRestrictedTestCase(unittest.HomeserverTestCase):
|
|||
# if the user isn't already in the room), because we only want to
|
||||
# make sure the user isn't in the room.
|
||||
pass
|
||||
|
||||
|
||||
class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):
|
||||
|
||||
servlets = [
|
||||
admin.register_servlets_for_client_rest_resource,
|
||||
login.register_servlets,
|
||||
profile.register_servlets,
|
||||
]
|
||||
|
||||
def make_homeserver(self, reactor, clock):
|
||||
config = self.default_config()
|
||||
config["require_auth_for_profile_requests"] = True
|
||||
self.hs = self.setup_test_homeserver(config=config)
|
||||
|
||||
return self.hs
|
||||
|
||||
def prepare(self, reactor, clock, hs):
|
||||
# User requesting the profile.
|
||||
self.requester = self.register_user("requester", "pass")
|
||||
self.requester_tok = self.login("requester", "pass")
|
||||
|
||||
def test_can_lookup_own_profile(self):
|
||||
"""Tests that a user can lookup their own profile without having to be in a room
|
||||
if 'require_auth_for_profile_requests' is set to true in the server's config.
|
||||
"""
|
||||
request, channel = self.make_request(
|
||||
"GET", "/profile/" + self.requester, access_token=self.requester_tok
|
||||
)
|
||||
self.render(request)
|
||||
self.assertEqual(channel.code, 200, channel.result)
|
||||
|
||||
request, channel = self.make_request(
|
||||
"GET",
|
||||
"/profile/" + self.requester + "/displayname",
|
||||
access_token=self.requester_tok,
|
||||
)
|
||||
self.render(request)
|
||||
self.assertEqual(channel.code, 200, channel.result)
|
||||
|
||||
request, channel = self.make_request(
|
||||
"GET",
|
||||
"/profile/" + self.requester + "/avatar_url",
|
||||
access_token=self.requester_tok,
|
||||
)
|
||||
self.render(request)
|
||||
self.assertEqual(channel.code, 200, channel.result)
|
||||
|
|
Loading…
Reference in a new issue