mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-14 10:33:49 +01:00
Merge branch 'release-v0.11.0' of github.com:matrix-org/synapse
This commit is contained in:
commit
d3861b4442
172 changed files with 8270 additions and 2825 deletions
4
.gitignore
vendored
4
.gitignore
vendored
|
@ -42,3 +42,7 @@ build/
|
||||||
|
|
||||||
localhost-800*/
|
localhost-800*/
|
||||||
static/client/register/register_config.js
|
static/client/register/register_config.js
|
||||||
|
.tox
|
||||||
|
|
||||||
|
env/
|
||||||
|
*.config
|
||||||
|
|
|
@ -44,4 +44,7 @@ Eric Myhre <hash at exultant.us>
|
||||||
repository API.
|
repository API.
|
||||||
|
|
||||||
Muthu Subramanian <muthu.subramanian.karunanidhi at ericsson.com>
|
Muthu Subramanian <muthu.subramanian.karunanidhi at ericsson.com>
|
||||||
* Add SAML2 support for registration and logins.
|
* Add SAML2 support for registration and login.
|
||||||
|
|
||||||
|
Steven Hammerton <steven.hammerton at openmarket.com>
|
||||||
|
* Add CAS support for registration and login.
|
||||||
|
|
46
CHANGES.rst
46
CHANGES.rst
|
@ -1,3 +1,49 @@
|
||||||
|
Changes in synapse v0.11.0 (2015-11-17)
|
||||||
|
=======================================
|
||||||
|
|
||||||
|
* Change CAS login API (PR #349)
|
||||||
|
|
||||||
|
Changes in synapse v0.11.0-rc2 (2015-11-13)
|
||||||
|
===========================================
|
||||||
|
|
||||||
|
* Various changes to /sync API response format (PR #373)
|
||||||
|
* Fix regression when setting display name in newly joined room over
|
||||||
|
federation (PR #368)
|
||||||
|
* Fix problem where /search was slow when using SQLite (PR #366)
|
||||||
|
|
||||||
|
Changes in synapse v0.11.0-rc1 (2015-11-11)
|
||||||
|
===========================================
|
||||||
|
|
||||||
|
* Add Search API (PR #307, #324, #327, #336, #350, #359)
|
||||||
|
* Add 'archived' state to v2 /sync API (PR #316)
|
||||||
|
* Add ability to reject invites (PR #317)
|
||||||
|
* Add config option to disable password login (PR #322)
|
||||||
|
* Add the login fallback API (PR #330)
|
||||||
|
* Add room context API (PR #334)
|
||||||
|
* Add room tagging support (PR #335)
|
||||||
|
* Update v2 /sync API to match spec (PR #305, #316, #321, #332, #337, #341)
|
||||||
|
* Change retry schedule for application services (PR #320)
|
||||||
|
* Change retry schedule for remote servers (PR #340)
|
||||||
|
* Fix bug where we hosted static content in the incorrect place (PR #329)
|
||||||
|
* Fix bug where we didn't increment retry interval for remote servers (PR #343)
|
||||||
|
|
||||||
|
Changes in synapse v0.10.1-rc1 (2015-10-15)
|
||||||
|
===========================================
|
||||||
|
|
||||||
|
* Add support for CAS, thanks to Steven Hammerton (PR #295, #296)
|
||||||
|
* Add support for using macaroons for ``access_token`` (PR #256, #229)
|
||||||
|
* Add support for ``m.room.canonical_alias`` (PR #287)
|
||||||
|
* Add support for viewing the history of rooms that they have left. (PR #276,
|
||||||
|
#294)
|
||||||
|
* Add support for refresh tokens (PR #240)
|
||||||
|
* Add flag on creation which disables federation of the room (PR #279)
|
||||||
|
* Add some room state to invites. (PR #275)
|
||||||
|
* Atomically persist events when joining a room over federation (PR #283)
|
||||||
|
* Change default history visibility for private rooms (PR #271)
|
||||||
|
* Allow users to redact their own sent events (PR #262)
|
||||||
|
* Use tox for tests (PR #247)
|
||||||
|
* Split up syutil into separate libraries (PR #243)
|
||||||
|
|
||||||
Changes in synapse v0.10.0-r2 (2015-09-16)
|
Changes in synapse v0.10.0-r2 (2015-09-16)
|
||||||
==========================================
|
==========================================
|
||||||
|
|
||||||
|
|
16
MANIFEST.in
16
MANIFEST.in
|
@ -3,13 +3,23 @@ include LICENSE
|
||||||
include VERSION
|
include VERSION
|
||||||
include *.rst
|
include *.rst
|
||||||
include demo/README
|
include demo/README
|
||||||
|
include demo/demo.tls.dh
|
||||||
|
include demo/*.py
|
||||||
|
include demo/*.sh
|
||||||
|
|
||||||
recursive-include synapse/storage/schema *.sql
|
recursive-include synapse/storage/schema *.sql
|
||||||
recursive-include synapse/storage/schema *.py
|
recursive-include synapse/storage/schema *.py
|
||||||
|
|
||||||
recursive-include demo *.dh
|
|
||||||
recursive-include demo *.py
|
|
||||||
recursive-include demo *.sh
|
|
||||||
recursive-include docs *
|
recursive-include docs *
|
||||||
recursive-include scripts *
|
recursive-include scripts *
|
||||||
|
recursive-include scripts-dev *
|
||||||
recursive-include tests *.py
|
recursive-include tests *.py
|
||||||
|
|
||||||
|
recursive-include synapse/static *.css
|
||||||
|
recursive-include synapse/static *.gif
|
||||||
|
recursive-include synapse/static *.html
|
||||||
|
recursive-include synapse/static *.js
|
||||||
|
|
||||||
|
exclude jenkins.sh
|
||||||
|
|
||||||
|
prune demo/etc
|
||||||
|
|
14
README.rst
14
README.rst
|
@ -20,8 +20,8 @@ The overall architecture is::
|
||||||
https://somewhere.org/_matrix https://elsewhere.net/_matrix
|
https://somewhere.org/_matrix https://elsewhere.net/_matrix
|
||||||
|
|
||||||
``#matrix:matrix.org`` is the official support room for Matrix, and can be
|
``#matrix:matrix.org`` is the official support room for Matrix, and can be
|
||||||
accessed by the web client at http://matrix.org/beta or via an IRC bridge at
|
accessed by any client from https://matrix.org/blog/try-matrix-now or via IRC
|
||||||
irc://irc.freenode.net/matrix.
|
bridge at irc://irc.freenode.net/matrix.
|
||||||
|
|
||||||
Synapse is currently in rapid development, but as of version 0.5 we believe it
|
Synapse is currently in rapid development, but as of version 0.5 we believe it
|
||||||
is sufficiently stable to be run as an internet-facing service for real usage!
|
is sufficiently stable to be run as an internet-facing service for real usage!
|
||||||
|
@ -77,14 +77,14 @@ Meanwhile, iOS and Android SDKs and clients are available from:
|
||||||
- https://github.com/matrix-org/matrix-android-sdk
|
- https://github.com/matrix-org/matrix-android-sdk
|
||||||
|
|
||||||
We'd like to invite you to join #matrix:matrix.org (via
|
We'd like to invite you to join #matrix:matrix.org (via
|
||||||
https://matrix.org/beta), run a homeserver, take a look at the Matrix spec at
|
https://matrix.org/blog/try-matrix-now), run a homeserver, take a look at the
|
||||||
https://matrix.org/docs/spec and API docs at https://matrix.org/docs/api,
|
Matrix spec at https://matrix.org/docs/spec and API docs at
|
||||||
experiment with the APIs and the demo clients, and report any bugs via
|
https://matrix.org/docs/api, experiment with the APIs and the demo clients, and
|
||||||
https://matrix.org/jira.
|
report any bugs via https://matrix.org/jira.
|
||||||
|
|
||||||
Thanks for using Matrix!
|
Thanks for using Matrix!
|
||||||
|
|
||||||
[1] End-to-end encryption is currently in development
|
[1] End-to-end encryption is currently in development - see https://matrix.org/git/olm
|
||||||
|
|
||||||
Synapse Installation
|
Synapse Installation
|
||||||
====================
|
====================
|
||||||
|
|
|
@ -25,6 +25,7 @@ for port in 8080 8081 8082; do
|
||||||
--generate-config \
|
--generate-config \
|
||||||
-H "localhost:$https_port" \
|
-H "localhost:$https_port" \
|
||||||
--config-path "$DIR/etc/$port.config" \
|
--config-path "$DIR/etc/$port.config" \
|
||||||
|
--report-stats no
|
||||||
|
|
||||||
# Check script parameters
|
# Check script parameters
|
||||||
if [ $# -eq 1 ]; then
|
if [ $# -eq 1 ]; then
|
||||||
|
@ -37,6 +38,13 @@ for port in 8080 8081 8082; do
|
||||||
|
|
||||||
perl -p -i -e 's/^enable_registration:.*/enable_registration: true/g' $DIR/etc/$port.config
|
perl -p -i -e 's/^enable_registration:.*/enable_registration: true/g' $DIR/etc/$port.config
|
||||||
|
|
||||||
|
if ! grep -F "full_twisted_stacktraces" -q $DIR/etc/$port.config; then
|
||||||
|
echo "full_twisted_stacktraces: true" >> $DIR/etc/$port.config
|
||||||
|
fi
|
||||||
|
if ! grep -F "report_stats" -q $DIR/etc/$port.config ; then
|
||||||
|
echo "report_stats: false" >> $DIR/etc/$port.config
|
||||||
|
fi
|
||||||
|
|
||||||
python -m synapse.app.homeserver \
|
python -m synapse.app.homeserver \
|
||||||
--config-path "$DIR/etc/$port.config" \
|
--config-path "$DIR/etc/$port.config" \
|
||||||
-D \
|
-D \
|
||||||
|
|
39
jenkins.sh
Executable file
39
jenkins.sh
Executable file
|
@ -0,0 +1,39 @@
|
||||||
|
#!/bin/bash -eu
|
||||||
|
|
||||||
|
export PYTHONDONTWRITEBYTECODE=yep
|
||||||
|
|
||||||
|
# Output test results as junit xml
|
||||||
|
export TRIAL_FLAGS="--reporter=subunit"
|
||||||
|
export TOXSUFFIX="| subunit-1to2 | subunit2junitxml --no-passthrough --output-to=results.xml"
|
||||||
|
|
||||||
|
# Output coverage to coverage.xml
|
||||||
|
export DUMP_COVERAGE_COMMAND="coverage xml -o coverage.xml"
|
||||||
|
|
||||||
|
# Output flake8 violations to violations.flake8.log
|
||||||
|
# Don't exit with non-0 status code on Jenkins,
|
||||||
|
# so that the build steps continue and a later step can decided whether to
|
||||||
|
# UNSTABLE or FAILURE this build.
|
||||||
|
export PEP8SUFFIX="--output-file=violations.flake8.log || echo flake8 finished with status code \$?"
|
||||||
|
|
||||||
|
tox
|
||||||
|
|
||||||
|
: ${GIT_BRANCH:="$(git rev-parse --abbrev-ref HEAD)"}
|
||||||
|
|
||||||
|
set +u
|
||||||
|
. .tox/py27/bin/activate
|
||||||
|
set -u
|
||||||
|
|
||||||
|
rm -rf sytest
|
||||||
|
git clone https://github.com/matrix-org/sytest.git sytest
|
||||||
|
cd sytest
|
||||||
|
|
||||||
|
git checkout "${GIT_BRANCH}" || (echo >&2 "No ref ${GIT_BRANCH} found, falling back to develop" ; git checkout develop)
|
||||||
|
|
||||||
|
: ${PERL5LIB:=$WORKSPACE/perl5/lib/perl5}
|
||||||
|
: ${PERL_MB_OPT:=--install_base=$WORKSPACE/perl5}
|
||||||
|
: ${PERL_MM_OPT:=INSTALL_BASE=$WORKSPACE/perl5}
|
||||||
|
export PERL5LIB PERL_MB_OPT PERL_MM_OPT
|
||||||
|
|
||||||
|
./install-deps.pl
|
||||||
|
|
||||||
|
./run-tests.pl -O tap --synapse-directory .. --all > results.tap
|
|
@ -56,10 +56,9 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
js = json.load(args.json)
|
js = json.load(args.json)
|
||||||
|
|
||||||
|
|
||||||
auth = Auth(Mock())
|
auth = Auth(Mock())
|
||||||
check_auth(
|
check_auth(
|
||||||
auth,
|
auth,
|
||||||
[FrozenEvent(d) for d in js["auth_chain"]],
|
[FrozenEvent(d) for d in js["auth_chain"]],
|
||||||
[FrozenEvent(d) for d in js["pdus"]],
|
[FrozenEvent(d) for d in js.get("pdus", [])],
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
from synapse.crypto.event_signing import *
|
from synapse.crypto.event_signing import *
|
||||||
from syutil.base64util import encode_base64
|
from unpaddedbase64 import encode_base64
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
import hashlib
|
import hashlib
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
|
|
||||||
from syutil.crypto.jsonsign import verify_signed_json
|
from signedjson.sign import verify_signed_json
|
||||||
from syutil.crypto.signing_key import (
|
from signedjson.key import decode_verify_key_bytes, write_signing_keys
|
||||||
decode_verify_key_bytes, write_signing_keys
|
from unpaddedbase64 import decode_base64
|
||||||
)
|
|
||||||
from syutil.base64util import decode_base64
|
|
||||||
|
|
||||||
import urllib2
|
import urllib2
|
||||||
import json
|
import json
|
||||||
|
|
|
@ -4,10 +4,10 @@ import sys
|
||||||
import json
|
import json
|
||||||
import time
|
import time
|
||||||
import hashlib
|
import hashlib
|
||||||
from syutil.base64util import encode_base64
|
from unpaddedbase64 import encode_base64
|
||||||
from syutil.crypto.signing_key import read_signing_keys
|
from signedjson.key import read_signing_keys
|
||||||
from syutil.crypto.jsonsign import sign_json
|
from signedjson.sign import sign_json
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
|
|
||||||
|
|
||||||
def select_v1_keys(connection):
|
def select_v1_keys(connection):
|
||||||
|
|
142
scripts-dev/definitions.py
Executable file
142
scripts-dev/definitions.py
Executable file
|
@ -0,0 +1,142 @@
|
||||||
|
#! /usr/bin/python
|
||||||
|
|
||||||
|
import ast
|
||||||
|
import yaml
|
||||||
|
|
||||||
|
class DefinitionVisitor(ast.NodeVisitor):
|
||||||
|
def __init__(self):
|
||||||
|
super(DefinitionVisitor, self).__init__()
|
||||||
|
self.functions = {}
|
||||||
|
self.classes = {}
|
||||||
|
self.names = {}
|
||||||
|
self.attrs = set()
|
||||||
|
self.definitions = {
|
||||||
|
'def': self.functions,
|
||||||
|
'class': self.classes,
|
||||||
|
'names': self.names,
|
||||||
|
'attrs': self.attrs,
|
||||||
|
}
|
||||||
|
|
||||||
|
def visit_Name(self, node):
|
||||||
|
self.names.setdefault(type(node.ctx).__name__, set()).add(node.id)
|
||||||
|
|
||||||
|
def visit_Attribute(self, node):
|
||||||
|
self.attrs.add(node.attr)
|
||||||
|
for child in ast.iter_child_nodes(node):
|
||||||
|
self.visit(child)
|
||||||
|
|
||||||
|
def visit_ClassDef(self, node):
|
||||||
|
visitor = DefinitionVisitor()
|
||||||
|
self.classes[node.name] = visitor.definitions
|
||||||
|
for child in ast.iter_child_nodes(node):
|
||||||
|
visitor.visit(child)
|
||||||
|
|
||||||
|
def visit_FunctionDef(self, node):
|
||||||
|
visitor = DefinitionVisitor()
|
||||||
|
self.functions[node.name] = visitor.definitions
|
||||||
|
for child in ast.iter_child_nodes(node):
|
||||||
|
visitor.visit(child)
|
||||||
|
|
||||||
|
|
||||||
|
def non_empty(defs):
|
||||||
|
functions = {name: non_empty(f) for name, f in defs['def'].items()}
|
||||||
|
classes = {name: non_empty(f) for name, f in defs['class'].items()}
|
||||||
|
result = {}
|
||||||
|
if functions: result['def'] = functions
|
||||||
|
if classes: result['class'] = classes
|
||||||
|
names = defs['names']
|
||||||
|
uses = []
|
||||||
|
for name in names.get('Load', ()):
|
||||||
|
if name not in names.get('Param', ()) and name not in names.get('Store', ()):
|
||||||
|
uses.append(name)
|
||||||
|
uses.extend(defs['attrs'])
|
||||||
|
if uses: result['uses'] = uses
|
||||||
|
result['names'] = names
|
||||||
|
result['attrs'] = defs['attrs']
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
def definitions_in_code(input_code):
|
||||||
|
input_ast = ast.parse(input_code)
|
||||||
|
visitor = DefinitionVisitor()
|
||||||
|
visitor.visit(input_ast)
|
||||||
|
definitions = non_empty(visitor.definitions)
|
||||||
|
return definitions
|
||||||
|
|
||||||
|
|
||||||
|
def definitions_in_file(filepath):
|
||||||
|
with open(filepath) as f:
|
||||||
|
return definitions_in_code(f.read())
|
||||||
|
|
||||||
|
|
||||||
|
def defined_names(prefix, defs, names):
|
||||||
|
for name, funcs in defs.get('def', {}).items():
|
||||||
|
names.setdefault(name, {'defined': []})['defined'].append(prefix + name)
|
||||||
|
defined_names(prefix + name + ".", funcs, names)
|
||||||
|
|
||||||
|
for name, funcs in defs.get('class', {}).items():
|
||||||
|
names.setdefault(name, {'defined': []})['defined'].append(prefix + name)
|
||||||
|
defined_names(prefix + name + ".", funcs, names)
|
||||||
|
|
||||||
|
|
||||||
|
def used_names(prefix, defs, names):
|
||||||
|
for name, funcs in defs.get('def', {}).items():
|
||||||
|
used_names(prefix + name + ".", funcs, names)
|
||||||
|
|
||||||
|
for name, funcs in defs.get('class', {}).items():
|
||||||
|
used_names(prefix + name + ".", funcs, names)
|
||||||
|
|
||||||
|
for used in defs.get('uses', ()):
|
||||||
|
if used in names:
|
||||||
|
names[used].setdefault('used', []).append(prefix.rstrip('.'))
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
import sys, os, argparse, re
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Find definitions.')
|
||||||
|
parser.add_argument(
|
||||||
|
"--unused", action="store_true", help="Only list unused definitions"
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"--ignore", action="append", metavar="REGEXP", help="Ignore a pattern"
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"--pattern", action="append", metavar="REGEXP",
|
||||||
|
help="Search for a pattern"
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"directories", nargs='+', metavar="DIR",
|
||||||
|
help="Directories to search for definitions"
|
||||||
|
)
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
definitions = {}
|
||||||
|
for directory in args.directories:
|
||||||
|
for root, dirs, files in os.walk(directory):
|
||||||
|
for filename in files:
|
||||||
|
if filename.endswith(".py"):
|
||||||
|
filepath = os.path.join(root, filename)
|
||||||
|
definitions[filepath] = definitions_in_file(filepath)
|
||||||
|
|
||||||
|
names = {}
|
||||||
|
for filepath, defs in definitions.items():
|
||||||
|
defined_names(filepath + ":", defs, names)
|
||||||
|
|
||||||
|
for filepath, defs in definitions.items():
|
||||||
|
used_names(filepath + ":", defs, names)
|
||||||
|
|
||||||
|
patterns = [re.compile(pattern) for pattern in args.pattern or ()]
|
||||||
|
ignore = [re.compile(pattern) for pattern in args.ignore or ()]
|
||||||
|
|
||||||
|
result = {}
|
||||||
|
for name, definition in names.items():
|
||||||
|
if patterns and not any(pattern.match(name) for pattern in patterns):
|
||||||
|
continue
|
||||||
|
if ignore and any(pattern.match(name) for pattern in ignore):
|
||||||
|
continue
|
||||||
|
if args.unused and definition.get('used'):
|
||||||
|
continue
|
||||||
|
result[name] = definition
|
||||||
|
|
||||||
|
yaml.dump(result, sys.stdout, default_flow_style=False)
|
|
@ -6,8 +6,8 @@ from synapse.crypto.event_signing import (
|
||||||
add_event_pdu_content_hash, compute_pdu_event_reference_hash
|
add_event_pdu_content_hash, compute_pdu_event_reference_hash
|
||||||
)
|
)
|
||||||
from synapse.api.events.utils import prune_pdu
|
from synapse.api.events.utils import prune_pdu
|
||||||
from syutil.base64util import encode_base64, decode_base64
|
from unpaddedbase64 import encode_base64, decode_base64
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
import sqlite3
|
import sqlite3
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,7 @@ import traceback
|
||||||
import yaml
|
import yaml
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger("port_from_sqlite_to_postgres")
|
logger = logging.getLogger("synapse_port_db")
|
||||||
|
|
||||||
|
|
||||||
BOOLEAN_COLUMNS = {
|
BOOLEAN_COLUMNS = {
|
||||||
|
@ -95,8 +95,6 @@ class Store(object):
|
||||||
_simple_update_one = SQLBaseStore.__dict__["_simple_update_one"]
|
_simple_update_one = SQLBaseStore.__dict__["_simple_update_one"]
|
||||||
_simple_update_one_txn = SQLBaseStore.__dict__["_simple_update_one_txn"]
|
_simple_update_one_txn = SQLBaseStore.__dict__["_simple_update_one_txn"]
|
||||||
|
|
||||||
_execute_and_decode = SQLBaseStore.__dict__["_execute_and_decode"]
|
|
||||||
|
|
||||||
def runInteraction(self, desc, func, *args, **kwargs):
|
def runInteraction(self, desc, func, *args, **kwargs):
|
||||||
def r(conn):
|
def r(conn):
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -3,9 +3,6 @@ source-dir = docs/sphinx
|
||||||
build-dir = docs/build
|
build-dir = docs/build
|
||||||
all_files = 1
|
all_files = 1
|
||||||
|
|
||||||
[aliases]
|
|
||||||
test = trial
|
|
||||||
|
|
||||||
[trial]
|
[trial]
|
||||||
test_suite = tests
|
test_suite = tests
|
||||||
|
|
||||||
|
|
42
setup.py
42
setup.py
|
@ -16,7 +16,8 @@
|
||||||
|
|
||||||
import glob
|
import glob
|
||||||
import os
|
import os
|
||||||
from setuptools import setup, find_packages
|
from setuptools import setup, find_packages, Command
|
||||||
|
import sys
|
||||||
|
|
||||||
|
|
||||||
here = os.path.abspath(os.path.dirname(__file__))
|
here = os.path.abspath(os.path.dirname(__file__))
|
||||||
|
@ -37,6 +38,39 @@ def exec_file(path_segments):
|
||||||
exec(code, result)
|
exec(code, result)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
class Tox(Command):
|
||||||
|
user_options = [('tox-args=', 'a', "Arguments to pass to tox")]
|
||||||
|
|
||||||
|
def initialize_options(self):
|
||||||
|
self.tox_args = None
|
||||||
|
|
||||||
|
def finalize_options(self):
|
||||||
|
self.test_args = []
|
||||||
|
self.test_suite = True
|
||||||
|
|
||||||
|
def run(self):
|
||||||
|
#import here, cause outside the eggs aren't loaded
|
||||||
|
try:
|
||||||
|
import tox
|
||||||
|
except ImportError:
|
||||||
|
try:
|
||||||
|
self.distribution.fetch_build_eggs("tox")
|
||||||
|
import tox
|
||||||
|
except:
|
||||||
|
raise RuntimeError(
|
||||||
|
"The tests need 'tox' to run. Please install 'tox'."
|
||||||
|
)
|
||||||
|
import shlex
|
||||||
|
args = self.tox_args
|
||||||
|
if args:
|
||||||
|
args = shlex.split(self.tox_args)
|
||||||
|
else:
|
||||||
|
args = []
|
||||||
|
errno = tox.cmdline(args=args)
|
||||||
|
sys.exit(errno)
|
||||||
|
|
||||||
|
|
||||||
version = exec_file(("synapse", "__init__.py"))["__version__"]
|
version = exec_file(("synapse", "__init__.py"))["__version__"]
|
||||||
dependencies = exec_file(("synapse", "python_dependencies.py"))
|
dependencies = exec_file(("synapse", "python_dependencies.py"))
|
||||||
long_description = read_file(("README.rst",))
|
long_description = read_file(("README.rst",))
|
||||||
|
@ -47,14 +81,10 @@ setup(
|
||||||
packages=find_packages(exclude=["tests", "tests.*"]),
|
packages=find_packages(exclude=["tests", "tests.*"]),
|
||||||
description="Reference Synapse Home Server",
|
description="Reference Synapse Home Server",
|
||||||
install_requires=dependencies['requirements'](include_conditional=True).keys(),
|
install_requires=dependencies['requirements'](include_conditional=True).keys(),
|
||||||
setup_requires=[
|
|
||||||
"Twisted>=15.1.0", # Here to override setuptools_trial's dependency on Twisted>=2.4.0
|
|
||||||
"setuptools_trial",
|
|
||||||
"mock"
|
|
||||||
],
|
|
||||||
dependency_links=dependencies["DEPENDENCY_LINKS"].values(),
|
dependency_links=dependencies["DEPENDENCY_LINKS"].values(),
|
||||||
include_package_data=True,
|
include_package_data=True,
|
||||||
zip_safe=False,
|
zip_safe=False,
|
||||||
long_description=long_description,
|
long_description=long_description,
|
||||||
scripts=["synctl"] + glob.glob("scripts/*"),
|
scripts=["synctl"] + glob.glob("scripts/*"),
|
||||||
|
cmdclass={'test': Tox},
|
||||||
)
|
)
|
||||||
|
|
|
@ -16,4 +16,4 @@
|
||||||
""" This is a reference implementation of a Matrix home server.
|
""" This is a reference implementation of a Matrix home server.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
__version__ = "0.10.0-r2"
|
__version__ = "0.11.0"
|
||||||
|
|
|
@ -14,15 +14,20 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
"""This module contains classes for authenticating the user."""
|
"""This module contains classes for authenticating the user."""
|
||||||
|
from canonicaljson import encode_canonical_json
|
||||||
|
from signedjson.key import decode_verify_key_bytes
|
||||||
|
from signedjson.sign import verify_signed_json, SignatureVerifyException
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.api.constants import EventTypes, Membership, JoinRules
|
from synapse.api.constants import EventTypes, Membership, JoinRules
|
||||||
from synapse.api.errors import AuthError, Codes, SynapseError
|
from synapse.api.errors import AuthError, Codes, SynapseError, EventSizeError
|
||||||
|
from synapse.types import RoomID, UserID, EventID
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
from synapse.types import UserID, ClientInfo
|
from unpaddedbase64 import decode_base64
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
import pymacaroons
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -30,6 +35,7 @@ logger = logging.getLogger(__name__)
|
||||||
AuthEventTypes = (
|
AuthEventTypes = (
|
||||||
EventTypes.Create, EventTypes.Member, EventTypes.PowerLevels,
|
EventTypes.Create, EventTypes.Member, EventTypes.PowerLevels,
|
||||||
EventTypes.JoinRules, EventTypes.RoomHistoryVisibility,
|
EventTypes.JoinRules, EventTypes.RoomHistoryVisibility,
|
||||||
|
EventTypes.ThirdPartyInvite,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -40,6 +46,13 @@ class Auth(object):
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
self.state = hs.get_state_handler()
|
self.state = hs.get_state_handler()
|
||||||
self.TOKEN_NOT_FOUND_HTTP_STATUS = 401
|
self.TOKEN_NOT_FOUND_HTTP_STATUS = 401
|
||||||
|
self._KNOWN_CAVEAT_PREFIXES = set([
|
||||||
|
"gen = ",
|
||||||
|
"guest = ",
|
||||||
|
"type = ",
|
||||||
|
"time < ",
|
||||||
|
"user_id = ",
|
||||||
|
])
|
||||||
|
|
||||||
def check(self, event, auth_events):
|
def check(self, event, auth_events):
|
||||||
""" Checks if this event is correctly authed.
|
""" Checks if this event is correctly authed.
|
||||||
|
@ -52,6 +65,8 @@ class Auth(object):
|
||||||
Returns:
|
Returns:
|
||||||
True if the auth checks pass.
|
True if the auth checks pass.
|
||||||
"""
|
"""
|
||||||
|
self.check_size_limits(event)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if not hasattr(event, "room_id"):
|
if not hasattr(event, "room_id"):
|
||||||
raise AuthError(500, "Event has no room_id: %s" % event)
|
raise AuthError(500, "Event has no room_id: %s" % event)
|
||||||
|
@ -65,6 +80,23 @@ class Auth(object):
|
||||||
# FIXME
|
# FIXME
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
creation_event = auth_events.get((EventTypes.Create, ""), None)
|
||||||
|
|
||||||
|
if not creation_event:
|
||||||
|
raise SynapseError(
|
||||||
|
403,
|
||||||
|
"Room %r does not exist" % (event.room_id,)
|
||||||
|
)
|
||||||
|
|
||||||
|
creating_domain = RoomID.from_string(event.room_id).domain
|
||||||
|
originating_domain = UserID.from_string(event.sender).domain
|
||||||
|
if creating_domain != originating_domain:
|
||||||
|
if not self.can_federate(event, auth_events):
|
||||||
|
raise AuthError(
|
||||||
|
403,
|
||||||
|
"This room has been marked as unfederatable."
|
||||||
|
)
|
||||||
|
|
||||||
# FIXME: Temp hack
|
# FIXME: Temp hack
|
||||||
if event.type == EventTypes.Aliases:
|
if event.type == EventTypes.Aliases:
|
||||||
return True
|
return True
|
||||||
|
@ -91,7 +123,7 @@ class Auth(object):
|
||||||
self._check_power_levels(event, auth_events)
|
self._check_power_levels(event, auth_events)
|
||||||
|
|
||||||
if event.type == EventTypes.Redaction:
|
if event.type == EventTypes.Redaction:
|
||||||
self._check_redaction(event, auth_events)
|
self.check_redaction(event, auth_events)
|
||||||
|
|
||||||
logger.debug("Allowing! %s", event)
|
logger.debug("Allowing! %s", event)
|
||||||
except AuthError as e:
|
except AuthError as e:
|
||||||
|
@ -102,8 +134,39 @@ class Auth(object):
|
||||||
logger.info("Denying! %s", event)
|
logger.info("Denying! %s", event)
|
||||||
raise
|
raise
|
||||||
|
|
||||||
|
def check_size_limits(self, event):
|
||||||
|
def too_big(field):
|
||||||
|
raise EventSizeError("%s too large" % (field,))
|
||||||
|
|
||||||
|
if len(event.user_id) > 255:
|
||||||
|
too_big("user_id")
|
||||||
|
if len(event.room_id) > 255:
|
||||||
|
too_big("room_id")
|
||||||
|
if event.is_state() and len(event.state_key) > 255:
|
||||||
|
too_big("state_key")
|
||||||
|
if len(event.type) > 255:
|
||||||
|
too_big("type")
|
||||||
|
if len(event.event_id) > 255:
|
||||||
|
too_big("event_id")
|
||||||
|
if len(encode_canonical_json(event.get_pdu_json())) > 65536:
|
||||||
|
too_big("event")
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def check_joined_room(self, room_id, user_id, current_state=None):
|
def check_joined_room(self, room_id, user_id, current_state=None):
|
||||||
|
"""Check if the user is currently joined in the room
|
||||||
|
Args:
|
||||||
|
room_id(str): The room to check.
|
||||||
|
user_id(str): The user to check.
|
||||||
|
current_state(dict): Optional map of the current state of the room.
|
||||||
|
If provided then that map is used to check whether they are a
|
||||||
|
member of the room. Otherwise the current membership is
|
||||||
|
loaded from the database.
|
||||||
|
Raises:
|
||||||
|
AuthError if the user is not in the room.
|
||||||
|
Returns:
|
||||||
|
A deferred membership event for the user if the user is in
|
||||||
|
the room.
|
||||||
|
"""
|
||||||
if current_state:
|
if current_state:
|
||||||
member = current_state.get(
|
member = current_state.get(
|
||||||
(EventTypes.Member, user_id),
|
(EventTypes.Member, user_id),
|
||||||
|
@ -119,6 +182,33 @@ class Auth(object):
|
||||||
self._check_joined_room(member, user_id, room_id)
|
self._check_joined_room(member, user_id, room_id)
|
||||||
defer.returnValue(member)
|
defer.returnValue(member)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def check_user_was_in_room(self, room_id, user_id):
|
||||||
|
"""Check if the user was in the room at some point.
|
||||||
|
Args:
|
||||||
|
room_id(str): The room to check.
|
||||||
|
user_id(str): The user to check.
|
||||||
|
Raises:
|
||||||
|
AuthError if the user was never in the room.
|
||||||
|
Returns:
|
||||||
|
A deferred membership event for the user if the user was in the
|
||||||
|
room. This will be the join event if they are currently joined to
|
||||||
|
the room. This will be the leave event if they have left the room.
|
||||||
|
"""
|
||||||
|
member = yield self.state.get_current_state(
|
||||||
|
room_id=room_id,
|
||||||
|
event_type=EventTypes.Member,
|
||||||
|
state_key=user_id
|
||||||
|
)
|
||||||
|
membership = member.membership if member else None
|
||||||
|
|
||||||
|
if membership not in (Membership.JOIN, Membership.LEAVE):
|
||||||
|
raise AuthError(403, "User %s not in room %s" % (
|
||||||
|
user_id, room_id
|
||||||
|
))
|
||||||
|
|
||||||
|
defer.returnValue(member)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def check_host_in_room(self, room_id, host):
|
def check_host_in_room(self, room_id, host):
|
||||||
curr_state = yield self.state.get_current_state(room_id)
|
curr_state = yield self.state.get_current_state(room_id)
|
||||||
|
@ -153,6 +243,11 @@ class Auth(object):
|
||||||
user_id, room_id, repr(member)
|
user_id, room_id, repr(member)
|
||||||
))
|
))
|
||||||
|
|
||||||
|
def can_federate(self, event, auth_events):
|
||||||
|
creation_event = auth_events.get((EventTypes.Create, ""))
|
||||||
|
|
||||||
|
return creation_event.content.get("m.federate", True) is True
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
def is_membership_change_allowed(self, event, auth_events):
|
def is_membership_change_allowed(self, event, auth_events):
|
||||||
membership = event.content["membership"]
|
membership = event.content["membership"]
|
||||||
|
@ -168,6 +263,15 @@ class Auth(object):
|
||||||
|
|
||||||
target_user_id = event.state_key
|
target_user_id = event.state_key
|
||||||
|
|
||||||
|
creating_domain = RoomID.from_string(event.room_id).domain
|
||||||
|
target_domain = UserID.from_string(target_user_id).domain
|
||||||
|
if creating_domain != target_domain:
|
||||||
|
if not self.can_federate(event, auth_events):
|
||||||
|
raise AuthError(
|
||||||
|
403,
|
||||||
|
"This room has been marked as unfederatable."
|
||||||
|
)
|
||||||
|
|
||||||
# get info about the caller
|
# get info about the caller
|
||||||
key = (EventTypes.Member, event.user_id, )
|
key = (EventTypes.Member, event.user_id, )
|
||||||
caller = auth_events.get(key)
|
caller = auth_events.get(key)
|
||||||
|
@ -213,8 +317,17 @@ class Auth(object):
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if Membership.INVITE == membership and "third_party_invite" in event.content:
|
||||||
|
if not self._verify_third_party_invite(event, auth_events):
|
||||||
|
raise AuthError(403, "You are not invited to this room.")
|
||||||
|
return True
|
||||||
|
|
||||||
if Membership.JOIN != membership:
|
if Membership.JOIN != membership:
|
||||||
# JOIN is the only action you can perform if you're not in the room
|
if (caller_invited
|
||||||
|
and Membership.LEAVE == membership
|
||||||
|
and target_user_id == event.user_id):
|
||||||
|
return True
|
||||||
|
|
||||||
if not caller_in_room: # caller isn't joined
|
if not caller_in_room: # caller isn't joined
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
403,
|
403,
|
||||||
|
@ -278,6 +391,66 @@ class Auth(object):
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
def _verify_third_party_invite(self, event, auth_events):
|
||||||
|
"""
|
||||||
|
Validates that the invite event is authorized by a previous third-party invite.
|
||||||
|
|
||||||
|
Checks that the public key, and keyserver, match those in the third party invite,
|
||||||
|
and that the invite event has a signature issued using that public key.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
event: The m.room.member join event being validated.
|
||||||
|
auth_events: All relevant previous context events which may be used
|
||||||
|
for authorization decisions.
|
||||||
|
|
||||||
|
Return:
|
||||||
|
True if the event fulfills the expectations of a previous third party
|
||||||
|
invite event.
|
||||||
|
"""
|
||||||
|
if "third_party_invite" not in event.content:
|
||||||
|
return False
|
||||||
|
if "signed" not in event.content["third_party_invite"]:
|
||||||
|
return False
|
||||||
|
signed = event.content["third_party_invite"]["signed"]
|
||||||
|
for key in {"mxid", "token"}:
|
||||||
|
if key not in signed:
|
||||||
|
return False
|
||||||
|
|
||||||
|
token = signed["token"]
|
||||||
|
|
||||||
|
invite_event = auth_events.get(
|
||||||
|
(EventTypes.ThirdPartyInvite, token,)
|
||||||
|
)
|
||||||
|
if not invite_event:
|
||||||
|
return False
|
||||||
|
|
||||||
|
if event.user_id != invite_event.user_id:
|
||||||
|
return False
|
||||||
|
try:
|
||||||
|
public_key = invite_event.content["public_key"]
|
||||||
|
if signed["mxid"] != event.state_key:
|
||||||
|
return False
|
||||||
|
if signed["token"] != token:
|
||||||
|
return False
|
||||||
|
for server, signature_block in signed["signatures"].items():
|
||||||
|
for key_name, encoded_signature in signature_block.items():
|
||||||
|
if not key_name.startswith("ed25519:"):
|
||||||
|
return False
|
||||||
|
verify_key = decode_verify_key_bytes(
|
||||||
|
key_name,
|
||||||
|
decode_base64(public_key)
|
||||||
|
)
|
||||||
|
verify_signed_json(signed, server, verify_key)
|
||||||
|
|
||||||
|
# We got the public key from the invite, so we know that the
|
||||||
|
# correct server signed the signed bundle.
|
||||||
|
# The caller is responsible for checking that the signing
|
||||||
|
# server has not revoked that public key.
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
except (KeyError, SignatureVerifyException,):
|
||||||
|
return False
|
||||||
|
|
||||||
def _get_power_level_event(self, auth_events):
|
def _get_power_level_event(self, auth_events):
|
||||||
key = (EventTypes.PowerLevels, "", )
|
key = (EventTypes.PowerLevels, "", )
|
||||||
return auth_events.get(key)
|
return auth_events.get(key)
|
||||||
|
@ -316,15 +489,15 @@ class Auth(object):
|
||||||
return default
|
return default
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_user_by_req(self, request):
|
def get_user_by_req(self, request, allow_guest=False):
|
||||||
""" Get a registered user's ID.
|
""" Get a registered user's ID.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
request - An HTTP request with an access_token query parameter.
|
request - An HTTP request with an access_token query parameter.
|
||||||
Returns:
|
Returns:
|
||||||
tuple : of UserID and device string:
|
tuple of:
|
||||||
User ID object of the user making the request
|
UserID (str)
|
||||||
ClientInfo object of the client instance the user is using
|
Access token ID (str)
|
||||||
Raises:
|
Raises:
|
||||||
AuthError if no user by that token exists or the token is invalid.
|
AuthError if no user by that token exists or the token is invalid.
|
||||||
"""
|
"""
|
||||||
|
@ -354,17 +527,15 @@ class Auth(object):
|
||||||
|
|
||||||
request.authenticated_entity = user_id
|
request.authenticated_entity = user_id
|
||||||
|
|
||||||
defer.returnValue(
|
defer.returnValue((UserID.from_string(user_id), "", False))
|
||||||
(UserID.from_string(user_id), ClientInfo("", ""))
|
|
||||||
)
|
|
||||||
return
|
return
|
||||||
except KeyError:
|
except KeyError:
|
||||||
pass # normal users won't have the user_id query parameter set.
|
pass # normal users won't have the user_id query parameter set.
|
||||||
|
|
||||||
user_info = yield self.get_user_by_token(access_token)
|
user_info = yield self._get_user_by_access_token(access_token)
|
||||||
user = user_info["user"]
|
user = user_info["user"]
|
||||||
device_id = user_info["device_id"]
|
|
||||||
token_id = user_info["token_id"]
|
token_id = user_info["token_id"]
|
||||||
|
is_guest = user_info["is_guest"]
|
||||||
|
|
||||||
ip_addr = self.hs.get_ip_from_request(request)
|
ip_addr = self.hs.get_ip_from_request(request)
|
||||||
user_agent = request.requestHeaders.getRawHeaders(
|
user_agent = request.requestHeaders.getRawHeaders(
|
||||||
|
@ -375,14 +546,18 @@ class Auth(object):
|
||||||
self.store.insert_client_ip(
|
self.store.insert_client_ip(
|
||||||
user=user,
|
user=user,
|
||||||
access_token=access_token,
|
access_token=access_token,
|
||||||
device_id=user_info["device_id"],
|
|
||||||
ip=ip_addr,
|
ip=ip_addr,
|
||||||
user_agent=user_agent
|
user_agent=user_agent
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if is_guest and not allow_guest:
|
||||||
|
raise AuthError(
|
||||||
|
403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
|
||||||
|
)
|
||||||
|
|
||||||
request.authenticated_entity = user.to_string()
|
request.authenticated_entity = user.to_string()
|
||||||
|
|
||||||
defer.returnValue((user, ClientInfo(device_id, token_id)))
|
defer.returnValue((user, token_id, is_guest,))
|
||||||
except KeyError:
|
except KeyError:
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Missing access token.",
|
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Missing access token.",
|
||||||
|
@ -390,30 +565,124 @@ class Auth(object):
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_user_by_token(self, token):
|
def _get_user_by_access_token(self, token):
|
||||||
""" Get a registered user's ID.
|
""" Get a registered user's ID.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
token (str): The access token to get the user by.
|
token (str): The access token to get the user by.
|
||||||
Returns:
|
Returns:
|
||||||
dict : dict that includes the user, device_id, and whether the
|
dict : dict that includes the user and the ID of their access token.
|
||||||
user is a server admin.
|
|
||||||
Raises:
|
Raises:
|
||||||
AuthError if no user by that token exists or the token is invalid.
|
AuthError if no user by that token exists or the token is invalid.
|
||||||
"""
|
"""
|
||||||
ret = yield self.store.get_user_by_token(token)
|
try:
|
||||||
|
ret = yield self._get_user_from_macaroon(token)
|
||||||
|
except AuthError:
|
||||||
|
# TODO(daniel): Remove this fallback when all existing access tokens
|
||||||
|
# have been re-issued as macaroons.
|
||||||
|
ret = yield self._look_up_user_by_access_token(token)
|
||||||
|
defer.returnValue(ret)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _get_user_from_macaroon(self, macaroon_str):
|
||||||
|
try:
|
||||||
|
macaroon = pymacaroons.Macaroon.deserialize(macaroon_str)
|
||||||
|
self.validate_macaroon(
|
||||||
|
macaroon, "access",
|
||||||
|
[lambda c: c.startswith("time < ")]
|
||||||
|
)
|
||||||
|
|
||||||
|
user_prefix = "user_id = "
|
||||||
|
user = None
|
||||||
|
guest = False
|
||||||
|
for caveat in macaroon.caveats:
|
||||||
|
if caveat.caveat_id.startswith(user_prefix):
|
||||||
|
user = UserID.from_string(caveat.caveat_id[len(user_prefix):])
|
||||||
|
elif caveat.caveat_id == "guest = true":
|
||||||
|
guest = True
|
||||||
|
|
||||||
|
if user is None:
|
||||||
|
raise AuthError(
|
||||||
|
self.TOKEN_NOT_FOUND_HTTP_STATUS, "No user caveat in macaroon",
|
||||||
|
errcode=Codes.UNKNOWN_TOKEN
|
||||||
|
)
|
||||||
|
|
||||||
|
if guest:
|
||||||
|
ret = {
|
||||||
|
"user": user,
|
||||||
|
"is_guest": True,
|
||||||
|
"token_id": None,
|
||||||
|
}
|
||||||
|
else:
|
||||||
|
# This codepath exists so that we can actually return a
|
||||||
|
# token ID, because we use token IDs in place of device
|
||||||
|
# identifiers throughout the codebase.
|
||||||
|
# TODO(daniel): Remove this fallback when device IDs are
|
||||||
|
# properly implemented.
|
||||||
|
ret = yield self._look_up_user_by_access_token(macaroon_str)
|
||||||
|
if ret["user"] != user:
|
||||||
|
logger.error(
|
||||||
|
"Macaroon user (%s) != DB user (%s)",
|
||||||
|
user,
|
||||||
|
ret["user"]
|
||||||
|
)
|
||||||
|
raise AuthError(
|
||||||
|
self.TOKEN_NOT_FOUND_HTTP_STATUS,
|
||||||
|
"User mismatch in macaroon",
|
||||||
|
errcode=Codes.UNKNOWN_TOKEN
|
||||||
|
)
|
||||||
|
defer.returnValue(ret)
|
||||||
|
except (pymacaroons.exceptions.MacaroonException, TypeError, ValueError):
|
||||||
|
raise AuthError(
|
||||||
|
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Invalid macaroon passed.",
|
||||||
|
errcode=Codes.UNKNOWN_TOKEN
|
||||||
|
)
|
||||||
|
|
||||||
|
def validate_macaroon(self, macaroon, type_string, additional_validation_functions):
|
||||||
|
v = pymacaroons.Verifier()
|
||||||
|
v.satisfy_exact("gen = 1")
|
||||||
|
v.satisfy_exact("type = " + type_string)
|
||||||
|
v.satisfy_general(lambda c: c.startswith("user_id = "))
|
||||||
|
v.satisfy_exact("guest = true")
|
||||||
|
|
||||||
|
for validation_function in additional_validation_functions:
|
||||||
|
v.satisfy_general(validation_function)
|
||||||
|
v.verify(macaroon, self.hs.config.macaroon_secret_key)
|
||||||
|
|
||||||
|
v = pymacaroons.Verifier()
|
||||||
|
v.satisfy_general(self._verify_recognizes_caveats)
|
||||||
|
v.verify(macaroon, self.hs.config.macaroon_secret_key)
|
||||||
|
|
||||||
|
def verify_expiry(self, caveat):
|
||||||
|
prefix = "time < "
|
||||||
|
if not caveat.startswith(prefix):
|
||||||
|
return False
|
||||||
|
expiry = int(caveat[len(prefix):])
|
||||||
|
now = self.hs.get_clock().time_msec()
|
||||||
|
return now < expiry
|
||||||
|
|
||||||
|
def _verify_recognizes_caveats(self, caveat):
|
||||||
|
first_space = caveat.find(" ")
|
||||||
|
if first_space < 0:
|
||||||
|
return False
|
||||||
|
second_space = caveat.find(" ", first_space + 1)
|
||||||
|
if second_space < 0:
|
||||||
|
return False
|
||||||
|
return caveat[:second_space + 1] in self._KNOWN_CAVEAT_PREFIXES
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _look_up_user_by_access_token(self, token):
|
||||||
|
ret = yield self.store.get_user_by_access_token(token)
|
||||||
if not ret:
|
if not ret:
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Unrecognised access token.",
|
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Unrecognised access token.",
|
||||||
errcode=Codes.UNKNOWN_TOKEN
|
errcode=Codes.UNKNOWN_TOKEN
|
||||||
)
|
)
|
||||||
user_info = {
|
user_info = {
|
||||||
"admin": bool(ret.get("admin", False)),
|
|
||||||
"device_id": ret.get("device_id"),
|
|
||||||
"user": UserID.from_string(ret.get("name")),
|
"user": UserID.from_string(ret.get("name")),
|
||||||
"token_id": ret.get("token_id", None),
|
"token_id": ret.get("token_id", None),
|
||||||
|
"is_guest": False,
|
||||||
}
|
}
|
||||||
|
|
||||||
defer.returnValue(user_info)
|
defer.returnValue(user_info)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
|
@ -488,6 +757,16 @@ class Auth(object):
|
||||||
else:
|
else:
|
||||||
if member_event:
|
if member_event:
|
||||||
auth_ids.append(member_event.event_id)
|
auth_ids.append(member_event.event_id)
|
||||||
|
|
||||||
|
if e_type == Membership.INVITE:
|
||||||
|
if "third_party_invite" in event.content:
|
||||||
|
key = (
|
||||||
|
EventTypes.ThirdPartyInvite,
|
||||||
|
event.content["third_party_invite"]["token"]
|
||||||
|
)
|
||||||
|
third_party_invite = current_state.get(key)
|
||||||
|
if third_party_invite:
|
||||||
|
auth_ids.append(third_party_invite.event_id)
|
||||||
elif member_event:
|
elif member_event:
|
||||||
if member_event.content["membership"] == Membership.JOIN:
|
if member_event.content["membership"] == Membership.JOIN:
|
||||||
auth_ids.append(member_event.event_id)
|
auth_ids.append(member_event.event_id)
|
||||||
|
@ -548,16 +827,35 @@ class Auth(object):
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def _check_redaction(self, event, auth_events):
|
def check_redaction(self, event, auth_events):
|
||||||
|
"""Check whether the event sender is allowed to redact the target event.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
True if the the sender is allowed to redact the target event if the
|
||||||
|
target event was created by them.
|
||||||
|
False if the sender is allowed to redact the target event with no
|
||||||
|
further checks.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
AuthError if the event sender is definitely not allowed to redact
|
||||||
|
the target event.
|
||||||
|
"""
|
||||||
user_level = self._get_user_power_level(event.user_id, auth_events)
|
user_level = self._get_user_power_level(event.user_id, auth_events)
|
||||||
|
|
||||||
redact_level = self._get_named_level(auth_events, "redact", 50)
|
redact_level = self._get_named_level(auth_events, "redact", 50)
|
||||||
|
|
||||||
if user_level < redact_level:
|
if user_level > redact_level:
|
||||||
raise AuthError(
|
return False
|
||||||
403,
|
|
||||||
"You don't have permission to redact events"
|
redacter_domain = EventID.from_string(event.event_id).domain
|
||||||
)
|
redactee_domain = EventID.from_string(event.redacts).domain
|
||||||
|
if redacter_domain == redactee_domain:
|
||||||
|
return True
|
||||||
|
|
||||||
|
raise AuthError(
|
||||||
|
403,
|
||||||
|
"You don't have permission to redact events"
|
||||||
|
)
|
||||||
|
|
||||||
def _check_power_levels(self, event, auth_events):
|
def _check_power_levels(self, event, auth_events):
|
||||||
user_list = event.content.get("users", {})
|
user_list = event.content.get("users", {})
|
||||||
|
|
|
@ -27,16 +27,6 @@ class Membership(object):
|
||||||
LIST = (INVITE, JOIN, KNOCK, LEAVE, BAN)
|
LIST = (INVITE, JOIN, KNOCK, LEAVE, BAN)
|
||||||
|
|
||||||
|
|
||||||
class Feedback(object):
|
|
||||||
|
|
||||||
"""Represents the types of feedback a user can send in response to a
|
|
||||||
message."""
|
|
||||||
|
|
||||||
DELIVERED = u"delivered"
|
|
||||||
READ = u"read"
|
|
||||||
LIST = (DELIVERED, READ)
|
|
||||||
|
|
||||||
|
|
||||||
class PresenceState(object):
|
class PresenceState(object):
|
||||||
"""Represents the presence state of a user."""
|
"""Represents the presence state of a user."""
|
||||||
OFFLINE = u"offline"
|
OFFLINE = u"offline"
|
||||||
|
@ -73,11 +63,12 @@ class EventTypes(object):
|
||||||
PowerLevels = "m.room.power_levels"
|
PowerLevels = "m.room.power_levels"
|
||||||
Aliases = "m.room.aliases"
|
Aliases = "m.room.aliases"
|
||||||
Redaction = "m.room.redaction"
|
Redaction = "m.room.redaction"
|
||||||
Feedback = "m.room.message.feedback"
|
ThirdPartyInvite = "m.room.third_party_invite"
|
||||||
|
|
||||||
RoomHistoryVisibility = "m.room.history_visibility"
|
RoomHistoryVisibility = "m.room.history_visibility"
|
||||||
CanonicalAlias = "m.room.canonical_alias"
|
CanonicalAlias = "m.room.canonical_alias"
|
||||||
RoomAvatar = "m.room.avatar"
|
RoomAvatar = "m.room.avatar"
|
||||||
|
GuestAccess = "m.room.guest_access"
|
||||||
|
|
||||||
# These are used for validation
|
# These are used for validation
|
||||||
Message = "m.room.message"
|
Message = "m.room.message"
|
||||||
|
@ -94,3 +85,4 @@ class RejectedReason(object):
|
||||||
class RoomCreationPreset(object):
|
class RoomCreationPreset(object):
|
||||||
PRIVATE_CHAT = "private_chat"
|
PRIVATE_CHAT = "private_chat"
|
||||||
PUBLIC_CHAT = "public_chat"
|
PUBLIC_CHAT = "public_chat"
|
||||||
|
TRUSTED_PRIVATE_CHAT = "trusted_private_chat"
|
||||||
|
|
|
@ -33,6 +33,7 @@ class Codes(object):
|
||||||
NOT_FOUND = "M_NOT_FOUND"
|
NOT_FOUND = "M_NOT_FOUND"
|
||||||
MISSING_TOKEN = "M_MISSING_TOKEN"
|
MISSING_TOKEN = "M_MISSING_TOKEN"
|
||||||
UNKNOWN_TOKEN = "M_UNKNOWN_TOKEN"
|
UNKNOWN_TOKEN = "M_UNKNOWN_TOKEN"
|
||||||
|
GUEST_ACCESS_FORBIDDEN = "M_GUEST_ACCESS_FORBIDDEN"
|
||||||
LIMIT_EXCEEDED = "M_LIMIT_EXCEEDED"
|
LIMIT_EXCEEDED = "M_LIMIT_EXCEEDED"
|
||||||
CAPTCHA_NEEDED = "M_CAPTCHA_NEEDED"
|
CAPTCHA_NEEDED = "M_CAPTCHA_NEEDED"
|
||||||
CAPTCHA_INVALID = "M_CAPTCHA_INVALID"
|
CAPTCHA_INVALID = "M_CAPTCHA_INVALID"
|
||||||
|
@ -47,7 +48,6 @@ class CodeMessageException(RuntimeError):
|
||||||
"""An exception with integer code and message string attributes."""
|
"""An exception with integer code and message string attributes."""
|
||||||
|
|
||||||
def __init__(self, code, msg):
|
def __init__(self, code, msg):
|
||||||
logger.info("%s: %s, %s", type(self).__name__, code, msg)
|
|
||||||
super(CodeMessageException, self).__init__("%d: %s" % (code, msg))
|
super(CodeMessageException, self).__init__("%d: %s" % (code, msg))
|
||||||
self.code = code
|
self.code = code
|
||||||
self.msg = msg
|
self.msg = msg
|
||||||
|
@ -77,11 +77,6 @@ class SynapseError(CodeMessageException):
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class RoomError(SynapseError):
|
|
||||||
"""An error raised when a room event fails."""
|
|
||||||
pass
|
|
||||||
|
|
||||||
|
|
||||||
class RegistrationError(SynapseError):
|
class RegistrationError(SynapseError):
|
||||||
"""An error raised when a registration event fails."""
|
"""An error raised when a registration event fails."""
|
||||||
pass
|
pass
|
||||||
|
@ -125,6 +120,15 @@ class AuthError(SynapseError):
|
||||||
super(AuthError, self).__init__(*args, **kwargs)
|
super(AuthError, self).__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
|
class EventSizeError(SynapseError):
|
||||||
|
"""An error raised when an event is too big."""
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
if "errcode" not in kwargs:
|
||||||
|
kwargs["errcode"] = Codes.TOO_LARGE
|
||||||
|
super(EventSizeError, self).__init__(413, *args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
class EventStreamError(SynapseError):
|
class EventStreamError(SynapseError):
|
||||||
"""An error raised when there a problem with the event stream."""
|
"""An error raised when there a problem with the event stream."""
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
|
|
|
@ -24,7 +24,7 @@ class Filtering(object):
|
||||||
|
|
||||||
def get_user_filter(self, user_localpart, filter_id):
|
def get_user_filter(self, user_localpart, filter_id):
|
||||||
result = self.store.get_user_filter(user_localpart, filter_id)
|
result = self.store.get_user_filter(user_localpart, filter_id)
|
||||||
result.addCallback(Filter)
|
result.addCallback(FilterCollection)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def add_user_filter(self, user_localpart, user_filter):
|
def add_user_filter(self, user_localpart, user_filter):
|
||||||
|
@ -50,11 +50,11 @@ class Filtering(object):
|
||||||
# many definitions.
|
# many definitions.
|
||||||
|
|
||||||
top_level_definitions = [
|
top_level_definitions = [
|
||||||
"public_user_data", "private_user_data", "server_data"
|
"presence"
|
||||||
]
|
]
|
||||||
|
|
||||||
room_level_definitions = [
|
room_level_definitions = [
|
||||||
"state", "events", "ephemeral"
|
"state", "timeline", "ephemeral", "private_user_data"
|
||||||
]
|
]
|
||||||
|
|
||||||
for key in top_level_definitions:
|
for key in top_level_definitions:
|
||||||
|
@ -114,116 +114,134 @@ class Filtering(object):
|
||||||
if not isinstance(event_type, basestring):
|
if not isinstance(event_type, basestring):
|
||||||
raise SynapseError(400, "Event type should be a string")
|
raise SynapseError(400, "Event type should be a string")
|
||||||
|
|
||||||
if "format" in definition:
|
|
||||||
event_format = definition["format"]
|
|
||||||
if event_format not in ["federation", "events"]:
|
|
||||||
raise SynapseError(400, "Invalid format: %s" % (event_format,))
|
|
||||||
|
|
||||||
if "select" in definition:
|
class FilterCollection(object):
|
||||||
event_select_list = definition["select"]
|
def __init__(self, filter_json):
|
||||||
for select_key in event_select_list:
|
self.filter_json = filter_json
|
||||||
if select_key not in ["event_id", "origin_server_ts",
|
|
||||||
"thread_id", "content", "content.body"]:
|
|
||||||
raise SynapseError(400, "Bad select: %s" % (select_key,))
|
|
||||||
|
|
||||||
if ("bundle_updates" in definition and
|
self.room_timeline_filter = Filter(
|
||||||
type(definition["bundle_updates"]) != bool):
|
self.filter_json.get("room", {}).get("timeline", {})
|
||||||
raise SynapseError(400, "Bad bundle_updates: expected bool.")
|
)
|
||||||
|
|
||||||
|
self.room_state_filter = Filter(
|
||||||
|
self.filter_json.get("room", {}).get("state", {})
|
||||||
|
)
|
||||||
|
|
||||||
|
self.room_ephemeral_filter = Filter(
|
||||||
|
self.filter_json.get("room", {}).get("ephemeral", {})
|
||||||
|
)
|
||||||
|
|
||||||
|
self.room_private_user_data = Filter(
|
||||||
|
self.filter_json.get("room", {}).get("private_user_data", {})
|
||||||
|
)
|
||||||
|
|
||||||
|
self.presence_filter = Filter(
|
||||||
|
self.filter_json.get("presence", {})
|
||||||
|
)
|
||||||
|
|
||||||
|
def timeline_limit(self):
|
||||||
|
return self.room_timeline_filter.limit()
|
||||||
|
|
||||||
|
def presence_limit(self):
|
||||||
|
return self.presence_filter.limit()
|
||||||
|
|
||||||
|
def ephemeral_limit(self):
|
||||||
|
return self.room_ephemeral_filter.limit()
|
||||||
|
|
||||||
|
def filter_presence(self, events):
|
||||||
|
return self.presence_filter.filter(events)
|
||||||
|
|
||||||
|
def filter_room_state(self, events):
|
||||||
|
return self.room_state_filter.filter(events)
|
||||||
|
|
||||||
|
def filter_room_timeline(self, events):
|
||||||
|
return self.room_timeline_filter.filter(events)
|
||||||
|
|
||||||
|
def filter_room_ephemeral(self, events):
|
||||||
|
return self.room_ephemeral_filter.filter(events)
|
||||||
|
|
||||||
|
def filter_room_private_user_data(self, events):
|
||||||
|
return self.room_private_user_data.filter(events)
|
||||||
|
|
||||||
|
|
||||||
class Filter(object):
|
class Filter(object):
|
||||||
def __init__(self, filter_json):
|
def __init__(self, filter_json):
|
||||||
self.filter_json = filter_json
|
self.filter_json = filter_json
|
||||||
|
|
||||||
def filter_public_user_data(self, events):
|
def check(self, event):
|
||||||
return self._filter_on_key(events, ["public_user_data"])
|
"""Checks whether the filter matches the given event.
|
||||||
|
|
||||||
def filter_private_user_data(self, events):
|
|
||||||
return self._filter_on_key(events, ["private_user_data"])
|
|
||||||
|
|
||||||
def filter_room_state(self, events):
|
|
||||||
return self._filter_on_key(events, ["room", "state"])
|
|
||||||
|
|
||||||
def filter_room_events(self, events):
|
|
||||||
return self._filter_on_key(events, ["room", "events"])
|
|
||||||
|
|
||||||
def filter_room_ephemeral(self, events):
|
|
||||||
return self._filter_on_key(events, ["room", "ephemeral"])
|
|
||||||
|
|
||||||
def _filter_on_key(self, events, keys):
|
|
||||||
filter_json = self.filter_json
|
|
||||||
if not filter_json:
|
|
||||||
return events
|
|
||||||
|
|
||||||
try:
|
|
||||||
# extract the right definition from the filter
|
|
||||||
definition = filter_json
|
|
||||||
for key in keys:
|
|
||||||
definition = definition[key]
|
|
||||||
return self._filter_with_definition(events, definition)
|
|
||||||
except KeyError:
|
|
||||||
# return all events if definition isn't specified.
|
|
||||||
return events
|
|
||||||
|
|
||||||
def _filter_with_definition(self, events, definition):
|
|
||||||
return [e for e in events if self._passes_definition(definition, e)]
|
|
||||||
|
|
||||||
def _passes_definition(self, definition, event):
|
|
||||||
"""Check if the event passes through the given definition.
|
|
||||||
|
|
||||||
Args:
|
|
||||||
definition(dict): The definition to check against.
|
|
||||||
event(Event): The event to check.
|
|
||||||
Returns:
|
Returns:
|
||||||
True if the event passes through the filter.
|
bool: True if the event matches
|
||||||
"""
|
"""
|
||||||
# Algorithm notes:
|
if isinstance(event, dict):
|
||||||
# For each key in the definition, check the event meets the criteria:
|
return self.check_fields(
|
||||||
# * For types: Literal match or prefix match (if ends with wildcard)
|
event.get("room_id", None),
|
||||||
# * For senders/rooms: Literal match only
|
event.get("sender", None),
|
||||||
# * "not_" checks take presedence (e.g. if "m.*" is in both 'types'
|
event.get("type", None),
|
||||||
# and 'not_types' then it is treated as only being in 'not_types')
|
)
|
||||||
|
else:
|
||||||
|
return self.check_fields(
|
||||||
|
getattr(event, "room_id", None),
|
||||||
|
getattr(event, "sender", None),
|
||||||
|
event.type,
|
||||||
|
)
|
||||||
|
|
||||||
# room checks
|
def check_fields(self, room_id, sender, event_type):
|
||||||
if hasattr(event, "room_id"):
|
"""Checks whether the filter matches the given event fields.
|
||||||
room_id = event.room_id
|
|
||||||
allow_rooms = definition.get("rooms", None)
|
Returns:
|
||||||
reject_rooms = definition.get("not_rooms", None)
|
bool: True if the event fields match
|
||||||
if reject_rooms and room_id in reject_rooms:
|
"""
|
||||||
return False
|
literal_keys = {
|
||||||
if allow_rooms and room_id not in allow_rooms:
|
"rooms": lambda v: room_id == v,
|
||||||
|
"senders": lambda v: sender == v,
|
||||||
|
"types": lambda v: _matches_wildcard(event_type, v)
|
||||||
|
}
|
||||||
|
|
||||||
|
for name, match_func in literal_keys.items():
|
||||||
|
not_name = "not_%s" % (name,)
|
||||||
|
disallowed_values = self.filter_json.get(not_name, [])
|
||||||
|
if any(map(match_func, disallowed_values)):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
# sender checks
|
allowed_values = self.filter_json.get(name, None)
|
||||||
if hasattr(event, "sender"):
|
if allowed_values is not None:
|
||||||
# Should we be including event.state_key for some event types?
|
if not any(map(match_func, allowed_values)):
|
||||||
sender = event.sender
|
|
||||||
allow_senders = definition.get("senders", None)
|
|
||||||
reject_senders = definition.get("not_senders", None)
|
|
||||||
if reject_senders and sender in reject_senders:
|
|
||||||
return False
|
|
||||||
if allow_senders and sender not in allow_senders:
|
|
||||||
return False
|
|
||||||
|
|
||||||
# type checks
|
|
||||||
if "not_types" in definition:
|
|
||||||
for def_type in definition["not_types"]:
|
|
||||||
if self._event_matches_type(event, def_type):
|
|
||||||
return False
|
return False
|
||||||
if "types" in definition:
|
|
||||||
included = False
|
|
||||||
for def_type in definition["types"]:
|
|
||||||
if self._event_matches_type(event, def_type):
|
|
||||||
included = True
|
|
||||||
break
|
|
||||||
if not included:
|
|
||||||
return False
|
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def _event_matches_type(self, event, def_type):
|
def filter_rooms(self, room_ids):
|
||||||
if def_type.endswith("*"):
|
"""Apply the 'rooms' filter to a given list of rooms.
|
||||||
type_prefix = def_type[:-1]
|
|
||||||
return event.type.startswith(type_prefix)
|
Args:
|
||||||
else:
|
room_ids (list): A list of room_ids.
|
||||||
return event.type == def_type
|
|
||||||
|
Returns:
|
||||||
|
list: A list of room_ids that match the filter
|
||||||
|
"""
|
||||||
|
room_ids = set(room_ids)
|
||||||
|
|
||||||
|
disallowed_rooms = set(self.filter_json.get("not_rooms", []))
|
||||||
|
room_ids -= disallowed_rooms
|
||||||
|
|
||||||
|
allowed_rooms = self.filter_json.get("rooms", None)
|
||||||
|
if allowed_rooms is not None:
|
||||||
|
room_ids &= set(allowed_rooms)
|
||||||
|
|
||||||
|
return room_ids
|
||||||
|
|
||||||
|
def filter(self, events):
|
||||||
|
return filter(self.check, events)
|
||||||
|
|
||||||
|
def limit(self):
|
||||||
|
return self.filter_json.get("limit", 10)
|
||||||
|
|
||||||
|
|
||||||
|
def _matches_wildcard(actual_value, filter_value):
|
||||||
|
if filter_value.endswith("*"):
|
||||||
|
type_prefix = filter_value[:-1]
|
||||||
|
return actual_value.startswith(type_prefix)
|
||||||
|
else:
|
||||||
|
return actual_value == filter_value
|
||||||
|
|
|
@ -16,20 +16,31 @@
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
sys.dont_write_bytecode = True
|
sys.dont_write_bytecode = True
|
||||||
from synapse.python_dependencies import check_requirements, DEPENDENCY_LINKS
|
from synapse.python_dependencies import (
|
||||||
|
check_requirements, DEPENDENCY_LINKS, MissingRequirementError
|
||||||
|
)
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
check_requirements()
|
try:
|
||||||
|
check_requirements()
|
||||||
|
except MissingRequirementError as e:
|
||||||
|
message = "\n".join([
|
||||||
|
"Missing Requirement: %s" % (e.message,),
|
||||||
|
"To install run:",
|
||||||
|
" pip install --upgrade --force \"%s\"" % (e.dependency,),
|
||||||
|
"",
|
||||||
|
])
|
||||||
|
sys.stderr.writelines(message)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
from synapse.storage.engines import create_engine, IncorrectDatabaseSetup
|
from synapse.storage.engines import create_engine, IncorrectDatabaseSetup
|
||||||
from synapse.storage import (
|
from synapse.storage import are_all_users_on_domain
|
||||||
are_all_users_on_domain, UpgradeDatabaseException,
|
from synapse.storage.prepare_database import UpgradeDatabaseException
|
||||||
)
|
|
||||||
|
|
||||||
from synapse.server import HomeServer
|
from synapse.server import HomeServer
|
||||||
|
|
||||||
|
|
||||||
from twisted.internet import reactor
|
from twisted.internet import reactor, task, defer
|
||||||
from twisted.application import service
|
from twisted.application import service
|
||||||
from twisted.enterprise import adbapi
|
from twisted.enterprise import adbapi
|
||||||
from twisted.web.resource import Resource, EncodingResourceWrapper
|
from twisted.web.resource import Resource, EncodingResourceWrapper
|
||||||
|
@ -72,12 +83,6 @@ import time
|
||||||
logger = logging.getLogger("synapse.app.homeserver")
|
logger = logging.getLogger("synapse.app.homeserver")
|
||||||
|
|
||||||
|
|
||||||
class GzipFile(File):
|
|
||||||
def getChild(self, path, request):
|
|
||||||
child = File.getChild(self, path, request)
|
|
||||||
return EncodingResourceWrapper(child, [GzipEncoderFactory()])
|
|
||||||
|
|
||||||
|
|
||||||
def gz_wrap(r):
|
def gz_wrap(r):
|
||||||
return EncodingResourceWrapper(r, [GzipEncoderFactory()])
|
return EncodingResourceWrapper(r, [GzipEncoderFactory()])
|
||||||
|
|
||||||
|
@ -121,12 +126,15 @@ class SynapseHomeServer(HomeServer):
|
||||||
# (It can stay enabled for the API resources: they call
|
# (It can stay enabled for the API resources: they call
|
||||||
# write() with the whole body and then finish() straight
|
# write() with the whole body and then finish() straight
|
||||||
# after and so do not trigger the bug.
|
# after and so do not trigger the bug.
|
||||||
|
# GzipFile was removed in commit 184ba09
|
||||||
# return GzipFile(webclient_path) # TODO configurable?
|
# return GzipFile(webclient_path) # TODO configurable?
|
||||||
return File(webclient_path) # TODO configurable?
|
return File(webclient_path) # TODO configurable?
|
||||||
|
|
||||||
def build_resource_for_static_content(self):
|
def build_resource_for_static_content(self):
|
||||||
# This is old and should go away: not going to bother adding gzip
|
# This is old and should go away: not going to bother adding gzip
|
||||||
return File("static")
|
return File(
|
||||||
|
os.path.join(os.path.dirname(synapse.__file__), "static")
|
||||||
|
)
|
||||||
|
|
||||||
def build_resource_for_content_repo(self):
|
def build_resource_for_content_repo(self):
|
||||||
return ContentRepoResource(
|
return ContentRepoResource(
|
||||||
|
@ -221,7 +229,7 @@ class SynapseHomeServer(HomeServer):
|
||||||
listener_config,
|
listener_config,
|
||||||
root_resource,
|
root_resource,
|
||||||
),
|
),
|
||||||
self.tls_context_factory,
|
self.tls_server_context_factory,
|
||||||
interface=bind_address
|
interface=bind_address
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
|
@ -365,7 +373,6 @@ def setup(config_options):
|
||||||
Args:
|
Args:
|
||||||
config_options_options: The options passed to Synapse. Usually
|
config_options_options: The options passed to Synapse. Usually
|
||||||
`sys.argv[1:]`.
|
`sys.argv[1:]`.
|
||||||
should_run (bool): Whether to start the reactor.
|
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
HomeServer
|
HomeServer
|
||||||
|
@ -388,7 +395,7 @@ def setup(config_options):
|
||||||
|
|
||||||
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
||||||
|
|
||||||
tls_context_factory = context_factory.ServerContextFactory(config)
|
tls_server_context_factory = context_factory.ServerContextFactory(config)
|
||||||
|
|
||||||
database_engine = create_engine(config.database_config["name"])
|
database_engine = create_engine(config.database_config["name"])
|
||||||
config.database_config["args"]["cp_openfun"] = database_engine.on_new_connection
|
config.database_config["args"]["cp_openfun"] = database_engine.on_new_connection
|
||||||
|
@ -396,14 +403,14 @@ def setup(config_options):
|
||||||
hs = SynapseHomeServer(
|
hs = SynapseHomeServer(
|
||||||
config.server_name,
|
config.server_name,
|
||||||
db_config=config.database_config,
|
db_config=config.database_config,
|
||||||
tls_context_factory=tls_context_factory,
|
tls_server_context_factory=tls_server_context_factory,
|
||||||
config=config,
|
config=config,
|
||||||
content_addr=config.content_addr,
|
content_addr=config.content_addr,
|
||||||
version_string=version_string,
|
version_string=version_string,
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
logger.info("Preparing database: %r...", config.database_config)
|
logger.info("Preparing database: %s...", config.database_config['name'])
|
||||||
|
|
||||||
try:
|
try:
|
||||||
db_conn = database_engine.module.connect(
|
db_conn = database_engine.module.connect(
|
||||||
|
@ -425,13 +432,14 @@ def setup(config_options):
|
||||||
)
|
)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
logger.info("Database prepared in %r.", config.database_config)
|
logger.info("Database prepared in %s.", config.database_config['name'])
|
||||||
|
|
||||||
hs.start_listening()
|
hs.start_listening()
|
||||||
|
|
||||||
hs.get_pusherpool().start()
|
hs.get_pusherpool().start()
|
||||||
hs.get_state_handler().start_caching()
|
hs.get_state_handler().start_caching()
|
||||||
hs.get_datastore().start_profiling()
|
hs.get_datastore().start_profiling()
|
||||||
|
hs.get_datastore().start_doing_background_updates()
|
||||||
hs.get_replication_layer().start_get_pdu_cache()
|
hs.get_replication_layer().start_get_pdu_cache()
|
||||||
|
|
||||||
return hs
|
return hs
|
||||||
|
@ -665,6 +673,42 @@ def run(hs):
|
||||||
ThreadPool._worker = profile(ThreadPool._worker)
|
ThreadPool._worker = profile(ThreadPool._worker)
|
||||||
reactor.run = profile(reactor.run)
|
reactor.run = profile(reactor.run)
|
||||||
|
|
||||||
|
start_time = hs.get_clock().time()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def phone_stats_home():
|
||||||
|
now = int(hs.get_clock().time())
|
||||||
|
uptime = int(now - start_time)
|
||||||
|
if uptime < 0:
|
||||||
|
uptime = 0
|
||||||
|
|
||||||
|
stats = {}
|
||||||
|
stats["homeserver"] = hs.config.server_name
|
||||||
|
stats["timestamp"] = now
|
||||||
|
stats["uptime_seconds"] = uptime
|
||||||
|
stats["total_users"] = yield hs.get_datastore().count_all_users()
|
||||||
|
|
||||||
|
all_rooms = yield hs.get_datastore().get_rooms(False)
|
||||||
|
stats["total_room_count"] = len(all_rooms)
|
||||||
|
|
||||||
|
stats["daily_active_users"] = yield hs.get_datastore().count_daily_users()
|
||||||
|
daily_messages = yield hs.get_datastore().count_daily_messages()
|
||||||
|
if daily_messages is not None:
|
||||||
|
stats["daily_messages"] = daily_messages
|
||||||
|
|
||||||
|
logger.info("Reporting stats to matrix.org: %s" % (stats,))
|
||||||
|
try:
|
||||||
|
yield hs.get_simple_http_client().put_json(
|
||||||
|
"https://matrix.org/report-usage-stats/push",
|
||||||
|
stats
|
||||||
|
)
|
||||||
|
except Exception as e:
|
||||||
|
logger.warn("Error reporting stats: %s", e)
|
||||||
|
|
||||||
|
if hs.config.report_stats:
|
||||||
|
phone_home_task = task.LoopingCall(phone_stats_home)
|
||||||
|
phone_home_task.start(60 * 60 * 24, now=False)
|
||||||
|
|
||||||
def in_thread():
|
def in_thread():
|
||||||
with LoggingContext("run"):
|
with LoggingContext("run"):
|
||||||
change_resource_limit(hs.config.soft_file_limit)
|
change_resource_limit(hs.config.soft_file_limit)
|
||||||
|
|
|
@ -16,57 +16,67 @@
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
import os
|
import os
|
||||||
|
import os.path
|
||||||
import subprocess
|
import subprocess
|
||||||
import signal
|
import signal
|
||||||
import yaml
|
import yaml
|
||||||
|
|
||||||
SYNAPSE = ["python", "-B", "-m", "synapse.app.homeserver"]
|
SYNAPSE = ["python", "-B", "-m", "synapse.app.homeserver"]
|
||||||
|
|
||||||
CONFIGFILE = "homeserver.yaml"
|
|
||||||
|
|
||||||
GREEN = "\x1b[1;32m"
|
GREEN = "\x1b[1;32m"
|
||||||
|
RED = "\x1b[1;31m"
|
||||||
NORMAL = "\x1b[m"
|
NORMAL = "\x1b[m"
|
||||||
|
|
||||||
if not os.path.exists(CONFIGFILE):
|
|
||||||
sys.stderr.write(
|
|
||||||
"No config file found\n"
|
|
||||||
"To generate a config file, run '%s -c %s --generate-config"
|
|
||||||
" --server-name=<server name>'\n" % (
|
|
||||||
" ".join(SYNAPSE), CONFIGFILE
|
|
||||||
)
|
|
||||||
)
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
CONFIG = yaml.load(open(CONFIGFILE))
|
def start(configfile):
|
||||||
PIDFILE = CONFIG["pid_file"]
|
|
||||||
|
|
||||||
|
|
||||||
def start():
|
|
||||||
print "Starting ...",
|
print "Starting ...",
|
||||||
args = SYNAPSE
|
args = SYNAPSE
|
||||||
args.extend(["--daemonize", "-c", CONFIGFILE])
|
args.extend(["--daemonize", "-c", configfile])
|
||||||
subprocess.check_call(args)
|
|
||||||
print GREEN + "started" + NORMAL
|
try:
|
||||||
|
subprocess.check_call(args)
|
||||||
|
print GREEN + "started" + NORMAL
|
||||||
|
except subprocess.CalledProcessError as e:
|
||||||
|
print (
|
||||||
|
RED +
|
||||||
|
"error starting (exit code: %d); see above for logs" % e.returncode +
|
||||||
|
NORMAL
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def stop():
|
def stop(pidfile):
|
||||||
if os.path.exists(PIDFILE):
|
if os.path.exists(pidfile):
|
||||||
pid = int(open(PIDFILE).read())
|
pid = int(open(pidfile).read())
|
||||||
os.kill(pid, signal.SIGTERM)
|
os.kill(pid, signal.SIGTERM)
|
||||||
print GREEN + "stopped" + NORMAL
|
print GREEN + "stopped" + NORMAL
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
configfile = sys.argv[2] if len(sys.argv) == 3 else "homeserver.yaml"
|
||||||
|
|
||||||
|
if not os.path.exists(configfile):
|
||||||
|
sys.stderr.write(
|
||||||
|
"No config file found\n"
|
||||||
|
"To generate a config file, run '%s -c %s --generate-config"
|
||||||
|
" --server-name=<server name>'\n" % (
|
||||||
|
" ".join(SYNAPSE), configfile
|
||||||
|
)
|
||||||
|
)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
config = yaml.load(open(configfile))
|
||||||
|
pidfile = config["pid_file"]
|
||||||
|
|
||||||
action = sys.argv[1] if sys.argv[1:] else "usage"
|
action = sys.argv[1] if sys.argv[1:] else "usage"
|
||||||
if action == "start":
|
if action == "start":
|
||||||
start()
|
start(configfile)
|
||||||
elif action == "stop":
|
elif action == "stop":
|
||||||
stop()
|
stop(pidfile)
|
||||||
elif action == "restart":
|
elif action == "restart":
|
||||||
stop()
|
stop(pidfile)
|
||||||
start()
|
start(configfile)
|
||||||
else:
|
else:
|
||||||
sys.stderr.write("Usage: %s [start|stop|restart]\n" % (sys.argv[0],))
|
sys.stderr.write("Usage: %s [start|stop|restart] [configfile]\n" % (sys.argv[0],))
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -224,8 +224,8 @@ class _Recoverer(object):
|
||||||
self.clock.call_later((2 ** self.backoff_counter), self.retry)
|
self.clock.call_later((2 ** self.backoff_counter), self.retry)
|
||||||
|
|
||||||
def _backoff(self):
|
def _backoff(self):
|
||||||
# cap the backoff to be around 18h => (2^16) = 65536 secs
|
# cap the backoff to be around 8.5min => (2^9) = 512 secs
|
||||||
if self.backoff_counter < 16:
|
if self.backoff_counter < 9:
|
||||||
self.backoff_counter += 1
|
self.backoff_counter += 1
|
||||||
self.recover()
|
self.recover()
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
|
import errno
|
||||||
import os
|
import os
|
||||||
import yaml
|
import yaml
|
||||||
import sys
|
import sys
|
||||||
|
@ -26,6 +27,16 @@ class ConfigError(Exception):
|
||||||
|
|
||||||
class Config(object):
|
class Config(object):
|
||||||
|
|
||||||
|
stats_reporting_begging_spiel = (
|
||||||
|
"We would really appreciate it if you could help our project out by"
|
||||||
|
" reporting anonymized usage statistics from your homeserver. Only very"
|
||||||
|
" basic aggregate data (e.g. number of users) will be reported, but it"
|
||||||
|
" helps us to track the growth of the Matrix community, and helps us to"
|
||||||
|
" make Matrix a success, as well as to convince other networks that they"
|
||||||
|
" should peer with us."
|
||||||
|
"\nThank you."
|
||||||
|
)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def parse_size(value):
|
def parse_size(value):
|
||||||
if isinstance(value, int) or isinstance(value, long):
|
if isinstance(value, int) or isinstance(value, long):
|
||||||
|
@ -81,8 +92,11 @@ class Config(object):
|
||||||
@classmethod
|
@classmethod
|
||||||
def ensure_directory(cls, dir_path):
|
def ensure_directory(cls, dir_path):
|
||||||
dir_path = cls.abspath(dir_path)
|
dir_path = cls.abspath(dir_path)
|
||||||
if not os.path.exists(dir_path):
|
try:
|
||||||
os.makedirs(dir_path)
|
os.makedirs(dir_path)
|
||||||
|
except OSError, e:
|
||||||
|
if e.errno != errno.EEXIST:
|
||||||
|
raise
|
||||||
if not os.path.isdir(dir_path):
|
if not os.path.isdir(dir_path):
|
||||||
raise ConfigError(
|
raise ConfigError(
|
||||||
"%s is not a directory" % (dir_path,)
|
"%s is not a directory" % (dir_path,)
|
||||||
|
@ -111,11 +125,14 @@ class Config(object):
|
||||||
results.append(getattr(cls, name)(self, *args, **kargs))
|
results.append(getattr(cls, name)(self, *args, **kargs))
|
||||||
return results
|
return results
|
||||||
|
|
||||||
def generate_config(self, config_dir_path, server_name):
|
def generate_config(self, config_dir_path, server_name, report_stats=None):
|
||||||
default_config = "# vim:ft=yaml\n"
|
default_config = "# vim:ft=yaml\n"
|
||||||
|
|
||||||
default_config += "\n\n".join(dedent(conf) for conf in self.invoke_all(
|
default_config += "\n\n".join(dedent(conf) for conf in self.invoke_all(
|
||||||
"default_config", config_dir_path, server_name
|
"default_config",
|
||||||
|
config_dir_path=config_dir_path,
|
||||||
|
server_name=server_name,
|
||||||
|
report_stats=report_stats,
|
||||||
))
|
))
|
||||||
|
|
||||||
config = yaml.load(default_config)
|
config = yaml.load(default_config)
|
||||||
|
@ -139,6 +156,12 @@ class Config(object):
|
||||||
action="store_true",
|
action="store_true",
|
||||||
help="Generate a config file for the server name"
|
help="Generate a config file for the server name"
|
||||||
)
|
)
|
||||||
|
config_parser.add_argument(
|
||||||
|
"--report-stats",
|
||||||
|
action="store",
|
||||||
|
help="Stuff",
|
||||||
|
choices=["yes", "no"]
|
||||||
|
)
|
||||||
config_parser.add_argument(
|
config_parser.add_argument(
|
||||||
"--generate-keys",
|
"--generate-keys",
|
||||||
action="store_true",
|
action="store_true",
|
||||||
|
@ -189,6 +212,11 @@ class Config(object):
|
||||||
config_files.append(config_path)
|
config_files.append(config_path)
|
||||||
|
|
||||||
if config_args.generate_config:
|
if config_args.generate_config:
|
||||||
|
if config_args.report_stats is None:
|
||||||
|
config_parser.error(
|
||||||
|
"Please specify either --report-stats=yes or --report-stats=no\n\n" +
|
||||||
|
cls.stats_reporting_begging_spiel
|
||||||
|
)
|
||||||
if not config_files:
|
if not config_files:
|
||||||
config_parser.error(
|
config_parser.error(
|
||||||
"Must supply a config file.\nA config file can be automatically"
|
"Must supply a config file.\nA config file can be automatically"
|
||||||
|
@ -211,7 +239,9 @@ class Config(object):
|
||||||
os.makedirs(config_dir_path)
|
os.makedirs(config_dir_path)
|
||||||
with open(config_path, "wb") as config_file:
|
with open(config_path, "wb") as config_file:
|
||||||
config_bytes, config = obj.generate_config(
|
config_bytes, config = obj.generate_config(
|
||||||
config_dir_path, server_name
|
config_dir_path=config_dir_path,
|
||||||
|
server_name=server_name,
|
||||||
|
report_stats=(config_args.report_stats == "yes"),
|
||||||
)
|
)
|
||||||
obj.invoke_all("generate_files", config)
|
obj.invoke_all("generate_files", config)
|
||||||
config_file.write(config_bytes)
|
config_file.write(config_bytes)
|
||||||
|
@ -261,9 +291,20 @@ class Config(object):
|
||||||
specified_config.update(yaml_config)
|
specified_config.update(yaml_config)
|
||||||
|
|
||||||
server_name = specified_config["server_name"]
|
server_name = specified_config["server_name"]
|
||||||
_, config = obj.generate_config(config_dir_path, server_name)
|
_, config = obj.generate_config(
|
||||||
|
config_dir_path=config_dir_path,
|
||||||
|
server_name=server_name
|
||||||
|
)
|
||||||
config.pop("log_config")
|
config.pop("log_config")
|
||||||
config.update(specified_config)
|
config.update(specified_config)
|
||||||
|
if "report_stats" not in config:
|
||||||
|
sys.stderr.write(
|
||||||
|
"Please opt in or out of reporting anonymized homeserver usage "
|
||||||
|
"statistics, by setting the report_stats key in your config file "
|
||||||
|
" ( " + config_path + " ) " +
|
||||||
|
"to either True or False.\n\n" +
|
||||||
|
Config.stats_reporting_begging_spiel + "\n")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
if generate_keys:
|
if generate_keys:
|
||||||
obj.invoke_all("generate_files", config)
|
obj.invoke_all("generate_files", config)
|
||||||
|
|
|
@ -20,7 +20,7 @@ class AppServiceConfig(Config):
|
||||||
def read_config(self, config):
|
def read_config(self, config):
|
||||||
self.app_service_config_files = config.get("app_service_config_files", [])
|
self.app_service_config_files = config.get("app_service_config_files", [])
|
||||||
|
|
||||||
def default_config(cls, config_dir_path, server_name):
|
def default_config(cls, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
# A list of application service config file to use
|
# A list of application service config file to use
|
||||||
app_service_config_files: []
|
app_service_config_files: []
|
||||||
|
|
|
@ -24,7 +24,7 @@ class CaptchaConfig(Config):
|
||||||
self.captcha_bypass_secret = config.get("captcha_bypass_secret")
|
self.captcha_bypass_secret = config.get("captcha_bypass_secret")
|
||||||
self.recaptcha_siteverify_api = config["recaptcha_siteverify_api"]
|
self.recaptcha_siteverify_api = config["recaptcha_siteverify_api"]
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
## Captcha ##
|
## Captcha ##
|
||||||
|
|
||||||
|
|
47
synapse/config/cas.py
Normal file
47
synapse/config/cas.py
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from ._base import Config
|
||||||
|
|
||||||
|
|
||||||
|
class CasConfig(Config):
|
||||||
|
"""Cas Configuration
|
||||||
|
|
||||||
|
cas_server_url: URL of CAS server
|
||||||
|
"""
|
||||||
|
|
||||||
|
def read_config(self, config):
|
||||||
|
cas_config = config.get("cas_config", None)
|
||||||
|
if cas_config:
|
||||||
|
self.cas_enabled = cas_config.get("enabled", True)
|
||||||
|
self.cas_server_url = cas_config["server_url"]
|
||||||
|
self.cas_service_url = cas_config["service_url"]
|
||||||
|
self.cas_required_attributes = cas_config.get("required_attributes", {})
|
||||||
|
else:
|
||||||
|
self.cas_enabled = False
|
||||||
|
self.cas_server_url = None
|
||||||
|
self.cas_service_url = None
|
||||||
|
self.cas_required_attributes = {}
|
||||||
|
|
||||||
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
|
return """
|
||||||
|
# Enable CAS for registration and login.
|
||||||
|
#cas_config:
|
||||||
|
# enabled: true
|
||||||
|
# server_url: "https://cas-server.com"
|
||||||
|
# service_url: "https://homesever.domain.com:8448"
|
||||||
|
# #required_attributes:
|
||||||
|
# # name: value
|
||||||
|
"""
|
|
@ -45,7 +45,7 @@ class DatabaseConfig(Config):
|
||||||
|
|
||||||
self.set_databasepath(config.get("database_path"))
|
self.set_databasepath(config.get("database_path"))
|
||||||
|
|
||||||
def default_config(self, config, config_dir_path):
|
def default_config(self, **kwargs):
|
||||||
database_path = self.abspath("homeserver.db")
|
database_path = self.abspath("homeserver.db")
|
||||||
return """\
|
return """\
|
||||||
# Database configuration
|
# Database configuration
|
||||||
|
|
|
@ -26,12 +26,15 @@ from .metrics import MetricsConfig
|
||||||
from .appservice import AppServiceConfig
|
from .appservice import AppServiceConfig
|
||||||
from .key import KeyConfig
|
from .key import KeyConfig
|
||||||
from .saml2 import SAML2Config
|
from .saml2 import SAML2Config
|
||||||
|
from .cas import CasConfig
|
||||||
|
from .password import PasswordConfig
|
||||||
|
|
||||||
|
|
||||||
class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig,
|
class HomeServerConfig(TlsConfig, ServerConfig, DatabaseConfig, LoggingConfig,
|
||||||
RatelimitConfig, ContentRepositoryConfig, CaptchaConfig,
|
RatelimitConfig, ContentRepositoryConfig, CaptchaConfig,
|
||||||
VoipConfig, RegistrationConfig, MetricsConfig,
|
VoipConfig, RegistrationConfig, MetricsConfig,
|
||||||
AppServiceConfig, KeyConfig, SAML2Config, ):
|
AppServiceConfig, KeyConfig, SAML2Config, CasConfig,
|
||||||
|
PasswordConfig,):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -13,14 +13,17 @@
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
import os
|
|
||||||
from ._base import Config, ConfigError
|
from ._base import Config, ConfigError
|
||||||
import syutil.crypto.signing_key
|
|
||||||
from syutil.crypto.signing_key import (
|
|
||||||
is_signing_algorithm_supported, decode_verify_key_bytes
|
|
||||||
)
|
|
||||||
from syutil.base64util import decode_base64
|
|
||||||
from synapse.util.stringutils import random_string
|
from synapse.util.stringutils import random_string
|
||||||
|
from signedjson.key import (
|
||||||
|
generate_signing_key, is_signing_algorithm_supported,
|
||||||
|
decode_signing_key_base64, decode_verify_key_bytes,
|
||||||
|
read_signing_keys, write_signing_keys, NACL_ED25519
|
||||||
|
)
|
||||||
|
from unpaddedbase64 import decode_base64
|
||||||
|
|
||||||
|
import os
|
||||||
|
|
||||||
|
|
||||||
class KeyConfig(Config):
|
class KeyConfig(Config):
|
||||||
|
@ -37,7 +40,7 @@ class KeyConfig(Config):
|
||||||
config["perspectives"]
|
config["perspectives"]
|
||||||
)
|
)
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
base_key_name = os.path.join(config_dir_path, server_name)
|
base_key_name = os.path.join(config_dir_path, server_name)
|
||||||
return """\
|
return """\
|
||||||
## Signing Keys ##
|
## Signing Keys ##
|
||||||
|
@ -83,9 +86,7 @@ class KeyConfig(Config):
|
||||||
def read_signing_key(self, signing_key_path):
|
def read_signing_key(self, signing_key_path):
|
||||||
signing_keys = self.read_file(signing_key_path, "signing_key")
|
signing_keys = self.read_file(signing_key_path, "signing_key")
|
||||||
try:
|
try:
|
||||||
return syutil.crypto.signing_key.read_signing_keys(
|
return read_signing_keys(signing_keys.splitlines(True))
|
||||||
signing_keys.splitlines(True)
|
|
||||||
)
|
|
||||||
except Exception:
|
except Exception:
|
||||||
raise ConfigError(
|
raise ConfigError(
|
||||||
"Error reading signing_key."
|
"Error reading signing_key."
|
||||||
|
@ -112,22 +113,18 @@ class KeyConfig(Config):
|
||||||
if not os.path.exists(signing_key_path):
|
if not os.path.exists(signing_key_path):
|
||||||
with open(signing_key_path, "w") as signing_key_file:
|
with open(signing_key_path, "w") as signing_key_file:
|
||||||
key_id = "a_" + random_string(4)
|
key_id = "a_" + random_string(4)
|
||||||
syutil.crypto.signing_key.write_signing_keys(
|
write_signing_keys(
|
||||||
signing_key_file,
|
signing_key_file, (generate_signing_key(key_id),),
|
||||||
(syutil.crypto.signing_key.generate_signing_key(key_id),),
|
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
signing_keys = self.read_file(signing_key_path, "signing_key")
|
signing_keys = self.read_file(signing_key_path, "signing_key")
|
||||||
if len(signing_keys.split("\n")[0].split()) == 1:
|
if len(signing_keys.split("\n")[0].split()) == 1:
|
||||||
# handle keys in the old format.
|
# handle keys in the old format.
|
||||||
key_id = "a_" + random_string(4)
|
key_id = "a_" + random_string(4)
|
||||||
key = syutil.crypto.signing_key.decode_signing_key_base64(
|
key = decode_signing_key_base64(
|
||||||
syutil.crypto.signing_key.NACL_ED25519,
|
NACL_ED25519, key_id, signing_keys.split("\n")[0]
|
||||||
key_id,
|
|
||||||
signing_keys.split("\n")[0]
|
|
||||||
)
|
)
|
||||||
with open(signing_key_path, "w") as signing_key_file:
|
with open(signing_key_path, "w") as signing_key_file:
|
||||||
syutil.crypto.signing_key.write_signing_keys(
|
write_signing_keys(
|
||||||
signing_key_file,
|
signing_key_file, (key,),
|
||||||
(key,),
|
|
||||||
)
|
)
|
||||||
|
|
|
@ -21,6 +21,8 @@ import logging.config
|
||||||
import yaml
|
import yaml
|
||||||
from string import Template
|
from string import Template
|
||||||
import os
|
import os
|
||||||
|
import signal
|
||||||
|
from synapse.util.debug import debug_deferreds
|
||||||
|
|
||||||
|
|
||||||
DEFAULT_LOG_CONFIG = Template("""
|
DEFAULT_LOG_CONFIG = Template("""
|
||||||
|
@ -68,8 +70,10 @@ class LoggingConfig(Config):
|
||||||
self.verbosity = config.get("verbose", 0)
|
self.verbosity = config.get("verbose", 0)
|
||||||
self.log_config = self.abspath(config.get("log_config"))
|
self.log_config = self.abspath(config.get("log_config"))
|
||||||
self.log_file = self.abspath(config.get("log_file"))
|
self.log_file = self.abspath(config.get("log_file"))
|
||||||
|
if config.get("full_twisted_stacktraces"):
|
||||||
|
debug_deferreds()
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
log_file = self.abspath("homeserver.log")
|
log_file = self.abspath("homeserver.log")
|
||||||
log_config = self.abspath(
|
log_config = self.abspath(
|
||||||
os.path.join(config_dir_path, server_name + ".log.config")
|
os.path.join(config_dir_path, server_name + ".log.config")
|
||||||
|
@ -83,6 +87,11 @@ class LoggingConfig(Config):
|
||||||
|
|
||||||
# A yaml python logging config file
|
# A yaml python logging config file
|
||||||
log_config: "%(log_config)s"
|
log_config: "%(log_config)s"
|
||||||
|
|
||||||
|
# Stop twisted from discarding the stack traces of exceptions in
|
||||||
|
# deferreds by waiting a reactor tick before running a deferred's
|
||||||
|
# callbacks.
|
||||||
|
# full_twisted_stacktraces: true
|
||||||
""" % locals()
|
""" % locals()
|
||||||
|
|
||||||
def read_arguments(self, args):
|
def read_arguments(self, args):
|
||||||
|
@ -142,6 +151,19 @@ class LoggingConfig(Config):
|
||||||
handler = logging.handlers.RotatingFileHandler(
|
handler = logging.handlers.RotatingFileHandler(
|
||||||
self.log_file, maxBytes=(1000 * 1000 * 100), backupCount=3
|
self.log_file, maxBytes=(1000 * 1000 * 100), backupCount=3
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def sighup(signum, stack):
|
||||||
|
logger.info("Closing log file due to SIGHUP")
|
||||||
|
handler.doRollover()
|
||||||
|
logger.info("Opened new log file due to SIGHUP")
|
||||||
|
|
||||||
|
# TODO(paul): obviously this is a terrible mechanism for
|
||||||
|
# stealing SIGHUP, because it means no other part of synapse
|
||||||
|
# can use it instead. If we want to catch SIGHUP anywhere
|
||||||
|
# else as well, I'd suggest we find a nicer way to broadcast
|
||||||
|
# it around.
|
||||||
|
if getattr(signal, "SIGHUP"):
|
||||||
|
signal.signal(signal.SIGHUP, sighup)
|
||||||
else:
|
else:
|
||||||
handler = logging.StreamHandler()
|
handler = logging.StreamHandler()
|
||||||
handler.setFormatter(formatter)
|
handler.setFormatter(formatter)
|
||||||
|
|
|
@ -19,13 +19,15 @@ from ._base import Config
|
||||||
class MetricsConfig(Config):
|
class MetricsConfig(Config):
|
||||||
def read_config(self, config):
|
def read_config(self, config):
|
||||||
self.enable_metrics = config["enable_metrics"]
|
self.enable_metrics = config["enable_metrics"]
|
||||||
|
self.report_stats = config.get("report_stats", None)
|
||||||
self.metrics_port = config.get("metrics_port")
|
self.metrics_port = config.get("metrics_port")
|
||||||
self.metrics_bind_host = config.get("metrics_bind_host", "127.0.0.1")
|
self.metrics_bind_host = config.get("metrics_bind_host", "127.0.0.1")
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, report_stats=None, **kwargs):
|
||||||
return """\
|
suffix = "" if report_stats is None else "report_stats: %(report_stats)s\n"
|
||||||
|
return ("""\
|
||||||
## Metrics ###
|
## Metrics ###
|
||||||
|
|
||||||
# Enable collection and rendering of performance metrics
|
# Enable collection and rendering of performance metrics
|
||||||
enable_metrics: False
|
enable_metrics: False
|
||||||
"""
|
""" + suffix) % locals()
|
||||||
|
|
32
synapse/config/password.py
Normal file
32
synapse/config/password.py
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from ._base import Config
|
||||||
|
|
||||||
|
|
||||||
|
class PasswordConfig(Config):
|
||||||
|
"""Password login configuration
|
||||||
|
"""
|
||||||
|
|
||||||
|
def read_config(self, config):
|
||||||
|
password_config = config.get("password_config", {})
|
||||||
|
self.password_enabled = password_config.get("enabled", True)
|
||||||
|
|
||||||
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
|
return """
|
||||||
|
# Enable password for login.
|
||||||
|
password_config:
|
||||||
|
enabled: true
|
||||||
|
"""
|
|
@ -27,7 +27,7 @@ class RatelimitConfig(Config):
|
||||||
self.federation_rc_reject_limit = config["federation_rc_reject_limit"]
|
self.federation_rc_reject_limit = config["federation_rc_reject_limit"]
|
||||||
self.federation_rc_concurrent = config["federation_rc_concurrent"]
|
self.federation_rc_concurrent = config["federation_rc_concurrent"]
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
## Ratelimiting ##
|
## Ratelimiting ##
|
||||||
|
|
||||||
|
|
|
@ -32,9 +32,13 @@ class RegistrationConfig(Config):
|
||||||
)
|
)
|
||||||
|
|
||||||
self.registration_shared_secret = config.get("registration_shared_secret")
|
self.registration_shared_secret = config.get("registration_shared_secret")
|
||||||
|
self.macaroon_secret_key = config.get("macaroon_secret_key")
|
||||||
|
self.bcrypt_rounds = config.get("bcrypt_rounds", 12)
|
||||||
|
self.allow_guest_access = config.get("allow_guest_access", False)
|
||||||
|
|
||||||
def default_config(self, config_dir, server_name):
|
def default_config(self, **kwargs):
|
||||||
registration_shared_secret = random_string_with_symbols(50)
|
registration_shared_secret = random_string_with_symbols(50)
|
||||||
|
macaroon_secret_key = random_string_with_symbols(50)
|
||||||
return """\
|
return """\
|
||||||
## Registration ##
|
## Registration ##
|
||||||
|
|
||||||
|
@ -44,6 +48,18 @@ class RegistrationConfig(Config):
|
||||||
# If set, allows registration by anyone who also has the shared
|
# If set, allows registration by anyone who also has the shared
|
||||||
# secret, even if registration is otherwise disabled.
|
# secret, even if registration is otherwise disabled.
|
||||||
registration_shared_secret: "%(registration_shared_secret)s"
|
registration_shared_secret: "%(registration_shared_secret)s"
|
||||||
|
|
||||||
|
macaroon_secret_key: "%(macaroon_secret_key)s"
|
||||||
|
|
||||||
|
# Set the number of bcrypt rounds used to generate password hash.
|
||||||
|
# Larger numbers increase the work factor needed to generate the hash.
|
||||||
|
# The default number of rounds is 12.
|
||||||
|
bcrypt_rounds: 12
|
||||||
|
|
||||||
|
# Allows users to register as guests without a password/email/etc, and
|
||||||
|
# participate in rooms hosted on this server which have been made
|
||||||
|
# accessible to anonymous users.
|
||||||
|
allow_guest_access: False
|
||||||
""" % locals()
|
""" % locals()
|
||||||
|
|
||||||
def add_arguments(self, parser):
|
def add_arguments(self, parser):
|
||||||
|
|
|
@ -60,7 +60,7 @@ class ContentRepositoryConfig(Config):
|
||||||
config["thumbnail_sizes"]
|
config["thumbnail_sizes"]
|
||||||
)
|
)
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, **kwargs):
|
||||||
media_store = self.default_path("media_store")
|
media_store = self.default_path("media_store")
|
||||||
uploads_path = self.default_path("uploads")
|
uploads_path = self.default_path("uploads")
|
||||||
return """
|
return """
|
||||||
|
|
|
@ -33,7 +33,7 @@ class SAML2Config(Config):
|
||||||
def read_config(self, config):
|
def read_config(self, config):
|
||||||
saml2_config = config.get("saml2_config", None)
|
saml2_config = config.get("saml2_config", None)
|
||||||
if saml2_config:
|
if saml2_config:
|
||||||
self.saml2_enabled = True
|
self.saml2_enabled = saml2_config.get("enabled", True)
|
||||||
self.saml2_config_path = saml2_config["config_path"]
|
self.saml2_config_path = saml2_config["config_path"]
|
||||||
self.saml2_idp_redirect_url = saml2_config["idp_redirect_url"]
|
self.saml2_idp_redirect_url = saml2_config["idp_redirect_url"]
|
||||||
else:
|
else:
|
||||||
|
@ -41,7 +41,7 @@ class SAML2Config(Config):
|
||||||
self.saml2_config_path = None
|
self.saml2_config_path = None
|
||||||
self.saml2_idp_redirect_url = None
|
self.saml2_idp_redirect_url = None
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
return """
|
return """
|
||||||
# Enable SAML2 for registration and login. Uses pysaml2
|
# Enable SAML2 for registration and login. Uses pysaml2
|
||||||
# config_path: Path to the sp_conf.py configuration file
|
# config_path: Path to the sp_conf.py configuration file
|
||||||
|
@ -49,6 +49,7 @@ class SAML2Config(Config):
|
||||||
# the user back to /login/saml2 with proper info.
|
# the user back to /login/saml2 with proper info.
|
||||||
# See pysaml2 docs for format of config.
|
# See pysaml2 docs for format of config.
|
||||||
#saml2_config:
|
#saml2_config:
|
||||||
|
# enabled: true
|
||||||
# config_path: "%s/sp_conf.py"
|
# config_path: "%s/sp_conf.py"
|
||||||
# idp_redirect_url: "http://%s/idp"
|
# idp_redirect_url: "http://%s/idp"
|
||||||
""" % (config_dir_path, server_name)
|
""" % (config_dir_path, server_name)
|
||||||
|
|
|
@ -26,6 +26,7 @@ class ServerConfig(Config):
|
||||||
self.soft_file_limit = config["soft_file_limit"]
|
self.soft_file_limit = config["soft_file_limit"]
|
||||||
self.daemonize = config.get("daemonize")
|
self.daemonize = config.get("daemonize")
|
||||||
self.print_pidfile = config.get("print_pidfile")
|
self.print_pidfile = config.get("print_pidfile")
|
||||||
|
self.user_agent_suffix = config.get("user_agent_suffix")
|
||||||
self.use_frozen_dicts = config.get("use_frozen_dicts", True)
|
self.use_frozen_dicts = config.get("use_frozen_dicts", True)
|
||||||
|
|
||||||
self.listeners = config.get("listeners", [])
|
self.listeners = config.get("listeners", [])
|
||||||
|
@ -117,7 +118,7 @@ class ServerConfig(Config):
|
||||||
|
|
||||||
self.content_addr = content_addr
|
self.content_addr = content_addr
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, server_name, **kwargs):
|
||||||
if ":" in server_name:
|
if ":" in server_name:
|
||||||
bind_port = int(server_name.split(":")[1])
|
bind_port = int(server_name.split(":")[1])
|
||||||
unsecure_port = bind_port - 400
|
unsecure_port = bind_port - 400
|
||||||
|
|
|
@ -42,7 +42,15 @@ class TlsConfig(Config):
|
||||||
config.get("tls_dh_params_path"), "tls_dh_params"
|
config.get("tls_dh_params_path"), "tls_dh_params"
|
||||||
)
|
)
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
# This config option applies to non-federation HTTP clients
|
||||||
|
# (e.g. for talking to recaptcha, identity servers, and such)
|
||||||
|
# It should never be used in production, and is intended for
|
||||||
|
# use only when running tests.
|
||||||
|
self.use_insecure_ssl_client_just_for_testing_do_not_use = config.get(
|
||||||
|
"use_insecure_ssl_client_just_for_testing_do_not_use"
|
||||||
|
)
|
||||||
|
|
||||||
|
def default_config(self, config_dir_path, server_name, **kwargs):
|
||||||
base_key_name = os.path.join(config_dir_path, server_name)
|
base_key_name = os.path.join(config_dir_path, server_name)
|
||||||
|
|
||||||
tls_certificate_path = base_key_name + ".tls.crt"
|
tls_certificate_path = base_key_name + ".tls.crt"
|
||||||
|
|
|
@ -22,7 +22,7 @@ class VoipConfig(Config):
|
||||||
self.turn_shared_secret = config["turn_shared_secret"]
|
self.turn_shared_secret = config["turn_shared_secret"]
|
||||||
self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
|
self.turn_user_lifetime = self.parse_duration(config["turn_user_lifetime"])
|
||||||
|
|
||||||
def default_config(self, config_dir_path, server_name):
|
def default_config(self, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
## Turn ##
|
## Turn ##
|
||||||
|
|
||||||
|
|
|
@ -15,11 +15,12 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
from synapse.events.utils import prune_event
|
|
||||||
from syutil.jsonutil import encode_canonical_json
|
|
||||||
from syutil.base64util import encode_base64, decode_base64
|
|
||||||
from syutil.crypto.jsonsign import sign_json
|
|
||||||
from synapse.api.errors import SynapseError, Codes
|
from synapse.api.errors import SynapseError, Codes
|
||||||
|
from synapse.events.utils import prune_event
|
||||||
|
|
||||||
|
from canonicaljson import encode_canonical_json
|
||||||
|
from unpaddedbase64 import encode_base64, decode_base64
|
||||||
|
from signedjson.sign import sign_json
|
||||||
|
|
||||||
import hashlib
|
import hashlib
|
||||||
import logging
|
import logging
|
||||||
|
|
|
@ -14,21 +14,21 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from synapse.crypto.keyclient import fetch_server_key
|
from synapse.crypto.keyclient import fetch_server_key
|
||||||
from twisted.internet import defer
|
|
||||||
from syutil.crypto.jsonsign import (
|
|
||||||
verify_signed_json, signature_ids, sign_json, encode_canonical_json
|
|
||||||
)
|
|
||||||
from syutil.crypto.signing_key import (
|
|
||||||
is_signing_algorithm_supported, decode_verify_key_bytes
|
|
||||||
)
|
|
||||||
from syutil.base64util import decode_base64, encode_base64
|
|
||||||
from synapse.api.errors import SynapseError, Codes
|
from synapse.api.errors import SynapseError, Codes
|
||||||
|
|
||||||
from synapse.util.retryutils import get_retry_limiter
|
from synapse.util.retryutils import get_retry_limiter
|
||||||
from synapse.util import unwrapFirstError
|
from synapse.util import unwrapFirstError
|
||||||
|
|
||||||
from synapse.util.async import ObservableDeferred
|
from synapse.util.async import ObservableDeferred
|
||||||
|
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
from signedjson.sign import (
|
||||||
|
verify_signed_json, signature_ids, sign_json, encode_canonical_json
|
||||||
|
)
|
||||||
|
from signedjson.key import (
|
||||||
|
is_signing_algorithm_supported, decode_verify_key_bytes
|
||||||
|
)
|
||||||
|
from unpaddedbase64 import decode_base64, encode_base64
|
||||||
|
|
||||||
from OpenSSL import crypto
|
from OpenSSL import crypto
|
||||||
|
|
||||||
from collections import namedtuple
|
from collections import namedtuple
|
||||||
|
@ -228,10 +228,9 @@ class Keyring(object):
|
||||||
def do_iterations():
|
def do_iterations():
|
||||||
merged_results = {}
|
merged_results = {}
|
||||||
|
|
||||||
missing_keys = {
|
missing_keys = {}
|
||||||
group.server_name: set(group.key_ids)
|
for group in group_id_to_group.values():
|
||||||
for group in group_id_to_group.values()
|
missing_keys.setdefault(group.server_name, set()).union(group.key_ids)
|
||||||
}
|
|
||||||
|
|
||||||
for fn in key_fetch_fns:
|
for fn in key_fetch_fns:
|
||||||
results = yield fn(missing_keys.items())
|
results = yield fn(missing_keys.items())
|
||||||
|
@ -470,7 +469,7 @@ class Keyring(object):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
(response, tls_certificate) = yield fetch_server_key(
|
(response, tls_certificate) = yield fetch_server_key(
|
||||||
server_name, self.hs.tls_context_factory,
|
server_name, self.hs.tls_server_context_factory,
|
||||||
path=(b"/_matrix/key/v2/server/%s" % (
|
path=(b"/_matrix/key/v2/server/%s" % (
|
||||||
urllib.quote(requested_key_id),
|
urllib.quote(requested_key_id),
|
||||||
)).encode("ascii"),
|
)).encode("ascii"),
|
||||||
|
@ -604,7 +603,7 @@ class Keyring(object):
|
||||||
# Try to fetch the key from the remote server.
|
# Try to fetch the key from the remote server.
|
||||||
|
|
||||||
(response, tls_certificate) = yield fetch_server_key(
|
(response, tls_certificate) = yield fetch_server_key(
|
||||||
server_name, self.hs.tls_context_factory
|
server_name, self.hs.tls_server_context_factory
|
||||||
)
|
)
|
||||||
|
|
||||||
# Check the response.
|
# Check the response.
|
||||||
|
|
|
@ -66,7 +66,6 @@ def prune_event(event):
|
||||||
"users_default",
|
"users_default",
|
||||||
"events",
|
"events",
|
||||||
"events_default",
|
"events_default",
|
||||||
"events_default",
|
|
||||||
"state_default",
|
"state_default",
|
||||||
"ban",
|
"ban",
|
||||||
"kick",
|
"kick",
|
||||||
|
@ -103,7 +102,10 @@ def format_event_raw(d):
|
||||||
def format_event_for_client_v1(d):
|
def format_event_for_client_v1(d):
|
||||||
d["user_id"] = d.pop("sender", None)
|
d["user_id"] = d.pop("sender", None)
|
||||||
|
|
||||||
move_keys = ("age", "redacted_because", "replaces_state", "prev_content")
|
move_keys = (
|
||||||
|
"age", "redacted_because", "replaces_state", "prev_content",
|
||||||
|
"invite_room_state",
|
||||||
|
)
|
||||||
for key in move_keys:
|
for key in move_keys:
|
||||||
if key in d["unsigned"]:
|
if key in d["unsigned"]:
|
||||||
d[key] = d["unsigned"][key]
|
d[key] = d["unsigned"][key]
|
||||||
|
@ -152,7 +154,8 @@ def serialize_event(e, time_now_ms, as_client_event=True,
|
||||||
|
|
||||||
if "redacted_because" in e.unsigned:
|
if "redacted_because" in e.unsigned:
|
||||||
d["unsigned"]["redacted_because"] = serialize_event(
|
d["unsigned"]["redacted_because"] = serialize_event(
|
||||||
e.unsigned["redacted_because"], time_now_ms
|
e.unsigned["redacted_because"], time_now_ms,
|
||||||
|
event_format=event_format
|
||||||
)
|
)
|
||||||
|
|
||||||
if token_id is not None:
|
if token_id is not None:
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from .federation_base import FederationBase
|
from .federation_base import FederationBase
|
||||||
|
from synapse.api.constants import Membership
|
||||||
from .units import Edu
|
from .units import Edu
|
||||||
|
|
||||||
from synapse.api.errors import (
|
from synapse.api.errors import (
|
||||||
|
@ -356,19 +357,55 @@ class FederationClient(FederationBase):
|
||||||
defer.returnValue(signed_auth)
|
defer.returnValue(signed_auth)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def make_join(self, destinations, room_id, user_id):
|
def make_membership_event(self, destinations, room_id, user_id, membership,
|
||||||
|
content={},):
|
||||||
|
"""
|
||||||
|
Creates an m.room.member event, with context, without participating in the room.
|
||||||
|
|
||||||
|
Does so by asking one of the already participating servers to create an
|
||||||
|
event with proper context.
|
||||||
|
|
||||||
|
Note that this does not append any events to any graphs.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
destinations (str): Candidate homeservers which are probably
|
||||||
|
participating in the room.
|
||||||
|
room_id (str): The room in which the event will happen.
|
||||||
|
user_id (str): The user whose membership is being evented.
|
||||||
|
membership (str): The "membership" property of the event. Must be
|
||||||
|
one of "join" or "leave".
|
||||||
|
content (object): Any additional data to put into the content field
|
||||||
|
of the event.
|
||||||
|
Return:
|
||||||
|
A tuple of (origin (str), event (object)) where origin is the remote
|
||||||
|
homeserver which generated the event.
|
||||||
|
"""
|
||||||
|
valid_memberships = {Membership.JOIN, Membership.LEAVE}
|
||||||
|
if membership not in valid_memberships:
|
||||||
|
raise RuntimeError(
|
||||||
|
"make_membership_event called with membership='%s', must be one of %s" %
|
||||||
|
(membership, ",".join(valid_memberships))
|
||||||
|
)
|
||||||
for destination in destinations:
|
for destination in destinations:
|
||||||
if destination == self.server_name:
|
if destination == self.server_name:
|
||||||
continue
|
continue
|
||||||
|
|
||||||
try:
|
try:
|
||||||
ret = yield self.transport_layer.make_join(
|
ret = yield self.transport_layer.make_membership_event(
|
||||||
destination, room_id, user_id
|
destination, room_id, user_id, membership
|
||||||
)
|
)
|
||||||
|
|
||||||
pdu_dict = ret["event"]
|
pdu_dict = ret["event"]
|
||||||
|
|
||||||
logger.debug("Got response to make_join: %s", pdu_dict)
|
logger.debug("Got response to make_%s: %s", membership, pdu_dict)
|
||||||
|
|
||||||
|
pdu_dict["content"].update(content)
|
||||||
|
|
||||||
|
# The protoevent received over the JSON wire may not have all
|
||||||
|
# the required fields. Lets just gloss over that because
|
||||||
|
# there's some we never care about
|
||||||
|
if "prev_state" not in pdu_dict:
|
||||||
|
pdu_dict["prev_state"] = []
|
||||||
|
|
||||||
defer.returnValue(
|
defer.returnValue(
|
||||||
(destination, self.event_from_pdu_json(pdu_dict))
|
(destination, self.event_from_pdu_json(pdu_dict))
|
||||||
|
@ -378,8 +415,8 @@ class FederationClient(FederationBase):
|
||||||
raise
|
raise
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.warn(
|
logger.warn(
|
||||||
"Failed to make_join via %s: %s",
|
"Failed to make_%s via %s: %s",
|
||||||
destination, e.message
|
membership, destination, e.message
|
||||||
)
|
)
|
||||||
|
|
||||||
raise RuntimeError("Failed to send to any server.")
|
raise RuntimeError("Failed to send to any server.")
|
||||||
|
@ -485,6 +522,33 @@ class FederationClient(FederationBase):
|
||||||
|
|
||||||
defer.returnValue(pdu)
|
defer.returnValue(pdu)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def send_leave(self, destinations, pdu):
|
||||||
|
for destination in destinations:
|
||||||
|
if destination == self.server_name:
|
||||||
|
continue
|
||||||
|
|
||||||
|
try:
|
||||||
|
time_now = self._clock.time_msec()
|
||||||
|
_, content = yield self.transport_layer.send_leave(
|
||||||
|
destination=destination,
|
||||||
|
room_id=pdu.room_id,
|
||||||
|
event_id=pdu.event_id,
|
||||||
|
content=pdu.get_pdu_json(time_now),
|
||||||
|
)
|
||||||
|
|
||||||
|
logger.debug("Got content: %s", content)
|
||||||
|
defer.returnValue(None)
|
||||||
|
except CodeMessageException:
|
||||||
|
raise
|
||||||
|
except Exception as e:
|
||||||
|
logger.exception(
|
||||||
|
"Failed to send_leave via %s: %s",
|
||||||
|
destination, e.message
|
||||||
|
)
|
||||||
|
|
||||||
|
raise RuntimeError("Failed to send to any server.")
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def query_auth(self, destination, room_id, event_id, local_auth):
|
def query_auth(self, destination, room_id, event_id, local_auth):
|
||||||
"""
|
"""
|
||||||
|
@ -643,3 +707,26 @@ class FederationClient(FederationBase):
|
||||||
event.internal_metadata.outlier = outlier
|
event.internal_metadata.outlier = outlier
|
||||||
|
|
||||||
return event
|
return event
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def forward_third_party_invite(self, destinations, room_id, event_dict):
|
||||||
|
for destination in destinations:
|
||||||
|
if destination == self.server_name:
|
||||||
|
continue
|
||||||
|
|
||||||
|
try:
|
||||||
|
yield self.transport_layer.exchange_third_party_invite(
|
||||||
|
destination=destination,
|
||||||
|
room_id=room_id,
|
||||||
|
event_dict=event_dict,
|
||||||
|
)
|
||||||
|
defer.returnValue(None)
|
||||||
|
except CodeMessageException:
|
||||||
|
raise
|
||||||
|
except Exception as e:
|
||||||
|
logger.exception(
|
||||||
|
"Failed to send_third_party_invite via %s: %s",
|
||||||
|
destination, e.message
|
||||||
|
)
|
||||||
|
|
||||||
|
raise RuntimeError("Failed to send to any server.")
|
||||||
|
|
|
@ -254,6 +254,20 @@ class FederationServer(FederationBase):
|
||||||
],
|
],
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_make_leave_request(self, room_id, user_id):
|
||||||
|
pdu = yield self.handler.on_make_leave_request(room_id, user_id)
|
||||||
|
time_now = self._clock.time_msec()
|
||||||
|
defer.returnValue({"event": pdu.get_pdu_json(time_now)})
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_send_leave_request(self, origin, content):
|
||||||
|
logger.debug("on_send_leave_request: content: %s", content)
|
||||||
|
pdu = self.event_from_pdu_json(content)
|
||||||
|
logger.debug("on_send_leave_request: pdu sigs: %s", pdu.signatures)
|
||||||
|
yield self.handler.on_send_leave_request(origin, pdu)
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_event_auth(self, origin, room_id, event_id):
|
def on_event_auth(self, origin, room_id, event_id):
|
||||||
time_now = self._clock.time_msec()
|
time_now = self._clock.time_msec()
|
||||||
|
@ -529,3 +543,15 @@ class FederationServer(FederationBase):
|
||||||
event.internal_metadata.outlier = outlier
|
event.internal_metadata.outlier = outlier
|
||||||
|
|
||||||
return event
|
return event
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def exchange_third_party_invite(self, invite):
|
||||||
|
ret = yield self.handler.exchange_third_party_invite(invite)
|
||||||
|
defer.returnValue(ret)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_exchange_third_party_invite_request(self, origin, room_id, event_dict):
|
||||||
|
ret = yield self.handler.on_exchange_third_party_invite_request(
|
||||||
|
origin, room_id, event_dict
|
||||||
|
)
|
||||||
|
defer.returnValue(ret)
|
||||||
|
|
|
@ -202,6 +202,7 @@ class TransactionQueue(object):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def _attempt_new_transaction(self, destination):
|
def _attempt_new_transaction(self, destination):
|
||||||
|
# list of (pending_pdu, deferred, order)
|
||||||
if destination in self.pending_transactions:
|
if destination in self.pending_transactions:
|
||||||
# XXX: pending_transactions can get stuck on by a never-ending
|
# XXX: pending_transactions can get stuck on by a never-ending
|
||||||
# request at which point pending_pdus_by_dest just keeps growing.
|
# request at which point pending_pdus_by_dest just keeps growing.
|
||||||
|
@ -213,9 +214,6 @@ class TransactionQueue(object):
|
||||||
)
|
)
|
||||||
return
|
return
|
||||||
|
|
||||||
logger.debug("TX [%s] _attempt_new_transaction", destination)
|
|
||||||
|
|
||||||
# list of (pending_pdu, deferred, order)
|
|
||||||
pending_pdus = self.pending_pdus_by_dest.pop(destination, [])
|
pending_pdus = self.pending_pdus_by_dest.pop(destination, [])
|
||||||
pending_edus = self.pending_edus_by_dest.pop(destination, [])
|
pending_edus = self.pending_edus_by_dest.pop(destination, [])
|
||||||
pending_failures = self.pending_failures_by_dest.pop(destination, [])
|
pending_failures = self.pending_failures_by_dest.pop(destination, [])
|
||||||
|
@ -228,20 +226,22 @@ class TransactionQueue(object):
|
||||||
logger.debug("TX [%s] Nothing to send", destination)
|
logger.debug("TX [%s] Nothing to send", destination)
|
||||||
return
|
return
|
||||||
|
|
||||||
# Sort based on the order field
|
|
||||||
pending_pdus.sort(key=lambda t: t[2])
|
|
||||||
|
|
||||||
pdus = [x[0] for x in pending_pdus]
|
|
||||||
edus = [x[0] for x in pending_edus]
|
|
||||||
failures = [x[0].get_dict() for x in pending_failures]
|
|
||||||
deferreds = [
|
|
||||||
x[1]
|
|
||||||
for x in pending_pdus + pending_edus + pending_failures
|
|
||||||
]
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
self.pending_transactions[destination] = 1
|
self.pending_transactions[destination] = 1
|
||||||
|
|
||||||
|
logger.debug("TX [%s] _attempt_new_transaction", destination)
|
||||||
|
|
||||||
|
# Sort based on the order field
|
||||||
|
pending_pdus.sort(key=lambda t: t[2])
|
||||||
|
|
||||||
|
pdus = [x[0] for x in pending_pdus]
|
||||||
|
edus = [x[0] for x in pending_edus]
|
||||||
|
failures = [x[0].get_dict() for x in pending_failures]
|
||||||
|
deferreds = [
|
||||||
|
x[1]
|
||||||
|
for x in pending_pdus + pending_edus + pending_failures
|
||||||
|
]
|
||||||
|
|
||||||
txn_id = str(self._next_txn_id)
|
txn_id = str(self._next_txn_id)
|
||||||
|
|
||||||
limiter = yield get_retry_limiter(
|
limiter = yield get_retry_limiter(
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
from synapse.api.constants import Membership
|
||||||
|
|
||||||
from synapse.api.urls import FEDERATION_PREFIX as PREFIX
|
from synapse.api.urls import FEDERATION_PREFIX as PREFIX
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
|
@ -160,13 +161,19 @@ class TransportLayerClient(object):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def make_join(self, destination, room_id, user_id, retry_on_dns_fail=True):
|
def make_membership_event(self, destination, room_id, user_id, membership):
|
||||||
path = PREFIX + "/make_join/%s/%s" % (room_id, user_id)
|
valid_memberships = {Membership.JOIN, Membership.LEAVE}
|
||||||
|
if membership not in valid_memberships:
|
||||||
|
raise RuntimeError(
|
||||||
|
"make_membership_event called with membership='%s', must be one of %s" %
|
||||||
|
(membership, ",".join(valid_memberships))
|
||||||
|
)
|
||||||
|
path = PREFIX + "/make_%s/%s/%s" % (membership, room_id, user_id)
|
||||||
|
|
||||||
content = yield self.client.get_json(
|
content = yield self.client.get_json(
|
||||||
destination=destination,
|
destination=destination,
|
||||||
path=path,
|
path=path,
|
||||||
retry_on_dns_fail=retry_on_dns_fail,
|
retry_on_dns_fail=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue(content)
|
defer.returnValue(content)
|
||||||
|
@ -184,6 +191,19 @@ class TransportLayerClient(object):
|
||||||
|
|
||||||
defer.returnValue(response)
|
defer.returnValue(response)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
@log_function
|
||||||
|
def send_leave(self, destination, room_id, event_id, content):
|
||||||
|
path = PREFIX + "/send_leave/%s/%s" % (room_id, event_id)
|
||||||
|
|
||||||
|
response = yield self.client.put_json(
|
||||||
|
destination=destination,
|
||||||
|
path=path,
|
||||||
|
data=content,
|
||||||
|
)
|
||||||
|
|
||||||
|
defer.returnValue(response)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def send_invite(self, destination, room_id, event_id, content):
|
def send_invite(self, destination, room_id, event_id, content):
|
||||||
|
@ -197,6 +217,19 @@ class TransportLayerClient(object):
|
||||||
|
|
||||||
defer.returnValue(response)
|
defer.returnValue(response)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
@log_function
|
||||||
|
def exchange_third_party_invite(self, destination, room_id, event_dict):
|
||||||
|
path = PREFIX + "/exchange_third_party_invite/%s" % (room_id,)
|
||||||
|
|
||||||
|
response = yield self.client.put_json(
|
||||||
|
destination=destination,
|
||||||
|
path=path,
|
||||||
|
data=event_dict,
|
||||||
|
)
|
||||||
|
|
||||||
|
defer.returnValue(response)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def get_event_auth(self, destination, room_id, event_id):
|
def get_event_auth(self, destination, room_id, event_id):
|
||||||
|
|
|
@ -296,6 +296,24 @@ class FederationMakeJoinServlet(BaseFederationServlet):
|
||||||
defer.returnValue((200, content))
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
|
class FederationMakeLeaveServlet(BaseFederationServlet):
|
||||||
|
PATH = "/make_leave/([^/]*)/([^/]*)"
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_GET(self, origin, content, query, context, user_id):
|
||||||
|
content = yield self.handler.on_make_leave_request(context, user_id)
|
||||||
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
|
class FederationSendLeaveServlet(BaseFederationServlet):
|
||||||
|
PATH = "/send_leave/([^/]*)/([^/]*)"
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_PUT(self, origin, content, query, room_id, txid):
|
||||||
|
content = yield self.handler.on_send_leave_request(origin, content)
|
||||||
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
class FederationEventAuthServlet(BaseFederationServlet):
|
class FederationEventAuthServlet(BaseFederationServlet):
|
||||||
PATH = "/event_auth/([^/]*)/([^/]*)"
|
PATH = "/event_auth/([^/]*)/([^/]*)"
|
||||||
|
|
||||||
|
@ -325,6 +343,17 @@ class FederationInviteServlet(BaseFederationServlet):
|
||||||
defer.returnValue((200, content))
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
|
class FederationThirdPartyInviteExchangeServlet(BaseFederationServlet):
|
||||||
|
PATH = "/exchange_third_party_invite/([^/]*)"
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_PUT(self, origin, content, query, room_id):
|
||||||
|
content = yield self.handler.on_exchange_third_party_invite_request(
|
||||||
|
origin, room_id, content
|
||||||
|
)
|
||||||
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
class FederationClientKeysQueryServlet(BaseFederationServlet):
|
class FederationClientKeysQueryServlet(BaseFederationServlet):
|
||||||
PATH = "/user/keys/query"
|
PATH = "/user/keys/query"
|
||||||
|
|
||||||
|
@ -378,6 +407,30 @@ class FederationGetMissingEventsServlet(BaseFederationServlet):
|
||||||
defer.returnValue((200, content))
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
|
||||||
|
class On3pidBindServlet(BaseFederationServlet):
|
||||||
|
PATH = "/3pid/onbind"
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_POST(self, request):
|
||||||
|
content_bytes = request.content.read()
|
||||||
|
content = json.loads(content_bytes)
|
||||||
|
if "invites" in content:
|
||||||
|
last_exception = None
|
||||||
|
for invite in content["invites"]:
|
||||||
|
try:
|
||||||
|
yield self.handler.exchange_third_party_invite(invite)
|
||||||
|
except Exception as e:
|
||||||
|
last_exception = e
|
||||||
|
if last_exception:
|
||||||
|
raise last_exception
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
# Avoid doing remote HS authorization checks which are done by default by
|
||||||
|
# BaseFederationServlet.
|
||||||
|
def _wrap(self, code):
|
||||||
|
return code
|
||||||
|
|
||||||
|
|
||||||
SERVLET_CLASSES = (
|
SERVLET_CLASSES = (
|
||||||
FederationPullServlet,
|
FederationPullServlet,
|
||||||
FederationEventServlet,
|
FederationEventServlet,
|
||||||
|
@ -385,12 +438,16 @@ SERVLET_CLASSES = (
|
||||||
FederationBackfillServlet,
|
FederationBackfillServlet,
|
||||||
FederationQueryServlet,
|
FederationQueryServlet,
|
||||||
FederationMakeJoinServlet,
|
FederationMakeJoinServlet,
|
||||||
|
FederationMakeLeaveServlet,
|
||||||
FederationEventServlet,
|
FederationEventServlet,
|
||||||
FederationSendJoinServlet,
|
FederationSendJoinServlet,
|
||||||
|
FederationSendLeaveServlet,
|
||||||
FederationInviteServlet,
|
FederationInviteServlet,
|
||||||
FederationQueryAuthServlet,
|
FederationQueryAuthServlet,
|
||||||
FederationGetMissingEventsServlet,
|
FederationGetMissingEventsServlet,
|
||||||
FederationEventAuthServlet,
|
FederationEventAuthServlet,
|
||||||
FederationClientKeysQueryServlet,
|
FederationClientKeysQueryServlet,
|
||||||
FederationClientKeysClaimServlet,
|
FederationClientKeysClaimServlet,
|
||||||
|
FederationThirdPartyInviteExchangeServlet,
|
||||||
|
On3pidBindServlet,
|
||||||
)
|
)
|
||||||
|
|
|
@ -17,7 +17,7 @@ from synapse.appservice.scheduler import AppServiceScheduler
|
||||||
from synapse.appservice.api import ApplicationServiceApi
|
from synapse.appservice.api import ApplicationServiceApi
|
||||||
from .register import RegistrationHandler
|
from .register import RegistrationHandler
|
||||||
from .room import (
|
from .room import (
|
||||||
RoomCreationHandler, RoomMemberHandler, RoomListHandler
|
RoomCreationHandler, RoomMemberHandler, RoomListHandler, RoomContextHandler,
|
||||||
)
|
)
|
||||||
from .message import MessageHandler
|
from .message import MessageHandler
|
||||||
from .events import EventStreamHandler, EventHandler
|
from .events import EventStreamHandler, EventHandler
|
||||||
|
@ -32,6 +32,7 @@ from .sync import SyncHandler
|
||||||
from .auth import AuthHandler
|
from .auth import AuthHandler
|
||||||
from .identity import IdentityHandler
|
from .identity import IdentityHandler
|
||||||
from .receipts import ReceiptsHandler
|
from .receipts import ReceiptsHandler
|
||||||
|
from .search import SearchHandler
|
||||||
|
|
||||||
|
|
||||||
class Handlers(object):
|
class Handlers(object):
|
||||||
|
@ -68,3 +69,5 @@ class Handlers(object):
|
||||||
self.sync_handler = SyncHandler(hs)
|
self.sync_handler = SyncHandler(hs)
|
||||||
self.auth_handler = AuthHandler(hs)
|
self.auth_handler = AuthHandler(hs)
|
||||||
self.identity_handler = IdentityHandler(hs)
|
self.identity_handler = IdentityHandler(hs)
|
||||||
|
self.search_handler = SearchHandler(hs)
|
||||||
|
self.room_context_handler = RoomContextHandler(hs)
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.api.errors import LimitExceededError, SynapseError
|
from synapse.api.errors import LimitExceededError, SynapseError, AuthError
|
||||||
from synapse.crypto.event_signing import add_hashes_and_signatures
|
from synapse.crypto.event_signing import add_hashes_and_signatures
|
||||||
from synapse.api.constants import Membership, EventTypes
|
from synapse.api.constants import Membership, EventTypes
|
||||||
from synapse.types import UserID, RoomAlias
|
from synapse.types import UserID, RoomAlias
|
||||||
|
@ -29,6 +29,12 @@ logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class BaseHandler(object):
|
class BaseHandler(object):
|
||||||
|
"""
|
||||||
|
Common base class for the event handlers.
|
||||||
|
|
||||||
|
:type store: synapse.storage.events.StateStore
|
||||||
|
:type state_handler: synapse.state.StateHandler
|
||||||
|
"""
|
||||||
|
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
|
@ -45,6 +51,74 @@ class BaseHandler(object):
|
||||||
|
|
||||||
self.event_builder_factory = hs.get_event_builder_factory()
|
self.event_builder_factory = hs.get_event_builder_factory()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _filter_events_for_client(self, user_id, events, is_guest=False,
|
||||||
|
require_all_visible_for_guests=True):
|
||||||
|
# Assumes that user has at some point joined the room if not is_guest.
|
||||||
|
|
||||||
|
def allowed(event, membership, visibility):
|
||||||
|
if visibility == "world_readable":
|
||||||
|
return True
|
||||||
|
|
||||||
|
if is_guest:
|
||||||
|
return False
|
||||||
|
|
||||||
|
if membership == Membership.JOIN:
|
||||||
|
return True
|
||||||
|
|
||||||
|
if event.type == EventTypes.RoomHistoryVisibility:
|
||||||
|
return not is_guest
|
||||||
|
|
||||||
|
if visibility == "shared":
|
||||||
|
return True
|
||||||
|
elif visibility == "joined":
|
||||||
|
return membership == Membership.JOIN
|
||||||
|
elif visibility == "invited":
|
||||||
|
return membership == Membership.INVITE
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
||||||
|
event_id_to_state = yield self.store.get_state_for_events(
|
||||||
|
frozenset(e.event_id for e in events),
|
||||||
|
types=(
|
||||||
|
(EventTypes.RoomHistoryVisibility, ""),
|
||||||
|
(EventTypes.Member, user_id),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
events_to_return = []
|
||||||
|
for event in events:
|
||||||
|
state = event_id_to_state[event.event_id]
|
||||||
|
|
||||||
|
membership_event = state.get((EventTypes.Member, user_id), None)
|
||||||
|
if membership_event:
|
||||||
|
membership = membership_event.membership
|
||||||
|
else:
|
||||||
|
membership = None
|
||||||
|
|
||||||
|
visibility_event = state.get((EventTypes.RoomHistoryVisibility, ""), None)
|
||||||
|
if visibility_event:
|
||||||
|
visibility = visibility_event.content.get("history_visibility", "shared")
|
||||||
|
else:
|
||||||
|
visibility = "shared"
|
||||||
|
|
||||||
|
should_include = allowed(event, membership, visibility)
|
||||||
|
if should_include:
|
||||||
|
events_to_return.append(event)
|
||||||
|
|
||||||
|
if (require_all_visible_for_guests
|
||||||
|
and is_guest
|
||||||
|
and len(events_to_return) < len(events)):
|
||||||
|
# This indicates that some events in the requested range were not
|
||||||
|
# visible to guest users. To be safe, we reject the entire request,
|
||||||
|
# so that we don't have to worry about interpreting visibility
|
||||||
|
# boundaries.
|
||||||
|
raise AuthError(403, "User %s does not have permission" % (
|
||||||
|
user_id
|
||||||
|
))
|
||||||
|
|
||||||
|
defer.returnValue(events_to_return)
|
||||||
|
|
||||||
def ratelimit(self, user_id):
|
def ratelimit(self, user_id):
|
||||||
time_now = self.clock.time()
|
time_now = self.clock.time()
|
||||||
allowed, time_allowed = self.ratelimiter.send_message(
|
allowed, time_allowed = self.ratelimiter.send_message(
|
||||||
|
@ -107,6 +181,8 @@ class BaseHandler(object):
|
||||||
if not suppress_auth:
|
if not suppress_auth:
|
||||||
self.auth.check(event, auth_events=context.current_state)
|
self.auth.check(event, auth_events=context.current_state)
|
||||||
|
|
||||||
|
yield self.maybe_kick_guest_users(event, context.current_state.values())
|
||||||
|
|
||||||
if event.type == EventTypes.CanonicalAlias:
|
if event.type == EventTypes.CanonicalAlias:
|
||||||
# Check the alias is acually valid (at this time at least)
|
# Check the alias is acually valid (at this time at least)
|
||||||
room_alias_str = event.content.get("alias", None)
|
room_alias_str = event.content.get("alias", None)
|
||||||
|
@ -123,29 +199,63 @@ class BaseHandler(object):
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
(event_stream_id, max_stream_id) = yield self.store.persist_event(
|
|
||||||
event, context=context
|
|
||||||
)
|
|
||||||
|
|
||||||
federation_handler = self.hs.get_handlers().federation_handler
|
federation_handler = self.hs.get_handlers().federation_handler
|
||||||
|
|
||||||
if event.type == EventTypes.Member:
|
if event.type == EventTypes.Member:
|
||||||
if event.content["membership"] == Membership.INVITE:
|
if event.content["membership"] == Membership.INVITE:
|
||||||
|
event.unsigned["invite_room_state"] = [
|
||||||
|
{
|
||||||
|
"type": e.type,
|
||||||
|
"state_key": e.state_key,
|
||||||
|
"content": e.content,
|
||||||
|
"sender": e.sender,
|
||||||
|
}
|
||||||
|
for k, e in context.current_state.items()
|
||||||
|
if e.type in (
|
||||||
|
EventTypes.JoinRules,
|
||||||
|
EventTypes.CanonicalAlias,
|
||||||
|
EventTypes.RoomAvatar,
|
||||||
|
EventTypes.Name,
|
||||||
|
)
|
||||||
|
]
|
||||||
|
|
||||||
invitee = UserID.from_string(event.state_key)
|
invitee = UserID.from_string(event.state_key)
|
||||||
if not self.hs.is_mine(invitee):
|
if not self.hs.is_mine(invitee):
|
||||||
# TODO: Can we add signature from remote server in a nicer
|
# TODO: Can we add signature from remote server in a nicer
|
||||||
# way? If we have been invited by a remote server, we need
|
# way? If we have been invited by a remote server, we need
|
||||||
# to get them to sign the event.
|
# to get them to sign the event.
|
||||||
|
|
||||||
returned_invite = yield federation_handler.send_invite(
|
returned_invite = yield federation_handler.send_invite(
|
||||||
invitee.domain,
|
invitee.domain,
|
||||||
event,
|
event,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
event.unsigned.pop("room_state", None)
|
||||||
|
|
||||||
# TODO: Make sure the signatures actually are correct.
|
# TODO: Make sure the signatures actually are correct.
|
||||||
event.signatures.update(
|
event.signatures.update(
|
||||||
returned_invite.signatures
|
returned_invite.signatures
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if event.type == EventTypes.Redaction:
|
||||||
|
if self.auth.check_redaction(event, auth_events=context.current_state):
|
||||||
|
original_event = yield self.store.get_event(
|
||||||
|
event.redacts,
|
||||||
|
check_redacted=False,
|
||||||
|
get_prev_content=False,
|
||||||
|
allow_rejected=False,
|
||||||
|
allow_none=False
|
||||||
|
)
|
||||||
|
if event.user_id != original_event.user_id:
|
||||||
|
raise AuthError(
|
||||||
|
403,
|
||||||
|
"You don't have permission to redact events"
|
||||||
|
)
|
||||||
|
|
||||||
|
(event_stream_id, max_stream_id) = yield self.store.persist_event(
|
||||||
|
event, context=context
|
||||||
|
)
|
||||||
|
|
||||||
destinations = set(extra_destinations)
|
destinations = set(extra_destinations)
|
||||||
for k, s in context.current_state.items():
|
for k, s in context.current_state.items():
|
||||||
try:
|
try:
|
||||||
|
@ -174,6 +284,64 @@ class BaseHandler(object):
|
||||||
|
|
||||||
notify_d.addErrback(log_failure)
|
notify_d.addErrback(log_failure)
|
||||||
|
|
||||||
|
# If invite, remove room_state from unsigned before sending.
|
||||||
|
event.unsigned.pop("invite_room_state", None)
|
||||||
|
|
||||||
federation_handler.handle_new_event(
|
federation_handler.handle_new_event(
|
||||||
event, destinations=destinations,
|
event, destinations=destinations,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def maybe_kick_guest_users(self, event, current_state):
|
||||||
|
# Technically this function invalidates current_state by changing it.
|
||||||
|
# Hopefully this isn't that important to the caller.
|
||||||
|
if event.type == EventTypes.GuestAccess:
|
||||||
|
guest_access = event.content.get("guest_access", "forbidden")
|
||||||
|
if guest_access != "can_join":
|
||||||
|
yield self.kick_guest_users(current_state)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def kick_guest_users(self, current_state):
|
||||||
|
for member_event in current_state:
|
||||||
|
try:
|
||||||
|
if member_event.type != EventTypes.Member:
|
||||||
|
continue
|
||||||
|
|
||||||
|
if not self.hs.is_mine(UserID.from_string(member_event.state_key)):
|
||||||
|
continue
|
||||||
|
|
||||||
|
if member_event.content["membership"] not in {
|
||||||
|
Membership.JOIN,
|
||||||
|
Membership.INVITE
|
||||||
|
}:
|
||||||
|
continue
|
||||||
|
|
||||||
|
if (
|
||||||
|
"kind" not in member_event.content
|
||||||
|
or member_event.content["kind"] != "guest"
|
||||||
|
):
|
||||||
|
continue
|
||||||
|
|
||||||
|
# We make the user choose to leave, rather than have the
|
||||||
|
# event-sender kick them. This is partially because we don't
|
||||||
|
# need to worry about power levels, and partially because guest
|
||||||
|
# users are a concept which doesn't hugely work over federation,
|
||||||
|
# and having homeservers have their own users leave keeps more
|
||||||
|
# of that decision-making and control local to the guest-having
|
||||||
|
# homeserver.
|
||||||
|
message_handler = self.hs.get_handlers().message_handler
|
||||||
|
yield message_handler.create_and_send_event(
|
||||||
|
{
|
||||||
|
"type": EventTypes.Member,
|
||||||
|
"state_key": member_event.state_key,
|
||||||
|
"content": {
|
||||||
|
"membership": Membership.LEAVE,
|
||||||
|
"kind": "guest"
|
||||||
|
},
|
||||||
|
"room_id": member_event.room_id,
|
||||||
|
"sender": member_event.state_key
|
||||||
|
},
|
||||||
|
ratelimit=False,
|
||||||
|
)
|
||||||
|
except Exception as e:
|
||||||
|
logger.warn("Error kicking guest user: %s" % (e,))
|
||||||
|
|
|
@ -34,6 +34,7 @@ class AdminHandler(BaseHandler):
|
||||||
|
|
||||||
d = {}
|
d = {}
|
||||||
for r in res:
|
for r in res:
|
||||||
|
# Note that device_id is always None
|
||||||
device = d.setdefault(r["device_id"], {})
|
device = d.setdefault(r["device_id"], {})
|
||||||
session = device.setdefault(r["access_token"], [])
|
session = device.setdefault(r["access_token"], [])
|
||||||
session.append({
|
session.append({
|
||||||
|
|
|
@ -18,14 +18,14 @@ from twisted.internet import defer
|
||||||
from ._base import BaseHandler
|
from ._base import BaseHandler
|
||||||
from synapse.api.constants import LoginType
|
from synapse.api.constants import LoginType
|
||||||
from synapse.types import UserID
|
from synapse.types import UserID
|
||||||
from synapse.api.errors import LoginError, Codes
|
from synapse.api.errors import AuthError, LoginError, Codes
|
||||||
from synapse.http.client import SimpleHttpClient
|
|
||||||
from synapse.util.async import run_on_reactor
|
from synapse.util.async import run_on_reactor
|
||||||
|
|
||||||
from twisted.web.client import PartialDownloadError
|
from twisted.web.client import PartialDownloadError
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
import bcrypt
|
import bcrypt
|
||||||
|
import pymacaroons
|
||||||
import simplejson
|
import simplejson
|
||||||
|
|
||||||
import synapse.util.stringutils as stringutils
|
import synapse.util.stringutils as stringutils
|
||||||
|
@ -44,7 +44,9 @@ class AuthHandler(BaseHandler):
|
||||||
LoginType.EMAIL_IDENTITY: self._check_email_identity,
|
LoginType.EMAIL_IDENTITY: self._check_email_identity,
|
||||||
LoginType.DUMMY: self._check_dummy_auth,
|
LoginType.DUMMY: self._check_dummy_auth,
|
||||||
}
|
}
|
||||||
|
self.bcrypt_rounds = hs.config.bcrypt_rounds
|
||||||
self.sessions = {}
|
self.sessions = {}
|
||||||
|
self.INVALID_TOKEN_HTTP_STATUS = 401
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def check_auth(self, flows, clientdict, clientip):
|
def check_auth(self, flows, clientdict, clientip):
|
||||||
|
@ -186,7 +188,7 @@ class AuthHandler(BaseHandler):
|
||||||
# TODO: get this from the homeserver rather than creating a new one for
|
# TODO: get this from the homeserver rather than creating a new one for
|
||||||
# each request
|
# each request
|
||||||
try:
|
try:
|
||||||
client = SimpleHttpClient(self.hs)
|
client = self.hs.get_simple_http_client()
|
||||||
resp_body = yield client.post_urlencoded_get_json(
|
resp_body = yield client.post_urlencoded_get_json(
|
||||||
self.hs.config.recaptcha_siteverify_api,
|
self.hs.config.recaptcha_siteverify_api,
|
||||||
args={
|
args={
|
||||||
|
@ -279,7 +281,10 @@ class AuthHandler(BaseHandler):
|
||||||
user_id (str): User ID
|
user_id (str): User ID
|
||||||
password (str): Password
|
password (str): Password
|
||||||
Returns:
|
Returns:
|
||||||
The access token for the user's session.
|
A tuple of:
|
||||||
|
The user's ID.
|
||||||
|
The access token for the user's session.
|
||||||
|
The refresh token for the user's session.
|
||||||
Raises:
|
Raises:
|
||||||
StoreError if there was a problem storing the token.
|
StoreError if there was a problem storing the token.
|
||||||
LoginError if there was an authentication problem.
|
LoginError if there was an authentication problem.
|
||||||
|
@ -287,11 +292,43 @@ class AuthHandler(BaseHandler):
|
||||||
user_id, password_hash = yield self._find_user_id_and_pwd_hash(user_id)
|
user_id, password_hash = yield self._find_user_id_and_pwd_hash(user_id)
|
||||||
self._check_password(user_id, password, password_hash)
|
self._check_password(user_id, password, password_hash)
|
||||||
|
|
||||||
reg_handler = self.hs.get_handlers().registration_handler
|
|
||||||
access_token = reg_handler.generate_token(user_id)
|
|
||||||
logger.info("Logging in user %s", user_id)
|
logger.info("Logging in user %s", user_id)
|
||||||
yield self.store.add_access_token_to_user(user_id, access_token)
|
access_token = yield self.issue_access_token(user_id)
|
||||||
defer.returnValue((user_id, access_token))
|
refresh_token = yield self.issue_refresh_token(user_id)
|
||||||
|
defer.returnValue((user_id, access_token, refresh_token))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_login_tuple_for_user_id(self, user_id):
|
||||||
|
"""
|
||||||
|
Gets login tuple for the user with the given user ID.
|
||||||
|
The user is assumed to have been authenticated by some other
|
||||||
|
machanism (e.g. CAS)
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user_id (str): User ID
|
||||||
|
Returns:
|
||||||
|
A tuple of:
|
||||||
|
The user's ID.
|
||||||
|
The access token for the user's session.
|
||||||
|
The refresh token for the user's session.
|
||||||
|
Raises:
|
||||||
|
StoreError if there was a problem storing the token.
|
||||||
|
LoginError if there was an authentication problem.
|
||||||
|
"""
|
||||||
|
user_id, ignored = yield self._find_user_id_and_pwd_hash(user_id)
|
||||||
|
|
||||||
|
logger.info("Logging in user %s", user_id)
|
||||||
|
access_token = yield self.issue_access_token(user_id)
|
||||||
|
refresh_token = yield self.issue_refresh_token(user_id)
|
||||||
|
defer.returnValue((user_id, access_token, refresh_token))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def does_user_exist(self, user_id):
|
||||||
|
try:
|
||||||
|
yield self._find_user_id_and_pwd_hash(user_id)
|
||||||
|
defer.returnValue(True)
|
||||||
|
except LoginError:
|
||||||
|
defer.returnValue(False)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _find_user_id_and_pwd_hash(self, user_id):
|
def _find_user_id_and_pwd_hash(self, user_id):
|
||||||
|
@ -321,13 +358,82 @@ class AuthHandler(BaseHandler):
|
||||||
|
|
||||||
def _check_password(self, user_id, password, stored_hash):
|
def _check_password(self, user_id, password, stored_hash):
|
||||||
"""Checks that user_id has passed password, raises LoginError if not."""
|
"""Checks that user_id has passed password, raises LoginError if not."""
|
||||||
if not bcrypt.checkpw(password, stored_hash):
|
if not self.validate_hash(password, stored_hash):
|
||||||
logger.warn("Failed password login for user %s", user_id)
|
logger.warn("Failed password login for user %s", user_id)
|
||||||
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def issue_access_token(self, user_id):
|
||||||
|
access_token = self.generate_access_token(user_id)
|
||||||
|
yield self.store.add_access_token_to_user(user_id, access_token)
|
||||||
|
defer.returnValue(access_token)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def issue_refresh_token(self, user_id):
|
||||||
|
refresh_token = self.generate_refresh_token(user_id)
|
||||||
|
yield self.store.add_refresh_token_to_user(user_id, refresh_token)
|
||||||
|
defer.returnValue(refresh_token)
|
||||||
|
|
||||||
|
def generate_access_token(self, user_id, extra_caveats=None):
|
||||||
|
extra_caveats = extra_caveats or []
|
||||||
|
macaroon = self._generate_base_macaroon(user_id)
|
||||||
|
macaroon.add_first_party_caveat("type = access")
|
||||||
|
now = self.hs.get_clock().time_msec()
|
||||||
|
expiry = now + (60 * 60 * 1000)
|
||||||
|
macaroon.add_first_party_caveat("time < %d" % (expiry,))
|
||||||
|
for caveat in extra_caveats:
|
||||||
|
macaroon.add_first_party_caveat(caveat)
|
||||||
|
return macaroon.serialize()
|
||||||
|
|
||||||
|
def generate_refresh_token(self, user_id):
|
||||||
|
m = self._generate_base_macaroon(user_id)
|
||||||
|
m.add_first_party_caveat("type = refresh")
|
||||||
|
# Important to add a nonce, because otherwise every refresh token for a
|
||||||
|
# user will be the same.
|
||||||
|
m.add_first_party_caveat("nonce = %s" % (
|
||||||
|
stringutils.random_string_with_symbols(16),
|
||||||
|
))
|
||||||
|
return m.serialize()
|
||||||
|
|
||||||
|
def generate_short_term_login_token(self, user_id):
|
||||||
|
macaroon = self._generate_base_macaroon(user_id)
|
||||||
|
macaroon.add_first_party_caveat("type = login")
|
||||||
|
now = self.hs.get_clock().time_msec()
|
||||||
|
expiry = now + (2 * 60 * 1000)
|
||||||
|
macaroon.add_first_party_caveat("time < %d" % (expiry,))
|
||||||
|
return macaroon.serialize()
|
||||||
|
|
||||||
|
def validate_short_term_login_token_and_get_user_id(self, login_token):
|
||||||
|
try:
|
||||||
|
macaroon = pymacaroons.Macaroon.deserialize(login_token)
|
||||||
|
auth_api = self.hs.get_auth()
|
||||||
|
auth_api.validate_macaroon(macaroon, "login", [auth_api.verify_expiry])
|
||||||
|
return self._get_user_from_macaroon(macaroon)
|
||||||
|
except (pymacaroons.exceptions.MacaroonException, TypeError, ValueError):
|
||||||
|
raise AuthError(401, "Invalid token", errcode=Codes.UNKNOWN_TOKEN)
|
||||||
|
|
||||||
|
def _generate_base_macaroon(self, user_id):
|
||||||
|
macaroon = pymacaroons.Macaroon(
|
||||||
|
location=self.hs.config.server_name,
|
||||||
|
identifier="key",
|
||||||
|
key=self.hs.config.macaroon_secret_key)
|
||||||
|
macaroon.add_first_party_caveat("gen = 1")
|
||||||
|
macaroon.add_first_party_caveat("user_id = %s" % (user_id,))
|
||||||
|
return macaroon
|
||||||
|
|
||||||
|
def _get_user_from_macaroon(self, macaroon):
|
||||||
|
user_prefix = "user_id = "
|
||||||
|
for caveat in macaroon.caveats:
|
||||||
|
if caveat.caveat_id.startswith(user_prefix):
|
||||||
|
return caveat.caveat_id[len(user_prefix):]
|
||||||
|
raise AuthError(
|
||||||
|
self.INVALID_TOKEN_HTTP_STATUS, "No user_id found in token",
|
||||||
|
errcode=Codes.UNKNOWN_TOKEN
|
||||||
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def set_password(self, user_id, newpassword):
|
def set_password(self, user_id, newpassword):
|
||||||
password_hash = bcrypt.hashpw(newpassword, bcrypt.gensalt())
|
password_hash = self.hash(newpassword)
|
||||||
|
|
||||||
yield self.store.user_set_password_hash(user_id, password_hash)
|
yield self.store.user_set_password_hash(user_id, password_hash)
|
||||||
yield self.store.user_delete_access_tokens(user_id)
|
yield self.store.user_delete_access_tokens(user_id)
|
||||||
|
@ -349,3 +455,26 @@ class AuthHandler(BaseHandler):
|
||||||
def _remove_session(self, session):
|
def _remove_session(self, session):
|
||||||
logger.debug("Removing session %s", session)
|
logger.debug("Removing session %s", session)
|
||||||
del self.sessions[session["id"]]
|
del self.sessions[session["id"]]
|
||||||
|
|
||||||
|
def hash(self, password):
|
||||||
|
"""Computes a secure hash of password.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
password (str): Password to hash.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Hashed password (str).
|
||||||
|
"""
|
||||||
|
return bcrypt.hashpw(password, bcrypt.gensalt(self.bcrypt_rounds))
|
||||||
|
|
||||||
|
def validate_hash(self, password, stored_hash):
|
||||||
|
"""Validates that self.hash(password) == stored_hash.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
password (str): Password to hash.
|
||||||
|
stored_hash (str): Expected hash value.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Whether self.hash(password) == stored_hash (bool).
|
||||||
|
"""
|
||||||
|
return bcrypt.checkpw(password, stored_hash)
|
||||||
|
|
|
@ -46,11 +46,61 @@ class EventStreamHandler(BaseHandler):
|
||||||
|
|
||||||
self.notifier = hs.get_notifier()
|
self.notifier = hs.get_notifier()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def started_stream(self, user):
|
||||||
|
"""Tells the presence handler that we have started an eventstream for
|
||||||
|
the user:
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user (User): The user who started a stream.
|
||||||
|
Returns:
|
||||||
|
A deferred that completes once their presence has been updated.
|
||||||
|
"""
|
||||||
|
if user not in self._streams_per_user:
|
||||||
|
self._streams_per_user[user] = 0
|
||||||
|
if user in self._stop_timer_per_user:
|
||||||
|
try:
|
||||||
|
self.clock.cancel_call_later(
|
||||||
|
self._stop_timer_per_user.pop(user)
|
||||||
|
)
|
||||||
|
except:
|
||||||
|
logger.exception("Failed to cancel event timer")
|
||||||
|
else:
|
||||||
|
yield self.distributor.fire("started_user_eventstream", user)
|
||||||
|
|
||||||
|
self._streams_per_user[user] += 1
|
||||||
|
|
||||||
|
def stopped_stream(self, user):
|
||||||
|
"""If there are no streams for a user this starts a timer that will
|
||||||
|
notify the presence handler that we haven't got an event stream for
|
||||||
|
the user unless the user starts a new stream in 30 seconds.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user (User): The user who stopped a stream.
|
||||||
|
"""
|
||||||
|
self._streams_per_user[user] -= 1
|
||||||
|
if not self._streams_per_user[user]:
|
||||||
|
del self._streams_per_user[user]
|
||||||
|
|
||||||
|
# 30 seconds of grace to allow the client to reconnect again
|
||||||
|
# before we think they're gone
|
||||||
|
def _later():
|
||||||
|
logger.debug("_later stopped_user_eventstream %s", user)
|
||||||
|
|
||||||
|
self._stop_timer_per_user.pop(user, None)
|
||||||
|
|
||||||
|
return self.distributor.fire("stopped_user_eventstream", user)
|
||||||
|
|
||||||
|
logger.debug("Scheduling _later: for %s", user)
|
||||||
|
self._stop_timer_per_user[user] = (
|
||||||
|
self.clock.call_later(30, _later)
|
||||||
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def get_stream(self, auth_user_id, pagin_config, timeout=0,
|
def get_stream(self, auth_user_id, pagin_config, timeout=0,
|
||||||
as_client_event=True, affect_presence=True,
|
as_client_event=True, affect_presence=True,
|
||||||
only_room_events=False):
|
only_room_events=False, room_id=None, is_guest=False):
|
||||||
"""Fetches the events stream for a given user.
|
"""Fetches the events stream for a given user.
|
||||||
|
|
||||||
If `only_room_events` is `True` only room events will be returned.
|
If `only_room_events` is `True` only room events will be returned.
|
||||||
|
@ -59,31 +109,7 @@ class EventStreamHandler(BaseHandler):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if affect_presence:
|
if affect_presence:
|
||||||
if auth_user not in self._streams_per_user:
|
yield self.started_stream(auth_user)
|
||||||
self._streams_per_user[auth_user] = 0
|
|
||||||
if auth_user in self._stop_timer_per_user:
|
|
||||||
try:
|
|
||||||
self.clock.cancel_call_later(
|
|
||||||
self._stop_timer_per_user.pop(auth_user)
|
|
||||||
)
|
|
||||||
except:
|
|
||||||
logger.exception("Failed to cancel event timer")
|
|
||||||
else:
|
|
||||||
yield self.distributor.fire(
|
|
||||||
"started_user_eventstream", auth_user
|
|
||||||
)
|
|
||||||
self._streams_per_user[auth_user] += 1
|
|
||||||
|
|
||||||
rm_handler = self.hs.get_handlers().room_member_handler
|
|
||||||
|
|
||||||
app_service = yield self.store.get_app_service_by_user_id(
|
|
||||||
auth_user.to_string()
|
|
||||||
)
|
|
||||||
if app_service:
|
|
||||||
rooms = yield self.store.get_app_service_rooms(app_service)
|
|
||||||
room_ids = set(r.room_id for r in rooms)
|
|
||||||
else:
|
|
||||||
room_ids = yield rm_handler.get_joined_rooms_for_user(auth_user)
|
|
||||||
|
|
||||||
if timeout:
|
if timeout:
|
||||||
# If they've set a timeout set a minimum limit.
|
# If they've set a timeout set a minimum limit.
|
||||||
|
@ -93,9 +119,15 @@ class EventStreamHandler(BaseHandler):
|
||||||
# thundering herds on restart.
|
# thundering herds on restart.
|
||||||
timeout = random.randint(int(timeout*0.9), int(timeout*1.1))
|
timeout = random.randint(int(timeout*0.9), int(timeout*1.1))
|
||||||
|
|
||||||
|
if is_guest:
|
||||||
|
yield self.distributor.fire(
|
||||||
|
"user_joined_room", user=auth_user, room_id=room_id
|
||||||
|
)
|
||||||
|
|
||||||
events, tokens = yield self.notifier.get_events_for(
|
events, tokens = yield self.notifier.get_events_for(
|
||||||
auth_user, room_ids, pagin_config, timeout,
|
auth_user, pagin_config, timeout,
|
||||||
only_room_events=only_room_events
|
only_room_events=only_room_events,
|
||||||
|
is_guest=is_guest, guest_room_id=room_id
|
||||||
)
|
)
|
||||||
|
|
||||||
time_now = self.clock.time_msec()
|
time_now = self.clock.time_msec()
|
||||||
|
@ -114,27 +146,7 @@ class EventStreamHandler(BaseHandler):
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
if affect_presence:
|
if affect_presence:
|
||||||
self._streams_per_user[auth_user] -= 1
|
self.stopped_stream(auth_user)
|
||||||
if not self._streams_per_user[auth_user]:
|
|
||||||
del self._streams_per_user[auth_user]
|
|
||||||
|
|
||||||
# 10 seconds of grace to allow the client to reconnect again
|
|
||||||
# before we think they're gone
|
|
||||||
def _later():
|
|
||||||
logger.debug(
|
|
||||||
"_later stopped_user_eventstream %s", auth_user
|
|
||||||
)
|
|
||||||
|
|
||||||
self._stop_timer_per_user.pop(auth_user, None)
|
|
||||||
|
|
||||||
return self.distributor.fire(
|
|
||||||
"stopped_user_eventstream", auth_user
|
|
||||||
)
|
|
||||||
|
|
||||||
logger.debug("Scheduling _later: for %s", auth_user)
|
|
||||||
self._stop_timer_per_user[auth_user] = (
|
|
||||||
self.clock.call_later(30, _later)
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class EventHandler(BaseHandler):
|
class EventHandler(BaseHandler):
|
||||||
|
|
|
@ -21,6 +21,7 @@ from synapse.api.errors import (
|
||||||
AuthError, FederationError, StoreError, CodeMessageException, SynapseError,
|
AuthError, FederationError, StoreError, CodeMessageException, SynapseError,
|
||||||
)
|
)
|
||||||
from synapse.api.constants import EventTypes, Membership, RejectedReason
|
from synapse.api.constants import EventTypes, Membership, RejectedReason
|
||||||
|
from synapse.events.validator import EventValidator
|
||||||
from synapse.util import unwrapFirstError
|
from synapse.util import unwrapFirstError
|
||||||
from synapse.util.logcontext import PreserveLoggingContext
|
from synapse.util.logcontext import PreserveLoggingContext
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
|
@ -40,7 +41,6 @@ from twisted.internet import defer
|
||||||
import itertools
|
import itertools
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
@ -58,6 +58,8 @@ class FederationHandler(BaseHandler):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super(FederationHandler, self).__init__(hs)
|
super(FederationHandler, self).__init__(hs)
|
||||||
|
|
||||||
|
self.hs = hs
|
||||||
|
|
||||||
self.distributor.observe(
|
self.distributor.observe(
|
||||||
"user_joined_room",
|
"user_joined_room",
|
||||||
self._on_user_joined
|
self._on_user_joined
|
||||||
|
@ -68,12 +70,9 @@ class FederationHandler(BaseHandler):
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
self.replication_layer = hs.get_replication_layer()
|
self.replication_layer = hs.get_replication_layer()
|
||||||
self.state_handler = hs.get_state_handler()
|
self.state_handler = hs.get_state_handler()
|
||||||
# self.auth_handler = gs.get_auth_handler()
|
|
||||||
self.server_name = hs.hostname
|
self.server_name = hs.hostname
|
||||||
self.keyring = hs.get_keyring()
|
self.keyring = hs.get_keyring()
|
||||||
|
|
||||||
self.lock_manager = hs.get_room_lock_manager()
|
|
||||||
|
|
||||||
self.replication_layer.set_handler(self)
|
self.replication_layer.set_handler(self)
|
||||||
|
|
||||||
# When joining a room we need to queue any events for that room up
|
# When joining a room we need to queue any events for that room up
|
||||||
|
@ -125,60 +124,72 @@ class FederationHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
if not is_in_room and not event.internal_metadata.is_outlier():
|
if not is_in_room and not event.internal_metadata.is_outlier():
|
||||||
logger.debug("Got event for room we're not in.")
|
logger.debug("Got event for room we're not in.")
|
||||||
current_state = state
|
|
||||||
|
|
||||||
event_ids = set()
|
try:
|
||||||
if state:
|
event_stream_id, max_stream_id = yield self._persist_auth_tree(
|
||||||
event_ids |= {e.event_id for e in state}
|
auth_chain, state, event
|
||||||
if auth_chain:
|
)
|
||||||
event_ids |= {e.event_id for e in auth_chain}
|
except AuthError as e:
|
||||||
|
raise FederationError(
|
||||||
|
"ERROR",
|
||||||
|
e.code,
|
||||||
|
e.msg,
|
||||||
|
affected=event.event_id,
|
||||||
|
)
|
||||||
|
|
||||||
seen_ids = set(
|
else:
|
||||||
(yield self.store.have_events(event_ids)).keys()
|
event_ids = set()
|
||||||
)
|
if state:
|
||||||
|
event_ids |= {e.event_id for e in state}
|
||||||
|
if auth_chain:
|
||||||
|
event_ids |= {e.event_id for e in auth_chain}
|
||||||
|
|
||||||
if state and auth_chain is not None:
|
seen_ids = set(
|
||||||
# If we have any state or auth_chain given to us by the replication
|
(yield self.store.have_events(event_ids)).keys()
|
||||||
# layer, then we should handle them (if we haven't before.)
|
|
||||||
|
|
||||||
event_infos = []
|
|
||||||
|
|
||||||
for e in itertools.chain(auth_chain, state):
|
|
||||||
if e.event_id in seen_ids:
|
|
||||||
continue
|
|
||||||
e.internal_metadata.outlier = True
|
|
||||||
auth_ids = [e_id for e_id, _ in e.auth_events]
|
|
||||||
auth = {
|
|
||||||
(e.type, e.state_key): e for e in auth_chain
|
|
||||||
if e.event_id in auth_ids
|
|
||||||
}
|
|
||||||
event_infos.append({
|
|
||||||
"event": e,
|
|
||||||
"auth_events": auth,
|
|
||||||
})
|
|
||||||
seen_ids.add(e.event_id)
|
|
||||||
|
|
||||||
yield self._handle_new_events(
|
|
||||||
origin,
|
|
||||||
event_infos,
|
|
||||||
outliers=True
|
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
if state and auth_chain is not None:
|
||||||
_, event_stream_id, max_stream_id = yield self._handle_new_event(
|
# If we have any state or auth_chain given to us by the replication
|
||||||
origin,
|
# layer, then we should handle them (if we haven't before.)
|
||||||
event,
|
|
||||||
state=state,
|
event_infos = []
|
||||||
backfilled=backfilled,
|
|
||||||
current_state=current_state,
|
for e in itertools.chain(auth_chain, state):
|
||||||
)
|
if e.event_id in seen_ids:
|
||||||
except AuthError as e:
|
continue
|
||||||
raise FederationError(
|
e.internal_metadata.outlier = True
|
||||||
"ERROR",
|
auth_ids = [e_id for e_id, _ in e.auth_events]
|
||||||
e.code,
|
auth = {
|
||||||
e.msg,
|
(e.type, e.state_key): e for e in auth_chain
|
||||||
affected=event.event_id,
|
if e.event_id in auth_ids or e.type == EventTypes.Create
|
||||||
)
|
}
|
||||||
|
event_infos.append({
|
||||||
|
"event": e,
|
||||||
|
"auth_events": auth,
|
||||||
|
})
|
||||||
|
seen_ids.add(e.event_id)
|
||||||
|
|
||||||
|
yield self._handle_new_events(
|
||||||
|
origin,
|
||||||
|
event_infos,
|
||||||
|
outliers=True
|
||||||
|
)
|
||||||
|
|
||||||
|
try:
|
||||||
|
_, event_stream_id, max_stream_id = yield self._handle_new_event(
|
||||||
|
origin,
|
||||||
|
event,
|
||||||
|
state=state,
|
||||||
|
backfilled=backfilled,
|
||||||
|
current_state=current_state,
|
||||||
|
)
|
||||||
|
except AuthError as e:
|
||||||
|
raise FederationError(
|
||||||
|
"ERROR",
|
||||||
|
e.code,
|
||||||
|
e.msg,
|
||||||
|
affected=event.event_id,
|
||||||
|
)
|
||||||
|
|
||||||
# if we're receiving valid events from an origin,
|
# if we're receiving valid events from an origin,
|
||||||
# it's probably a good idea to mark it as not in retry-state
|
# it's probably a good idea to mark it as not in retry-state
|
||||||
|
@ -230,7 +241,7 @@ class FederationHandler(BaseHandler):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _filter_events_for_server(self, server_name, room_id, events):
|
def _filter_events_for_server(self, server_name, room_id, events):
|
||||||
event_to_state = yield self.store.get_state_for_events(
|
event_to_state = yield self.store.get_state_for_events(
|
||||||
room_id, frozenset(e.event_id for e in events),
|
frozenset(e.event_id for e in events),
|
||||||
types=(
|
types=(
|
||||||
(EventTypes.RoomHistoryVisibility, ""),
|
(EventTypes.RoomHistoryVisibility, ""),
|
||||||
(EventTypes.Member, None),
|
(EventTypes.Member, None),
|
||||||
|
@ -553,7 +564,7 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def do_invite_join(self, target_hosts, room_id, joinee, content, snapshot):
|
def do_invite_join(self, target_hosts, room_id, joinee, content):
|
||||||
""" Attempts to join the `joinee` to the room `room_id` via the
|
""" Attempts to join the `joinee` to the room `room_id` via the
|
||||||
server `target_host`.
|
server `target_host`.
|
||||||
|
|
||||||
|
@ -569,49 +580,19 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
yield self.store.clean_room_for_join(room_id)
|
yield self.store.clean_room_for_join(room_id)
|
||||||
|
|
||||||
origin, pdu = yield self.replication_layer.make_join(
|
origin, event = yield self._make_and_verify_event(
|
||||||
target_hosts,
|
target_hosts,
|
||||||
room_id,
|
room_id,
|
||||||
joinee
|
joinee,
|
||||||
|
"join",
|
||||||
|
content,
|
||||||
)
|
)
|
||||||
|
|
||||||
logger.debug("Got response to make_join: %s", pdu)
|
|
||||||
|
|
||||||
event = pdu
|
|
||||||
|
|
||||||
# We should assert some things.
|
|
||||||
# FIXME: Do this in a nicer way
|
|
||||||
assert(event.type == EventTypes.Member)
|
|
||||||
assert(event.user_id == joinee)
|
|
||||||
assert(event.state_key == joinee)
|
|
||||||
assert(event.room_id == room_id)
|
|
||||||
|
|
||||||
event.internal_metadata.outlier = False
|
|
||||||
|
|
||||||
self.room_queues[room_id] = []
|
self.room_queues[room_id] = []
|
||||||
|
|
||||||
builder = self.event_builder_factory.new(
|
|
||||||
unfreeze(event.get_pdu_json())
|
|
||||||
)
|
|
||||||
|
|
||||||
handled_events = set()
|
handled_events = set()
|
||||||
|
|
||||||
try:
|
try:
|
||||||
builder.event_id = self.event_builder_factory.create_event_id()
|
new_event = self._sign_event(event)
|
||||||
builder.origin = self.hs.hostname
|
|
||||||
builder.content = content
|
|
||||||
|
|
||||||
if not hasattr(event, "signatures"):
|
|
||||||
builder.signatures = {}
|
|
||||||
|
|
||||||
add_hashes_and_signatures(
|
|
||||||
builder,
|
|
||||||
self.hs.hostname,
|
|
||||||
self.hs.config.signing_key[0],
|
|
||||||
)
|
|
||||||
|
|
||||||
new_event = builder.build()
|
|
||||||
|
|
||||||
# Try the host we successfully got a response to /make_join/
|
# Try the host we successfully got a response to /make_join/
|
||||||
# request first.
|
# request first.
|
||||||
try:
|
try:
|
||||||
|
@ -619,11 +600,7 @@ class FederationHandler(BaseHandler):
|
||||||
target_hosts.insert(0, origin)
|
target_hosts.insert(0, origin)
|
||||||
except ValueError:
|
except ValueError:
|
||||||
pass
|
pass
|
||||||
|
ret = yield self.replication_layer.send_join(target_hosts, new_event)
|
||||||
ret = yield self.replication_layer.send_join(
|
|
||||||
target_hosts,
|
|
||||||
new_event
|
|
||||||
)
|
|
||||||
|
|
||||||
origin = ret["origin"]
|
origin = ret["origin"]
|
||||||
state = ret["state"]
|
state = ret["state"]
|
||||||
|
@ -649,35 +626,8 @@ class FederationHandler(BaseHandler):
|
||||||
# FIXME
|
# FIXME
|
||||||
pass
|
pass
|
||||||
|
|
||||||
ev_infos = []
|
event_stream_id, max_stream_id = yield self._persist_auth_tree(
|
||||||
for e in itertools.chain(state, auth_chain):
|
auth_chain, state, event
|
||||||
if e.event_id == event.event_id:
|
|
||||||
continue
|
|
||||||
|
|
||||||
e.internal_metadata.outlier = True
|
|
||||||
auth_ids = [e_id for e_id, _ in e.auth_events]
|
|
||||||
ev_infos.append({
|
|
||||||
"event": e,
|
|
||||||
"auth_events": {
|
|
||||||
(e.type, e.state_key): e for e in auth_chain
|
|
||||||
if e.event_id in auth_ids
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
yield self._handle_new_events(origin, ev_infos, outliers=True)
|
|
||||||
|
|
||||||
auth_ids = [e_id for e_id, _ in event.auth_events]
|
|
||||||
auth_events = {
|
|
||||||
(e.type, e.state_key): e for e in auth_chain
|
|
||||||
if e.event_id in auth_ids
|
|
||||||
}
|
|
||||||
|
|
||||||
_, event_stream_id, max_stream_id = yield self._handle_new_event(
|
|
||||||
origin,
|
|
||||||
new_event,
|
|
||||||
state=state,
|
|
||||||
current_state=state,
|
|
||||||
auth_events=auth_events,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
with PreserveLoggingContext():
|
with PreserveLoggingContext():
|
||||||
|
@ -714,12 +664,14 @@ class FederationHandler(BaseHandler):
|
||||||
@log_function
|
@log_function
|
||||||
def on_make_join_request(self, room_id, user_id):
|
def on_make_join_request(self, room_id, user_id):
|
||||||
""" We've received a /make_join/ request, so we create a partial
|
""" We've received a /make_join/ request, so we create a partial
|
||||||
join event for the room and return that. We don *not* persist or
|
join event for the room and return that. We do *not* persist or
|
||||||
process it until the other server has signed it and sent it back.
|
process it until the other server has signed it and sent it back.
|
||||||
"""
|
"""
|
||||||
|
event_content = {"membership": Membership.JOIN}
|
||||||
|
|
||||||
builder = self.event_builder_factory.new({
|
builder = self.event_builder_factory.new({
|
||||||
"type": EventTypes.Member,
|
"type": EventTypes.Member,
|
||||||
"content": {"membership": Membership.JOIN},
|
"content": event_content,
|
||||||
"room_id": room_id,
|
"room_id": room_id,
|
||||||
"sender": user_id,
|
"sender": user_id,
|
||||||
"state_key": user_id,
|
"state_key": user_id,
|
||||||
|
@ -864,6 +816,168 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
defer.returnValue(event)
|
defer.returnValue(event)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def do_remotely_reject_invite(self, target_hosts, room_id, user_id):
|
||||||
|
origin, event = yield self._make_and_verify_event(
|
||||||
|
target_hosts,
|
||||||
|
room_id,
|
||||||
|
user_id,
|
||||||
|
"leave"
|
||||||
|
)
|
||||||
|
signed_event = self._sign_event(event)
|
||||||
|
|
||||||
|
# Try the host we successfully got a response to /make_join/
|
||||||
|
# request first.
|
||||||
|
try:
|
||||||
|
target_hosts.remove(origin)
|
||||||
|
target_hosts.insert(0, origin)
|
||||||
|
except ValueError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
yield self.replication_layer.send_leave(
|
||||||
|
target_hosts,
|
||||||
|
signed_event
|
||||||
|
)
|
||||||
|
defer.returnValue(None)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _make_and_verify_event(self, target_hosts, room_id, user_id, membership,
|
||||||
|
content={},):
|
||||||
|
origin, pdu = yield self.replication_layer.make_membership_event(
|
||||||
|
target_hosts,
|
||||||
|
room_id,
|
||||||
|
user_id,
|
||||||
|
membership,
|
||||||
|
content,
|
||||||
|
)
|
||||||
|
|
||||||
|
logger.debug("Got response to make_%s: %s", membership, pdu)
|
||||||
|
|
||||||
|
event = pdu
|
||||||
|
|
||||||
|
# We should assert some things.
|
||||||
|
# FIXME: Do this in a nicer way
|
||||||
|
assert(event.type == EventTypes.Member)
|
||||||
|
assert(event.user_id == user_id)
|
||||||
|
assert(event.state_key == user_id)
|
||||||
|
assert(event.room_id == room_id)
|
||||||
|
defer.returnValue((origin, event))
|
||||||
|
|
||||||
|
def _sign_event(self, event):
|
||||||
|
event.internal_metadata.outlier = False
|
||||||
|
|
||||||
|
builder = self.event_builder_factory.new(
|
||||||
|
unfreeze(event.get_pdu_json())
|
||||||
|
)
|
||||||
|
|
||||||
|
builder.event_id = self.event_builder_factory.create_event_id()
|
||||||
|
builder.origin = self.hs.hostname
|
||||||
|
|
||||||
|
if not hasattr(event, "signatures"):
|
||||||
|
builder.signatures = {}
|
||||||
|
|
||||||
|
add_hashes_and_signatures(
|
||||||
|
builder,
|
||||||
|
self.hs.hostname,
|
||||||
|
self.hs.config.signing_key[0],
|
||||||
|
)
|
||||||
|
|
||||||
|
return builder.build()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
@log_function
|
||||||
|
def on_make_leave_request(self, room_id, user_id):
|
||||||
|
""" We've received a /make_leave/ request, so we create a partial
|
||||||
|
join event for the room and return that. We do *not* persist or
|
||||||
|
process it until the other server has signed it and sent it back.
|
||||||
|
"""
|
||||||
|
builder = self.event_builder_factory.new({
|
||||||
|
"type": EventTypes.Member,
|
||||||
|
"content": {"membership": Membership.LEAVE},
|
||||||
|
"room_id": room_id,
|
||||||
|
"sender": user_id,
|
||||||
|
"state_key": user_id,
|
||||||
|
})
|
||||||
|
|
||||||
|
event, context = yield self._create_new_client_event(
|
||||||
|
builder=builder,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.auth.check(event, auth_events=context.current_state)
|
||||||
|
|
||||||
|
defer.returnValue(event)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
@log_function
|
||||||
|
def on_send_leave_request(self, origin, pdu):
|
||||||
|
""" We have received a leave event for a room. Fully process it."""
|
||||||
|
event = pdu
|
||||||
|
|
||||||
|
logger.debug(
|
||||||
|
"on_send_leave_request: Got event: %s, signatures: %s",
|
||||||
|
event.event_id,
|
||||||
|
event.signatures,
|
||||||
|
)
|
||||||
|
|
||||||
|
event.internal_metadata.outlier = False
|
||||||
|
|
||||||
|
context, event_stream_id, max_stream_id = yield self._handle_new_event(
|
||||||
|
origin, event
|
||||||
|
)
|
||||||
|
|
||||||
|
logger.debug(
|
||||||
|
"on_send_leave_request: After _handle_new_event: %s, sigs: %s",
|
||||||
|
event.event_id,
|
||||||
|
event.signatures,
|
||||||
|
)
|
||||||
|
|
||||||
|
extra_users = []
|
||||||
|
if event.type == EventTypes.Member:
|
||||||
|
target_user_id = event.state_key
|
||||||
|
target_user = UserID.from_string(target_user_id)
|
||||||
|
extra_users.append(target_user)
|
||||||
|
|
||||||
|
with PreserveLoggingContext():
|
||||||
|
d = self.notifier.on_new_room_event(
|
||||||
|
event, event_stream_id, max_stream_id, extra_users=extra_users
|
||||||
|
)
|
||||||
|
|
||||||
|
def log_failure(f):
|
||||||
|
logger.warn(
|
||||||
|
"Failed to notify about %s: %s",
|
||||||
|
event.event_id, f.value
|
||||||
|
)
|
||||||
|
|
||||||
|
d.addErrback(log_failure)
|
||||||
|
|
||||||
|
new_pdu = event
|
||||||
|
|
||||||
|
destinations = set()
|
||||||
|
|
||||||
|
for k, s in context.current_state.items():
|
||||||
|
try:
|
||||||
|
if k[0] == EventTypes.Member:
|
||||||
|
if s.content["membership"] == Membership.LEAVE:
|
||||||
|
destinations.add(
|
||||||
|
UserID.from_string(s.state_key).domain
|
||||||
|
)
|
||||||
|
except:
|
||||||
|
logger.warn(
|
||||||
|
"Failed to get destination from event %s", s.event_id
|
||||||
|
)
|
||||||
|
|
||||||
|
destinations.discard(origin)
|
||||||
|
|
||||||
|
logger.debug(
|
||||||
|
"on_send_leave_request: Sending event: %s, signatures: %s",
|
||||||
|
event.event_id,
|
||||||
|
event.signatures,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.replication_layer.send_pdu(new_pdu, destinations)
|
||||||
|
|
||||||
|
defer.returnValue(None)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_state_for_pdu(self, origin, room_id, event_id, do_auth=True):
|
def get_state_for_pdu(self, origin, room_id, event_id, do_auth=True):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
|
@ -986,8 +1100,6 @@ class FederationHandler(BaseHandler):
|
||||||
context = yield self._prep_event(
|
context = yield self._prep_event(
|
||||||
origin, event,
|
origin, event,
|
||||||
state=state,
|
state=state,
|
||||||
backfilled=backfilled,
|
|
||||||
current_state=current_state,
|
|
||||||
auth_events=auth_events,
|
auth_events=auth_events,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -1010,7 +1122,6 @@ class FederationHandler(BaseHandler):
|
||||||
origin,
|
origin,
|
||||||
ev_info["event"],
|
ev_info["event"],
|
||||||
state=ev_info.get("state"),
|
state=ev_info.get("state"),
|
||||||
backfilled=backfilled,
|
|
||||||
auth_events=ev_info.get("auth_events"),
|
auth_events=ev_info.get("auth_events"),
|
||||||
)
|
)
|
||||||
for ev_info in event_infos
|
for ev_info in event_infos
|
||||||
|
@ -1027,8 +1138,77 @@ class FederationHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _prep_event(self, origin, event, state=None, backfilled=False,
|
def _persist_auth_tree(self, auth_events, state, event):
|
||||||
current_state=None, auth_events=None):
|
"""Checks the auth chain is valid (and passes auth checks) for the
|
||||||
|
state and event. Then persists the auth chain and state atomically.
|
||||||
|
Persists the event seperately.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
2-tuple of (event_stream_id, max_stream_id) from the persist_event
|
||||||
|
call for `event`
|
||||||
|
"""
|
||||||
|
events_to_context = {}
|
||||||
|
for e in itertools.chain(auth_events, state):
|
||||||
|
ctx = yield self.state_handler.compute_event_context(
|
||||||
|
e, outlier=True,
|
||||||
|
)
|
||||||
|
events_to_context[e.event_id] = ctx
|
||||||
|
e.internal_metadata.outlier = True
|
||||||
|
|
||||||
|
event_map = {
|
||||||
|
e.event_id: e
|
||||||
|
for e in auth_events
|
||||||
|
}
|
||||||
|
|
||||||
|
create_event = None
|
||||||
|
for e in auth_events:
|
||||||
|
if (e.type, e.state_key) == (EventTypes.Create, ""):
|
||||||
|
create_event = e
|
||||||
|
break
|
||||||
|
|
||||||
|
for e in itertools.chain(auth_events, state, [event]):
|
||||||
|
auth_for_e = {
|
||||||
|
(event_map[e_id].type, event_map[e_id].state_key): event_map[e_id]
|
||||||
|
for e_id, _ in e.auth_events
|
||||||
|
}
|
||||||
|
if create_event:
|
||||||
|
auth_for_e[(EventTypes.Create, "")] = create_event
|
||||||
|
|
||||||
|
try:
|
||||||
|
self.auth.check(e, auth_events=auth_for_e)
|
||||||
|
except AuthError as err:
|
||||||
|
logger.warn(
|
||||||
|
"Rejecting %s because %s",
|
||||||
|
e.event_id, err.msg
|
||||||
|
)
|
||||||
|
|
||||||
|
if e == event:
|
||||||
|
raise
|
||||||
|
events_to_context[e.event_id].rejected = RejectedReason.AUTH_ERROR
|
||||||
|
|
||||||
|
yield self.store.persist_events(
|
||||||
|
[
|
||||||
|
(e, events_to_context[e.event_id])
|
||||||
|
for e in itertools.chain(auth_events, state)
|
||||||
|
],
|
||||||
|
is_new_state=False,
|
||||||
|
)
|
||||||
|
|
||||||
|
new_event_context = yield self.state_handler.compute_event_context(
|
||||||
|
event, old_state=state, outlier=False,
|
||||||
|
)
|
||||||
|
|
||||||
|
event_stream_id, max_stream_id = yield self.store.persist_event(
|
||||||
|
event, new_event_context,
|
||||||
|
backfilled=False,
|
||||||
|
is_new_state=True,
|
||||||
|
current_state=state,
|
||||||
|
)
|
||||||
|
|
||||||
|
defer.returnValue((event_stream_id, max_stream_id))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _prep_event(self, origin, event, state=None, auth_events=None):
|
||||||
outlier = event.internal_metadata.is_outlier()
|
outlier = event.internal_metadata.is_outlier()
|
||||||
|
|
||||||
context = yield self.state_handler.compute_event_context(
|
context = yield self.state_handler.compute_event_context(
|
||||||
|
@ -1061,6 +1241,10 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
context.rejected = RejectedReason.AUTH_ERROR
|
context.rejected = RejectedReason.AUTH_ERROR
|
||||||
|
|
||||||
|
if event.type == EventTypes.GuestAccess:
|
||||||
|
full_context = yield self.store.get_current_state(room_id=event.room_id)
|
||||||
|
yield self.maybe_kick_guest_users(event, full_context)
|
||||||
|
|
||||||
defer.returnValue(context)
|
defer.returnValue(context)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
|
@ -1166,7 +1350,7 @@ class FederationHandler(BaseHandler):
|
||||||
auth_ids = [e_id for e_id, _ in e.auth_events]
|
auth_ids = [e_id for e_id, _ in e.auth_events]
|
||||||
auth = {
|
auth = {
|
||||||
(e.type, e.state_key): e for e in remote_auth_chain
|
(e.type, e.state_key): e for e in remote_auth_chain
|
||||||
if e.event_id in auth_ids
|
if e.event_id in auth_ids or e.type == EventTypes.Create
|
||||||
}
|
}
|
||||||
e.internal_metadata.outlier = True
|
e.internal_metadata.outlier = True
|
||||||
|
|
||||||
|
@ -1284,6 +1468,7 @@ class FederationHandler(BaseHandler):
|
||||||
(e.type, e.state_key): e
|
(e.type, e.state_key): e
|
||||||
for e in result["auth_chain"]
|
for e in result["auth_chain"]
|
||||||
if e.event_id in auth_ids
|
if e.event_id in auth_ids
|
||||||
|
or event.type == EventTypes.Create
|
||||||
}
|
}
|
||||||
ev.internal_metadata.outlier = True
|
ev.internal_metadata.outlier = True
|
||||||
|
|
||||||
|
@ -1458,50 +1643,73 @@ class FederationHandler(BaseHandler):
|
||||||
})
|
})
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _handle_auth_events(self, origin, auth_events):
|
@log_function
|
||||||
auth_ids_to_deferred = {}
|
def exchange_third_party_invite(self, invite):
|
||||||
|
sender = invite["sender"]
|
||||||
|
room_id = invite["room_id"]
|
||||||
|
|
||||||
def process_auth_ev(ev):
|
event_dict = {
|
||||||
auth_ids = [e_id for e_id, _ in ev.auth_events]
|
"type": EventTypes.Member,
|
||||||
|
"content": {
|
||||||
|
"membership": Membership.INVITE,
|
||||||
|
"third_party_invite": invite,
|
||||||
|
},
|
||||||
|
"room_id": room_id,
|
||||||
|
"sender": sender,
|
||||||
|
"state_key": invite["mxid"],
|
||||||
|
}
|
||||||
|
|
||||||
prev_ds = [
|
if (yield self.auth.check_host_in_room(room_id, self.hs.hostname)):
|
||||||
auth_ids_to_deferred[i]
|
builder = self.event_builder_factory.new(event_dict)
|
||||||
for i in auth_ids
|
EventValidator().validate_new(builder)
|
||||||
if i in auth_ids_to_deferred
|
event, context = yield self._create_new_client_event(builder=builder)
|
||||||
]
|
self.auth.check(event, context.current_state)
|
||||||
|
yield self._validate_keyserver(event, auth_events=context.current_state)
|
||||||
|
member_handler = self.hs.get_handlers().room_member_handler
|
||||||
|
yield member_handler.change_membership(event, context)
|
||||||
|
else:
|
||||||
|
destinations = set([x.split(":", 1)[-1] for x in (sender, room_id)])
|
||||||
|
yield self.replication_layer.forward_third_party_invite(
|
||||||
|
destinations,
|
||||||
|
room_id,
|
||||||
|
event_dict,
|
||||||
|
)
|
||||||
|
|
||||||
d = defer.Deferred()
|
@defer.inlineCallbacks
|
||||||
|
@log_function
|
||||||
|
def on_exchange_third_party_invite_request(self, origin, room_id, event_dict):
|
||||||
|
builder = self.event_builder_factory.new(event_dict)
|
||||||
|
|
||||||
auth_ids_to_deferred[ev.event_id] = d
|
event, context = yield self._create_new_client_event(
|
||||||
|
builder=builder,
|
||||||
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
self.auth.check(event, auth_events=context.current_state)
|
||||||
def f(*_):
|
yield self._validate_keyserver(event, auth_events=context.current_state)
|
||||||
ev.internal_metadata.outlier = True
|
|
||||||
|
|
||||||
try:
|
returned_invite = yield self.send_invite(origin, event)
|
||||||
auth = {
|
# TODO: Make sure the signatures actually are correct.
|
||||||
(e.type, e.state_key): e for e in auth_events
|
event.signatures.update(returned_invite.signatures)
|
||||||
if e.event_id in auth_ids
|
member_handler = self.hs.get_handlers().room_member_handler
|
||||||
}
|
yield member_handler.change_membership(event, context)
|
||||||
|
|
||||||
yield self._handle_new_event(
|
@defer.inlineCallbacks
|
||||||
origin, ev, auth_events=auth
|
def _validate_keyserver(self, event, auth_events):
|
||||||
)
|
token = event.content["third_party_invite"]["signed"]["token"]
|
||||||
except:
|
|
||||||
logger.exception(
|
|
||||||
"Failed to handle auth event %s",
|
|
||||||
ev.event_id,
|
|
||||||
)
|
|
||||||
|
|
||||||
d.callback(None)
|
invite_event = auth_events.get(
|
||||||
|
(EventTypes.ThirdPartyInvite, token,)
|
||||||
|
)
|
||||||
|
|
||||||
if prev_ds:
|
try:
|
||||||
dx = defer.DeferredList(prev_ds)
|
response = yield self.hs.get_simple_http_client().get_json(
|
||||||
dx.addBoth(f)
|
invite_event.content["key_validity_url"],
|
||||||
else:
|
{"public_key": invite_event.content["public_key"]}
|
||||||
f()
|
)
|
||||||
|
except Exception:
|
||||||
for e in auth_events:
|
raise SynapseError(
|
||||||
process_auth_ev(e)
|
502,
|
||||||
|
"Third party certificate could not be checked"
|
||||||
yield defer.DeferredList(auth_ids_to_deferred.values())
|
)
|
||||||
|
if "valid" not in response or not response["valid"]:
|
||||||
|
raise AuthError(403, "Third party certificate was invalid")
|
||||||
|
|
|
@ -16,13 +16,13 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.api.constants import EventTypes, Membership
|
from synapse.api.constants import EventTypes, Membership
|
||||||
from synapse.api.errors import RoomError, SynapseError
|
from synapse.api.errors import SynapseError, AuthError, Codes
|
||||||
from synapse.streams.config import PaginationConfig
|
from synapse.streams.config import PaginationConfig
|
||||||
from synapse.events.utils import serialize_event
|
from synapse.events.utils import serialize_event
|
||||||
from synapse.events.validator import EventValidator
|
from synapse.events.validator import EventValidator
|
||||||
from synapse.util import unwrapFirstError
|
from synapse.util import unwrapFirstError
|
||||||
from synapse.util.logcontext import PreserveLoggingContext
|
from synapse.util.logcontext import PreserveLoggingContext
|
||||||
from synapse.types import UserID, RoomStreamToken
|
from synapse.types import UserID, RoomStreamToken, StreamToken
|
||||||
|
|
||||||
from ._base import BaseHandler
|
from ._base import BaseHandler
|
||||||
|
|
||||||
|
@ -71,34 +71,64 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_messages(self, user_id=None, room_id=None, pagin_config=None,
|
def get_messages(self, user_id=None, room_id=None, pagin_config=None,
|
||||||
feedback=False, as_client_event=True):
|
as_client_event=True, is_guest=False):
|
||||||
"""Get messages in a room.
|
"""Get messages in a room.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
user_id (str): The user requesting messages.
|
user_id (str): The user requesting messages.
|
||||||
room_id (str): The room they want messages from.
|
room_id (str): The room they want messages from.
|
||||||
pagin_config (synapse.api.streams.PaginationConfig): The pagination
|
pagin_config (synapse.api.streams.PaginationConfig): The pagination
|
||||||
config rules to apply, if any.
|
config rules to apply, if any.
|
||||||
feedback (bool): True to get compressed feedback with the messages
|
|
||||||
as_client_event (bool): True to get events in client-server format.
|
as_client_event (bool): True to get events in client-server format.
|
||||||
|
is_guest (bool): Whether the requesting user is a guest (as opposed
|
||||||
|
to a fully registered user).
|
||||||
Returns:
|
Returns:
|
||||||
dict: Pagination API results
|
dict: Pagination API results
|
||||||
"""
|
"""
|
||||||
yield self.auth.check_joined_room(room_id, user_id)
|
|
||||||
|
|
||||||
data_source = self.hs.get_event_sources().sources["room"]
|
data_source = self.hs.get_event_sources().sources["room"]
|
||||||
|
|
||||||
if not pagin_config.from_token:
|
if pagin_config.from_token:
|
||||||
|
room_token = pagin_config.from_token.room_key
|
||||||
|
else:
|
||||||
pagin_config.from_token = (
|
pagin_config.from_token = (
|
||||||
yield self.hs.get_event_sources().get_current_token(
|
yield self.hs.get_event_sources().get_current_token(
|
||||||
direction='b'
|
direction='b'
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
room_token = pagin_config.from_token.room_key
|
||||||
|
|
||||||
room_token = RoomStreamToken.parse(pagin_config.from_token.room_key)
|
room_token = RoomStreamToken.parse(room_token)
|
||||||
if room_token.topological is None:
|
if room_token.topological is None:
|
||||||
raise SynapseError(400, "Invalid token")
|
raise SynapseError(400, "Invalid token")
|
||||||
|
|
||||||
|
pagin_config.from_token = pagin_config.from_token.copy_and_replace(
|
||||||
|
"room_key", str(room_token)
|
||||||
|
)
|
||||||
|
|
||||||
|
source_config = pagin_config.get_source_config("room")
|
||||||
|
|
||||||
|
if not is_guest:
|
||||||
|
member_event = yield self.auth.check_user_was_in_room(room_id, user_id)
|
||||||
|
if member_event.membership == Membership.LEAVE:
|
||||||
|
# If they have left the room then clamp the token to be before
|
||||||
|
# they left the room.
|
||||||
|
# If they're a guest, we'll just 403 them if they're asking for
|
||||||
|
# events they can't see.
|
||||||
|
leave_token = yield self.store.get_topological_token_for_event(
|
||||||
|
member_event.event_id
|
||||||
|
)
|
||||||
|
leave_token = RoomStreamToken.parse(leave_token)
|
||||||
|
if leave_token.topological < room_token.topological:
|
||||||
|
source_config.from_key = str(leave_token)
|
||||||
|
|
||||||
|
if source_config.direction == "f":
|
||||||
|
if source_config.to_key is None:
|
||||||
|
source_config.to_key = str(leave_token)
|
||||||
|
else:
|
||||||
|
to_token = RoomStreamToken.parse(source_config.to_key)
|
||||||
|
if leave_token.topological < to_token.topological:
|
||||||
|
source_config.to_key = str(leave_token)
|
||||||
|
|
||||||
yield self.hs.get_handlers().federation_handler.maybe_backfill(
|
yield self.hs.get_handlers().federation_handler.maybe_backfill(
|
||||||
room_id, room_token.topological
|
room_id, room_token.topological
|
||||||
)
|
)
|
||||||
|
@ -106,7 +136,7 @@ class MessageHandler(BaseHandler):
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
events, next_key = yield data_source.get_pagination_rows(
|
events, next_key = yield data_source.get_pagination_rows(
|
||||||
user, pagin_config.get_source_config("room"), room_id
|
user, source_config, room_id
|
||||||
)
|
)
|
||||||
|
|
||||||
next_token = pagin_config.from_token.copy_and_replace(
|
next_token = pagin_config.from_token.copy_and_replace(
|
||||||
|
@ -120,7 +150,7 @@ class MessageHandler(BaseHandler):
|
||||||
"end": next_token.to_string(),
|
"end": next_token.to_string(),
|
||||||
})
|
})
|
||||||
|
|
||||||
events = yield self._filter_events_for_client(user_id, room_id, events)
|
events = yield self._filter_events_for_client(user_id, events, is_guest=is_guest)
|
||||||
|
|
||||||
time_now = self.clock.time_msec()
|
time_now = self.clock.time_msec()
|
||||||
|
|
||||||
|
@ -135,55 +165,9 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
defer.returnValue(chunk)
|
defer.returnValue(chunk)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def _filter_events_for_client(self, user_id, room_id, events):
|
|
||||||
event_id_to_state = yield self.store.get_state_for_events(
|
|
||||||
room_id, frozenset(e.event_id for e in events),
|
|
||||||
types=(
|
|
||||||
(EventTypes.RoomHistoryVisibility, ""),
|
|
||||||
(EventTypes.Member, user_id),
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
def allowed(event, state):
|
|
||||||
if event.type == EventTypes.RoomHistoryVisibility:
|
|
||||||
return True
|
|
||||||
|
|
||||||
membership_ev = state.get((EventTypes.Member, user_id), None)
|
|
||||||
if membership_ev:
|
|
||||||
membership = membership_ev.membership
|
|
||||||
else:
|
|
||||||
membership = Membership.LEAVE
|
|
||||||
|
|
||||||
if membership == Membership.JOIN:
|
|
||||||
return True
|
|
||||||
|
|
||||||
history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
|
|
||||||
if history:
|
|
||||||
visibility = history.content.get("history_visibility", "shared")
|
|
||||||
else:
|
|
||||||
visibility = "shared"
|
|
||||||
|
|
||||||
if visibility == "public":
|
|
||||||
return True
|
|
||||||
elif visibility == "shared":
|
|
||||||
return True
|
|
||||||
elif visibility == "joined":
|
|
||||||
return membership == Membership.JOIN
|
|
||||||
elif visibility == "invited":
|
|
||||||
return membership == Membership.INVITE
|
|
||||||
|
|
||||||
return True
|
|
||||||
|
|
||||||
defer.returnValue([
|
|
||||||
event
|
|
||||||
for event in events
|
|
||||||
if allowed(event, event_id_to_state[event.event_id])
|
|
||||||
])
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def create_and_send_event(self, event_dict, ratelimit=True,
|
def create_and_send_event(self, event_dict, ratelimit=True,
|
||||||
client=None, txn_id=None):
|
token_id=None, txn_id=None, is_guest=False):
|
||||||
""" Given a dict from a client, create and handle a new event.
|
""" Given a dict from a client, create and handle a new event.
|
||||||
|
|
||||||
Creates an FrozenEvent object, filling out auth_events, prev_events,
|
Creates an FrozenEvent object, filling out auth_events, prev_events,
|
||||||
|
@ -217,11 +201,8 @@ class MessageHandler(BaseHandler):
|
||||||
builder.content
|
builder.content
|
||||||
)
|
)
|
||||||
|
|
||||||
if client is not None:
|
if token_id is not None:
|
||||||
if client.token_id is not None:
|
builder.internal_metadata.token_id = token_id
|
||||||
builder.internal_metadata.token_id = client.token_id
|
|
||||||
if client.device_id is not None:
|
|
||||||
builder.internal_metadata.device_id = client.device_id
|
|
||||||
|
|
||||||
if txn_id is not None:
|
if txn_id is not None:
|
||||||
builder.internal_metadata.txn_id = txn_id
|
builder.internal_metadata.txn_id = txn_id
|
||||||
|
@ -232,7 +213,7 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
if event.type == EventTypes.Member:
|
if event.type == EventTypes.Member:
|
||||||
member_handler = self.hs.get_handlers().room_member_handler
|
member_handler = self.hs.get_handlers().room_member_handler
|
||||||
yield member_handler.change_membership(event, context)
|
yield member_handler.change_membership(event, context, is_guest=is_guest)
|
||||||
else:
|
else:
|
||||||
yield self.handle_new_client_event(
|
yield self.handle_new_client_event(
|
||||||
event=event,
|
event=event,
|
||||||
|
@ -248,7 +229,7 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_room_data(self, user_id=None, room_id=None,
|
def get_room_data(self, user_id=None, room_id=None,
|
||||||
event_type=None, state_key=""):
|
event_type=None, state_key="", is_guest=False):
|
||||||
""" Get data from a room.
|
""" Get data from a room.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
|
@ -258,29 +239,55 @@ class MessageHandler(BaseHandler):
|
||||||
Raises:
|
Raises:
|
||||||
SynapseError if something went wrong.
|
SynapseError if something went wrong.
|
||||||
"""
|
"""
|
||||||
have_joined = yield self.auth.check_joined_room(room_id, user_id)
|
membership, membership_event_id = yield self._check_in_room_or_world_readable(
|
||||||
if not have_joined:
|
room_id, user_id, is_guest
|
||||||
raise RoomError(403, "User not in room.")
|
|
||||||
|
|
||||||
data = yield self.state_handler.get_current_state(
|
|
||||||
room_id, event_type, state_key
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if membership == Membership.JOIN:
|
||||||
|
data = yield self.state_handler.get_current_state(
|
||||||
|
room_id, event_type, state_key
|
||||||
|
)
|
||||||
|
elif membership == Membership.LEAVE:
|
||||||
|
key = (event_type, state_key)
|
||||||
|
room_state = yield self.store.get_state_for_events(
|
||||||
|
[membership_event_id], [key]
|
||||||
|
)
|
||||||
|
data = room_state[membership_event_id].get(key)
|
||||||
|
|
||||||
defer.returnValue(data)
|
defer.returnValue(data)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_feedback(self, event_id):
|
def _check_in_room_or_world_readable(self, room_id, user_id, is_guest):
|
||||||
# yield self.auth.check_joined_room(room_id, user_id)
|
try:
|
||||||
|
# check_user_was_in_room will return the most recent membership
|
||||||
# Pull out the feedback from the db
|
# event for the user if:
|
||||||
fb = yield self.store.get_feedback(event_id)
|
# * The user is a non-guest user, and was ever in the room
|
||||||
|
# * The user is a guest user, and has joined the room
|
||||||
if fb:
|
# else it will throw.
|
||||||
defer.returnValue(fb)
|
member_event = yield self.auth.check_user_was_in_room(room_id, user_id)
|
||||||
defer.returnValue(None)
|
defer.returnValue((member_event.membership, member_event.event_id))
|
||||||
|
return
|
||||||
|
except AuthError, auth_error:
|
||||||
|
visibility = yield self.state_handler.get_current_state(
|
||||||
|
room_id, EventTypes.RoomHistoryVisibility, ""
|
||||||
|
)
|
||||||
|
if (
|
||||||
|
visibility and
|
||||||
|
visibility.content["history_visibility"] == "world_readable"
|
||||||
|
):
|
||||||
|
defer.returnValue((Membership.JOIN, None))
|
||||||
|
return
|
||||||
|
if not is_guest:
|
||||||
|
raise auth_error
|
||||||
|
raise AuthError(
|
||||||
|
403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
|
||||||
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_state_events(self, user_id, room_id):
|
def get_state_events(self, user_id, room_id, is_guest=False):
|
||||||
"""Retrieve all state events for a given room.
|
"""Retrieve all state events for a given room. If the user is
|
||||||
|
joined to the room then return the current state. If the user has
|
||||||
|
left the room return the state events from when they left.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
user_id(str): The user requesting state events.
|
user_id(str): The user requesting state events.
|
||||||
|
@ -288,18 +295,26 @@ class MessageHandler(BaseHandler):
|
||||||
Returns:
|
Returns:
|
||||||
A list of dicts representing state events. [{}, {}, {}]
|
A list of dicts representing state events. [{}, {}, {}]
|
||||||
"""
|
"""
|
||||||
yield self.auth.check_joined_room(room_id, user_id)
|
membership, membership_event_id = yield self._check_in_room_or_world_readable(
|
||||||
|
room_id, user_id, is_guest
|
||||||
|
)
|
||||||
|
|
||||||
|
if membership == Membership.JOIN:
|
||||||
|
room_state = yield self.state_handler.get_current_state(room_id)
|
||||||
|
elif membership == Membership.LEAVE:
|
||||||
|
room_state = yield self.store.get_state_for_events(
|
||||||
|
[membership_event_id], None
|
||||||
|
)
|
||||||
|
room_state = room_state[membership_event_id]
|
||||||
|
|
||||||
# TODO: This is duplicating logic from snapshot_all_rooms
|
|
||||||
current_state = yield self.state_handler.get_current_state(room_id)
|
|
||||||
now = self.clock.time_msec()
|
now = self.clock.time_msec()
|
||||||
defer.returnValue(
|
defer.returnValue(
|
||||||
[serialize_event(c, now) for c in current_state.values()]
|
[serialize_event(c, now) for c in room_state.values()]
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def snapshot_all_rooms(self, user_id=None, pagin_config=None,
|
def snapshot_all_rooms(self, user_id=None, pagin_config=None,
|
||||||
feedback=False, as_client_event=True):
|
as_client_event=True, include_archived=False):
|
||||||
"""Retrieve a snapshot of all rooms the user is invited or has joined.
|
"""Retrieve a snapshot of all rooms the user is invited or has joined.
|
||||||
|
|
||||||
This snapshot may include messages for all rooms where the user is
|
This snapshot may include messages for all rooms where the user is
|
||||||
|
@ -309,17 +324,20 @@ class MessageHandler(BaseHandler):
|
||||||
user_id (str): The ID of the user making the request.
|
user_id (str): The ID of the user making the request.
|
||||||
pagin_config (synapse.api.streams.PaginationConfig): The pagination
|
pagin_config (synapse.api.streams.PaginationConfig): The pagination
|
||||||
config used to determine how many messages *PER ROOM* to return.
|
config used to determine how many messages *PER ROOM* to return.
|
||||||
feedback (bool): True to get feedback along with these messages.
|
|
||||||
as_client_event (bool): True to get events in client-server format.
|
as_client_event (bool): True to get events in client-server format.
|
||||||
|
include_archived (bool): True to get rooms that the user has left
|
||||||
Returns:
|
Returns:
|
||||||
A list of dicts with "room_id" and "membership" keys for all rooms
|
A list of dicts with "room_id" and "membership" keys for all rooms
|
||||||
the user is currently invited or joined in on. Rooms where the user
|
the user is currently invited or joined in on. Rooms where the user
|
||||||
is joined on, may return a "messages" key with messages, depending
|
is joined on, may return a "messages" key with messages, depending
|
||||||
on the specified PaginationConfig.
|
on the specified PaginationConfig.
|
||||||
"""
|
"""
|
||||||
|
memberships = [Membership.INVITE, Membership.JOIN]
|
||||||
|
if include_archived:
|
||||||
|
memberships.append(Membership.LEAVE)
|
||||||
|
|
||||||
room_list = yield self.store.get_rooms_for_user_where_membership_is(
|
room_list = yield self.store.get_rooms_for_user_where_membership_is(
|
||||||
user_id=user_id,
|
user_id=user_id, membership_list=memberships
|
||||||
membership_list=[Membership.INVITE, Membership.JOIN]
|
|
||||||
)
|
)
|
||||||
|
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
@ -339,6 +357,8 @@ class MessageHandler(BaseHandler):
|
||||||
user, pagination_config.get_source_config("receipt"), None
|
user, pagination_config.get_source_config("receipt"), None
|
||||||
)
|
)
|
||||||
|
|
||||||
|
tags_by_room = yield self.store.get_tags_for_user(user_id)
|
||||||
|
|
||||||
public_room_ids = yield self.store.get_public_room_ids()
|
public_room_ids = yield self.store.get_public_room_ids()
|
||||||
|
|
||||||
limit = pagin_config.limit
|
limit = pagin_config.limit
|
||||||
|
@ -357,28 +377,45 @@ class MessageHandler(BaseHandler):
|
||||||
}
|
}
|
||||||
|
|
||||||
if event.membership == Membership.INVITE:
|
if event.membership == Membership.INVITE:
|
||||||
|
time_now = self.clock.time_msec()
|
||||||
d["inviter"] = event.sender
|
d["inviter"] = event.sender
|
||||||
|
|
||||||
|
invite_event = yield self.store.get_event(event.event_id)
|
||||||
|
d["invite"] = serialize_event(invite_event, time_now, as_client_event)
|
||||||
|
|
||||||
rooms_ret.append(d)
|
rooms_ret.append(d)
|
||||||
|
|
||||||
if event.membership != Membership.JOIN:
|
if event.membership not in (Membership.JOIN, Membership.LEAVE):
|
||||||
return
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
if event.membership == Membership.JOIN:
|
||||||
|
room_end_token = now_token.room_key
|
||||||
|
deferred_room_state = self.state_handler.get_current_state(
|
||||||
|
event.room_id
|
||||||
|
)
|
||||||
|
elif event.membership == Membership.LEAVE:
|
||||||
|
room_end_token = "s%d" % (event.stream_ordering,)
|
||||||
|
deferred_room_state = self.store.get_state_for_events(
|
||||||
|
[event.event_id], None
|
||||||
|
)
|
||||||
|
deferred_room_state.addCallback(
|
||||||
|
lambda states: states[event.event_id]
|
||||||
|
)
|
||||||
|
|
||||||
(messages, token), current_state = yield defer.gatherResults(
|
(messages, token), current_state = yield defer.gatherResults(
|
||||||
[
|
[
|
||||||
self.store.get_recent_events_for_room(
|
self.store.get_recent_events_for_room(
|
||||||
event.room_id,
|
event.room_id,
|
||||||
limit=limit,
|
limit=limit,
|
||||||
end_token=now_token.room_key,
|
end_token=room_end_token,
|
||||||
),
|
|
||||||
self.state_handler.get_current_state(
|
|
||||||
event.room_id
|
|
||||||
),
|
),
|
||||||
|
deferred_room_state,
|
||||||
]
|
]
|
||||||
).addErrback(unwrapFirstError)
|
).addErrback(unwrapFirstError)
|
||||||
|
|
||||||
messages = yield self._filter_events_for_client(
|
messages = yield self._filter_events_for_client(
|
||||||
user_id, event.room_id, messages
|
user_id, messages
|
||||||
)
|
)
|
||||||
|
|
||||||
start_token = now_token.copy_and_replace("room_key", token[0])
|
start_token = now_token.copy_and_replace("room_key", token[0])
|
||||||
|
@ -398,6 +435,15 @@ class MessageHandler(BaseHandler):
|
||||||
serialize_event(c, time_now, as_client_event)
|
serialize_event(c, time_now, as_client_event)
|
||||||
for c in current_state.values()
|
for c in current_state.values()
|
||||||
]
|
]
|
||||||
|
|
||||||
|
private_user_data = []
|
||||||
|
tags = tags_by_room.get(event.room_id)
|
||||||
|
if tags:
|
||||||
|
private_user_data.append({
|
||||||
|
"type": "m.tag",
|
||||||
|
"content": {"tags": tags},
|
||||||
|
})
|
||||||
|
d["private_user_data"] = private_user_data
|
||||||
except:
|
except:
|
||||||
logger.exception("Failed to get snapshot")
|
logger.exception("Failed to get snapshot")
|
||||||
|
|
||||||
|
@ -420,15 +466,99 @@ class MessageHandler(BaseHandler):
|
||||||
defer.returnValue(ret)
|
defer.returnValue(ret)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def room_initial_sync(self, user_id, room_id, pagin_config=None,
|
def room_initial_sync(self, user_id, room_id, pagin_config=None, is_guest=False):
|
||||||
feedback=False):
|
"""Capture the a snapshot of a room. If user is currently a member of
|
||||||
current_state = yield self.state.get_current_state(
|
the room this will be what is currently in the room. If the user left
|
||||||
room_id=room_id,
|
the room this will be what was in the room when they left.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user_id(str): The user to get a snapshot for.
|
||||||
|
room_id(str): The room to get a snapshot of.
|
||||||
|
pagin_config(synapse.streams.config.PaginationConfig):
|
||||||
|
The pagination config used to determine how many messages to
|
||||||
|
return.
|
||||||
|
Raises:
|
||||||
|
AuthError if the user wasn't in the room.
|
||||||
|
Returns:
|
||||||
|
A JSON serialisable dict with the snapshot of the room.
|
||||||
|
"""
|
||||||
|
|
||||||
|
membership, member_event_id = yield self._check_in_room_or_world_readable(
|
||||||
|
room_id,
|
||||||
|
user_id,
|
||||||
|
is_guest
|
||||||
)
|
)
|
||||||
|
|
||||||
yield self.auth.check_joined_room(
|
if membership == Membership.JOIN:
|
||||||
room_id, user_id,
|
result = yield self._room_initial_sync_joined(
|
||||||
current_state=current_state
|
user_id, room_id, pagin_config, membership, is_guest
|
||||||
|
)
|
||||||
|
elif membership == Membership.LEAVE:
|
||||||
|
result = yield self._room_initial_sync_parted(
|
||||||
|
user_id, room_id, pagin_config, membership, member_event_id, is_guest
|
||||||
|
)
|
||||||
|
|
||||||
|
private_user_data = []
|
||||||
|
tags = yield self.store.get_tags_for_room(user_id, room_id)
|
||||||
|
if tags:
|
||||||
|
private_user_data.append({
|
||||||
|
"type": "m.tag",
|
||||||
|
"content": {"tags": tags},
|
||||||
|
})
|
||||||
|
result["private_user_data"] = private_user_data
|
||||||
|
|
||||||
|
defer.returnValue(result)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _room_initial_sync_parted(self, user_id, room_id, pagin_config,
|
||||||
|
membership, member_event_id, is_guest):
|
||||||
|
room_state = yield self.store.get_state_for_events(
|
||||||
|
[member_event_id], None
|
||||||
|
)
|
||||||
|
|
||||||
|
room_state = room_state[member_event_id]
|
||||||
|
|
||||||
|
limit = pagin_config.limit if pagin_config else None
|
||||||
|
if limit is None:
|
||||||
|
limit = 10
|
||||||
|
|
||||||
|
stream_token = yield self.store.get_stream_token_for_event(
|
||||||
|
member_event_id
|
||||||
|
)
|
||||||
|
|
||||||
|
messages, token = yield self.store.get_recent_events_for_room(
|
||||||
|
room_id,
|
||||||
|
limit=limit,
|
||||||
|
end_token=stream_token
|
||||||
|
)
|
||||||
|
|
||||||
|
messages = yield self._filter_events_for_client(
|
||||||
|
user_id, messages, is_guest=is_guest
|
||||||
|
)
|
||||||
|
|
||||||
|
start_token = StreamToken(token[0], 0, 0, 0, 0)
|
||||||
|
end_token = StreamToken(token[1], 0, 0, 0, 0)
|
||||||
|
|
||||||
|
time_now = self.clock.time_msec()
|
||||||
|
|
||||||
|
defer.returnValue({
|
||||||
|
"membership": membership,
|
||||||
|
"room_id": room_id,
|
||||||
|
"messages": {
|
||||||
|
"chunk": [serialize_event(m, time_now) for m in messages],
|
||||||
|
"start": start_token.to_string(),
|
||||||
|
"end": end_token.to_string(),
|
||||||
|
},
|
||||||
|
"state": [serialize_event(s, time_now) for s in room_state.values()],
|
||||||
|
"presence": [],
|
||||||
|
"receipts": [],
|
||||||
|
})
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _room_initial_sync_joined(self, user_id, room_id, pagin_config,
|
||||||
|
membership, is_guest):
|
||||||
|
current_state = yield self.state.get_current_state(
|
||||||
|
room_id=room_id,
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO(paul): I wish I was called with user objects not user_id
|
# TODO(paul): I wish I was called with user objects not user_id
|
||||||
|
@ -442,8 +572,6 @@ class MessageHandler(BaseHandler):
|
||||||
for x in current_state.values()
|
for x in current_state.values()
|
||||||
]
|
]
|
||||||
|
|
||||||
member_event = current_state.get((EventTypes.Member, user_id,))
|
|
||||||
|
|
||||||
now_token = yield self.hs.get_event_sources().get_current_token()
|
now_token = yield self.hs.get_event_sources().get_current_token()
|
||||||
|
|
||||||
limit = pagin_config.limit if pagin_config else None
|
limit = pagin_config.limit if pagin_config else None
|
||||||
|
@ -460,12 +588,14 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_presence():
|
def get_presence():
|
||||||
states = yield presence_handler.get_states(
|
states = {}
|
||||||
target_users=[UserID.from_string(m.user_id) for m in room_members],
|
if not is_guest:
|
||||||
auth_user=auth_user,
|
states = yield presence_handler.get_states(
|
||||||
as_event=True,
|
target_users=[UserID.from_string(m.user_id) for m in room_members],
|
||||||
check_auth=False,
|
auth_user=auth_user,
|
||||||
)
|
as_event=True,
|
||||||
|
check_auth=False,
|
||||||
|
)
|
||||||
|
|
||||||
defer.returnValue(states.values())
|
defer.returnValue(states.values())
|
||||||
|
|
||||||
|
@ -485,7 +615,7 @@ class MessageHandler(BaseHandler):
|
||||||
).addErrback(unwrapFirstError)
|
).addErrback(unwrapFirstError)
|
||||||
|
|
||||||
messages = yield self._filter_events_for_client(
|
messages = yield self._filter_events_for_client(
|
||||||
user_id, room_id, messages
|
user_id, messages, is_guest=is_guest, require_all_visible_for_guests=False
|
||||||
)
|
)
|
||||||
|
|
||||||
start_token = now_token.copy_and_replace("room_key", token[0])
|
start_token = now_token.copy_and_replace("room_key", token[0])
|
||||||
|
@ -493,8 +623,7 @@ class MessageHandler(BaseHandler):
|
||||||
|
|
||||||
time_now = self.clock.time_msec()
|
time_now = self.clock.time_msec()
|
||||||
|
|
||||||
defer.returnValue({
|
ret = {
|
||||||
"membership": member_event.membership,
|
|
||||||
"room_id": room_id,
|
"room_id": room_id,
|
||||||
"messages": {
|
"messages": {
|
||||||
"chunk": [serialize_event(m, time_now) for m in messages],
|
"chunk": [serialize_event(m, time_now) for m in messages],
|
||||||
|
@ -504,4 +633,8 @@ class MessageHandler(BaseHandler):
|
||||||
"state": state,
|
"state": state,
|
||||||
"presence": presence,
|
"presence": presence,
|
||||||
"receipts": receipts,
|
"receipts": receipts,
|
||||||
})
|
}
|
||||||
|
if not is_guest:
|
||||||
|
ret["membership"] = membership
|
||||||
|
|
||||||
|
defer.returnValue(ret)
|
||||||
|
|
|
@ -378,7 +378,7 @@ class PresenceHandler(BaseHandler):
|
||||||
|
|
||||||
# TODO(paul): perform a presence push as part of start/stop poll so
|
# TODO(paul): perform a presence push as part of start/stop poll so
|
||||||
# we don't have to do this all the time
|
# we don't have to do this all the time
|
||||||
self.changed_presencelike_data(target_user, state)
|
yield self.changed_presencelike_data(target_user, state)
|
||||||
|
|
||||||
def bump_presence_active_time(self, user, now=None):
|
def bump_presence_active_time(self, user, now=None):
|
||||||
if now is None:
|
if now is None:
|
||||||
|
@ -422,12 +422,12 @@ class PresenceHandler(BaseHandler):
|
||||||
@log_function
|
@log_function
|
||||||
def started_user_eventstream(self, user):
|
def started_user_eventstream(self, user):
|
||||||
# TODO(paul): Use "last online" state
|
# TODO(paul): Use "last online" state
|
||||||
self.set_state(user, user, {"presence": PresenceState.ONLINE})
|
return self.set_state(user, user, {"presence": PresenceState.ONLINE})
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
def stopped_user_eventstream(self, user):
|
def stopped_user_eventstream(self, user):
|
||||||
# TODO(paul): Save current state as "last online" state
|
# TODO(paul): Save current state as "last online" state
|
||||||
self.set_state(user, user, {"presence": PresenceState.OFFLINE})
|
return self.set_state(user, user, {"presence": PresenceState.OFFLINE})
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def user_joined_room(self, user, room_id):
|
def user_joined_room(self, user, room_id):
|
||||||
|
@ -950,7 +950,8 @@ class PresenceHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
while len(self._remote_offline_serials) > MAX_OFFLINE_SERIALS:
|
while len(self._remote_offline_serials) > MAX_OFFLINE_SERIALS:
|
||||||
self._remote_offline_serials.pop() # remove the oldest
|
self._remote_offline_serials.pop() # remove the oldest
|
||||||
del self._user_cachemap[user]
|
if user in self._user_cachemap:
|
||||||
|
del self._user_cachemap[user]
|
||||||
else:
|
else:
|
||||||
# Remove the user from remote_offline_serials now that they're
|
# Remove the user from remote_offline_serials now that they're
|
||||||
# no longer offline
|
# no longer offline
|
||||||
|
@ -1142,8 +1143,9 @@ class PresenceEventSource(object):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
@log_function
|
@log_function
|
||||||
def get_new_events_for_user(self, user, from_key, limit):
|
def get_new_events(self, user, from_key, room_ids=None, **kwargs):
|
||||||
from_key = int(from_key)
|
from_key = int(from_key)
|
||||||
|
room_ids = room_ids or []
|
||||||
|
|
||||||
presence = self.hs.get_handlers().presence_handler
|
presence = self.hs.get_handlers().presence_handler
|
||||||
cachemap = presence._user_cachemap
|
cachemap = presence._user_cachemap
|
||||||
|
@ -1161,7 +1163,6 @@ class PresenceEventSource(object):
|
||||||
user_ids_to_check |= set(
|
user_ids_to_check |= set(
|
||||||
UserID.from_string(p["observed_user_id"]) for p in presence_list
|
UserID.from_string(p["observed_user_id"]) for p in presence_list
|
||||||
)
|
)
|
||||||
room_ids = yield presence.get_joined_rooms_for_user(user)
|
|
||||||
for room_id in set(room_ids) & set(presence._room_serials):
|
for room_id in set(room_ids) & set(presence._room_serials):
|
||||||
if presence._room_serials[room_id] > from_key:
|
if presence._room_serials[room_id] > from_key:
|
||||||
joined = yield presence.get_joined_users_for_room_id(room_id)
|
joined = yield presence.get_joined_users_for_room_id(room_id)
|
||||||
|
@ -1263,6 +1264,11 @@ class UserPresenceCache(object):
|
||||||
self.state = {"presence": PresenceState.OFFLINE}
|
self.state = {"presence": PresenceState.OFFLINE}
|
||||||
self.serial = None
|
self.serial = None
|
||||||
|
|
||||||
|
def __repr__(self):
|
||||||
|
return "UserPresenceCache(state=%r, serial=%r)" % (
|
||||||
|
self.state, self.serial
|
||||||
|
)
|
||||||
|
|
||||||
def update(self, state, serial):
|
def update(self, state, serial):
|
||||||
assert("mtime_age" not in state)
|
assert("mtime_age" not in state)
|
||||||
|
|
||||||
|
|
46
synapse/handlers/private_user_data.py
Normal file
46
synapse/handlers/private_user_data.py
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
|
||||||
|
class PrivateUserDataEventSource(object):
|
||||||
|
def __init__(self, hs):
|
||||||
|
self.store = hs.get_datastore()
|
||||||
|
|
||||||
|
def get_current_key(self, direction='f'):
|
||||||
|
return self.store.get_max_private_user_data_stream_id()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_new_events(self, user, from_key, **kwargs):
|
||||||
|
user_id = user.to_string()
|
||||||
|
last_stream_id = from_key
|
||||||
|
|
||||||
|
current_stream_id = yield self.store.get_max_private_user_data_stream_id()
|
||||||
|
tags = yield self.store.get_updated_tags(user_id, last_stream_id)
|
||||||
|
|
||||||
|
results = []
|
||||||
|
for room_id, room_tags in tags.items():
|
||||||
|
results.append({
|
||||||
|
"type": "m.tag",
|
||||||
|
"content": {"tags": room_tags},
|
||||||
|
"room_id": room_id,
|
||||||
|
})
|
||||||
|
|
||||||
|
defer.returnValue((results, current_stream_id))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_pagination_rows(self, user, config, key):
|
||||||
|
defer.returnValue(([], config.to_id))
|
|
@ -156,13 +156,7 @@ class ReceiptsHandler(BaseHandler):
|
||||||
if not result:
|
if not result:
|
||||||
defer.returnValue([])
|
defer.returnValue([])
|
||||||
|
|
||||||
event = {
|
defer.returnValue(result)
|
||||||
"type": "m.receipt",
|
|
||||||
"room_id": room_id,
|
|
||||||
"content": result,
|
|
||||||
}
|
|
||||||
|
|
||||||
defer.returnValue([event])
|
|
||||||
|
|
||||||
|
|
||||||
class ReceiptEventSource(object):
|
class ReceiptEventSource(object):
|
||||||
|
@ -170,17 +164,15 @@ class ReceiptEventSource(object):
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_new_events_for_user(self, user, from_key, limit):
|
def get_new_events(self, from_key, room_ids, **kwargs):
|
||||||
from_key = int(from_key)
|
from_key = int(from_key)
|
||||||
to_key = yield self.get_current_key()
|
to_key = yield self.get_current_key()
|
||||||
|
|
||||||
if from_key == to_key:
|
if from_key == to_key:
|
||||||
defer.returnValue(([], to_key))
|
defer.returnValue(([], to_key))
|
||||||
|
|
||||||
rooms = yield self.store.get_rooms_for_user(user.to_string())
|
|
||||||
rooms = [room.room_id for room in rooms]
|
|
||||||
events = yield self.store.get_linearized_receipts_for_rooms(
|
events = yield self.store.get_linearized_receipts_for_rooms(
|
||||||
rooms,
|
room_ids,
|
||||||
from_key=from_key,
|
from_key=from_key,
|
||||||
to_key=to_key,
|
to_key=to_key,
|
||||||
)
|
)
|
||||||
|
|
|
@ -25,8 +25,6 @@ import synapse.util.stringutils as stringutils
|
||||||
from synapse.util.async import run_on_reactor
|
from synapse.util.async import run_on_reactor
|
||||||
from synapse.http.client import CaptchaServerHttpClient
|
from synapse.http.client import CaptchaServerHttpClient
|
||||||
|
|
||||||
import base64
|
|
||||||
import bcrypt
|
|
||||||
import logging
|
import logging
|
||||||
import urllib
|
import urllib
|
||||||
|
|
||||||
|
@ -66,7 +64,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def register(self, localpart=None, password=None):
|
def register(self, localpart=None, password=None, generate_token=True):
|
||||||
"""Registers a new client on the server.
|
"""Registers a new client on the server.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
|
@ -83,7 +81,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
password_hash = None
|
password_hash = None
|
||||||
if password:
|
if password:
|
||||||
password_hash = bcrypt.hashpw(password, bcrypt.gensalt())
|
password_hash = self.auth_handler().hash(password)
|
||||||
|
|
||||||
if localpart:
|
if localpart:
|
||||||
yield self.check_username(localpart)
|
yield self.check_username(localpart)
|
||||||
|
@ -91,7 +89,9 @@ class RegistrationHandler(BaseHandler):
|
||||||
user = UserID(localpart, self.hs.hostname)
|
user = UserID(localpart, self.hs.hostname)
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
|
|
||||||
token = self.generate_token(user_id)
|
token = None
|
||||||
|
if generate_token:
|
||||||
|
token = self.auth_handler().generate_access_token(user_id)
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
token=token,
|
token=token,
|
||||||
|
@ -104,14 +104,14 @@ class RegistrationHandler(BaseHandler):
|
||||||
attempts = 0
|
attempts = 0
|
||||||
user_id = None
|
user_id = None
|
||||||
token = None
|
token = None
|
||||||
while not user_id and not token:
|
while not user_id:
|
||||||
try:
|
try:
|
||||||
localpart = self._generate_user_id()
|
localpart = self._generate_user_id()
|
||||||
user = UserID(localpart, self.hs.hostname)
|
user = UserID(localpart, self.hs.hostname)
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
yield self.check_user_id_is_valid(user_id)
|
yield self.check_user_id_is_valid(user_id)
|
||||||
|
if generate_token:
|
||||||
token = self.generate_token(user_id)
|
token = self.auth_handler().generate_access_token(user_id)
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
token=token,
|
token=token,
|
||||||
|
@ -161,7 +161,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
400, "Invalid user localpart for this application service.",
|
400, "Invalid user localpart for this application service.",
|
||||||
errcode=Codes.EXCLUSIVE
|
errcode=Codes.EXCLUSIVE
|
||||||
)
|
)
|
||||||
token = self.generate_token(user_id)
|
token = self.auth_handler().generate_access_token(user_id)
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
token=token,
|
token=token,
|
||||||
|
@ -208,7 +208,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
|
|
||||||
yield self.check_user_id_is_valid(user_id)
|
yield self.check_user_id_is_valid(user_id)
|
||||||
token = self.generate_token(user_id)
|
token = self.auth_handler().generate_access_token(user_id)
|
||||||
try:
|
try:
|
||||||
yield self.store.register(
|
yield self.store.register(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
|
@ -273,13 +273,6 @@ class RegistrationHandler(BaseHandler):
|
||||||
errcode=Codes.EXCLUSIVE
|
errcode=Codes.EXCLUSIVE
|
||||||
)
|
)
|
||||||
|
|
||||||
def generate_token(self, user_id):
|
|
||||||
# urlsafe variant uses _ and - so use . as the separator and replace
|
|
||||||
# all =s with .s so http clients don't quote =s when it is used as
|
|
||||||
# query params.
|
|
||||||
return (base64.urlsafe_b64encode(user_id).replace('=', '.') + '.' +
|
|
||||||
stringutils.random_string(18))
|
|
||||||
|
|
||||||
def _generate_user_id(self):
|
def _generate_user_id(self):
|
||||||
return "-" + stringutils.random_string(18)
|
return "-" + stringutils.random_string(18)
|
||||||
|
|
||||||
|
@ -322,3 +315,6 @@ class RegistrationHandler(BaseHandler):
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
defer.returnValue(data)
|
defer.returnValue(data)
|
||||||
|
|
||||||
|
def auth_handler(self):
|
||||||
|
return self.hs.get_handlers().auth_handler
|
||||||
|
|
|
@ -22,26 +22,38 @@ from synapse.types import UserID, RoomAlias, RoomID
|
||||||
from synapse.api.constants import (
|
from synapse.api.constants import (
|
||||||
EventTypes, Membership, JoinRules, RoomCreationPreset,
|
EventTypes, Membership, JoinRules, RoomCreationPreset,
|
||||||
)
|
)
|
||||||
from synapse.api.errors import StoreError, SynapseError
|
from synapse.api.errors import AuthError, StoreError, SynapseError
|
||||||
from synapse.util import stringutils, unwrapFirstError
|
from synapse.util import stringutils, unwrapFirstError
|
||||||
from synapse.util.async import run_on_reactor
|
from synapse.util.async import run_on_reactor
|
||||||
from synapse.events.utils import serialize_event
|
|
||||||
|
from signedjson.sign import verify_signed_json
|
||||||
|
from signedjson.key import decode_verify_key_bytes
|
||||||
|
|
||||||
from collections import OrderedDict
|
from collections import OrderedDict
|
||||||
|
from unpaddedbase64 import decode_base64
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
import math
|
||||||
import string
|
import string
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
id_server_scheme = "https://"
|
||||||
|
|
||||||
|
|
||||||
class RoomCreationHandler(BaseHandler):
|
class RoomCreationHandler(BaseHandler):
|
||||||
|
|
||||||
PRESETS_DICT = {
|
PRESETS_DICT = {
|
||||||
RoomCreationPreset.PRIVATE_CHAT: {
|
RoomCreationPreset.PRIVATE_CHAT: {
|
||||||
"join_rules": JoinRules.INVITE,
|
"join_rules": JoinRules.INVITE,
|
||||||
"history_visibility": "invited",
|
"history_visibility": "shared",
|
||||||
"original_invitees_have_ops": False,
|
"original_invitees_have_ops": False,
|
||||||
},
|
},
|
||||||
|
RoomCreationPreset.TRUSTED_PRIVATE_CHAT: {
|
||||||
|
"join_rules": JoinRules.INVITE,
|
||||||
|
"history_visibility": "shared",
|
||||||
|
"original_invitees_have_ops": True,
|
||||||
|
},
|
||||||
RoomCreationPreset.PUBLIC_CHAT: {
|
RoomCreationPreset.PUBLIC_CHAT: {
|
||||||
"join_rules": JoinRules.PUBLIC,
|
"join_rules": JoinRules.PUBLIC,
|
||||||
"history_visibility": "shared",
|
"history_visibility": "shared",
|
||||||
|
@ -150,12 +162,16 @@ class RoomCreationHandler(BaseHandler):
|
||||||
for val in raw_initial_state:
|
for val in raw_initial_state:
|
||||||
initial_state[(val["type"], val.get("state_key", ""))] = val["content"]
|
initial_state[(val["type"], val.get("state_key", ""))] = val["content"]
|
||||||
|
|
||||||
|
creation_content = config.get("creation_content", {})
|
||||||
|
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
creation_events = self._create_events_for_new_room(
|
creation_events = self._create_events_for_new_room(
|
||||||
user, room_id,
|
user, room_id,
|
||||||
preset_config=preset_config,
|
preset_config=preset_config,
|
||||||
invite_list=invite_list,
|
invite_list=invite_list,
|
||||||
initial_state=initial_state,
|
initial_state=initial_state,
|
||||||
|
creation_content=creation_content,
|
||||||
|
room_alias=room_alias,
|
||||||
)
|
)
|
||||||
|
|
||||||
msg_handler = self.hs.get_handlers().message_handler
|
msg_handler = self.hs.get_handlers().message_handler
|
||||||
|
@ -203,7 +219,8 @@ class RoomCreationHandler(BaseHandler):
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
|
|
||||||
def _create_events_for_new_room(self, creator, room_id, preset_config,
|
def _create_events_for_new_room(self, creator, room_id, preset_config,
|
||||||
invite_list, initial_state):
|
invite_list, initial_state, creation_content,
|
||||||
|
room_alias):
|
||||||
config = RoomCreationHandler.PRESETS_DICT[preset_config]
|
config = RoomCreationHandler.PRESETS_DICT[preset_config]
|
||||||
|
|
||||||
creator_id = creator.to_string()
|
creator_id = creator.to_string()
|
||||||
|
@ -225,9 +242,10 @@ class RoomCreationHandler(BaseHandler):
|
||||||
|
|
||||||
return e
|
return e
|
||||||
|
|
||||||
|
creation_content.update({"creator": creator.to_string()})
|
||||||
creation_event = create(
|
creation_event = create(
|
||||||
etype=EventTypes.Create,
|
etype=EventTypes.Create,
|
||||||
content={"creator": creator.to_string()},
|
content=creation_content,
|
||||||
)
|
)
|
||||||
|
|
||||||
join_event = create(
|
join_event = create(
|
||||||
|
@ -272,6 +290,14 @@ class RoomCreationHandler(BaseHandler):
|
||||||
|
|
||||||
returned_events.append(power_levels_event)
|
returned_events.append(power_levels_event)
|
||||||
|
|
||||||
|
if room_alias and (EventTypes.CanonicalAlias, '') not in initial_state:
|
||||||
|
room_alias_event = create(
|
||||||
|
etype=EventTypes.CanonicalAlias,
|
||||||
|
content={"alias": room_alias.to_string()},
|
||||||
|
)
|
||||||
|
|
||||||
|
returned_events.append(room_alias_event)
|
||||||
|
|
||||||
if (EventTypes.JoinRules, '') not in initial_state:
|
if (EventTypes.JoinRules, '') not in initial_state:
|
||||||
join_rules_event = create(
|
join_rules_event = create(
|
||||||
etype=EventTypes.JoinRules,
|
etype=EventTypes.JoinRules,
|
||||||
|
@ -343,42 +369,7 @@ class RoomMemberHandler(BaseHandler):
|
||||||
remotedomains.add(member.domain)
|
remotedomains.add(member.domain)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_room_members_as_pagination_chunk(self, room_id=None, user_id=None,
|
def change_membership(self, event, context, do_auth=True, is_guest=False):
|
||||||
limit=0, start_tok=None,
|
|
||||||
end_tok=None):
|
|
||||||
"""Retrieve a list of room members in the room.
|
|
||||||
|
|
||||||
Args:
|
|
||||||
room_id (str): The room to get the member list for.
|
|
||||||
user_id (str): The ID of the user making the request.
|
|
||||||
limit (int): The max number of members to return.
|
|
||||||
start_tok (str): Optional. The start token if known.
|
|
||||||
end_tok (str): Optional. The end token if known.
|
|
||||||
Returns:
|
|
||||||
dict: A Pagination streamable dict.
|
|
||||||
Raises:
|
|
||||||
SynapseError if something goes wrong.
|
|
||||||
"""
|
|
||||||
yield self.auth.check_joined_room(room_id, user_id)
|
|
||||||
|
|
||||||
member_list = yield self.store.get_room_members(room_id=room_id)
|
|
||||||
time_now = self.clock.time_msec()
|
|
||||||
event_list = [
|
|
||||||
serialize_event(entry, time_now)
|
|
||||||
for entry in member_list
|
|
||||||
]
|
|
||||||
chunk_data = {
|
|
||||||
"start": "START", # FIXME (erikj): START is no longer valid
|
|
||||||
"end": "END",
|
|
||||||
"chunk": event_list
|
|
||||||
}
|
|
||||||
# TODO honor Pagination stream params
|
|
||||||
# TODO snapshot this list to return on subsequent requests when
|
|
||||||
# paginating
|
|
||||||
defer.returnValue(chunk_data)
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def change_membership(self, event, context, do_auth=True):
|
|
||||||
""" Change the membership status of a user in a room.
|
""" Change the membership status of a user in a room.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
|
@ -399,9 +390,38 @@ class RoomMemberHandler(BaseHandler):
|
||||||
# if this HS is not currently in the room, i.e. we have to do the
|
# if this HS is not currently in the room, i.e. we have to do the
|
||||||
# invite/join dance.
|
# invite/join dance.
|
||||||
if event.membership == Membership.JOIN:
|
if event.membership == Membership.JOIN:
|
||||||
|
if is_guest:
|
||||||
|
guest_access = context.current_state.get(
|
||||||
|
(EventTypes.GuestAccess, ""),
|
||||||
|
None
|
||||||
|
)
|
||||||
|
is_guest_access_allowed = (
|
||||||
|
guest_access
|
||||||
|
and guest_access.content
|
||||||
|
and "guest_access" in guest_access.content
|
||||||
|
and guest_access.content["guest_access"] == "can_join"
|
||||||
|
)
|
||||||
|
if not is_guest_access_allowed:
|
||||||
|
raise AuthError(403, "Guest access not allowed")
|
||||||
|
|
||||||
yield self._do_join(event, context, do_auth=do_auth)
|
yield self._do_join(event, context, do_auth=do_auth)
|
||||||
else:
|
else:
|
||||||
# This is not a JOIN, so we can handle it normally.
|
if event.membership == Membership.LEAVE:
|
||||||
|
is_host_in_room = yield self.is_host_in_room(room_id, context)
|
||||||
|
if not is_host_in_room:
|
||||||
|
# Rejecting an invite, rather than leaving a joined room
|
||||||
|
handler = self.hs.get_handlers().federation_handler
|
||||||
|
inviter = yield self.get_inviter(event)
|
||||||
|
if not inviter:
|
||||||
|
# return the same error as join_room_alias does
|
||||||
|
raise SynapseError(404, "No known servers")
|
||||||
|
yield handler.do_remotely_reject_invite(
|
||||||
|
[inviter.domain],
|
||||||
|
room_id,
|
||||||
|
event.user_id
|
||||||
|
)
|
||||||
|
defer.returnValue({"room_id": room_id})
|
||||||
|
return
|
||||||
|
|
||||||
# FIXME: This isn't idempotency.
|
# FIXME: This isn't idempotency.
|
||||||
if prev_state and prev_state.membership == event.membership:
|
if prev_state and prev_state.membership == event.membership:
|
||||||
|
@ -425,7 +445,7 @@ class RoomMemberHandler(BaseHandler):
|
||||||
defer.returnValue({"room_id": room_id})
|
defer.returnValue({"room_id": room_id})
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def join_room_alias(self, joinee, room_alias, do_auth=True, content={}):
|
def join_room_alias(self, joinee, room_alias, content={}):
|
||||||
directory_handler = self.hs.get_handlers().directory_handler
|
directory_handler = self.hs.get_handlers().directory_handler
|
||||||
mapping = yield directory_handler.get_association(room_alias)
|
mapping = yield directory_handler.get_association(room_alias)
|
||||||
|
|
||||||
|
@ -459,8 +479,6 @@ class RoomMemberHandler(BaseHandler):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _do_join(self, event, context, room_hosts=None, do_auth=True):
|
def _do_join(self, event, context, room_hosts=None, do_auth=True):
|
||||||
joinee = UserID.from_string(event.state_key)
|
|
||||||
# room_id = RoomID.from_string(event.room_id, self.hs)
|
|
||||||
room_id = event.room_id
|
room_id = event.room_id
|
||||||
|
|
||||||
# XXX: We don't do an auth check if we are doing an invite
|
# XXX: We don't do an auth check if we are doing an invite
|
||||||
|
@ -468,41 +486,18 @@ class RoomMemberHandler(BaseHandler):
|
||||||
# that we are allowed to join when we decide whether or not we
|
# that we are allowed to join when we decide whether or not we
|
||||||
# need to do the invite/join dance.
|
# need to do the invite/join dance.
|
||||||
|
|
||||||
is_host_in_room = yield self.auth.check_host_in_room(
|
is_host_in_room = yield self.is_host_in_room(room_id, context)
|
||||||
event.room_id,
|
|
||||||
self.hs.hostname
|
|
||||||
)
|
|
||||||
if not is_host_in_room:
|
|
||||||
# is *anyone* in the room?
|
|
||||||
room_member_keys = [
|
|
||||||
v for (k, v) in context.current_state.keys() if (
|
|
||||||
k == "m.room.member"
|
|
||||||
)
|
|
||||||
]
|
|
||||||
if len(room_member_keys) == 0:
|
|
||||||
# has the room been created so we can join it?
|
|
||||||
create_event = context.current_state.get(("m.room.create", ""))
|
|
||||||
if create_event:
|
|
||||||
is_host_in_room = True
|
|
||||||
|
|
||||||
if is_host_in_room:
|
if is_host_in_room:
|
||||||
should_do_dance = False
|
should_do_dance = False
|
||||||
elif room_hosts: # TODO: Shouldn't this be remote_room_host?
|
elif room_hosts: # TODO: Shouldn't this be remote_room_host?
|
||||||
should_do_dance = True
|
should_do_dance = True
|
||||||
else:
|
else:
|
||||||
# TODO(markjh): get prev_state from snapshot
|
inviter = yield self.get_inviter(event)
|
||||||
prev_state = yield self.store.get_room_member(
|
if not inviter:
|
||||||
joinee.to_string(), room_id
|
|
||||||
)
|
|
||||||
|
|
||||||
if prev_state and prev_state.membership == Membership.INVITE:
|
|
||||||
inviter = UserID.from_string(prev_state.user_id)
|
|
||||||
|
|
||||||
should_do_dance = not self.hs.is_mine(inviter)
|
|
||||||
room_hosts = [inviter.domain]
|
|
||||||
else:
|
|
||||||
# return the same error as join_room_alias does
|
# return the same error as join_room_alias does
|
||||||
raise SynapseError(404, "No known servers")
|
raise SynapseError(404, "No known servers")
|
||||||
|
should_do_dance = not self.hs.is_mine(inviter)
|
||||||
|
room_hosts = [inviter.domain]
|
||||||
|
|
||||||
if should_do_dance:
|
if should_do_dance:
|
||||||
handler = self.hs.get_handlers().federation_handler
|
handler = self.hs.get_handlers().federation_handler
|
||||||
|
@ -510,8 +505,7 @@ class RoomMemberHandler(BaseHandler):
|
||||||
room_hosts,
|
room_hosts,
|
||||||
room_id,
|
room_id,
|
||||||
event.user_id,
|
event.user_id,
|
||||||
event.content, # FIXME To get a non-frozen dict
|
event.content,
|
||||||
context
|
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
logger.debug("Doing normal join")
|
logger.debug("Doing normal join")
|
||||||
|
@ -529,30 +523,42 @@ class RoomMemberHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _should_invite_join(self, room_id, prev_state, do_auth):
|
def get_inviter(self, event):
|
||||||
logger.debug("_should_invite_join: room_id: %s", room_id)
|
# TODO(markjh): get prev_state from snapshot
|
||||||
|
prev_state = yield self.store.get_room_member(
|
||||||
|
event.user_id, event.room_id
|
||||||
|
)
|
||||||
|
|
||||||
# XXX: We don't do an auth check if we are doing an invite
|
|
||||||
# join dance for now, since we're kinda implicitly checking
|
|
||||||
# that we are allowed to join when we decide whether or not we
|
|
||||||
# need to do the invite/join dance.
|
|
||||||
|
|
||||||
# Only do an invite join dance if a) we were invited,
|
|
||||||
# b) the person inviting was from a differnt HS and c) we are
|
|
||||||
# not currently in the room
|
|
||||||
room_host = None
|
|
||||||
if prev_state and prev_state.membership == Membership.INVITE:
|
if prev_state and prev_state.membership == Membership.INVITE:
|
||||||
room = yield self.store.get_room(room_id)
|
defer.returnValue(UserID.from_string(prev_state.user_id))
|
||||||
inviter = UserID.from_string(
|
return
|
||||||
prev_state.sender
|
elif "third_party_invite" in event.content:
|
||||||
)
|
if "sender" in event.content["third_party_invite"]:
|
||||||
|
inviter = UserID.from_string(
|
||||||
|
event.content["third_party_invite"]["sender"]
|
||||||
|
)
|
||||||
|
defer.returnValue(inviter)
|
||||||
|
defer.returnValue(None)
|
||||||
|
|
||||||
is_remote_invite_join = not self.hs.is_mine(inviter) and not room
|
@defer.inlineCallbacks
|
||||||
room_host = inviter.domain
|
def is_host_in_room(self, room_id, context):
|
||||||
else:
|
is_host_in_room = yield self.auth.check_host_in_room(
|
||||||
is_remote_invite_join = False
|
room_id,
|
||||||
|
self.hs.hostname
|
||||||
defer.returnValue((is_remote_invite_join, room_host))
|
)
|
||||||
|
if not is_host_in_room:
|
||||||
|
# is *anyone* in the room?
|
||||||
|
room_member_keys = [
|
||||||
|
v for (k, v) in context.current_state.keys() if (
|
||||||
|
k == "m.room.member"
|
||||||
|
)
|
||||||
|
]
|
||||||
|
if len(room_member_keys) == 0:
|
||||||
|
# has the room been created so we can join it?
|
||||||
|
create_event = context.current_state.get(("m.room.create", ""))
|
||||||
|
if create_event:
|
||||||
|
is_host_in_room = True
|
||||||
|
defer.returnValue(is_host_in_room)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_joined_rooms_for_user(self, user):
|
def get_joined_rooms_for_user(self, user):
|
||||||
|
@ -583,6 +589,160 @@ class RoomMemberHandler(BaseHandler):
|
||||||
suppress_auth=(not do_auth),
|
suppress_auth=(not do_auth),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def do_3pid_invite(
|
||||||
|
self,
|
||||||
|
room_id,
|
||||||
|
inviter,
|
||||||
|
medium,
|
||||||
|
address,
|
||||||
|
id_server,
|
||||||
|
token_id,
|
||||||
|
txn_id
|
||||||
|
):
|
||||||
|
invitee = yield self._lookup_3pid(
|
||||||
|
id_server, medium, address
|
||||||
|
)
|
||||||
|
|
||||||
|
if invitee:
|
||||||
|
# make sure it looks like a user ID; it'll throw if it's invalid.
|
||||||
|
UserID.from_string(invitee)
|
||||||
|
yield self.hs.get_handlers().message_handler.create_and_send_event(
|
||||||
|
{
|
||||||
|
"type": EventTypes.Member,
|
||||||
|
"content": {
|
||||||
|
"membership": unicode("invite")
|
||||||
|
},
|
||||||
|
"room_id": room_id,
|
||||||
|
"sender": inviter.to_string(),
|
||||||
|
"state_key": invitee,
|
||||||
|
},
|
||||||
|
token_id=token_id,
|
||||||
|
txn_id=txn_id,
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
yield self._make_and_store_3pid_invite(
|
||||||
|
id_server,
|
||||||
|
medium,
|
||||||
|
address,
|
||||||
|
room_id,
|
||||||
|
inviter,
|
||||||
|
token_id,
|
||||||
|
txn_id=txn_id
|
||||||
|
)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _lookup_3pid(self, id_server, medium, address):
|
||||||
|
"""Looks up a 3pid in the passed identity server.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
id_server (str): The server name (including port, if required)
|
||||||
|
of the identity server to use.
|
||||||
|
medium (str): The type of the third party identifier (e.g. "email").
|
||||||
|
address (str): The third party identifier (e.g. "foo@example.com").
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
(str) the matrix ID of the 3pid, or None if it is not recognized.
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
data = yield self.hs.get_simple_http_client().get_json(
|
||||||
|
"%s%s/_matrix/identity/api/v1/lookup" % (id_server_scheme, id_server,),
|
||||||
|
{
|
||||||
|
"medium": medium,
|
||||||
|
"address": address,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
if "mxid" in data:
|
||||||
|
if "signatures" not in data:
|
||||||
|
raise AuthError(401, "No signatures on 3pid binding")
|
||||||
|
self.verify_any_signature(data, id_server)
|
||||||
|
defer.returnValue(data["mxid"])
|
||||||
|
|
||||||
|
except IOError as e:
|
||||||
|
logger.warn("Error from identity server lookup: %s" % (e,))
|
||||||
|
defer.returnValue(None)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def verify_any_signature(self, data, server_hostname):
|
||||||
|
if server_hostname not in data["signatures"]:
|
||||||
|
raise AuthError(401, "No signature from server %s" % (server_hostname,))
|
||||||
|
for key_name, signature in data["signatures"][server_hostname].items():
|
||||||
|
key_data = yield self.hs.get_simple_http_client().get_json(
|
||||||
|
"%s%s/_matrix/identity/api/v1/pubkey/%s" %
|
||||||
|
(id_server_scheme, server_hostname, key_name,),
|
||||||
|
)
|
||||||
|
if "public_key" not in key_data:
|
||||||
|
raise AuthError(401, "No public key named %s from %s" %
|
||||||
|
(key_name, server_hostname,))
|
||||||
|
verify_signed_json(
|
||||||
|
data,
|
||||||
|
server_hostname,
|
||||||
|
decode_verify_key_bytes(key_name, decode_base64(key_data["public_key"]))
|
||||||
|
)
|
||||||
|
return
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _make_and_store_3pid_invite(
|
||||||
|
self,
|
||||||
|
id_server,
|
||||||
|
medium,
|
||||||
|
address,
|
||||||
|
room_id,
|
||||||
|
user,
|
||||||
|
token_id,
|
||||||
|
txn_id
|
||||||
|
):
|
||||||
|
token, public_key, key_validity_url, display_name = (
|
||||||
|
yield self._ask_id_server_for_third_party_invite(
|
||||||
|
id_server,
|
||||||
|
medium,
|
||||||
|
address,
|
||||||
|
room_id,
|
||||||
|
user.to_string()
|
||||||
|
)
|
||||||
|
)
|
||||||
|
msg_handler = self.hs.get_handlers().message_handler
|
||||||
|
yield msg_handler.create_and_send_event(
|
||||||
|
{
|
||||||
|
"type": EventTypes.ThirdPartyInvite,
|
||||||
|
"content": {
|
||||||
|
"display_name": display_name,
|
||||||
|
"key_validity_url": key_validity_url,
|
||||||
|
"public_key": public_key,
|
||||||
|
},
|
||||||
|
"room_id": room_id,
|
||||||
|
"sender": user.to_string(),
|
||||||
|
"state_key": token,
|
||||||
|
},
|
||||||
|
token_id=token_id,
|
||||||
|
txn_id=txn_id,
|
||||||
|
)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _ask_id_server_for_third_party_invite(
|
||||||
|
self, id_server, medium, address, room_id, sender):
|
||||||
|
is_url = "%s%s/_matrix/identity/api/v1/store-invite" % (
|
||||||
|
id_server_scheme, id_server,
|
||||||
|
)
|
||||||
|
data = yield self.hs.get_simple_http_client().post_urlencoded_get_json(
|
||||||
|
is_url,
|
||||||
|
{
|
||||||
|
"medium": medium,
|
||||||
|
"address": address,
|
||||||
|
"room_id": room_id,
|
||||||
|
"sender": sender,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
# TODO: Check for success
|
||||||
|
token = data["token"]
|
||||||
|
public_key = data["public_key"]
|
||||||
|
display_name = data["display_name"]
|
||||||
|
key_validity_url = "%s%s/_matrix/identity/api/v1/pubkey/isvalid" % (
|
||||||
|
id_server_scheme, id_server,
|
||||||
|
)
|
||||||
|
defer.returnValue((token, public_key, key_validity_url, display_name))
|
||||||
|
|
||||||
|
|
||||||
class RoomListHandler(BaseHandler):
|
class RoomListHandler(BaseHandler):
|
||||||
|
|
||||||
|
@ -604,12 +764,79 @@ class RoomListHandler(BaseHandler):
|
||||||
defer.returnValue({"start": "START", "end": "END", "chunk": chunk})
|
defer.returnValue({"start": "START", "end": "END", "chunk": chunk})
|
||||||
|
|
||||||
|
|
||||||
|
class RoomContextHandler(BaseHandler):
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_event_context(self, user, room_id, event_id, limit, is_guest):
|
||||||
|
"""Retrieves events, pagination tokens and state around a given event
|
||||||
|
in a room.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user (UserID)
|
||||||
|
room_id (str)
|
||||||
|
event_id (str)
|
||||||
|
limit (int): The maximum number of events to return in total
|
||||||
|
(excluding state).
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
dict
|
||||||
|
"""
|
||||||
|
before_limit = math.floor(limit/2.)
|
||||||
|
after_limit = limit - before_limit
|
||||||
|
|
||||||
|
now_token = yield self.hs.get_event_sources().get_current_token()
|
||||||
|
|
||||||
|
results = yield self.store.get_events_around(
|
||||||
|
room_id, event_id, before_limit, after_limit
|
||||||
|
)
|
||||||
|
|
||||||
|
results["events_before"] = yield self._filter_events_for_client(
|
||||||
|
user.to_string(),
|
||||||
|
results["events_before"],
|
||||||
|
is_guest=is_guest,
|
||||||
|
require_all_visible_for_guests=False
|
||||||
|
)
|
||||||
|
|
||||||
|
results["events_after"] = yield self._filter_events_for_client(
|
||||||
|
user.to_string(),
|
||||||
|
results["events_after"],
|
||||||
|
is_guest=is_guest,
|
||||||
|
require_all_visible_for_guests=False
|
||||||
|
)
|
||||||
|
|
||||||
|
if results["events_after"]:
|
||||||
|
last_event_id = results["events_after"][-1].event_id
|
||||||
|
else:
|
||||||
|
last_event_id = event_id
|
||||||
|
|
||||||
|
state = yield self.store.get_state_for_events(
|
||||||
|
[last_event_id], None
|
||||||
|
)
|
||||||
|
results["state"] = state[last_event_id].values()
|
||||||
|
|
||||||
|
results["start"] = now_token.copy_and_replace(
|
||||||
|
"room_key", results["start"]
|
||||||
|
).to_string()
|
||||||
|
|
||||||
|
results["end"] = now_token.copy_and_replace(
|
||||||
|
"room_key", results["end"]
|
||||||
|
).to_string()
|
||||||
|
|
||||||
|
defer.returnValue(results)
|
||||||
|
|
||||||
|
|
||||||
class RoomEventSource(object):
|
class RoomEventSource(object):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_new_events_for_user(self, user, from_key, limit):
|
def get_new_events(
|
||||||
|
self,
|
||||||
|
user,
|
||||||
|
from_key,
|
||||||
|
limit,
|
||||||
|
room_ids,
|
||||||
|
is_guest,
|
||||||
|
):
|
||||||
# We just ignore the key for now.
|
# We just ignore the key for now.
|
||||||
|
|
||||||
to_key = yield self.get_current_key()
|
to_key = yield self.get_current_key()
|
||||||
|
@ -629,8 +856,9 @@ class RoomEventSource(object):
|
||||||
user_id=user.to_string(),
|
user_id=user.to_string(),
|
||||||
from_key=from_key,
|
from_key=from_key,
|
||||||
to_key=to_key,
|
to_key=to_key,
|
||||||
room_id=None,
|
|
||||||
limit=limit,
|
limit=limit,
|
||||||
|
room_ids=room_ids,
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((events, end_key))
|
defer.returnValue((events, end_key))
|
||||||
|
@ -646,7 +874,6 @@ class RoomEventSource(object):
|
||||||
to_key=config.to_key,
|
to_key=config.to_key,
|
||||||
direction=config.direction,
|
direction=config.direction,
|
||||||
limit=config.limit,
|
limit=config.limit,
|
||||||
with_feedback=True
|
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((events, next_key))
|
defer.returnValue((events, next_key))
|
||||||
|
|
319
synapse/handlers/search.py
Normal file
319
synapse/handlers/search.py
Normal file
|
@ -0,0 +1,319 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
from ._base import BaseHandler
|
||||||
|
|
||||||
|
from synapse.api.constants import Membership
|
||||||
|
from synapse.api.filtering import Filter
|
||||||
|
from synapse.api.errors import SynapseError
|
||||||
|
from synapse.events.utils import serialize_event
|
||||||
|
|
||||||
|
from unpaddedbase64 import decode_base64, encode_base64
|
||||||
|
|
||||||
|
import logging
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class SearchHandler(BaseHandler):
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(SearchHandler, self).__init__(hs)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def search(self, user, content, batch=None):
|
||||||
|
"""Performs a full text search for a user.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user (UserID)
|
||||||
|
content (dict): Search parameters
|
||||||
|
batch (str): The next_batch parameter. Used for pagination.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
dict to be returned to the client with results of search
|
||||||
|
"""
|
||||||
|
|
||||||
|
batch_group = None
|
||||||
|
batch_group_key = None
|
||||||
|
batch_token = None
|
||||||
|
if batch:
|
||||||
|
try:
|
||||||
|
b = decode_base64(batch)
|
||||||
|
batch_group, batch_group_key, batch_token = b.split("\n")
|
||||||
|
|
||||||
|
assert batch_group is not None
|
||||||
|
assert batch_group_key is not None
|
||||||
|
assert batch_token is not None
|
||||||
|
except:
|
||||||
|
raise SynapseError(400, "Invalid batch")
|
||||||
|
|
||||||
|
try:
|
||||||
|
room_cat = content["search_categories"]["room_events"]
|
||||||
|
|
||||||
|
# The actual thing to query in FTS
|
||||||
|
search_term = room_cat["search_term"]
|
||||||
|
|
||||||
|
# Which "keys" to search over in FTS query
|
||||||
|
keys = room_cat.get("keys", [
|
||||||
|
"content.body", "content.name", "content.topic",
|
||||||
|
])
|
||||||
|
|
||||||
|
# Filter to apply to results
|
||||||
|
filter_dict = room_cat.get("filter", {})
|
||||||
|
|
||||||
|
# What to order results by (impacts whether pagination can be doen)
|
||||||
|
order_by = room_cat.get("order_by", "rank")
|
||||||
|
|
||||||
|
# Include context around each event?
|
||||||
|
event_context = room_cat.get(
|
||||||
|
"event_context", None
|
||||||
|
)
|
||||||
|
|
||||||
|
# Group results together? May allow clients to paginate within a
|
||||||
|
# group
|
||||||
|
group_by = room_cat.get("groupings", {}).get("group_by", {})
|
||||||
|
group_keys = [g["key"] for g in group_by]
|
||||||
|
|
||||||
|
if event_context is not None:
|
||||||
|
before_limit = int(event_context.get(
|
||||||
|
"before_limit", 5
|
||||||
|
))
|
||||||
|
after_limit = int(event_context.get(
|
||||||
|
"after_limit", 5
|
||||||
|
))
|
||||||
|
except KeyError:
|
||||||
|
raise SynapseError(400, "Invalid search query")
|
||||||
|
|
||||||
|
if order_by not in ("rank", "recent"):
|
||||||
|
raise SynapseError(400, "Invalid order by: %r" % (order_by,))
|
||||||
|
|
||||||
|
if set(group_keys) - {"room_id", "sender"}:
|
||||||
|
raise SynapseError(
|
||||||
|
400,
|
||||||
|
"Invalid group by keys: %r" % (set(group_keys) - {"room_id", "sender"},)
|
||||||
|
)
|
||||||
|
|
||||||
|
search_filter = Filter(filter_dict)
|
||||||
|
|
||||||
|
# TODO: Search through left rooms too
|
||||||
|
rooms = yield self.store.get_rooms_for_user_where_membership_is(
|
||||||
|
user.to_string(),
|
||||||
|
membership_list=[Membership.JOIN],
|
||||||
|
# membership_list=[Membership.JOIN, Membership.LEAVE, Membership.Ban],
|
||||||
|
)
|
||||||
|
room_ids = set(r.room_id for r in rooms)
|
||||||
|
|
||||||
|
room_ids = search_filter.filter_rooms(room_ids)
|
||||||
|
|
||||||
|
if batch_group == "room_id":
|
||||||
|
room_ids.intersection_update({batch_group_key})
|
||||||
|
|
||||||
|
rank_map = {} # event_id -> rank of event
|
||||||
|
allowed_events = []
|
||||||
|
room_groups = {} # Holds result of grouping by room, if applicable
|
||||||
|
sender_group = {} # Holds result of grouping by sender, if applicable
|
||||||
|
|
||||||
|
# Holds the next_batch for the entire result set if one of those exists
|
||||||
|
global_next_batch = None
|
||||||
|
|
||||||
|
if order_by == "rank":
|
||||||
|
results = yield self.store.search_msgs(
|
||||||
|
room_ids, search_term, keys
|
||||||
|
)
|
||||||
|
|
||||||
|
results_map = {r["event"].event_id: r for r in results}
|
||||||
|
|
||||||
|
rank_map.update({r["event"].event_id: r["rank"] for r in results})
|
||||||
|
|
||||||
|
filtered_events = search_filter.filter([r["event"] for r in results])
|
||||||
|
|
||||||
|
events = yield self._filter_events_for_client(
|
||||||
|
user.to_string(), filtered_events
|
||||||
|
)
|
||||||
|
|
||||||
|
events.sort(key=lambda e: -rank_map[e.event_id])
|
||||||
|
allowed_events = events[:search_filter.limit()]
|
||||||
|
|
||||||
|
for e in allowed_events:
|
||||||
|
rm = room_groups.setdefault(e.room_id, {
|
||||||
|
"results": [],
|
||||||
|
"order": rank_map[e.event_id],
|
||||||
|
})
|
||||||
|
rm["results"].append(e.event_id)
|
||||||
|
|
||||||
|
s = sender_group.setdefault(e.sender, {
|
||||||
|
"results": [],
|
||||||
|
"order": rank_map[e.event_id],
|
||||||
|
})
|
||||||
|
s["results"].append(e.event_id)
|
||||||
|
|
||||||
|
elif order_by == "recent":
|
||||||
|
# In this case we specifically loop through each room as the given
|
||||||
|
# limit applies to each room, rather than a global list.
|
||||||
|
# This is not necessarilly a good idea.
|
||||||
|
for room_id in room_ids:
|
||||||
|
room_events = []
|
||||||
|
if batch_group == "room_id" and batch_group_key == room_id:
|
||||||
|
pagination_token = batch_token
|
||||||
|
else:
|
||||||
|
pagination_token = None
|
||||||
|
i = 0
|
||||||
|
|
||||||
|
# We keep looping and we keep filtering until we reach the limit
|
||||||
|
# or we run out of things.
|
||||||
|
# But only go around 5 times since otherwise synapse will be sad.
|
||||||
|
while len(room_events) < search_filter.limit() and i < 5:
|
||||||
|
i += 1
|
||||||
|
results = yield self.store.search_room(
|
||||||
|
room_id, search_term, keys, search_filter.limit() * 2,
|
||||||
|
pagination_token=pagination_token,
|
||||||
|
)
|
||||||
|
|
||||||
|
results_map = {r["event"].event_id: r for r in results}
|
||||||
|
|
||||||
|
rank_map.update({r["event"].event_id: r["rank"] for r in results})
|
||||||
|
|
||||||
|
filtered_events = search_filter.filter([
|
||||||
|
r["event"] for r in results
|
||||||
|
])
|
||||||
|
|
||||||
|
events = yield self._filter_events_for_client(
|
||||||
|
user.to_string(), filtered_events
|
||||||
|
)
|
||||||
|
|
||||||
|
room_events.extend(events)
|
||||||
|
room_events = room_events[:search_filter.limit()]
|
||||||
|
|
||||||
|
if len(results) < search_filter.limit() * 2:
|
||||||
|
pagination_token = None
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
pagination_token = results[-1]["pagination_token"]
|
||||||
|
|
||||||
|
if room_events:
|
||||||
|
res = results_map[room_events[-1].event_id]
|
||||||
|
pagination_token = res["pagination_token"]
|
||||||
|
|
||||||
|
group = room_groups.setdefault(room_id, {})
|
||||||
|
if pagination_token:
|
||||||
|
next_batch = encode_base64("%s\n%s\n%s" % (
|
||||||
|
"room_id", room_id, pagination_token
|
||||||
|
))
|
||||||
|
group["next_batch"] = next_batch
|
||||||
|
|
||||||
|
if batch_token:
|
||||||
|
global_next_batch = next_batch
|
||||||
|
|
||||||
|
group["results"] = [e.event_id for e in room_events]
|
||||||
|
group["order"] = max(
|
||||||
|
e.origin_server_ts/1000 for e in room_events
|
||||||
|
if hasattr(e, "origin_server_ts")
|
||||||
|
)
|
||||||
|
|
||||||
|
allowed_events.extend(room_events)
|
||||||
|
|
||||||
|
# Normalize the group orders
|
||||||
|
if room_groups:
|
||||||
|
if len(room_groups) > 1:
|
||||||
|
mx = max(g["order"] for g in room_groups.values())
|
||||||
|
mn = min(g["order"] for g in room_groups.values())
|
||||||
|
|
||||||
|
for g in room_groups.values():
|
||||||
|
g["order"] = (g["order"] - mn) * 1.0 / (mx - mn)
|
||||||
|
else:
|
||||||
|
room_groups.values()[0]["order"] = 1
|
||||||
|
|
||||||
|
else:
|
||||||
|
# We should never get here due to the guard earlier.
|
||||||
|
raise NotImplementedError()
|
||||||
|
|
||||||
|
# If client has asked for "context" for each event (i.e. some surrounding
|
||||||
|
# events and state), fetch that
|
||||||
|
if event_context is not None:
|
||||||
|
now_token = yield self.hs.get_event_sources().get_current_token()
|
||||||
|
|
||||||
|
contexts = {}
|
||||||
|
for event in allowed_events:
|
||||||
|
res = yield self.store.get_events_around(
|
||||||
|
event.room_id, event.event_id, before_limit, after_limit
|
||||||
|
)
|
||||||
|
|
||||||
|
res["events_before"] = yield self._filter_events_for_client(
|
||||||
|
user.to_string(), res["events_before"]
|
||||||
|
)
|
||||||
|
|
||||||
|
res["events_after"] = yield self._filter_events_for_client(
|
||||||
|
user.to_string(), res["events_after"]
|
||||||
|
)
|
||||||
|
|
||||||
|
res["start"] = now_token.copy_and_replace(
|
||||||
|
"room_key", res["start"]
|
||||||
|
).to_string()
|
||||||
|
|
||||||
|
res["end"] = now_token.copy_and_replace(
|
||||||
|
"room_key", res["end"]
|
||||||
|
).to_string()
|
||||||
|
|
||||||
|
contexts[event.event_id] = res
|
||||||
|
else:
|
||||||
|
contexts = {}
|
||||||
|
|
||||||
|
# TODO: Add a limit
|
||||||
|
|
||||||
|
time_now = self.clock.time_msec()
|
||||||
|
|
||||||
|
for context in contexts.values():
|
||||||
|
context["events_before"] = [
|
||||||
|
serialize_event(e, time_now)
|
||||||
|
for e in context["events_before"]
|
||||||
|
]
|
||||||
|
context["events_after"] = [
|
||||||
|
serialize_event(e, time_now)
|
||||||
|
for e in context["events_after"]
|
||||||
|
]
|
||||||
|
|
||||||
|
results = {
|
||||||
|
e.event_id: {
|
||||||
|
"rank": rank_map[e.event_id],
|
||||||
|
"result": serialize_event(e, time_now),
|
||||||
|
"context": contexts.get(e.event_id, {}),
|
||||||
|
}
|
||||||
|
for e in allowed_events
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.info("Found %d results", len(results))
|
||||||
|
|
||||||
|
rooms_cat_res = {
|
||||||
|
"results": results,
|
||||||
|
"count": len(results)
|
||||||
|
}
|
||||||
|
|
||||||
|
if room_groups and "room_id" in group_keys:
|
||||||
|
rooms_cat_res.setdefault("groups", {})["room_id"] = room_groups
|
||||||
|
|
||||||
|
if sender_group and "sender" in group_keys:
|
||||||
|
rooms_cat_res.setdefault("groups", {})["sender"] = sender_group
|
||||||
|
|
||||||
|
if global_next_batch:
|
||||||
|
rooms_cat_res["next_batch"] = global_next_batch
|
||||||
|
|
||||||
|
defer.returnValue({
|
||||||
|
"search_categories": {
|
||||||
|
"room_events": rooms_cat_res
|
||||||
|
}
|
||||||
|
})
|
|
@ -28,23 +28,14 @@ logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
SyncConfig = collections.namedtuple("SyncConfig", [
|
SyncConfig = collections.namedtuple("SyncConfig", [
|
||||||
"user",
|
"user",
|
||||||
"client_info",
|
|
||||||
"limit",
|
|
||||||
"gap",
|
|
||||||
"sort",
|
|
||||||
"backfill",
|
|
||||||
"filter",
|
"filter",
|
||||||
])
|
])
|
||||||
|
|
||||||
|
|
||||||
class RoomSyncResult(collections.namedtuple("RoomSyncResult", [
|
class TimelineBatch(collections.namedtuple("TimelineBatch", [
|
||||||
"room_id",
|
|
||||||
"limited",
|
|
||||||
"published",
|
|
||||||
"events",
|
|
||||||
"state",
|
|
||||||
"prev_batch",
|
"prev_batch",
|
||||||
"ephemeral",
|
"events",
|
||||||
|
"limited",
|
||||||
])):
|
])):
|
||||||
__slots__ = []
|
__slots__ = []
|
||||||
|
|
||||||
|
@ -52,14 +43,66 @@ class RoomSyncResult(collections.namedtuple("RoomSyncResult", [
|
||||||
"""Make the result appear empty if there are no updates. This is used
|
"""Make the result appear empty if there are no updates. This is used
|
||||||
to tell if room needs to be part of the sync result.
|
to tell if room needs to be part of the sync result.
|
||||||
"""
|
"""
|
||||||
return bool(self.events or self.state or self.ephemeral)
|
return bool(self.events)
|
||||||
|
|
||||||
|
|
||||||
|
class JoinedSyncResult(collections.namedtuple("JoinedSyncResult", [
|
||||||
|
"room_id", # str
|
||||||
|
"timeline", # TimelineBatch
|
||||||
|
"state", # dict[(str, str), FrozenEvent]
|
||||||
|
"ephemeral",
|
||||||
|
"private_user_data",
|
||||||
|
])):
|
||||||
|
__slots__ = []
|
||||||
|
|
||||||
|
def __nonzero__(self):
|
||||||
|
"""Make the result appear empty if there are no updates. This is used
|
||||||
|
to tell if room needs to be part of the sync result.
|
||||||
|
"""
|
||||||
|
return bool(
|
||||||
|
self.timeline
|
||||||
|
or self.state
|
||||||
|
or self.ephemeral
|
||||||
|
or self.private_user_data
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class ArchivedSyncResult(collections.namedtuple("JoinedSyncResult", [
|
||||||
|
"room_id", # str
|
||||||
|
"timeline", # TimelineBatch
|
||||||
|
"state", # dict[(str, str), FrozenEvent]
|
||||||
|
"private_user_data",
|
||||||
|
])):
|
||||||
|
__slots__ = []
|
||||||
|
|
||||||
|
def __nonzero__(self):
|
||||||
|
"""Make the result appear empty if there are no updates. This is used
|
||||||
|
to tell if room needs to be part of the sync result.
|
||||||
|
"""
|
||||||
|
return bool(
|
||||||
|
self.timeline
|
||||||
|
or self.state
|
||||||
|
or self.private_user_data
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class InvitedSyncResult(collections.namedtuple("InvitedSyncResult", [
|
||||||
|
"room_id", # str
|
||||||
|
"invite", # FrozenEvent: the invite event
|
||||||
|
])):
|
||||||
|
__slots__ = []
|
||||||
|
|
||||||
|
def __nonzero__(self):
|
||||||
|
"""Invited rooms should always be reported to the client"""
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
class SyncResult(collections.namedtuple("SyncResult", [
|
class SyncResult(collections.namedtuple("SyncResult", [
|
||||||
"next_batch", # Token for the next sync
|
"next_batch", # Token for the next sync
|
||||||
"private_user_data", # List of private events for the user.
|
"presence", # List of presence events for the user.
|
||||||
"public_user_data", # List of public events for all users.
|
"joined", # JoinedSyncResult for each joined room.
|
||||||
"rooms", # RoomSyncResult for each room.
|
"invited", # InvitedSyncResult for each invited room.
|
||||||
|
"archived", # ArchivedSyncResult for each archived room.
|
||||||
])):
|
])):
|
||||||
__slots__ = []
|
__slots__ = []
|
||||||
|
|
||||||
|
@ -69,7 +112,7 @@ class SyncResult(collections.namedtuple("SyncResult", [
|
||||||
events.
|
events.
|
||||||
"""
|
"""
|
||||||
return bool(
|
return bool(
|
||||||
self.private_user_data or self.public_user_data or self.rooms
|
self.presence or self.joined or self.invited
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -81,67 +124,58 @@ class SyncHandler(BaseHandler):
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def wait_for_sync_for_user(self, sync_config, since_token=None, timeout=0):
|
def wait_for_sync_for_user(self, sync_config, since_token=None, timeout=0,
|
||||||
|
full_state=False):
|
||||||
"""Get the sync for a client if we have new data for it now. Otherwise
|
"""Get the sync for a client if we have new data for it now. Otherwise
|
||||||
wait for new data to arrive on the server. If the timeout expires, then
|
wait for new data to arrive on the server. If the timeout expires, then
|
||||||
return an empty sync result.
|
return an empty sync result.
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred SyncResult.
|
A Deferred SyncResult.
|
||||||
"""
|
"""
|
||||||
if timeout == 0 or since_token is None:
|
|
||||||
result = yield self.current_sync_for_user(sync_config, since_token)
|
if timeout == 0 or since_token is None or full_state:
|
||||||
|
# we are going to return immediately, so don't bother calling
|
||||||
|
# notifier.wait_for_events.
|
||||||
|
result = yield self.current_sync_for_user(sync_config, since_token,
|
||||||
|
full_state=full_state)
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
else:
|
else:
|
||||||
def current_sync_callback(before_token, after_token):
|
def current_sync_callback(before_token, after_token):
|
||||||
return self.current_sync_for_user(sync_config, since_token)
|
return self.current_sync_for_user(sync_config, since_token)
|
||||||
|
|
||||||
rm_handler = self.hs.get_handlers().room_member_handler
|
|
||||||
|
|
||||||
app_service = yield self.store.get_app_service_by_user_id(
|
|
||||||
sync_config.user.to_string()
|
|
||||||
)
|
|
||||||
if app_service:
|
|
||||||
rooms = yield self.store.get_app_service_rooms(app_service)
|
|
||||||
room_ids = set(r.room_id for r in rooms)
|
|
||||||
else:
|
|
||||||
room_ids = yield rm_handler.get_joined_rooms_for_user(
|
|
||||||
sync_config.user
|
|
||||||
)
|
|
||||||
|
|
||||||
result = yield self.notifier.wait_for_events(
|
result = yield self.notifier.wait_for_events(
|
||||||
sync_config.user, room_ids,
|
sync_config.user, timeout, current_sync_callback,
|
||||||
sync_config.filter, timeout, current_sync_callback
|
from_token=since_token
|
||||||
)
|
)
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
|
|
||||||
def current_sync_for_user(self, sync_config, since_token=None):
|
def current_sync_for_user(self, sync_config, since_token=None,
|
||||||
|
full_state=False):
|
||||||
"""Get the sync for client needed to match what the server has now.
|
"""Get the sync for client needed to match what the server has now.
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred SyncResult.
|
A Deferred SyncResult.
|
||||||
"""
|
"""
|
||||||
if since_token is None:
|
if since_token is None or full_state:
|
||||||
return self.initial_sync(sync_config)
|
return self.full_state_sync(sync_config, since_token)
|
||||||
else:
|
else:
|
||||||
if sync_config.gap:
|
return self.incremental_sync_with_gap(sync_config, since_token)
|
||||||
return self.incremental_sync_with_gap(sync_config, since_token)
|
|
||||||
else:
|
|
||||||
# TODO(mjark): Handle gapless sync
|
|
||||||
raise NotImplementedError()
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def initial_sync(self, sync_config):
|
def full_state_sync(self, sync_config, timeline_since_token):
|
||||||
"""Get a sync for a client which is starting without any state
|
"""Get a sync for a client which is starting without any state.
|
||||||
|
|
||||||
|
If a 'message_since_token' is given, only timeline events which have
|
||||||
|
happened since that token will be returned.
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred SyncResult.
|
A Deferred SyncResult.
|
||||||
"""
|
"""
|
||||||
if sync_config.sort == "timeline,desc":
|
|
||||||
# TODO(mjark): Handle going through events in reverse order?.
|
|
||||||
# What does "most recent events" mean when applying the limits mean
|
|
||||||
# in this case?
|
|
||||||
raise NotImplementedError()
|
|
||||||
|
|
||||||
now_token = yield self.event_sources.get_current_token()
|
now_token = yield self.event_sources.get_current_token()
|
||||||
|
|
||||||
|
now_token, ephemeral_by_room = yield self.ephemeral_by_room(
|
||||||
|
sync_config, now_token
|
||||||
|
)
|
||||||
|
|
||||||
presence_stream = self.event_sources.sources["presence"]
|
presence_stream = self.event_sources.sources["presence"]
|
||||||
# TODO (mjark): This looks wrong, shouldn't we be getting the presence
|
# TODO (mjark): This looks wrong, shouldn't we be getting the presence
|
||||||
# UP to the present rather than after the present?
|
# UP to the present rather than after the present?
|
||||||
|
@ -153,52 +187,179 @@ class SyncHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
room_list = yield self.store.get_rooms_for_user_where_membership_is(
|
room_list = yield self.store.get_rooms_for_user_where_membership_is(
|
||||||
user_id=sync_config.user.to_string(),
|
user_id=sync_config.user.to_string(),
|
||||||
membership_list=[Membership.INVITE, Membership.JOIN]
|
membership_list=(
|
||||||
|
Membership.INVITE,
|
||||||
|
Membership.JOIN,
|
||||||
|
Membership.LEAVE,
|
||||||
|
Membership.BAN
|
||||||
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO (mjark): Does public mean "published"?
|
tags_by_room = yield self.store.get_tags_for_user(
|
||||||
published_rooms = yield self.store.get_rooms(is_public=True)
|
sync_config.user.to_string()
|
||||||
published_room_ids = set(r["room_id"] for r in published_rooms)
|
)
|
||||||
|
|
||||||
rooms = []
|
joined = []
|
||||||
|
invited = []
|
||||||
|
archived = []
|
||||||
for event in room_list:
|
for event in room_list:
|
||||||
room_sync = yield self.initial_sync_for_room(
|
if event.membership == Membership.JOIN:
|
||||||
event.room_id, sync_config, now_token, published_room_ids
|
room_sync = yield self.full_state_sync_for_joined_room(
|
||||||
)
|
room_id=event.room_id,
|
||||||
rooms.append(room_sync)
|
sync_config=sync_config,
|
||||||
|
now_token=now_token,
|
||||||
|
timeline_since_token=timeline_since_token,
|
||||||
|
ephemeral_by_room=ephemeral_by_room,
|
||||||
|
tags_by_room=tags_by_room,
|
||||||
|
)
|
||||||
|
joined.append(room_sync)
|
||||||
|
elif event.membership == Membership.INVITE:
|
||||||
|
invite = yield self.store.get_event(event.event_id)
|
||||||
|
invited.append(InvitedSyncResult(
|
||||||
|
room_id=event.room_id,
|
||||||
|
invite=invite,
|
||||||
|
))
|
||||||
|
elif event.membership in (Membership.LEAVE, Membership.BAN):
|
||||||
|
leave_token = now_token.copy_and_replace(
|
||||||
|
"room_key", "s%d" % (event.stream_ordering,)
|
||||||
|
)
|
||||||
|
room_sync = yield self.full_state_sync_for_archived_room(
|
||||||
|
sync_config=sync_config,
|
||||||
|
room_id=event.room_id,
|
||||||
|
leave_event_id=event.event_id,
|
||||||
|
leave_token=leave_token,
|
||||||
|
timeline_since_token=timeline_since_token,
|
||||||
|
tags_by_room=tags_by_room,
|
||||||
|
)
|
||||||
|
archived.append(room_sync)
|
||||||
|
|
||||||
defer.returnValue(SyncResult(
|
defer.returnValue(SyncResult(
|
||||||
public_user_data=presence,
|
presence=presence,
|
||||||
private_user_data=[],
|
joined=joined,
|
||||||
rooms=rooms,
|
invited=invited,
|
||||||
|
archived=archived,
|
||||||
next_batch=now_token,
|
next_batch=now_token,
|
||||||
))
|
))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def initial_sync_for_room(self, room_id, sync_config, now_token,
|
def full_state_sync_for_joined_room(self, room_id, sync_config,
|
||||||
published_room_ids):
|
now_token, timeline_since_token,
|
||||||
|
ephemeral_by_room, tags_by_room):
|
||||||
"""Sync a room for a client which is starting without any state
|
"""Sync a room for a client which is starting without any state
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred RoomSyncResult.
|
A Deferred JoinedSyncResult.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
recents, prev_batch_token, limited = yield self.load_filtered_recents(
|
batch = yield self.load_filtered_recents(
|
||||||
room_id, sync_config, now_token,
|
room_id, sync_config, now_token, since_token=timeline_since_token
|
||||||
)
|
)
|
||||||
|
|
||||||
current_state = yield self.state_handler.get_current_state(
|
current_state = yield self.get_state_at(room_id, now_token)
|
||||||
room_id
|
|
||||||
)
|
|
||||||
current_state_events = current_state.values()
|
|
||||||
|
|
||||||
defer.returnValue(RoomSyncResult(
|
defer.returnValue(JoinedSyncResult(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
published=room_id in published_room_ids,
|
timeline=batch,
|
||||||
events=recents,
|
state=current_state,
|
||||||
prev_batch=prev_batch_token,
|
ephemeral=ephemeral_by_room.get(room_id, []),
|
||||||
state=current_state_events,
|
private_user_data=self.private_user_data_for_room(
|
||||||
limited=limited,
|
room_id, tags_by_room
|
||||||
ephemeral=[],
|
),
|
||||||
|
))
|
||||||
|
|
||||||
|
def private_user_data_for_room(self, room_id, tags_by_room):
|
||||||
|
private_user_data = []
|
||||||
|
tags = tags_by_room.get(room_id)
|
||||||
|
if tags is not None:
|
||||||
|
private_user_data.append({
|
||||||
|
"type": "m.tag",
|
||||||
|
"content": {"tags": tags},
|
||||||
|
})
|
||||||
|
return private_user_data
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def ephemeral_by_room(self, sync_config, now_token, since_token=None):
|
||||||
|
"""Get the ephemeral events for each room the user is in
|
||||||
|
Args:
|
||||||
|
sync_config (SyncConfig): The flags, filters and user for the sync.
|
||||||
|
now_token (StreamToken): Where the server is currently up to.
|
||||||
|
since_token (StreamToken): Where the server was when the client
|
||||||
|
last synced.
|
||||||
|
Returns:
|
||||||
|
A tuple of the now StreamToken, updated to reflect the which typing
|
||||||
|
events are included, and a dict mapping from room_id to a list of
|
||||||
|
typing events for that room.
|
||||||
|
"""
|
||||||
|
|
||||||
|
typing_key = since_token.typing_key if since_token else "0"
|
||||||
|
|
||||||
|
rooms = yield self.store.get_rooms_for_user(sync_config.user.to_string())
|
||||||
|
room_ids = [room.room_id for room in rooms]
|
||||||
|
|
||||||
|
typing_source = self.event_sources.sources["typing"]
|
||||||
|
typing, typing_key = yield typing_source.get_new_events(
|
||||||
|
user=sync_config.user,
|
||||||
|
from_key=typing_key,
|
||||||
|
limit=sync_config.filter.ephemeral_limit(),
|
||||||
|
room_ids=room_ids,
|
||||||
|
is_guest=False,
|
||||||
|
)
|
||||||
|
now_token = now_token.copy_and_replace("typing_key", typing_key)
|
||||||
|
|
||||||
|
ephemeral_by_room = {}
|
||||||
|
|
||||||
|
for event in typing:
|
||||||
|
# we want to exclude the room_id from the event, but modifying the
|
||||||
|
# result returned by the event source is poor form (it might cache
|
||||||
|
# the object)
|
||||||
|
room_id = event["room_id"]
|
||||||
|
event_copy = {k: v for (k, v) in event.iteritems()
|
||||||
|
if k != "room_id"}
|
||||||
|
ephemeral_by_room.setdefault(room_id, []).append(event_copy)
|
||||||
|
|
||||||
|
receipt_key = since_token.receipt_key if since_token else "0"
|
||||||
|
|
||||||
|
receipt_source = self.event_sources.sources["receipt"]
|
||||||
|
receipts, receipt_key = yield receipt_source.get_new_events(
|
||||||
|
user=sync_config.user,
|
||||||
|
from_key=receipt_key,
|
||||||
|
limit=sync_config.filter.ephemeral_limit(),
|
||||||
|
room_ids=room_ids,
|
||||||
|
# /sync doesn't support guest access, they can't get to this point in code
|
||||||
|
is_guest=False,
|
||||||
|
)
|
||||||
|
now_token = now_token.copy_and_replace("receipt_key", receipt_key)
|
||||||
|
|
||||||
|
for event in receipts:
|
||||||
|
room_id = event["room_id"]
|
||||||
|
# exclude room id, as above
|
||||||
|
event_copy = {k: v for (k, v) in event.iteritems()
|
||||||
|
if k != "room_id"}
|
||||||
|
ephemeral_by_room.setdefault(room_id, []).append(event_copy)
|
||||||
|
|
||||||
|
defer.returnValue((now_token, ephemeral_by_room))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def full_state_sync_for_archived_room(self, room_id, sync_config,
|
||||||
|
leave_event_id, leave_token,
|
||||||
|
timeline_since_token, tags_by_room):
|
||||||
|
"""Sync a room for a client which is starting without any state
|
||||||
|
Returns:
|
||||||
|
A Deferred JoinedSyncResult.
|
||||||
|
"""
|
||||||
|
|
||||||
|
batch = yield self.load_filtered_recents(
|
||||||
|
room_id, sync_config, leave_token, since_token=timeline_since_token
|
||||||
|
)
|
||||||
|
|
||||||
|
leave_state = yield self.store.get_state_for_event(leave_event_id)
|
||||||
|
|
||||||
|
defer.returnValue(ArchivedSyncResult(
|
||||||
|
room_id=room_id,
|
||||||
|
timeline=batch,
|
||||||
|
state=leave_state,
|
||||||
|
private_user_data=self.private_user_data_for_room(
|
||||||
|
room_id, tags_by_room
|
||||||
|
),
|
||||||
))
|
))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
|
@ -208,34 +369,25 @@ class SyncHandler(BaseHandler):
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred SyncResult.
|
A Deferred SyncResult.
|
||||||
"""
|
"""
|
||||||
if sync_config.sort == "timeline,desc":
|
|
||||||
# TODO(mjark): Handle going through events in reverse order?.
|
|
||||||
# What does "most recent events" mean when applying the limits mean
|
|
||||||
# in this case?
|
|
||||||
raise NotImplementedError()
|
|
||||||
|
|
||||||
now_token = yield self.event_sources.get_current_token()
|
now_token = yield self.event_sources.get_current_token()
|
||||||
|
|
||||||
|
rooms = yield self.store.get_rooms_for_user(sync_config.user.to_string())
|
||||||
|
room_ids = [room.room_id for room in rooms]
|
||||||
|
|
||||||
presence_source = self.event_sources.sources["presence"]
|
presence_source = self.event_sources.sources["presence"]
|
||||||
presence, presence_key = yield presence_source.get_new_events_for_user(
|
presence, presence_key = yield presence_source.get_new_events(
|
||||||
user=sync_config.user,
|
user=sync_config.user,
|
||||||
from_key=since_token.presence_key,
|
from_key=since_token.presence_key,
|
||||||
limit=sync_config.limit,
|
limit=sync_config.filter.presence_limit(),
|
||||||
|
room_ids=room_ids,
|
||||||
|
# /sync doesn't support guest access, they can't get to this point in code
|
||||||
|
is_guest=False,
|
||||||
)
|
)
|
||||||
now_token = now_token.copy_and_replace("presence_key", presence_key)
|
now_token = now_token.copy_and_replace("presence_key", presence_key)
|
||||||
|
|
||||||
typing_source = self.event_sources.sources["typing"]
|
now_token, ephemeral_by_room = yield self.ephemeral_by_room(
|
||||||
typing, typing_key = yield typing_source.get_new_events_for_user(
|
sync_config, now_token, since_token
|
||||||
user=sync_config.user,
|
|
||||||
from_key=since_token.typing_key,
|
|
||||||
limit=sync_config.limit,
|
|
||||||
)
|
)
|
||||||
now_token = now_token.copy_and_replace("typing_key", typing_key)
|
|
||||||
|
|
||||||
typing_by_room = {event["room_id"]: [event] for event in typing}
|
|
||||||
for event in typing:
|
|
||||||
event.pop("room_id")
|
|
||||||
logger.debug("Typing %r", typing_by_room)
|
|
||||||
|
|
||||||
rm_handler = self.hs.get_handlers().room_member_handler
|
rm_handler = self.hs.get_handlers().room_member_handler
|
||||||
app_service = yield self.store.get_app_service_by_user_id(
|
app_service = yield self.store.get_app_service_by_user_id(
|
||||||
|
@ -243,35 +395,55 @@ class SyncHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
if app_service:
|
if app_service:
|
||||||
rooms = yield self.store.get_app_service_rooms(app_service)
|
rooms = yield self.store.get_app_service_rooms(app_service)
|
||||||
room_ids = set(r.room_id for r in rooms)
|
joined_room_ids = set(r.room_id for r in rooms)
|
||||||
else:
|
else:
|
||||||
room_ids = yield rm_handler.get_joined_rooms_for_user(
|
joined_room_ids = yield rm_handler.get_joined_rooms_for_user(
|
||||||
sync_config.user
|
sync_config.user
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO (mjark): Does public mean "published"?
|
timeline_limit = sync_config.filter.timeline_limit()
|
||||||
published_rooms = yield self.store.get_rooms(is_public=True)
|
|
||||||
published_room_ids = set(r["room_id"] for r in published_rooms)
|
|
||||||
|
|
||||||
room_events, _ = yield self.store.get_room_events_stream(
|
room_events, _ = yield self.store.get_room_events_stream(
|
||||||
sync_config.user.to_string(),
|
sync_config.user.to_string(),
|
||||||
from_key=since_token.room_key,
|
from_key=since_token.room_key,
|
||||||
to_key=now_token.room_key,
|
to_key=now_token.room_key,
|
||||||
room_id=None,
|
limit=timeline_limit + 1,
|
||||||
limit=sync_config.limit + 1,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
rooms = []
|
tags_by_room = yield self.store.get_updated_tags(
|
||||||
if len(room_events) <= sync_config.limit:
|
sync_config.user.to_string(),
|
||||||
|
since_token.private_user_data_key,
|
||||||
|
)
|
||||||
|
|
||||||
|
joined = []
|
||||||
|
archived = []
|
||||||
|
if len(room_events) <= timeline_limit:
|
||||||
# There is no gap in any of the rooms. Therefore we can just
|
# There is no gap in any of the rooms. Therefore we can just
|
||||||
# partition the new events by room and return them.
|
# partition the new events by room and return them.
|
||||||
|
logger.debug("Got %i events for incremental sync - not limited",
|
||||||
|
len(room_events))
|
||||||
|
|
||||||
|
invite_events = []
|
||||||
|
leave_events = []
|
||||||
events_by_room_id = {}
|
events_by_room_id = {}
|
||||||
for event in room_events:
|
for event in room_events:
|
||||||
events_by_room_id.setdefault(event.room_id, []).append(event)
|
events_by_room_id.setdefault(event.room_id, []).append(event)
|
||||||
|
if event.room_id not in joined_room_ids:
|
||||||
|
if (event.type == EventTypes.Member
|
||||||
|
and event.state_key == sync_config.user.to_string()):
|
||||||
|
if event.membership == Membership.INVITE:
|
||||||
|
invite_events.append(event)
|
||||||
|
elif event.membership in (Membership.LEAVE, Membership.BAN):
|
||||||
|
leave_events.append(event)
|
||||||
|
|
||||||
for room_id in room_ids:
|
for room_id in joined_room_ids:
|
||||||
recents = events_by_room_id.get(room_id, [])
|
recents = events_by_room_id.get(room_id, [])
|
||||||
state = [event for event in recents if event.is_state()]
|
logger.debug("Events for room %s: %r", room_id, recents)
|
||||||
|
state = {
|
||||||
|
(event.type, event.state_key): event
|
||||||
|
for event in recents if event.is_state()}
|
||||||
|
limited = False
|
||||||
|
|
||||||
if recents:
|
if recents:
|
||||||
prev_batch = now_token.copy_and_replace(
|
prev_batch = now_token.copy_and_replace(
|
||||||
"room_key", recents[0].internal_metadata.before
|
"room_key", recents[0].internal_metadata.before
|
||||||
|
@ -279,95 +451,87 @@ class SyncHandler(BaseHandler):
|
||||||
else:
|
else:
|
||||||
prev_batch = now_token
|
prev_batch = now_token
|
||||||
|
|
||||||
state = yield self.check_joined_room(
|
just_joined = yield self.check_joined_room(sync_config, state)
|
||||||
sync_config, room_id, state
|
if just_joined:
|
||||||
)
|
logger.debug("User has just joined %s: needs full state",
|
||||||
|
room_id)
|
||||||
|
state = yield self.get_state_at(room_id, now_token)
|
||||||
|
# the timeline is inherently limited if we've just joined
|
||||||
|
limited = True
|
||||||
|
|
||||||
room_sync = RoomSyncResult(
|
room_sync = JoinedSyncResult(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
published=room_id in published_room_ids,
|
timeline=TimelineBatch(
|
||||||
events=recents,
|
events=recents,
|
||||||
prev_batch=prev_batch,
|
prev_batch=prev_batch,
|
||||||
|
limited=limited,
|
||||||
|
),
|
||||||
state=state,
|
state=state,
|
||||||
limited=False,
|
ephemeral=ephemeral_by_room.get(room_id, []),
|
||||||
ephemeral=typing_by_room.get(room_id, [])
|
private_user_data=self.private_user_data_for_room(
|
||||||
|
room_id, tags_by_room
|
||||||
|
),
|
||||||
)
|
)
|
||||||
|
logger.debug("Result for room %s: %r", room_id, room_sync)
|
||||||
|
|
||||||
if room_sync:
|
if room_sync:
|
||||||
rooms.append(room_sync)
|
joined.append(room_sync)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
for room_id in room_ids:
|
logger.debug("Got %i events for incremental sync - hit limit",
|
||||||
|
len(room_events))
|
||||||
|
|
||||||
|
invite_events = yield self.store.get_invites_for_user(
|
||||||
|
sync_config.user.to_string()
|
||||||
|
)
|
||||||
|
|
||||||
|
leave_events = yield self.store.get_leave_and_ban_events_for_user(
|
||||||
|
sync_config.user.to_string()
|
||||||
|
)
|
||||||
|
|
||||||
|
for room_id in joined_room_ids:
|
||||||
room_sync = yield self.incremental_sync_with_gap_for_room(
|
room_sync = yield self.incremental_sync_with_gap_for_room(
|
||||||
room_id, sync_config, since_token, now_token,
|
room_id, sync_config, since_token, now_token,
|
||||||
published_room_ids, typing_by_room
|
ephemeral_by_room, tags_by_room
|
||||||
)
|
)
|
||||||
if room_sync:
|
if room_sync:
|
||||||
rooms.append(room_sync)
|
joined.append(room_sync)
|
||||||
|
|
||||||
|
for leave_event in leave_events:
|
||||||
|
room_sync = yield self.incremental_sync_for_archived_room(
|
||||||
|
sync_config, leave_event, since_token, tags_by_room
|
||||||
|
)
|
||||||
|
archived.append(room_sync)
|
||||||
|
|
||||||
|
invited = [
|
||||||
|
InvitedSyncResult(room_id=event.room_id, invite=event)
|
||||||
|
for event in invite_events
|
||||||
|
]
|
||||||
|
|
||||||
defer.returnValue(SyncResult(
|
defer.returnValue(SyncResult(
|
||||||
public_user_data=presence,
|
presence=presence,
|
||||||
private_user_data=[],
|
joined=joined,
|
||||||
rooms=rooms,
|
invited=invited,
|
||||||
|
archived=archived,
|
||||||
next_batch=now_token,
|
next_batch=now_token,
|
||||||
))
|
))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def _filter_events_for_client(self, user_id, room_id, events):
|
|
||||||
event_id_to_state = yield self.store.get_state_for_events(
|
|
||||||
room_id, frozenset(e.event_id for e in events),
|
|
||||||
types=(
|
|
||||||
(EventTypes.RoomHistoryVisibility, ""),
|
|
||||||
(EventTypes.Member, user_id),
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
def allowed(event, state):
|
|
||||||
if event.type == EventTypes.RoomHistoryVisibility:
|
|
||||||
return True
|
|
||||||
|
|
||||||
membership_ev = state.get((EventTypes.Member, user_id), None)
|
|
||||||
if membership_ev:
|
|
||||||
membership = membership_ev.membership
|
|
||||||
else:
|
|
||||||
membership = Membership.LEAVE
|
|
||||||
|
|
||||||
if membership == Membership.JOIN:
|
|
||||||
return True
|
|
||||||
|
|
||||||
history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
|
|
||||||
if history:
|
|
||||||
visibility = history.content.get("history_visibility", "shared")
|
|
||||||
else:
|
|
||||||
visibility = "shared"
|
|
||||||
|
|
||||||
if visibility == "public":
|
|
||||||
return True
|
|
||||||
elif visibility == "shared":
|
|
||||||
return True
|
|
||||||
elif visibility == "joined":
|
|
||||||
return membership == Membership.JOIN
|
|
||||||
elif visibility == "invited":
|
|
||||||
return membership == Membership.INVITE
|
|
||||||
|
|
||||||
return True
|
|
||||||
|
|
||||||
defer.returnValue([
|
|
||||||
event
|
|
||||||
for event in events
|
|
||||||
if allowed(event, event_id_to_state[event.event_id])
|
|
||||||
])
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def load_filtered_recents(self, room_id, sync_config, now_token,
|
def load_filtered_recents(self, room_id, sync_config, now_token,
|
||||||
since_token=None):
|
since_token=None):
|
||||||
|
"""
|
||||||
|
:returns a Deferred TimelineBatch
|
||||||
|
"""
|
||||||
limited = True
|
limited = True
|
||||||
recents = []
|
recents = []
|
||||||
filtering_factor = 2
|
filtering_factor = 2
|
||||||
load_limit = max(sync_config.limit * filtering_factor, 100)
|
timeline_limit = sync_config.filter.timeline_limit()
|
||||||
|
load_limit = max(timeline_limit * filtering_factor, 100)
|
||||||
max_repeat = 3 # Only try a few times per room, otherwise
|
max_repeat = 3 # Only try a few times per room, otherwise
|
||||||
room_key = now_token.room_key
|
room_key = now_token.room_key
|
||||||
end_key = room_key
|
end_key = room_key
|
||||||
|
|
||||||
while limited and len(recents) < sync_config.limit and max_repeat:
|
while limited and len(recents) < timeline_limit and max_repeat:
|
||||||
events, keys = yield self.store.get_recent_events_for_room(
|
events, keys = yield self.store.get_recent_events_for_room(
|
||||||
room_id,
|
room_id,
|
||||||
limit=load_limit + 1,
|
limit=load_limit + 1,
|
||||||
|
@ -376,9 +540,9 @@ class SyncHandler(BaseHandler):
|
||||||
)
|
)
|
||||||
(room_key, _) = keys
|
(room_key, _) = keys
|
||||||
end_key = "s" + room_key.split('-')[-1]
|
end_key = "s" + room_key.split('-')[-1]
|
||||||
loaded_recents = sync_config.filter.filter_room_events(events)
|
loaded_recents = sync_config.filter.filter_room_timeline(events)
|
||||||
loaded_recents = yield self._filter_events_for_client(
|
loaded_recents = yield self._filter_events_for_client(
|
||||||
sync_config.user.to_string(), room_id, loaded_recents,
|
sync_config.user.to_string(), loaded_recents,
|
||||||
)
|
)
|
||||||
loaded_recents.extend(recents)
|
loaded_recents.extend(recents)
|
||||||
recents = loaded_recents
|
recents = loaded_recents
|
||||||
|
@ -386,64 +550,64 @@ class SyncHandler(BaseHandler):
|
||||||
limited = False
|
limited = False
|
||||||
max_repeat -= 1
|
max_repeat -= 1
|
||||||
|
|
||||||
if len(recents) > sync_config.limit:
|
if len(recents) > timeline_limit:
|
||||||
recents = recents[-sync_config.limit:]
|
limited = True
|
||||||
|
recents = recents[-timeline_limit:]
|
||||||
room_key = recents[0].internal_metadata.before
|
room_key = recents[0].internal_metadata.before
|
||||||
|
|
||||||
prev_batch_token = now_token.copy_and_replace(
|
prev_batch_token = now_token.copy_and_replace(
|
||||||
"room_key", room_key
|
"room_key", room_key
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((recents, prev_batch_token, limited))
|
defer.returnValue(TimelineBatch(
|
||||||
|
events=recents, prev_batch=prev_batch_token, limited=limited
|
||||||
|
))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def incremental_sync_with_gap_for_room(self, room_id, sync_config,
|
def incremental_sync_with_gap_for_room(self, room_id, sync_config,
|
||||||
since_token, now_token,
|
since_token, now_token,
|
||||||
published_room_ids, typing_by_room):
|
ephemeral_by_room, tags_by_room):
|
||||||
""" Get the incremental delta needed to bring the client up to date for
|
""" Get the incremental delta needed to bring the client up to date for
|
||||||
the room. Gives the client the most recent events and the changes to
|
the room. Gives the client the most recent events and the changes to
|
||||||
state.
|
state.
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred RoomSyncResult
|
A Deferred JoinedSyncResult
|
||||||
"""
|
"""
|
||||||
|
logger.debug("Doing incremental sync for room %s between %s and %s",
|
||||||
|
room_id, since_token, now_token)
|
||||||
|
|
||||||
# TODO(mjark): Check for redactions we might have missed.
|
# TODO(mjark): Check for redactions we might have missed.
|
||||||
|
|
||||||
recents, prev_batch_token, limited = yield self.load_filtered_recents(
|
batch = yield self.load_filtered_recents(
|
||||||
room_id, sync_config, now_token, since_token,
|
room_id, sync_config, now_token, since_token,
|
||||||
)
|
)
|
||||||
|
|
||||||
logging.debug("Recents %r", recents)
|
logging.debug("Recents %r", batch)
|
||||||
|
|
||||||
# TODO(mjark): This seems racy since this isn't being passed a
|
current_state = yield self.get_state_at(room_id, now_token)
|
||||||
# token to indicate what point in the stream this is
|
|
||||||
current_state = yield self.state_handler.get_current_state(
|
|
||||||
room_id
|
|
||||||
)
|
|
||||||
current_state_events = current_state.values()
|
|
||||||
|
|
||||||
state_at_previous_sync = yield self.get_state_at_previous_sync(
|
state_at_previous_sync = yield self.get_state_at(
|
||||||
room_id, since_token=since_token
|
room_id, stream_position=since_token
|
||||||
)
|
)
|
||||||
|
|
||||||
state_events_delta = yield self.compute_state_delta(
|
state = yield self.compute_state_delta(
|
||||||
since_token=since_token,
|
since_token=since_token,
|
||||||
previous_state=state_at_previous_sync,
|
previous_state=state_at_previous_sync,
|
||||||
current_state=current_state_events,
|
current_state=current_state,
|
||||||
)
|
)
|
||||||
|
|
||||||
state_events_delta = yield self.check_joined_room(
|
just_joined = yield self.check_joined_room(sync_config, state)
|
||||||
sync_config, room_id, state_events_delta
|
if just_joined:
|
||||||
)
|
state = yield self.get_state_at(room_id, now_token)
|
||||||
|
|
||||||
room_sync = RoomSyncResult(
|
room_sync = JoinedSyncResult(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
published=room_id in published_room_ids,
|
timeline=batch,
|
||||||
events=recents,
|
state=state,
|
||||||
prev_batch=prev_batch_token,
|
ephemeral=ephemeral_by_room.get(room_id, []),
|
||||||
state=state_events_delta,
|
private_user_data=self.private_user_data_for_room(
|
||||||
limited=limited,
|
room_id, tags_by_room
|
||||||
ephemeral=typing_by_room.get(room_id, [])
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
logging.debug("Room sync: %r", room_sync)
|
logging.debug("Room sync: %r", room_sync)
|
||||||
|
@ -451,58 +615,125 @@ class SyncHandler(BaseHandler):
|
||||||
defer.returnValue(room_sync)
|
defer.returnValue(room_sync)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_state_at_previous_sync(self, room_id, since_token):
|
def incremental_sync_for_archived_room(self, sync_config, leave_event,
|
||||||
""" Get the room state at the previous sync the client made.
|
since_token, tags_by_room):
|
||||||
|
""" Get the incremental delta needed to bring the client up to date for
|
||||||
|
the archived room.
|
||||||
Returns:
|
Returns:
|
||||||
A Deferred list of Events.
|
A Deferred ArchivedSyncResult
|
||||||
|
"""
|
||||||
|
|
||||||
|
stream_token = yield self.store.get_stream_token_for_event(
|
||||||
|
leave_event.event_id
|
||||||
|
)
|
||||||
|
|
||||||
|
leave_token = since_token.copy_and_replace("room_key", stream_token)
|
||||||
|
|
||||||
|
batch = yield self.load_filtered_recents(
|
||||||
|
leave_event.room_id, sync_config, leave_token, since_token,
|
||||||
|
)
|
||||||
|
|
||||||
|
logging.debug("Recents %r", batch)
|
||||||
|
|
||||||
|
state_events_at_leave = yield self.store.get_state_for_event(
|
||||||
|
leave_event.event_id
|
||||||
|
)
|
||||||
|
|
||||||
|
state_at_previous_sync = yield self.get_state_at(
|
||||||
|
leave_event.room_id, stream_position=since_token
|
||||||
|
)
|
||||||
|
|
||||||
|
state_events_delta = yield self.compute_state_delta(
|
||||||
|
since_token=since_token,
|
||||||
|
previous_state=state_at_previous_sync,
|
||||||
|
current_state=state_events_at_leave,
|
||||||
|
)
|
||||||
|
|
||||||
|
room_sync = ArchivedSyncResult(
|
||||||
|
room_id=leave_event.room_id,
|
||||||
|
timeline=batch,
|
||||||
|
state=state_events_delta,
|
||||||
|
private_user_data=self.private_user_data_for_room(
|
||||||
|
leave_event.room_id, tags_by_room
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
|
logging.debug("Room sync: %r", room_sync)
|
||||||
|
|
||||||
|
defer.returnValue(room_sync)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_state_after_event(self, event):
|
||||||
|
"""
|
||||||
|
Get the room state after the given event
|
||||||
|
|
||||||
|
:param synapse.events.EventBase event: event of interest
|
||||||
|
:return: A Deferred map from ((type, state_key)->Event)
|
||||||
|
"""
|
||||||
|
state = yield self.store.get_state_for_event(event.event_id)
|
||||||
|
if event.is_state():
|
||||||
|
state = state.copy()
|
||||||
|
state[(event.type, event.state_key)] = event
|
||||||
|
defer.returnValue(state)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_state_at(self, room_id, stream_position):
|
||||||
|
""" Get the room state at a particular stream position
|
||||||
|
:param str room_id: room for which to get state
|
||||||
|
:param StreamToken stream_position: point at which to get state
|
||||||
|
:returns: A Deferred map from ((type, state_key)->Event)
|
||||||
"""
|
"""
|
||||||
last_events, token = yield self.store.get_recent_events_for_room(
|
last_events, token = yield self.store.get_recent_events_for_room(
|
||||||
room_id, end_token=since_token.room_key, limit=1,
|
room_id, end_token=stream_position.room_key, limit=1,
|
||||||
)
|
)
|
||||||
|
|
||||||
if last_events:
|
if last_events:
|
||||||
last_event = last_events[0]
|
last_event = last_events[-1]
|
||||||
last_context = yield self.state_handler.compute_event_context(
|
state = yield self.get_state_after_event(last_event)
|
||||||
last_event
|
|
||||||
)
|
|
||||||
if last_event.is_state():
|
|
||||||
state = [last_event] + last_context.current_state.values()
|
|
||||||
else:
|
|
||||||
state = last_context.current_state.values()
|
|
||||||
else:
|
else:
|
||||||
state = ()
|
# no events in this room - so presumably no state
|
||||||
|
state = {}
|
||||||
defer.returnValue(state)
|
defer.returnValue(state)
|
||||||
|
|
||||||
def compute_state_delta(self, since_token, previous_state, current_state):
|
def compute_state_delta(self, since_token, previous_state, current_state):
|
||||||
""" Works out the differnce in state between the current state and the
|
""" Works out the differnce in state between the current state and the
|
||||||
state the client got when it last performed a sync.
|
state the client got when it last performed a sync.
|
||||||
Returns:
|
|
||||||
A list of events.
|
:param str since_token: the point we are comparing against
|
||||||
|
:param dict[(str,str), synapse.events.FrozenEvent] previous_state: the
|
||||||
|
state to compare to
|
||||||
|
:param dict[(str,str), synapse.events.FrozenEvent] current_state: the
|
||||||
|
new state
|
||||||
|
|
||||||
|
:returns A new event dictionary
|
||||||
"""
|
"""
|
||||||
# TODO(mjark) Check if the state events were received by the server
|
# TODO(mjark) Check if the state events were received by the server
|
||||||
# after the previous sync, since we need to include those state
|
# after the previous sync, since we need to include those state
|
||||||
# updates even if they occured logically before the previous event.
|
# updates even if they occured logically before the previous event.
|
||||||
# TODO(mjark) Check for new redactions in the state events.
|
# TODO(mjark) Check for new redactions in the state events.
|
||||||
previous_dict = {event.event_id: event for event in previous_state}
|
|
||||||
state_delta = []
|
state_delta = {}
|
||||||
for event in current_state:
|
for key, event in current_state.iteritems():
|
||||||
if event.event_id not in previous_dict:
|
if (key not in previous_state or
|
||||||
state_delta.append(event)
|
previous_state[key].event_id != event.event_id):
|
||||||
|
state_delta[key] = event
|
||||||
return state_delta
|
return state_delta
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
def check_joined_room(self, sync_config, state_delta):
|
||||||
def check_joined_room(self, sync_config, room_id, state_delta):
|
"""
|
||||||
joined = False
|
Check if the user has just joined the given room (so should
|
||||||
for event in state_delta:
|
be given the full state)
|
||||||
if (
|
|
||||||
event.type == EventTypes.Member
|
|
||||||
and event.state_key == sync_config.user.to_string()
|
|
||||||
):
|
|
||||||
if event.content["membership"] == Membership.JOIN:
|
|
||||||
joined = True
|
|
||||||
|
|
||||||
if joined:
|
:param sync_config:
|
||||||
res = yield self.state_handler.get_current_state(room_id)
|
:param dict[(str,str), synapse.events.FrozenEvent] state_delta: the
|
||||||
state_delta = res.values()
|
difference in state since the last sync
|
||||||
|
|
||||||
defer.returnValue(state_delta)
|
:returns A deferred Tuple (state_delta, limited)
|
||||||
|
"""
|
||||||
|
join_event = state_delta.get((
|
||||||
|
EventTypes.Member, sync_config.user.to_string()), None)
|
||||||
|
if join_event is not None:
|
||||||
|
if join_event.content["membership"] == Membership.JOIN:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
|
@ -246,17 +246,12 @@ class TypingNotificationEventSource(object):
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
def get_new_events(self, from_key, room_ids, **kwargs):
|
||||||
def get_new_events_for_user(self, user, from_key, limit):
|
|
||||||
from_key = int(from_key)
|
from_key = int(from_key)
|
||||||
handler = self.handler()
|
handler = self.handler()
|
||||||
|
|
||||||
joined_room_ids = (
|
|
||||||
yield self.room_member_handler().get_joined_rooms_for_user(user)
|
|
||||||
)
|
|
||||||
|
|
||||||
events = []
|
events = []
|
||||||
for room_id in joined_room_ids:
|
for room_id in room_ids:
|
||||||
if room_id not in handler._room_serials:
|
if room_id not in handler._room_serials:
|
||||||
continue
|
continue
|
||||||
if handler._room_serials[room_id] <= from_key:
|
if handler._room_serials[room_id] <= from_key:
|
||||||
|
@ -264,7 +259,7 @@ class TypingNotificationEventSource(object):
|
||||||
|
|
||||||
events.append(self._make_event_for(room_id))
|
events.append(self._make_event_for(room_id))
|
||||||
|
|
||||||
defer.returnValue((events, handler._latest_room_serial))
|
return events, handler._latest_room_serial
|
||||||
|
|
||||||
def get_current_key(self):
|
def get_current_key(self):
|
||||||
return self.handler()._latest_room_serial
|
return self.handler()._latest_room_serial
|
||||||
|
|
|
@ -12,16 +12,18 @@
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
from OpenSSL import SSL
|
||||||
|
from OpenSSL.SSL import VERIFY_NONE
|
||||||
|
|
||||||
from synapse.api.errors import CodeMessageException
|
from synapse.api.errors import CodeMessageException
|
||||||
from synapse.util.logcontext import preserve_context_over_fn
|
from synapse.util.logcontext import preserve_context_over_fn
|
||||||
from syutil.jsonutil import encode_canonical_json
|
|
||||||
import synapse.metrics
|
import synapse.metrics
|
||||||
|
|
||||||
from twisted.internet import defer, reactor
|
from canonicaljson import encode_canonical_json
|
||||||
|
|
||||||
|
from twisted.internet import defer, reactor, ssl
|
||||||
from twisted.web.client import (
|
from twisted.web.client import (
|
||||||
Agent, readBody, FileBodyProducer, PartialDownloadError,
|
Agent, readBody, FileBodyProducer, PartialDownloadError,
|
||||||
HTTPConnectionPool,
|
|
||||||
)
|
)
|
||||||
from twisted.web.http_headers import Headers
|
from twisted.web.http_headers import Headers
|
||||||
|
|
||||||
|
@ -56,10 +58,14 @@ class SimpleHttpClient(object):
|
||||||
# The default context factory in Twisted 14.0.0 (which we require) is
|
# The default context factory in Twisted 14.0.0 (which we require) is
|
||||||
# BrowserLikePolicyForHTTPS which will do regular cert validation
|
# BrowserLikePolicyForHTTPS which will do regular cert validation
|
||||||
# 'like a browser'
|
# 'like a browser'
|
||||||
pool = HTTPConnectionPool(reactor)
|
self.agent = Agent(
|
||||||
pool.maxPersistentPerHost = 10
|
reactor,
|
||||||
self.agent = Agent(reactor, pool=pool)
|
connectTimeout=15,
|
||||||
self.version_string = hs.version_string
|
contextFactory=hs.get_http_client_context_factory()
|
||||||
|
)
|
||||||
|
self.user_agent = hs.version_string
|
||||||
|
if hs.config.user_agent_suffix:
|
||||||
|
self.user_agent = "%s %s" % (self.user_agent, hs.config.user_agent_suffix,)
|
||||||
|
|
||||||
def request(self, method, uri, *args, **kwargs):
|
def request(self, method, uri, *args, **kwargs):
|
||||||
# A small wrapper around self.agent.request() so we can easily attach
|
# A small wrapper around self.agent.request() so we can easily attach
|
||||||
|
@ -104,7 +110,7 @@ class SimpleHttpClient(object):
|
||||||
uri.encode("ascii"),
|
uri.encode("ascii"),
|
||||||
headers=Headers({
|
headers=Headers({
|
||||||
b"Content-Type": [b"application/x-www-form-urlencoded"],
|
b"Content-Type": [b"application/x-www-form-urlencoded"],
|
||||||
b"User-Agent": [self.version_string],
|
b"User-Agent": [self.user_agent],
|
||||||
}),
|
}),
|
||||||
bodyProducer=FileBodyProducer(StringIO(query_bytes))
|
bodyProducer=FileBodyProducer(StringIO(query_bytes))
|
||||||
)
|
)
|
||||||
|
@ -123,7 +129,8 @@ class SimpleHttpClient(object):
|
||||||
"POST",
|
"POST",
|
||||||
uri.encode("ascii"),
|
uri.encode("ascii"),
|
||||||
headers=Headers({
|
headers=Headers({
|
||||||
"Content-Type": ["application/json"]
|
b"Content-Type": [b"application/json"],
|
||||||
|
b"User-Agent": [self.user_agent],
|
||||||
}),
|
}),
|
||||||
bodyProducer=FileBodyProducer(StringIO(json_str))
|
bodyProducer=FileBodyProducer(StringIO(json_str))
|
||||||
)
|
)
|
||||||
|
@ -149,27 +156,8 @@ class SimpleHttpClient(object):
|
||||||
On a non-2xx HTTP response. The response body will be used as the
|
On a non-2xx HTTP response. The response body will be used as the
|
||||||
error message.
|
error message.
|
||||||
"""
|
"""
|
||||||
if len(args):
|
body = yield self.get_raw(uri, args)
|
||||||
query_bytes = urllib.urlencode(args, True)
|
defer.returnValue(json.loads(body))
|
||||||
uri = "%s?%s" % (uri, query_bytes)
|
|
||||||
|
|
||||||
response = yield self.request(
|
|
||||||
"GET",
|
|
||||||
uri.encode("ascii"),
|
|
||||||
headers=Headers({
|
|
||||||
b"User-Agent": [self.version_string],
|
|
||||||
})
|
|
||||||
)
|
|
||||||
|
|
||||||
body = yield preserve_context_over_fn(readBody, response)
|
|
||||||
|
|
||||||
if 200 <= response.code < 300:
|
|
||||||
defer.returnValue(json.loads(body))
|
|
||||||
else:
|
|
||||||
# NB: This is explicitly not json.loads(body)'d because the contract
|
|
||||||
# of CodeMessageException is a *string* message. Callers can always
|
|
||||||
# load it into JSON if they want.
|
|
||||||
raise CodeMessageException(response.code, body)
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def put_json(self, uri, json_body, args={}):
|
def put_json(self, uri, json_body, args={}):
|
||||||
|
@ -198,7 +186,7 @@ class SimpleHttpClient(object):
|
||||||
"PUT",
|
"PUT",
|
||||||
uri.encode("ascii"),
|
uri.encode("ascii"),
|
||||||
headers=Headers({
|
headers=Headers({
|
||||||
b"User-Agent": [self.version_string],
|
b"User-Agent": [self.user_agent],
|
||||||
"Content-Type": ["application/json"]
|
"Content-Type": ["application/json"]
|
||||||
}),
|
}),
|
||||||
bodyProducer=FileBodyProducer(StringIO(json_str))
|
bodyProducer=FileBodyProducer(StringIO(json_str))
|
||||||
|
@ -214,6 +202,42 @@ class SimpleHttpClient(object):
|
||||||
# load it into JSON if they want.
|
# load it into JSON if they want.
|
||||||
raise CodeMessageException(response.code, body)
|
raise CodeMessageException(response.code, body)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def get_raw(self, uri, args={}):
|
||||||
|
""" Gets raw text from the given URI.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
uri (str): The URI to request, not including query parameters
|
||||||
|
args (dict): A dictionary used to create query strings, defaults to
|
||||||
|
None.
|
||||||
|
**Note**: The value of each key is assumed to be an iterable
|
||||||
|
and *not* a string.
|
||||||
|
Returns:
|
||||||
|
Deferred: Succeeds when we get *any* 2xx HTTP response, with the
|
||||||
|
HTTP body at text.
|
||||||
|
Raises:
|
||||||
|
On a non-2xx HTTP response. The response body will be used as the
|
||||||
|
error message.
|
||||||
|
"""
|
||||||
|
if len(args):
|
||||||
|
query_bytes = urllib.urlencode(args, True)
|
||||||
|
uri = "%s?%s" % (uri, query_bytes)
|
||||||
|
|
||||||
|
response = yield self.request(
|
||||||
|
"GET",
|
||||||
|
uri.encode("ascii"),
|
||||||
|
headers=Headers({
|
||||||
|
b"User-Agent": [self.user_agent],
|
||||||
|
})
|
||||||
|
)
|
||||||
|
|
||||||
|
body = yield preserve_context_over_fn(readBody, response)
|
||||||
|
|
||||||
|
if 200 <= response.code < 300:
|
||||||
|
defer.returnValue(body)
|
||||||
|
else:
|
||||||
|
raise CodeMessageException(response.code, body)
|
||||||
|
|
||||||
|
|
||||||
class CaptchaServerHttpClient(SimpleHttpClient):
|
class CaptchaServerHttpClient(SimpleHttpClient):
|
||||||
"""
|
"""
|
||||||
|
@ -233,7 +257,7 @@ class CaptchaServerHttpClient(SimpleHttpClient):
|
||||||
bodyProducer=FileBodyProducer(StringIO(query_bytes)),
|
bodyProducer=FileBodyProducer(StringIO(query_bytes)),
|
||||||
headers=Headers({
|
headers=Headers({
|
||||||
b"Content-Type": [b"application/x-www-form-urlencoded"],
|
b"Content-Type": [b"application/x-www-form-urlencoded"],
|
||||||
b"User-Agent": [self.version_string],
|
b"User-Agent": [self.user_agent],
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -251,3 +275,18 @@ def _print_ex(e):
|
||||||
_print_ex(ex)
|
_print_ex(ex)
|
||||||
else:
|
else:
|
||||||
logger.exception(e)
|
logger.exception(e)
|
||||||
|
|
||||||
|
|
||||||
|
class InsecureInterceptableContextFactory(ssl.ContextFactory):
|
||||||
|
"""
|
||||||
|
Factory for PyOpenSSL SSL contexts which accepts any certificate for any domain.
|
||||||
|
|
||||||
|
Do not use this since it allows an attacker to intercept your communications.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self._context = SSL.Context(SSL.SSLv23_METHOD)
|
||||||
|
self._context.set_verify(VERIFY_NONE, lambda *_: None)
|
||||||
|
|
||||||
|
def getContext(self, hostname, port):
|
||||||
|
return self._context
|
||||||
|
|
|
@ -25,16 +25,17 @@ from synapse.util.async import sleep
|
||||||
from synapse.util.logcontext import preserve_context_over_fn
|
from synapse.util.logcontext import preserve_context_over_fn
|
||||||
import synapse.metrics
|
import synapse.metrics
|
||||||
|
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
|
|
||||||
from synapse.api.errors import (
|
from synapse.api.errors import (
|
||||||
SynapseError, Codes, HttpResponseException,
|
SynapseError, Codes, HttpResponseException,
|
||||||
)
|
)
|
||||||
|
|
||||||
from syutil.crypto.jsonsign import sign_json
|
from signedjson.sign import sign_json
|
||||||
|
|
||||||
import simplejson as json
|
import simplejson as json
|
||||||
import logging
|
import logging
|
||||||
|
import random
|
||||||
import sys
|
import sys
|
||||||
import urllib
|
import urllib
|
||||||
import urlparse
|
import urlparse
|
||||||
|
@ -55,16 +56,19 @@ incoming_responses_counter = metrics.register_counter(
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
MAX_RETRIES = 10
|
||||||
|
|
||||||
|
|
||||||
class MatrixFederationEndpointFactory(object):
|
class MatrixFederationEndpointFactory(object):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
self.tls_context_factory = hs.tls_context_factory
|
self.tls_server_context_factory = hs.tls_server_context_factory
|
||||||
|
|
||||||
def endpointForURI(self, uri):
|
def endpointForURI(self, uri):
|
||||||
destination = uri.netloc
|
destination = uri.netloc
|
||||||
|
|
||||||
return matrix_federation_endpoint(
|
return matrix_federation_endpoint(
|
||||||
reactor, destination, timeout=10,
|
reactor, destination, timeout=10,
|
||||||
ssl_context_factory=self.tls_context_factory
|
ssl_context_factory=self.tls_server_context_factory
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -119,7 +123,7 @@ class MatrixFederationHttpClient(object):
|
||||||
|
|
||||||
# XXX: Would be much nicer to retry only at the transaction-layer
|
# XXX: Would be much nicer to retry only at the transaction-layer
|
||||||
# (once we have reliable transactions in place)
|
# (once we have reliable transactions in place)
|
||||||
retries_left = 5
|
retries_left = MAX_RETRIES
|
||||||
|
|
||||||
http_url_bytes = urlparse.urlunparse(
|
http_url_bytes = urlparse.urlunparse(
|
||||||
("", "", path_bytes, param_bytes, query_bytes, "")
|
("", "", path_bytes, param_bytes, query_bytes, "")
|
||||||
|
@ -180,7 +184,10 @@ class MatrixFederationHttpClient(object):
|
||||||
)
|
)
|
||||||
|
|
||||||
if retries_left and not timeout:
|
if retries_left and not timeout:
|
||||||
yield sleep(2 ** (5 - retries_left))
|
delay = 4 ** (MAX_RETRIES + 1 - retries_left)
|
||||||
|
delay = max(delay, 60)
|
||||||
|
delay *= random.uniform(0.8, 1.4)
|
||||||
|
yield sleep(delay)
|
||||||
retries_left -= 1
|
retries_left -= 1
|
||||||
else:
|
else:
|
||||||
raise
|
raise
|
||||||
|
|
|
@ -21,8 +21,8 @@ from synapse.util.logcontext import LoggingContext, PreserveLoggingContext
|
||||||
import synapse.metrics
|
import synapse.metrics
|
||||||
import synapse.events
|
import synapse.events
|
||||||
|
|
||||||
from syutil.jsonutil import (
|
from canonicaljson import (
|
||||||
encode_canonical_json, encode_pretty_printed_json, encode_json
|
encode_canonical_json, encode_pretty_printed_json
|
||||||
)
|
)
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
@ -33,6 +33,7 @@ from twisted.web.util import redirectTo
|
||||||
import collections
|
import collections
|
||||||
import logging
|
import logging
|
||||||
import urllib
|
import urllib
|
||||||
|
import ujson
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -270,12 +271,11 @@ def respond_with_json(request, code, json_object, send_cors=False,
|
||||||
if pretty_print:
|
if pretty_print:
|
||||||
json_bytes = encode_pretty_printed_json(json_object) + "\n"
|
json_bytes = encode_pretty_printed_json(json_object) + "\n"
|
||||||
else:
|
else:
|
||||||
if canonical_json:
|
if canonical_json or synapse.events.USE_FROZEN_DICTS:
|
||||||
json_bytes = encode_canonical_json(json_object)
|
json_bytes = encode_canonical_json(json_object)
|
||||||
else:
|
else:
|
||||||
json_bytes = encode_json(
|
# ujson doesn't like frozen_dicts.
|
||||||
json_object, using_frozen_dicts=synapse.events.USE_FROZEN_DICTS
|
json_bytes = ujson.dumps(json_object, ensure_ascii=False)
|
||||||
)
|
|
||||||
|
|
||||||
return respond_with_json_bytes(
|
return respond_with_json_bytes(
|
||||||
request, code, json_bytes,
|
request, code, json_bytes,
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
from __future__ import absolute_import
|
from __future__ import absolute_import
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from resource import getrusage, getpagesize, RUSAGE_SELF
|
from resource import getrusage, RUSAGE_SELF
|
||||||
import functools
|
import functools
|
||||||
import os
|
import os
|
||||||
import stat
|
import stat
|
||||||
|
@ -100,7 +100,6 @@ def render_all():
|
||||||
# process resource usage
|
# process resource usage
|
||||||
|
|
||||||
rusage = None
|
rusage = None
|
||||||
PAGE_SIZE = getpagesize()
|
|
||||||
|
|
||||||
|
|
||||||
def update_resource_metrics():
|
def update_resource_metrics():
|
||||||
|
@ -113,8 +112,8 @@ resource_metrics = get_metrics_for("process.resource")
|
||||||
resource_metrics.register_callback("utime", lambda: rusage.ru_utime * 1000)
|
resource_metrics.register_callback("utime", lambda: rusage.ru_utime * 1000)
|
||||||
resource_metrics.register_callback("stime", lambda: rusage.ru_stime * 1000)
|
resource_metrics.register_callback("stime", lambda: rusage.ru_stime * 1000)
|
||||||
|
|
||||||
# pages
|
# kilobytes
|
||||||
resource_metrics.register_callback("maxrss", lambda: rusage.ru_maxrss * PAGE_SIZE)
|
resource_metrics.register_callback("maxrss", lambda: rusage.ru_maxrss * 1024)
|
||||||
|
|
||||||
TYPES = {
|
TYPES = {
|
||||||
stat.S_IFSOCK: "SOCK",
|
stat.S_IFSOCK: "SOCK",
|
||||||
|
@ -131,6 +130,10 @@ def _process_fds():
|
||||||
counts = {(k,): 0 for k in TYPES.values()}
|
counts = {(k,): 0 for k in TYPES.values()}
|
||||||
counts[("other",)] = 0
|
counts[("other",)] = 0
|
||||||
|
|
||||||
|
# Not every OS will have a /proc/self/fd directory
|
||||||
|
if not os.path.exists("/proc/self/fd"):
|
||||||
|
return counts
|
||||||
|
|
||||||
for fd in os.listdir("/proc/self/fd"):
|
for fd in os.listdir("/proc/self/fd"):
|
||||||
try:
|
try:
|
||||||
s = os.stat("/proc/self/fd/%s" % (fd))
|
s = os.stat("/proc/self/fd/%s" % (fd))
|
||||||
|
|
|
@ -14,6 +14,8 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
from synapse.api.constants import EventTypes
|
||||||
|
from synapse.api.errors import AuthError
|
||||||
|
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
from synapse.util.async import run_on_reactor, ObservableDeferred
|
from synapse.util.async import run_on_reactor, ObservableDeferred
|
||||||
|
@ -269,8 +271,8 @@ class Notifier(object):
|
||||||
logger.exception("Failed to notify listener")
|
logger.exception("Failed to notify listener")
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def wait_for_events(self, user, rooms, timeout, callback,
|
def wait_for_events(self, user, timeout, callback, room_ids=None,
|
||||||
from_token=StreamToken("s0", "0", "0", "0")):
|
from_token=StreamToken("s0", "0", "0", "0", "0")):
|
||||||
"""Wait until the callback returns a non empty response or the
|
"""Wait until the callback returns a non empty response or the
|
||||||
timeout fires.
|
timeout fires.
|
||||||
"""
|
"""
|
||||||
|
@ -279,11 +281,12 @@ class Notifier(object):
|
||||||
if user_stream is None:
|
if user_stream is None:
|
||||||
appservice = yield self.store.get_app_service_by_user_id(user)
|
appservice = yield self.store.get_app_service_by_user_id(user)
|
||||||
current_token = yield self.event_sources.get_current_token()
|
current_token = yield self.event_sources.get_current_token()
|
||||||
rooms = yield self.store.get_rooms_for_user(user)
|
if room_ids is None:
|
||||||
rooms = [room.room_id for room in rooms]
|
rooms = yield self.store.get_rooms_for_user(user)
|
||||||
|
room_ids = [room.room_id for room in rooms]
|
||||||
user_stream = _NotifierUserStream(
|
user_stream = _NotifierUserStream(
|
||||||
user=user,
|
user=user,
|
||||||
rooms=rooms,
|
rooms=room_ids,
|
||||||
appservice=appservice,
|
appservice=appservice,
|
||||||
current_token=current_token,
|
current_token=current_token,
|
||||||
time_now_ms=self.clock.time_msec(),
|
time_now_ms=self.clock.time_msec(),
|
||||||
|
@ -328,8 +331,9 @@ class Notifier(object):
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_events_for(self, user, rooms, pagination_config, timeout,
|
def get_events_for(self, user, pagination_config, timeout,
|
||||||
only_room_events=False):
|
only_room_events=False,
|
||||||
|
is_guest=False, guest_room_id=None):
|
||||||
""" For the given user and rooms, return any new events for them. If
|
""" For the given user and rooms, return any new events for them. If
|
||||||
there are no new events wait for up to `timeout` milliseconds for any
|
there are no new events wait for up to `timeout` milliseconds for any
|
||||||
new events to happen before returning.
|
new events to happen before returning.
|
||||||
|
@ -342,6 +346,16 @@ class Notifier(object):
|
||||||
|
|
||||||
limit = pagination_config.limit
|
limit = pagination_config.limit
|
||||||
|
|
||||||
|
room_ids = []
|
||||||
|
if is_guest:
|
||||||
|
if guest_room_id:
|
||||||
|
if not self._is_world_readable(guest_room_id):
|
||||||
|
raise AuthError(403, "Guest access not allowed")
|
||||||
|
room_ids = [guest_room_id]
|
||||||
|
else:
|
||||||
|
rooms = yield self.store.get_rooms_for_user(user.to_string())
|
||||||
|
room_ids = [room.room_id for room in rooms]
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def check_for_updates(before_token, after_token):
|
def check_for_updates(before_token, after_token):
|
||||||
if not after_token.is_after(before_token):
|
if not after_token.is_after(before_token):
|
||||||
|
@ -349,6 +363,7 @@ class Notifier(object):
|
||||||
|
|
||||||
events = []
|
events = []
|
||||||
end_token = from_token
|
end_token = from_token
|
||||||
|
|
||||||
for name, source in self.event_sources.sources.items():
|
for name, source in self.event_sources.sources.items():
|
||||||
keyname = "%s_key" % name
|
keyname = "%s_key" % name
|
||||||
before_id = getattr(before_token, keyname)
|
before_id = getattr(before_token, keyname)
|
||||||
|
@ -357,9 +372,23 @@ class Notifier(object):
|
||||||
continue
|
continue
|
||||||
if only_room_events and name != "room":
|
if only_room_events and name != "room":
|
||||||
continue
|
continue
|
||||||
new_events, new_key = yield source.get_new_events_for_user(
|
new_events, new_key = yield source.get_new_events(
|
||||||
user, getattr(from_token, keyname), limit,
|
user=user,
|
||||||
|
from_key=getattr(from_token, keyname),
|
||||||
|
limit=limit,
|
||||||
|
is_guest=is_guest,
|
||||||
|
room_ids=room_ids,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if name == "room":
|
||||||
|
room_member_handler = self.hs.get_handlers().room_member_handler
|
||||||
|
new_events = yield room_member_handler._filter_events_for_client(
|
||||||
|
user.to_string(),
|
||||||
|
new_events,
|
||||||
|
is_guest=is_guest,
|
||||||
|
require_all_visible_for_guests=False
|
||||||
|
)
|
||||||
|
|
||||||
events.extend(new_events)
|
events.extend(new_events)
|
||||||
end_token = end_token.copy_and_replace(keyname, new_key)
|
end_token = end_token.copy_and_replace(keyname, new_key)
|
||||||
|
|
||||||
|
@ -369,7 +398,7 @@ class Notifier(object):
|
||||||
defer.returnValue(None)
|
defer.returnValue(None)
|
||||||
|
|
||||||
result = yield self.wait_for_events(
|
result = yield self.wait_for_events(
|
||||||
user, rooms, timeout, check_for_updates, from_token=from_token
|
user, timeout, check_for_updates, room_ids=room_ids, from_token=from_token
|
||||||
)
|
)
|
||||||
|
|
||||||
if result is None:
|
if result is None:
|
||||||
|
@ -377,6 +406,17 @@ class Notifier(object):
|
||||||
|
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _is_world_readable(self, room_id):
|
||||||
|
state = yield self.hs.get_state_handler().get_current_state(
|
||||||
|
room_id,
|
||||||
|
EventTypes.RoomHistoryVisibility
|
||||||
|
)
|
||||||
|
if state and "history_visibility" in state.content:
|
||||||
|
defer.returnValue(state.content["history_visibility"] == "world_readable")
|
||||||
|
else:
|
||||||
|
defer.returnValue(False)
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
def remove_expired_streams(self):
|
def remove_expired_streams(self):
|
||||||
time_now_ms = self.clock.time_msec()
|
time_now_ms = self.clock.time_msec()
|
||||||
|
|
|
@ -186,7 +186,7 @@ class Pusher(object):
|
||||||
if not display_name:
|
if not display_name:
|
||||||
return False
|
return False
|
||||||
return re.search(
|
return re.search(
|
||||||
"\b%s\b" % re.escape(display_name), ev['content']['body'],
|
r"\b%s\b" % re.escape(display_name), ev['content']['body'],
|
||||||
flags=re.IGNORECASE
|
flags=re.IGNORECASE
|
||||||
) is not None
|
) is not None
|
||||||
|
|
||||||
|
|
|
@ -18,21 +18,24 @@ from distutils.version import LooseVersion
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
REQUIREMENTS = {
|
REQUIREMENTS = {
|
||||||
"syutil>=0.0.7": ["syutil>=0.0.7"],
|
"frozendict>=0.4": ["frozendict"],
|
||||||
"Twisted>=15.1.0": ["twisted>=15.1.0"],
|
"unpaddedbase64>=1.0.1": ["unpaddedbase64>=1.0.1"],
|
||||||
|
"canonicaljson>=1.0.0": ["canonicaljson>=1.0.0"],
|
||||||
|
"signedjson>=1.0.0": ["signedjson>=1.0.0"],
|
||||||
|
"pynacl>=0.3.0": ["nacl>=0.3.0", "nacl.bindings"],
|
||||||
"service_identity>=1.0.0": ["service_identity>=1.0.0"],
|
"service_identity>=1.0.0": ["service_identity>=1.0.0"],
|
||||||
|
"Twisted>=15.1.0": ["twisted>=15.1.0"],
|
||||||
"pyopenssl>=0.14": ["OpenSSL>=0.14"],
|
"pyopenssl>=0.14": ["OpenSSL>=0.14"],
|
||||||
"pyyaml": ["yaml"],
|
"pyyaml": ["yaml"],
|
||||||
"pyasn1": ["pyasn1"],
|
"pyasn1": ["pyasn1"],
|
||||||
"pynacl>=0.0.3": ["nacl>=0.0.3"],
|
|
||||||
"daemonize": ["daemonize"],
|
"daemonize": ["daemonize"],
|
||||||
"py-bcrypt": ["bcrypt"],
|
"py-bcrypt": ["bcrypt"],
|
||||||
"frozendict>=0.4": ["frozendict"],
|
|
||||||
"pillow": ["PIL"],
|
"pillow": ["PIL"],
|
||||||
"pydenticon": ["pydenticon"],
|
"pydenticon": ["pydenticon"],
|
||||||
"ujson": ["ujson"],
|
"ujson": ["ujson"],
|
||||||
"blist": ["blist"],
|
"blist": ["blist"],
|
||||||
"pysaml2": ["saml2"],
|
"pysaml2": ["saml2"],
|
||||||
|
"pymacaroons-pynacl": ["pymacaroons"],
|
||||||
}
|
}
|
||||||
CONDITIONAL_REQUIREMENTS = {
|
CONDITIONAL_REQUIREMENTS = {
|
||||||
"web_client": {
|
"web_client": {
|
||||||
|
@ -53,21 +56,14 @@ def github_link(project, version, egg):
|
||||||
return "https://github.com/%s/tarball/%s/#egg=%s" % (project, version, egg)
|
return "https://github.com/%s/tarball/%s/#egg=%s" % (project, version, egg)
|
||||||
|
|
||||||
DEPENDENCY_LINKS = {
|
DEPENDENCY_LINKS = {
|
||||||
"syutil": github_link(
|
|
||||||
project="matrix-org/syutil",
|
|
||||||
version="v0.0.7",
|
|
||||||
egg="syutil-0.0.7",
|
|
||||||
),
|
|
||||||
"matrix-angular-sdk": github_link(
|
|
||||||
project="matrix-org/matrix-angular-sdk",
|
|
||||||
version="v0.6.6",
|
|
||||||
egg="matrix_angular_sdk-0.6.6",
|
|
||||||
),
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
class MissingRequirementError(Exception):
|
class MissingRequirementError(Exception):
|
||||||
pass
|
def __init__(self, message, module_name, dependency):
|
||||||
|
super(MissingRequirementError, self).__init__(message)
|
||||||
|
self.module_name = module_name
|
||||||
|
self.dependency = dependency
|
||||||
|
|
||||||
|
|
||||||
def check_requirements(config=None):
|
def check_requirements(config=None):
|
||||||
|
@ -95,7 +91,7 @@ def check_requirements(config=None):
|
||||||
)
|
)
|
||||||
raise MissingRequirementError(
|
raise MissingRequirementError(
|
||||||
"Can't import %r which is part of %r"
|
"Can't import %r which is part of %r"
|
||||||
% (module_name, dependency)
|
% (module_name, dependency), module_name, dependency
|
||||||
)
|
)
|
||||||
version = getattr(module, "__version__", None)
|
version = getattr(module, "__version__", None)
|
||||||
file_path = getattr(module, "__file__", None)
|
file_path = getattr(module, "__file__", None)
|
||||||
|
@ -108,23 +104,25 @@ def check_requirements(config=None):
|
||||||
if version is None:
|
if version is None:
|
||||||
raise MissingRequirementError(
|
raise MissingRequirementError(
|
||||||
"Version of %r isn't set as __version__ of module %r"
|
"Version of %r isn't set as __version__ of module %r"
|
||||||
% (dependency, module_name)
|
% (dependency, module_name), module_name, dependency
|
||||||
)
|
)
|
||||||
if LooseVersion(version) < LooseVersion(required_version):
|
if LooseVersion(version) < LooseVersion(required_version):
|
||||||
raise MissingRequirementError(
|
raise MissingRequirementError(
|
||||||
"Version of %r in %r is too old. %r < %r"
|
"Version of %r in %r is too old. %r < %r"
|
||||||
% (dependency, file_path, version, required_version)
|
% (dependency, file_path, version, required_version),
|
||||||
|
module_name, dependency
|
||||||
)
|
)
|
||||||
elif version_test == "==":
|
elif version_test == "==":
|
||||||
if version is None:
|
if version is None:
|
||||||
raise MissingRequirementError(
|
raise MissingRequirementError(
|
||||||
"Version of %r isn't set as __version__ of module %r"
|
"Version of %r isn't set as __version__ of module %r"
|
||||||
% (dependency, module_name)
|
% (dependency, module_name), module_name, dependency
|
||||||
)
|
)
|
||||||
if LooseVersion(version) != LooseVersion(required_version):
|
if LooseVersion(version) != LooseVersion(required_version):
|
||||||
raise MissingRequirementError(
|
raise MissingRequirementError(
|
||||||
"Unexpected version of %r in %r. %r != %r"
|
"Unexpected version of %r in %r. %r != %r"
|
||||||
% (dependency, file_path, version, required_version)
|
% (dependency, file_path, version, required_version),
|
||||||
|
module_name, dependency
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@ class WhoisRestServlet(ClientV1RestServlet):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
target_user = UserID.from_string(user_id)
|
target_user = UserID.from_string(user_id)
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
is_admin = yield self.auth.is_server_admin(auth_user)
|
is_admin = yield self.auth.is_server_admin(auth_user)
|
||||||
|
|
||||||
if not is_admin and target_user != auth_user:
|
if not is_admin and target_user != auth_user:
|
||||||
|
|
|
@ -69,7 +69,7 @@ class ClientDirectoryServer(ClientV1RestServlet):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
# try to auth as a user
|
# try to auth as a user
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
try:
|
try:
|
||||||
user_id = user.to_string()
|
user_id = user.to_string()
|
||||||
yield dir_handler.create_association(
|
yield dir_handler.create_association(
|
||||||
|
@ -116,7 +116,7 @@ class ClientDirectoryServer(ClientV1RestServlet):
|
||||||
# fallback to default user behaviour if they aren't an AS
|
# fallback to default user behaviour if they aren't an AS
|
||||||
pass
|
pass
|
||||||
|
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
is_admin = yield self.auth.is_server_admin(user)
|
is_admin = yield self.auth.is_server_admin(user)
|
||||||
if not is_admin:
|
if not is_admin:
|
||||||
|
|
|
@ -34,7 +34,15 @@ class EventStreamRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, is_guest = yield self.auth.get_user_by_req(
|
||||||
|
request,
|
||||||
|
allow_guest=True
|
||||||
|
)
|
||||||
|
room_id = None
|
||||||
|
if is_guest:
|
||||||
|
if "room_id" not in request.args:
|
||||||
|
raise SynapseError(400, "Guest users must specify room_id param")
|
||||||
|
room_id = request.args["room_id"][0]
|
||||||
try:
|
try:
|
||||||
handler = self.handlers.event_stream_handler
|
handler = self.handlers.event_stream_handler
|
||||||
pagin_config = PaginationConfig.from_request(request)
|
pagin_config = PaginationConfig.from_request(request)
|
||||||
|
@ -49,7 +57,8 @@ class EventStreamRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
chunk = yield handler.get_stream(
|
chunk = yield handler.get_stream(
|
||||||
auth_user.to_string(), pagin_config, timeout=timeout,
|
auth_user.to_string(), pagin_config, timeout=timeout,
|
||||||
as_client_event=as_client_event
|
as_client_event=as_client_event, affect_presence=(not is_guest),
|
||||||
|
room_id=room_id, is_guest=is_guest
|
||||||
)
|
)
|
||||||
except:
|
except:
|
||||||
logger.exception("Event stream failed")
|
logger.exception("Event stream failed")
|
||||||
|
@ -71,7 +80,7 @@ class EventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, event_id):
|
def on_GET(self, request, event_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
handler = self.handlers.event_handler
|
handler = self.handlers.event_handler
|
||||||
event = yield handler.get_event(auth_user, event_id)
|
event = yield handler.get_event(auth_user, event_id)
|
||||||
|
|
||||||
|
|
|
@ -25,16 +25,16 @@ class InitialSyncRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
with_feedback = "feedback" in request.args
|
|
||||||
as_client_event = "raw" not in request.args
|
as_client_event = "raw" not in request.args
|
||||||
pagination_config = PaginationConfig.from_request(request)
|
pagination_config = PaginationConfig.from_request(request)
|
||||||
handler = self.handlers.message_handler
|
handler = self.handlers.message_handler
|
||||||
|
include_archived = request.args.get("archived", None) == ["true"]
|
||||||
content = yield handler.snapshot_all_rooms(
|
content = yield handler.snapshot_all_rooms(
|
||||||
user_id=user.to_string(),
|
user_id=user.to_string(),
|
||||||
pagin_config=pagination_config,
|
pagin_config=pagination_config,
|
||||||
feedback=with_feedback,
|
as_client_event=as_client_event,
|
||||||
as_client_event=as_client_event
|
include_archived=include_archived,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((200, content))
|
defer.returnValue((200, content))
|
||||||
|
|
|
@ -15,18 +15,22 @@
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.api.errors import SynapseError
|
from synapse.api.errors import SynapseError, LoginError, Codes
|
||||||
|
from synapse.http.client import SimpleHttpClient
|
||||||
from synapse.types import UserID
|
from synapse.types import UserID
|
||||||
from base import ClientV1RestServlet, client_path_pattern
|
from base import ClientV1RestServlet, client_path_pattern
|
||||||
|
|
||||||
import simplejson as json
|
import simplejson as json
|
||||||
import urllib
|
import urllib
|
||||||
|
import urlparse
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from saml2 import BINDING_HTTP_POST
|
from saml2 import BINDING_HTTP_POST
|
||||||
from saml2 import config
|
from saml2 import config
|
||||||
from saml2.client import Saml2Client
|
from saml2.client import Saml2Client
|
||||||
|
|
||||||
|
import xml.etree.ElementTree as ET
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -35,16 +39,28 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
PATTERN = client_path_pattern("/login$")
|
PATTERN = client_path_pattern("/login$")
|
||||||
PASS_TYPE = "m.login.password"
|
PASS_TYPE = "m.login.password"
|
||||||
SAML2_TYPE = "m.login.saml2"
|
SAML2_TYPE = "m.login.saml2"
|
||||||
|
CAS_TYPE = "m.login.cas"
|
||||||
|
TOKEN_TYPE = "m.login.token"
|
||||||
|
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super(LoginRestServlet, self).__init__(hs)
|
super(LoginRestServlet, self).__init__(hs)
|
||||||
self.idp_redirect_url = hs.config.saml2_idp_redirect_url
|
self.idp_redirect_url = hs.config.saml2_idp_redirect_url
|
||||||
|
self.password_enabled = hs.config.password_enabled
|
||||||
self.saml2_enabled = hs.config.saml2_enabled
|
self.saml2_enabled = hs.config.saml2_enabled
|
||||||
|
self.cas_enabled = hs.config.cas_enabled
|
||||||
|
self.cas_server_url = hs.config.cas_server_url
|
||||||
|
self.cas_required_attributes = hs.config.cas_required_attributes
|
||||||
|
self.servername = hs.config.server_name
|
||||||
|
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
flows = [{"type": LoginRestServlet.PASS_TYPE}]
|
flows = []
|
||||||
if self.saml2_enabled:
|
if self.saml2_enabled:
|
||||||
flows.append({"type": LoginRestServlet.SAML2_TYPE})
|
flows.append({"type": LoginRestServlet.SAML2_TYPE})
|
||||||
|
if self.cas_enabled:
|
||||||
|
flows.append({"type": LoginRestServlet.CAS_TYPE})
|
||||||
|
if self.password_enabled:
|
||||||
|
flows.append({"type": LoginRestServlet.PASS_TYPE})
|
||||||
|
flows.append({"type": LoginRestServlet.TOKEN_TYPE})
|
||||||
return (200, {"flows": flows})
|
return (200, {"flows": flows})
|
||||||
|
|
||||||
def on_OPTIONS(self, request):
|
def on_OPTIONS(self, request):
|
||||||
|
@ -55,6 +71,9 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
login_submission = _parse_json(request)
|
login_submission = _parse_json(request)
|
||||||
try:
|
try:
|
||||||
if login_submission["type"] == LoginRestServlet.PASS_TYPE:
|
if login_submission["type"] == LoginRestServlet.PASS_TYPE:
|
||||||
|
if not self.password_enabled:
|
||||||
|
raise SynapseError(400, "Password login has been disabled.")
|
||||||
|
|
||||||
result = yield self.do_password_login(login_submission)
|
result = yield self.do_password_login(login_submission)
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
elif self.saml2_enabled and (login_submission["type"] ==
|
elif self.saml2_enabled and (login_submission["type"] ==
|
||||||
|
@ -67,6 +86,23 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
"uri": "%s%s" % (self.idp_redirect_url, relay_state)
|
"uri": "%s%s" % (self.idp_redirect_url, relay_state)
|
||||||
}
|
}
|
||||||
defer.returnValue((200, result))
|
defer.returnValue((200, result))
|
||||||
|
# TODO Delete this after all CAS clients switch to token login instead
|
||||||
|
elif self.cas_enabled and (login_submission["type"] ==
|
||||||
|
LoginRestServlet.CAS_TYPE):
|
||||||
|
# TODO: get this from the homeserver rather than creating a new one for
|
||||||
|
# each request
|
||||||
|
http_client = SimpleHttpClient(self.hs)
|
||||||
|
uri = "%s/proxyValidate" % (self.cas_server_url,)
|
||||||
|
args = {
|
||||||
|
"ticket": login_submission["ticket"],
|
||||||
|
"service": login_submission["service"]
|
||||||
|
}
|
||||||
|
body = yield http_client.get_raw(uri, args)
|
||||||
|
result = yield self.do_cas_login(body)
|
||||||
|
defer.returnValue(result)
|
||||||
|
elif login_submission["type"] == LoginRestServlet.TOKEN_TYPE:
|
||||||
|
result = yield self.do_token_login(login_submission)
|
||||||
|
defer.returnValue(result)
|
||||||
else:
|
else:
|
||||||
raise SynapseError(400, "Bad login type.")
|
raise SynapseError(400, "Bad login type.")
|
||||||
except KeyError:
|
except KeyError:
|
||||||
|
@ -78,6 +114,8 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
||||||
login_submission['medium'], login_submission['address']
|
login_submission['medium'], login_submission['address']
|
||||||
)
|
)
|
||||||
|
if not user_id:
|
||||||
|
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
||||||
else:
|
else:
|
||||||
user_id = login_submission['user']
|
user_id = login_submission['user']
|
||||||
|
|
||||||
|
@ -86,47 +124,108 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
user_id, self.hs.hostname
|
user_id, self.hs.hostname
|
||||||
).to_string()
|
).to_string()
|
||||||
|
|
||||||
user_id, token = yield self.handlers.auth_handler.login_with_password(
|
auth_handler = self.handlers.auth_handler
|
||||||
|
user_id, access_token, refresh_token = yield auth_handler.login_with_password(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
password=login_submission["password"])
|
password=login_submission["password"])
|
||||||
|
|
||||||
result = {
|
result = {
|
||||||
"user_id": user_id, # may have changed
|
"user_id": user_id, # may have changed
|
||||||
"access_token": token,
|
"access_token": access_token,
|
||||||
|
"refresh_token": refresh_token,
|
||||||
"home_server": self.hs.hostname,
|
"home_server": self.hs.hostname,
|
||||||
}
|
}
|
||||||
|
|
||||||
defer.returnValue((200, result))
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
|
|
||||||
class LoginFallbackRestServlet(ClientV1RestServlet):
|
|
||||||
PATTERN = client_path_pattern("/login/fallback$")
|
|
||||||
|
|
||||||
def on_GET(self, request):
|
|
||||||
# TODO(kegan): This should be returning some HTML which is capable of
|
|
||||||
# hitting LoginRestServlet
|
|
||||||
return (200, {})
|
|
||||||
|
|
||||||
|
|
||||||
class PasswordResetRestServlet(ClientV1RestServlet):
|
|
||||||
PATTERN = client_path_pattern("/login/reset")
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request):
|
def do_token_login(self, login_submission):
|
||||||
reset_info = _parse_json(request)
|
token = login_submission['token']
|
||||||
try:
|
auth_handler = self.handlers.auth_handler
|
||||||
email = reset_info["email"]
|
user_id = (
|
||||||
user_id = reset_info["user_id"]
|
yield auth_handler.validate_short_term_login_token_and_get_user_id(token)
|
||||||
handler = self.handlers.login_handler
|
)
|
||||||
yield handler.reset_password(user_id, email)
|
user_id, access_token, refresh_token = (
|
||||||
# purposefully give no feedback to avoid people hammering different
|
yield auth_handler.get_login_tuple_for_user_id(user_id)
|
||||||
# combinations.
|
)
|
||||||
defer.returnValue((200, {}))
|
result = {
|
||||||
except KeyError:
|
"user_id": user_id, # may have changed
|
||||||
raise SynapseError(
|
"access_token": access_token,
|
||||||
400,
|
"refresh_token": refresh_token,
|
||||||
"Missing keys. Requires 'email' and 'user_id'."
|
"home_server": self.hs.hostname,
|
||||||
|
}
|
||||||
|
|
||||||
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
|
# TODO Delete this after all CAS clients switch to token login instead
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def do_cas_login(self, cas_response_body):
|
||||||
|
user, attributes = self.parse_cas_response(cas_response_body)
|
||||||
|
|
||||||
|
for required_attribute, required_value in self.cas_required_attributes.items():
|
||||||
|
# If required attribute was not in CAS Response - Forbidden
|
||||||
|
if required_attribute not in attributes:
|
||||||
|
raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
# Also need to check value
|
||||||
|
if required_value is not None:
|
||||||
|
actual_value = attributes[required_attribute]
|
||||||
|
# If required attribute value does not match expected - Forbidden
|
||||||
|
if required_value != actual_value:
|
||||||
|
raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
user_id = UserID.create(user, self.hs.hostname).to_string()
|
||||||
|
auth_handler = self.handlers.auth_handler
|
||||||
|
user_exists = yield auth_handler.does_user_exist(user_id)
|
||||||
|
if user_exists:
|
||||||
|
user_id, access_token, refresh_token = (
|
||||||
|
yield auth_handler.get_login_tuple_for_user_id(user_id)
|
||||||
)
|
)
|
||||||
|
result = {
|
||||||
|
"user_id": user_id, # may have changed
|
||||||
|
"access_token": access_token,
|
||||||
|
"refresh_token": refresh_token,
|
||||||
|
"home_server": self.hs.hostname,
|
||||||
|
}
|
||||||
|
|
||||||
|
else:
|
||||||
|
user_id, access_token = (
|
||||||
|
yield self.handlers.registration_handler.register(localpart=user)
|
||||||
|
)
|
||||||
|
result = {
|
||||||
|
"user_id": user_id, # may have changed
|
||||||
|
"access_token": access_token,
|
||||||
|
"home_server": self.hs.hostname,
|
||||||
|
}
|
||||||
|
|
||||||
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
|
# TODO Delete this after all CAS clients switch to token login instead
|
||||||
|
def parse_cas_response(self, cas_response_body):
|
||||||
|
root = ET.fromstring(cas_response_body)
|
||||||
|
if not root.tag.endswith("serviceResponse"):
|
||||||
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
if not root[0].tag.endswith("authenticationSuccess"):
|
||||||
|
raise LoginError(401, "Unsuccessful CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
for child in root[0]:
|
||||||
|
if child.tag.endswith("user"):
|
||||||
|
user = child.text
|
||||||
|
if child.tag.endswith("attributes"):
|
||||||
|
attributes = {}
|
||||||
|
for attribute in child:
|
||||||
|
# ElementTree library expands the namespace in attribute tags
|
||||||
|
# to the full URL of the namespace.
|
||||||
|
# See (https://docs.python.org/2/library/xml.etree.elementtree.html)
|
||||||
|
# We don't care about namespace here and it will always be encased in
|
||||||
|
# curly braces, so we remove them.
|
||||||
|
if "}" in attribute.tag:
|
||||||
|
attributes[attribute.tag.split("}")[1]] = attribute.text
|
||||||
|
else:
|
||||||
|
attributes[attribute.tag] = attribute.text
|
||||||
|
if user is None or attributes is None:
|
||||||
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
return (user, attributes)
|
||||||
|
|
||||||
|
|
||||||
class SAML2RestServlet(ClientV1RestServlet):
|
class SAML2RestServlet(ClientV1RestServlet):
|
||||||
|
@ -172,6 +271,127 @@ class SAML2RestServlet(ClientV1RestServlet):
|
||||||
defer.returnValue((200, {"status": "not_authenticated"}))
|
defer.returnValue((200, {"status": "not_authenticated"}))
|
||||||
|
|
||||||
|
|
||||||
|
# TODO Delete this after all CAS clients switch to token login instead
|
||||||
|
class CasRestServlet(ClientV1RestServlet):
|
||||||
|
PATTERN = client_path_pattern("/login/cas")
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(CasRestServlet, self).__init__(hs)
|
||||||
|
self.cas_server_url = hs.config.cas_server_url
|
||||||
|
|
||||||
|
def on_GET(self, request):
|
||||||
|
return (200, {"serverUrl": self.cas_server_url})
|
||||||
|
|
||||||
|
|
||||||
|
class CasRedirectServlet(ClientV1RestServlet):
|
||||||
|
PATTERN = client_path_pattern("/login/cas/redirect")
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(CasRedirectServlet, self).__init__(hs)
|
||||||
|
self.cas_server_url = hs.config.cas_server_url
|
||||||
|
self.cas_service_url = hs.config.cas_service_url
|
||||||
|
|
||||||
|
def on_GET(self, request):
|
||||||
|
args = request.args
|
||||||
|
if "redirectUrl" not in args:
|
||||||
|
return (400, "Redirect URL not specified for CAS auth")
|
||||||
|
client_redirect_url_param = urllib.urlencode({
|
||||||
|
"redirectUrl": args["redirectUrl"][0]
|
||||||
|
})
|
||||||
|
hs_redirect_url = self.cas_service_url + "/_matrix/client/api/v1/login/cas/ticket"
|
||||||
|
service_param = urllib.urlencode({
|
||||||
|
"service": "%s?%s" % (hs_redirect_url, client_redirect_url_param)
|
||||||
|
})
|
||||||
|
request.redirect("%s?%s" % (self.cas_server_url, service_param))
|
||||||
|
request.finish()
|
||||||
|
|
||||||
|
|
||||||
|
class CasTicketServlet(ClientV1RestServlet):
|
||||||
|
PATTERN = client_path_pattern("/login/cas/ticket")
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(CasTicketServlet, self).__init__(hs)
|
||||||
|
self.cas_server_url = hs.config.cas_server_url
|
||||||
|
self.cas_service_url = hs.config.cas_service_url
|
||||||
|
self.cas_required_attributes = hs.config.cas_required_attributes
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_GET(self, request):
|
||||||
|
client_redirect_url = request.args["redirectUrl"][0]
|
||||||
|
http_client = self.hs.get_simple_http_client()
|
||||||
|
uri = self.cas_server_url + "/proxyValidate"
|
||||||
|
args = {
|
||||||
|
"ticket": request.args["ticket"],
|
||||||
|
"service": self.cas_service_url
|
||||||
|
}
|
||||||
|
body = yield http_client.get_raw(uri, args)
|
||||||
|
result = yield self.handle_cas_response(request, body, client_redirect_url)
|
||||||
|
defer.returnValue(result)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def handle_cas_response(self, request, cas_response_body, client_redirect_url):
|
||||||
|
user, attributes = self.parse_cas_response(cas_response_body)
|
||||||
|
|
||||||
|
for required_attribute, required_value in self.cas_required_attributes.items():
|
||||||
|
# If required attribute was not in CAS Response - Forbidden
|
||||||
|
if required_attribute not in attributes:
|
||||||
|
raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
# Also need to check value
|
||||||
|
if required_value is not None:
|
||||||
|
actual_value = attributes[required_attribute]
|
||||||
|
# If required attribute value does not match expected - Forbidden
|
||||||
|
if required_value != actual_value:
|
||||||
|
raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
user_id = UserID.create(user, self.hs.hostname).to_string()
|
||||||
|
auth_handler = self.handlers.auth_handler
|
||||||
|
user_exists = yield auth_handler.does_user_exist(user_id)
|
||||||
|
if not user_exists:
|
||||||
|
user_id, _ = (
|
||||||
|
yield self.handlers.registration_handler.register(localpart=user)
|
||||||
|
)
|
||||||
|
|
||||||
|
login_token = auth_handler.generate_short_term_login_token(user_id)
|
||||||
|
redirect_url = self.add_login_token_to_redirect_url(client_redirect_url,
|
||||||
|
login_token)
|
||||||
|
request.redirect(redirect_url)
|
||||||
|
request.finish()
|
||||||
|
|
||||||
|
def add_login_token_to_redirect_url(self, url, token):
|
||||||
|
url_parts = list(urlparse.urlparse(url))
|
||||||
|
query = dict(urlparse.parse_qsl(url_parts[4]))
|
||||||
|
query.update({"loginToken": token})
|
||||||
|
url_parts[4] = urllib.urlencode(query)
|
||||||
|
return urlparse.urlunparse(url_parts)
|
||||||
|
|
||||||
|
def parse_cas_response(self, cas_response_body):
|
||||||
|
root = ET.fromstring(cas_response_body)
|
||||||
|
if not root.tag.endswith("serviceResponse"):
|
||||||
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
if not root[0].tag.endswith("authenticationSuccess"):
|
||||||
|
raise LoginError(401, "Unsuccessful CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
for child in root[0]:
|
||||||
|
if child.tag.endswith("user"):
|
||||||
|
user = child.text
|
||||||
|
if child.tag.endswith("attributes"):
|
||||||
|
attributes = {}
|
||||||
|
for attribute in child:
|
||||||
|
# ElementTree library expands the namespace in attribute tags
|
||||||
|
# to the full URL of the namespace.
|
||||||
|
# See (https://docs.python.org/2/library/xml.etree.elementtree.html)
|
||||||
|
# We don't care about namespace here and it will always be encased in
|
||||||
|
# curly braces, so we remove them.
|
||||||
|
if "}" in attribute.tag:
|
||||||
|
attributes[attribute.tag.split("}")[1]] = attribute.text
|
||||||
|
else:
|
||||||
|
attributes[attribute.tag] = attribute.text
|
||||||
|
if user is None or attributes is None:
|
||||||
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
return (user, attributes)
|
||||||
|
|
||||||
|
|
||||||
def _parse_json(request):
|
def _parse_json(request):
|
||||||
try:
|
try:
|
||||||
content = json.loads(request.content.read())
|
content = json.loads(request.content.read())
|
||||||
|
@ -186,4 +406,8 @@ def register_servlets(hs, http_server):
|
||||||
LoginRestServlet(hs).register(http_server)
|
LoginRestServlet(hs).register(http_server)
|
||||||
if hs.config.saml2_enabled:
|
if hs.config.saml2_enabled:
|
||||||
SAML2RestServlet(hs).register(http_server)
|
SAML2RestServlet(hs).register(http_server)
|
||||||
|
if hs.config.cas_enabled:
|
||||||
|
CasRedirectServlet(hs).register(http_server)
|
||||||
|
CasTicketServlet(hs).register(http_server)
|
||||||
|
CasRestServlet(hs).register(http_server)
|
||||||
# TODO PasswordResetRestServlet(hs).register(http_server)
|
# TODO PasswordResetRestServlet(hs).register(http_server)
|
||||||
|
|
|
@ -32,7 +32,7 @@ class PresenceStatusRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
state = yield self.handlers.presence_handler.get_state(
|
state = yield self.handlers.presence_handler.get_state(
|
||||||
|
@ -42,7 +42,7 @@ class PresenceStatusRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, user_id):
|
def on_PUT(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
state = {}
|
state = {}
|
||||||
|
@ -77,7 +77,7 @@ class PresenceListRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
if not self.hs.is_mine(user):
|
if not self.hs.is_mine(user):
|
||||||
|
@ -97,7 +97,7 @@ class PresenceListRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, user_id):
|
def on_POST(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
if not self.hs.is_mine(user):
|
if not self.hs.is_mine(user):
|
||||||
|
|
|
@ -37,7 +37,7 @@ class ProfileDisplaynameRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, user_id):
|
def on_PUT(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -70,7 +70,7 @@ class ProfileAvatarURLRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, user_id):
|
def on_PUT(self, request, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -43,7 +43,7 @@ class PushRuleRestServlet(ClientV1RestServlet):
|
||||||
except InvalidRuleException as e:
|
except InvalidRuleException as e:
|
||||||
raise SynapseError(400, e.message)
|
raise SynapseError(400, e.message)
|
||||||
|
|
||||||
user, _ = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
if '/' in spec['rule_id'] or '\\' in spec['rule_id']:
|
if '/' in spec['rule_id'] or '\\' in spec['rule_id']:
|
||||||
raise SynapseError(400, "rule_id may not contain slashes")
|
raise SynapseError(400, "rule_id may not contain slashes")
|
||||||
|
@ -92,7 +92,7 @@ class PushRuleRestServlet(ClientV1RestServlet):
|
||||||
def on_DELETE(self, request):
|
def on_DELETE(self, request):
|
||||||
spec = _rule_spec_from_path(request.postpath)
|
spec = _rule_spec_from_path(request.postpath)
|
||||||
|
|
||||||
user, _ = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
namespaced_rule_id = _namespaced_rule_id_from_spec(spec)
|
namespaced_rule_id = _namespaced_rule_id_from_spec(spec)
|
||||||
|
|
||||||
|
@ -109,7 +109,7 @@ class PushRuleRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
user, _ = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
# we build up the full structure and then decide which bits of it
|
# we build up the full structure and then decide which bits of it
|
||||||
# to send which means doing unnecessary work sometimes but is
|
# to send which means doing unnecessary work sometimes but is
|
||||||
|
|
|
@ -27,7 +27,7 @@ class PusherRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request):
|
def on_POST(self, request):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
content = _parse_json(request)
|
content = _parse_json(request)
|
||||||
|
|
||||||
|
@ -65,7 +65,7 @@ class PusherRestServlet(ClientV1RestServlet):
|
||||||
try:
|
try:
|
||||||
yield pusher_pool.add_pusher(
|
yield pusher_pool.add_pusher(
|
||||||
user_name=user.to_string(),
|
user_name=user.to_string(),
|
||||||
access_token=client.token_id,
|
access_token=token_id,
|
||||||
profile_tag=content['profile_tag'],
|
profile_tag=content['profile_tag'],
|
||||||
kind=content['kind'],
|
kind=content['kind'],
|
||||||
app_id=content['app_id'],
|
app_id=content['app_id'],
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from base import ClientV1RestServlet, client_path_pattern
|
from base import ClientV1RestServlet, client_path_pattern
|
||||||
from synapse.api.errors import SynapseError, Codes
|
from synapse.api.errors import SynapseError, Codes, AuthError
|
||||||
from synapse.streams.config import PaginationConfig
|
from synapse.streams.config import PaginationConfig
|
||||||
from synapse.api.constants import EventTypes, Membership
|
from synapse.api.constants import EventTypes, Membership
|
||||||
from synapse.types import UserID, RoomID, RoomAlias
|
from synapse.types import UserID, RoomID, RoomAlias
|
||||||
|
@ -27,7 +27,6 @@ import simplejson as json
|
||||||
import logging
|
import logging
|
||||||
import urllib
|
import urllib
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
@ -62,7 +61,7 @@ class RoomCreateRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request):
|
def on_POST(self, request):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
room_config = self.get_room_config(request)
|
room_config = self.get_room_config(request)
|
||||||
info = yield self.make_room(room_config, auth_user, None)
|
info = yield self.make_room(room_config, auth_user, None)
|
||||||
|
@ -125,7 +124,7 @@ class RoomStateEventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, room_id, event_type, state_key):
|
def on_GET(self, request, room_id, event_type, state_key):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, is_guest = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
|
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
data = yield msg_handler.get_room_data(
|
data = yield msg_handler.get_room_data(
|
||||||
|
@ -133,6 +132,7 @@ class RoomStateEventRestServlet(ClientV1RestServlet):
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
event_type=event_type,
|
event_type=event_type,
|
||||||
state_key=state_key,
|
state_key=state_key,
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
|
|
||||||
if not data:
|
if not data:
|
||||||
|
@ -143,7 +143,7 @@ class RoomStateEventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, room_id, event_type, state_key, txn_id=None):
|
def on_PUT(self, request, room_id, event_type, state_key, txn_id=None):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
content = _parse_json(request)
|
content = _parse_json(request)
|
||||||
|
|
||||||
|
@ -159,7 +159,7 @@ class RoomStateEventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
yield msg_handler.create_and_send_event(
|
yield msg_handler.create_and_send_event(
|
||||||
event_dict, client=client, txn_id=txn_id,
|
event_dict, token_id=token_id, txn_id=txn_id,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((200, {}))
|
defer.returnValue((200, {}))
|
||||||
|
@ -175,7 +175,7 @@ class RoomSendEventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, room_id, event_type, txn_id=None):
|
def on_POST(self, request, room_id, event_type, txn_id=None):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, _ = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
content = _parse_json(request)
|
content = _parse_json(request)
|
||||||
|
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
|
@ -186,7 +186,7 @@ class RoomSendEventRestServlet(ClientV1RestServlet):
|
||||||
"room_id": room_id,
|
"room_id": room_id,
|
||||||
"sender": user.to_string(),
|
"sender": user.to_string(),
|
||||||
},
|
},
|
||||||
client=client,
|
token_id=token_id,
|
||||||
txn_id=txn_id,
|
txn_id=txn_id,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -220,7 +220,10 @@ class JoinRoomAliasServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, room_identifier, txn_id=None):
|
def on_POST(self, request, room_identifier, txn_id=None):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, is_guest = yield self.auth.get_user_by_req(
|
||||||
|
request,
|
||||||
|
allow_guest=True
|
||||||
|
)
|
||||||
|
|
||||||
# the identifier could be a room alias or a room id. Try one then the
|
# the identifier could be a room alias or a room id. Try one then the
|
||||||
# other if it fails to parse, without swallowing other valid
|
# other if it fails to parse, without swallowing other valid
|
||||||
|
@ -242,16 +245,20 @@ class JoinRoomAliasServlet(ClientV1RestServlet):
|
||||||
defer.returnValue((200, ret_dict))
|
defer.returnValue((200, ret_dict))
|
||||||
else: # room id
|
else: # room id
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
|
content = {"membership": Membership.JOIN}
|
||||||
|
if is_guest:
|
||||||
|
content["kind"] = "guest"
|
||||||
yield msg_handler.create_and_send_event(
|
yield msg_handler.create_and_send_event(
|
||||||
{
|
{
|
||||||
"type": EventTypes.Member,
|
"type": EventTypes.Member,
|
||||||
"content": {"membership": Membership.JOIN},
|
"content": content,
|
||||||
"room_id": identifier.to_string(),
|
"room_id": identifier.to_string(),
|
||||||
"sender": user.to_string(),
|
"sender": user.to_string(),
|
||||||
"state_key": user.to_string(),
|
"state_key": user.to_string(),
|
||||||
},
|
},
|
||||||
client=client,
|
token_id=token_id,
|
||||||
txn_id=txn_id,
|
txn_id=txn_id,
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((200, {"room_id": identifier.to_string()}))
|
defer.returnValue((200, {"room_id": identifier.to_string()}))
|
||||||
|
@ -289,13 +296,19 @@ class RoomMemberListRestServlet(ClientV1RestServlet):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, room_id):
|
def on_GET(self, request, room_id):
|
||||||
# TODO support Pagination stream API (limit/tokens)
|
# TODO support Pagination stream API (limit/tokens)
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
handler = self.handlers.room_member_handler
|
handler = self.handlers.message_handler
|
||||||
members = yield handler.get_room_members_as_pagination_chunk(
|
events = yield handler.get_state_events(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
user_id=user.to_string())
|
user_id=user.to_string(),
|
||||||
|
)
|
||||||
|
|
||||||
for event in members["chunk"]:
|
chunk = []
|
||||||
|
|
||||||
|
for event in events:
|
||||||
|
if event["type"] != EventTypes.Member:
|
||||||
|
continue
|
||||||
|
chunk.append(event)
|
||||||
# FIXME: should probably be state_key here, not user_id
|
# FIXME: should probably be state_key here, not user_id
|
||||||
target_user = UserID.from_string(event["user_id"])
|
target_user = UserID.from_string(event["user_id"])
|
||||||
# Presence is an optional cache; don't fail if we can't fetch it
|
# Presence is an optional cache; don't fail if we can't fetch it
|
||||||
|
@ -308,27 +321,28 @@ class RoomMemberListRestServlet(ClientV1RestServlet):
|
||||||
except:
|
except:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
defer.returnValue((200, members))
|
defer.returnValue((200, {
|
||||||
|
"chunk": chunk
|
||||||
|
}))
|
||||||
|
|
||||||
|
|
||||||
# TODO: Needs unit testing
|
# TODO: Needs better unit testing
|
||||||
class RoomMessageListRestServlet(ClientV1RestServlet):
|
class RoomMessageListRestServlet(ClientV1RestServlet):
|
||||||
PATTERN = client_path_pattern("/rooms/(?P<room_id>[^/]*)/messages$")
|
PATTERN = client_path_pattern("/rooms/(?P<room_id>[^/]*)/messages$")
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, room_id):
|
def on_GET(self, request, room_id):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, is_guest = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
pagination_config = PaginationConfig.from_request(
|
pagination_config = PaginationConfig.from_request(
|
||||||
request, default_limit=10,
|
request, default_limit=10,
|
||||||
)
|
)
|
||||||
with_feedback = "feedback" in request.args
|
|
||||||
as_client_event = "raw" not in request.args
|
as_client_event = "raw" not in request.args
|
||||||
handler = self.handlers.message_handler
|
handler = self.handlers.message_handler
|
||||||
msgs = yield handler.get_messages(
|
msgs = yield handler.get_messages(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
user_id=user.to_string(),
|
user_id=user.to_string(),
|
||||||
|
is_guest=is_guest,
|
||||||
pagin_config=pagination_config,
|
pagin_config=pagination_config,
|
||||||
feedback=with_feedback,
|
|
||||||
as_client_event=as_client_event
|
as_client_event=as_client_event
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -341,12 +355,13 @@ class RoomStateRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, room_id):
|
def on_GET(self, request, room_id):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, is_guest = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
handler = self.handlers.message_handler
|
handler = self.handlers.message_handler
|
||||||
# Get all the current state for this room
|
# Get all the current state for this room
|
||||||
events = yield handler.get_state_events(
|
events = yield handler.get_state_events(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
user_id=user.to_string(),
|
user_id=user.to_string(),
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
defer.returnValue((200, events))
|
defer.returnValue((200, events))
|
||||||
|
|
||||||
|
@ -357,12 +372,13 @@ class RoomInitialSyncRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, room_id):
|
def on_GET(self, request, room_id):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, is_guest = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
pagination_config = PaginationConfig.from_request(request)
|
pagination_config = PaginationConfig.from_request(request)
|
||||||
content = yield self.handlers.message_handler.room_initial_sync(
|
content = yield self.handlers.message_handler.room_initial_sync(
|
||||||
room_id=room_id,
|
room_id=room_id,
|
||||||
user_id=user.to_string(),
|
user_id=user.to_string(),
|
||||||
pagin_config=pagination_config,
|
pagin_config=pagination_config,
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
defer.returnValue((200, content))
|
defer.returnValue((200, content))
|
||||||
|
|
||||||
|
@ -391,6 +407,41 @@ class RoomTriggerBackfill(ClientV1RestServlet):
|
||||||
defer.returnValue((200, res))
|
defer.returnValue((200, res))
|
||||||
|
|
||||||
|
|
||||||
|
class RoomEventContext(ClientV1RestServlet):
|
||||||
|
PATTERN = client_path_pattern(
|
||||||
|
"/rooms/(?P<room_id>[^/]*)/context/(?P<event_id>[^/]*)$"
|
||||||
|
)
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(RoomEventContext, self).__init__(hs)
|
||||||
|
self.clock = hs.get_clock()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_GET(self, request, room_id, event_id):
|
||||||
|
user, _, is_guest = yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
|
|
||||||
|
limit = int(request.args.get("limit", [10])[0])
|
||||||
|
|
||||||
|
results = yield self.handlers.room_context_handler.get_event_context(
|
||||||
|
user, room_id, event_id, limit, is_guest
|
||||||
|
)
|
||||||
|
|
||||||
|
time_now = self.clock.time_msec()
|
||||||
|
results["events_before"] = [
|
||||||
|
serialize_event(event, time_now) for event in results["events_before"]
|
||||||
|
]
|
||||||
|
results["events_after"] = [
|
||||||
|
serialize_event(event, time_now) for event in results["events_after"]
|
||||||
|
]
|
||||||
|
results["state"] = [
|
||||||
|
serialize_event(event, time_now) for event in results["state"]
|
||||||
|
]
|
||||||
|
|
||||||
|
logger.info("Responding with %r", results)
|
||||||
|
|
||||||
|
defer.returnValue((200, results))
|
||||||
|
|
||||||
|
|
||||||
# TODO: Needs unit testing
|
# TODO: Needs unit testing
|
||||||
class RoomMembershipRestServlet(ClientV1RestServlet):
|
class RoomMembershipRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
|
@ -402,16 +453,37 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, room_id, membership_action, txn_id=None):
|
def on_POST(self, request, room_id, membership_action, txn_id=None):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, is_guest = yield self.auth.get_user_by_req(
|
||||||
|
request,
|
||||||
|
allow_guest=True
|
||||||
|
)
|
||||||
|
|
||||||
|
if is_guest and membership_action not in {Membership.JOIN, Membership.LEAVE}:
|
||||||
|
raise AuthError(403, "Guest access not allowed")
|
||||||
|
|
||||||
content = _parse_json(request)
|
content = _parse_json(request)
|
||||||
|
|
||||||
# target user is you unless it is an invite
|
# target user is you unless it is an invite
|
||||||
state_key = user.to_string()
|
state_key = user.to_string()
|
||||||
if membership_action in ["invite", "ban", "kick"]:
|
|
||||||
if "user_id" not in content:
|
if membership_action == "invite" and self._has_3pid_invite_keys(content):
|
||||||
|
yield self.handlers.room_member_handler.do_3pid_invite(
|
||||||
|
room_id,
|
||||||
|
user,
|
||||||
|
content["medium"],
|
||||||
|
content["address"],
|
||||||
|
content["id_server"],
|
||||||
|
token_id,
|
||||||
|
txn_id
|
||||||
|
)
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
return
|
||||||
|
elif membership_action in ["invite", "ban", "kick"]:
|
||||||
|
if "user_id" in content:
|
||||||
|
state_key = content["user_id"]
|
||||||
|
else:
|
||||||
raise SynapseError(400, "Missing user_id key.")
|
raise SynapseError(400, "Missing user_id key.")
|
||||||
state_key = content["user_id"]
|
|
||||||
# make sure it looks like a user ID; it'll throw if it's invalid.
|
# make sure it looks like a user ID; it'll throw if it's invalid.
|
||||||
UserID.from_string(state_key)
|
UserID.from_string(state_key)
|
||||||
|
|
||||||
|
@ -419,20 +491,32 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
|
||||||
membership_action = "leave"
|
membership_action = "leave"
|
||||||
|
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
|
|
||||||
|
content = {"membership": unicode(membership_action)}
|
||||||
|
if is_guest:
|
||||||
|
content["kind"] = "guest"
|
||||||
|
|
||||||
yield msg_handler.create_and_send_event(
|
yield msg_handler.create_and_send_event(
|
||||||
{
|
{
|
||||||
"type": EventTypes.Member,
|
"type": EventTypes.Member,
|
||||||
"content": {"membership": unicode(membership_action)},
|
"content": content,
|
||||||
"room_id": room_id,
|
"room_id": room_id,
|
||||||
"sender": user.to_string(),
|
"sender": user.to_string(),
|
||||||
"state_key": state_key,
|
"state_key": state_key,
|
||||||
},
|
},
|
||||||
client=client,
|
token_id=token_id,
|
||||||
txn_id=txn_id,
|
txn_id=txn_id,
|
||||||
|
is_guest=is_guest,
|
||||||
)
|
)
|
||||||
|
|
||||||
defer.returnValue((200, {}))
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
def _has_3pid_invite_keys(self, content):
|
||||||
|
for key in {"id_server", "medium", "address"}:
|
||||||
|
if key not in content:
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, room_id, membership_action, txn_id):
|
def on_PUT(self, request, room_id, membership_action, txn_id):
|
||||||
try:
|
try:
|
||||||
|
@ -457,7 +541,7 @@ class RoomRedactEventRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, room_id, event_id, txn_id=None):
|
def on_POST(self, request, room_id, event_id, txn_id=None):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, _ = yield self.auth.get_user_by_req(request)
|
||||||
content = _parse_json(request)
|
content = _parse_json(request)
|
||||||
|
|
||||||
msg_handler = self.handlers.message_handler
|
msg_handler = self.handlers.message_handler
|
||||||
|
@ -469,7 +553,7 @@ class RoomRedactEventRestServlet(ClientV1RestServlet):
|
||||||
"sender": user.to_string(),
|
"sender": user.to_string(),
|
||||||
"redacts": event_id,
|
"redacts": event_id,
|
||||||
},
|
},
|
||||||
client=client,
|
token_id=token_id,
|
||||||
txn_id=txn_id,
|
txn_id=txn_id,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -497,7 +581,7 @@ class RoomTypingRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_PUT(self, request, room_id, user_id):
|
def on_PUT(self, request, room_id, user_id):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
room_id = urllib.unquote(room_id)
|
room_id = urllib.unquote(room_id)
|
||||||
target_user = UserID.from_string(urllib.unquote(user_id))
|
target_user = UserID.from_string(urllib.unquote(user_id))
|
||||||
|
@ -523,6 +607,23 @@ class RoomTypingRestServlet(ClientV1RestServlet):
|
||||||
defer.returnValue((200, {}))
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
|
||||||
|
class SearchRestServlet(ClientV1RestServlet):
|
||||||
|
PATTERN = client_path_pattern(
|
||||||
|
"/search$"
|
||||||
|
)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_POST(self, request):
|
||||||
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
|
content = _parse_json(request)
|
||||||
|
|
||||||
|
batch = request.args.get("next_batch", [None])[0]
|
||||||
|
results = yield self.handlers.search_handler.search(auth_user, content, batch)
|
||||||
|
|
||||||
|
defer.returnValue((200, results))
|
||||||
|
|
||||||
|
|
||||||
def _parse_json(request):
|
def _parse_json(request):
|
||||||
try:
|
try:
|
||||||
content = json.loads(request.content.read())
|
content = json.loads(request.content.read())
|
||||||
|
@ -579,3 +680,5 @@ def register_servlets(hs, http_server):
|
||||||
RoomInitialSyncRestServlet(hs).register(http_server)
|
RoomInitialSyncRestServlet(hs).register(http_server)
|
||||||
RoomRedactEventRestServlet(hs).register(http_server)
|
RoomRedactEventRestServlet(hs).register(http_server)
|
||||||
RoomTypingRestServlet(hs).register(http_server)
|
RoomTypingRestServlet(hs).register(http_server)
|
||||||
|
SearchRestServlet(hs).register(http_server)
|
||||||
|
RoomEventContext(hs).register(http_server)
|
||||||
|
|
|
@ -28,7 +28,7 @@ class VoipRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
turnUris = self.hs.config.turn_uris
|
turnUris = self.hs.config.turn_uris
|
||||||
turnSecret = self.hs.config.turn_shared_secret
|
turnSecret = self.hs.config.turn_shared_secret
|
||||||
|
@ -40,7 +40,7 @@ class VoipRestServlet(ClientV1RestServlet):
|
||||||
username = "%d:%s" % (expiry, auth_user.to_string())
|
username = "%d:%s" % (expiry, auth_user.to_string())
|
||||||
|
|
||||||
mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
|
mac = hmac.new(turnSecret, msg=username, digestmod=hashlib.sha1)
|
||||||
# We need to use standard base64 encoding here, *not* syutil's
|
# We need to use standard padded base64 encoding here
|
||||||
# encode_base64 because we need to add the standard padding to get the
|
# encode_base64 because we need to add the standard padding to get the
|
||||||
# same result as the TURN server.
|
# same result as the TURN server.
|
||||||
password = base64.b64encode(mac.digest())
|
password = base64.b64encode(mac.digest())
|
||||||
|
|
|
@ -21,6 +21,8 @@ from . import (
|
||||||
auth,
|
auth,
|
||||||
receipts,
|
receipts,
|
||||||
keys,
|
keys,
|
||||||
|
tokenrefresh,
|
||||||
|
tags,
|
||||||
)
|
)
|
||||||
|
|
||||||
from synapse.http.server import JsonResource
|
from synapse.http.server import JsonResource
|
||||||
|
@ -42,3 +44,5 @@ class ClientV2AlphaRestResource(JsonResource):
|
||||||
auth.register_servlets(hs, client_resource)
|
auth.register_servlets(hs, client_resource)
|
||||||
receipts.register_servlets(hs, client_resource)
|
receipts.register_servlets(hs, client_resource)
|
||||||
keys.register_servlets(hs, client_resource)
|
keys.register_servlets(hs, client_resource)
|
||||||
|
tokenrefresh.register_servlets(hs, client_resource)
|
||||||
|
tags.register_servlets(hs, client_resource)
|
||||||
|
|
|
@ -55,7 +55,7 @@ class PasswordRestServlet(RestServlet):
|
||||||
|
|
||||||
if LoginType.PASSWORD in result:
|
if LoginType.PASSWORD in result:
|
||||||
# if using password, they should also be logged in
|
# if using password, they should also be logged in
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
if auth_user.to_string() != result[LoginType.PASSWORD]:
|
if auth_user.to_string() != result[LoginType.PASSWORD]:
|
||||||
raise LoginError(400, "", Codes.UNKNOWN)
|
raise LoginError(400, "", Codes.UNKNOWN)
|
||||||
user_id = auth_user.to_string()
|
user_id = auth_user.to_string()
|
||||||
|
@ -102,7 +102,7 @@ class ThreepidRestServlet(RestServlet):
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
|
|
||||||
auth_user, _ = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
threepids = yield self.hs.get_datastore().user_get_threepids(
|
threepids = yield self.hs.get_datastore().user_get_threepids(
|
||||||
auth_user.to_string()
|
auth_user.to_string()
|
||||||
|
@ -120,7 +120,7 @@ class ThreepidRestServlet(RestServlet):
|
||||||
raise SynapseError(400, "Missing param", Codes.MISSING_PARAM)
|
raise SynapseError(400, "Missing param", Codes.MISSING_PARAM)
|
||||||
threePidCreds = body['threePidCreds']
|
threePidCreds = body['threePidCreds']
|
||||||
|
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
threepid = yield self.identity_handler.threepid_from_creds(threePidCreds)
|
threepid = yield self.identity_handler.threepid_from_creds(threePidCreds)
|
||||||
|
|
||||||
|
|
|
@ -40,7 +40,7 @@ class GetFilterRestServlet(RestServlet):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id, filter_id):
|
def on_GET(self, request, user_id, filter_id):
|
||||||
target_user = UserID.from_string(user_id)
|
target_user = UserID.from_string(user_id)
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
if target_user != auth_user:
|
if target_user != auth_user:
|
||||||
raise AuthError(403, "Cannot get filters for other users")
|
raise AuthError(403, "Cannot get filters for other users")
|
||||||
|
@ -76,7 +76,7 @@ class CreateFilterRestServlet(RestServlet):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, user_id):
|
def on_POST(self, request, user_id):
|
||||||
target_user = UserID.from_string(user_id)
|
target_user = UserID.from_string(user_id)
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
if target_user != auth_user:
|
if target_user != auth_user:
|
||||||
raise AuthError(403, "Cannot create filters for other users")
|
raise AuthError(403, "Cannot create filters for other users")
|
||||||
|
|
|
@ -18,7 +18,8 @@ from twisted.internet import defer
|
||||||
from synapse.api.errors import SynapseError
|
from synapse.api.errors import SynapseError
|
||||||
from synapse.http.servlet import RestServlet
|
from synapse.http.servlet import RestServlet
|
||||||
from synapse.types import UserID
|
from synapse.types import UserID
|
||||||
from syutil.jsonutil import encode_canonical_json
|
|
||||||
|
from canonicaljson import encode_canonical_json
|
||||||
|
|
||||||
from ._base import client_v2_pattern
|
from ._base import client_v2_pattern
|
||||||
|
|
||||||
|
@ -63,7 +64,7 @@ class KeyUploadServlet(RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, device_id):
|
def on_POST(self, request, device_id):
|
||||||
auth_user, client_info = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user_id = auth_user.to_string()
|
user_id = auth_user.to_string()
|
||||||
# TODO: Check that the device_id matches that in the authentication
|
# TODO: Check that the device_id matches that in the authentication
|
||||||
# or derive the device_id from the authentication instead.
|
# or derive the device_id from the authentication instead.
|
||||||
|
@ -108,7 +109,7 @@ class KeyUploadServlet(RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, device_id):
|
def on_GET(self, request, device_id):
|
||||||
auth_user, client_info = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
user_id = auth_user.to_string()
|
user_id = auth_user.to_string()
|
||||||
|
|
||||||
result = yield self.store.count_e2e_one_time_keys(user_id, device_id)
|
result = yield self.store.count_e2e_one_time_keys(user_id, device_id)
|
||||||
|
@ -180,7 +181,7 @@ class KeyQueryServlet(RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id, device_id):
|
def on_GET(self, request, user_id, device_id):
|
||||||
auth_user, client_info = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
auth_user_id = auth_user.to_string()
|
auth_user_id = auth_user.to_string()
|
||||||
user_id = user_id if user_id else auth_user_id
|
user_id = user_id if user_id else auth_user_id
|
||||||
device_ids = [device_id] if device_id else []
|
device_ids = [device_id] if device_id else []
|
||||||
|
|
|
@ -15,6 +15,7 @@
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
from synapse.api.errors import SynapseError
|
||||||
from synapse.http.servlet import RestServlet
|
from synapse.http.servlet import RestServlet
|
||||||
from ._base import client_v2_pattern
|
from ._base import client_v2_pattern
|
||||||
|
|
||||||
|
@ -39,7 +40,10 @@ class ReceiptRestServlet(RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, room_id, receipt_type, event_id):
|
def on_POST(self, request, room_id, receipt_type, event_id):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
|
if receipt_type != "m.read":
|
||||||
|
raise SynapseError(400, "Receipt type must be 'm.read'")
|
||||||
|
|
||||||
yield self.receipts_handler.received_client_receipt(
|
yield self.receipts_handler.received_client_receipt(
|
||||||
room_id,
|
room_id,
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.api.constants import LoginType
|
from synapse.api.constants import LoginType
|
||||||
from synapse.api.errors import SynapseError, Codes
|
from synapse.api.errors import SynapseError, Codes, UnrecognizedRequestError
|
||||||
from synapse.http.servlet import RestServlet
|
from synapse.http.servlet import RestServlet
|
||||||
|
|
||||||
from ._base import client_v2_pattern, parse_json_dict_from_request
|
from ._base import client_v2_pattern, parse_json_dict_from_request
|
||||||
|
@ -55,6 +55,19 @@ class RegisterRestServlet(RestServlet):
|
||||||
def on_POST(self, request):
|
def on_POST(self, request):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
|
|
||||||
|
kind = "user"
|
||||||
|
if "kind" in request.args:
|
||||||
|
kind = request.args["kind"][0]
|
||||||
|
|
||||||
|
if kind == "guest":
|
||||||
|
ret = yield self._do_guest_registration()
|
||||||
|
defer.returnValue(ret)
|
||||||
|
return
|
||||||
|
elif kind != "user":
|
||||||
|
raise UnrecognizedRequestError(
|
||||||
|
"Do not understand membership kind: %s" % (kind,)
|
||||||
|
)
|
||||||
|
|
||||||
if '/register/email/requestToken' in request.path:
|
if '/register/email/requestToken' in request.path:
|
||||||
ret = yield self.onEmailTokenRequest(request)
|
ret = yield self.onEmailTokenRequest(request)
|
||||||
defer.returnValue(ret)
|
defer.returnValue(ret)
|
||||||
|
@ -236,6 +249,18 @@ class RegisterRestServlet(RestServlet):
|
||||||
ret = yield self.identity_handler.requestEmailToken(**body)
|
ret = yield self.identity_handler.requestEmailToken(**body)
|
||||||
defer.returnValue((200, ret))
|
defer.returnValue((200, ret))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _do_guest_registration(self):
|
||||||
|
if not self.hs.config.allow_guest_access:
|
||||||
|
defer.returnValue((403, "Guest access is disabled"))
|
||||||
|
user_id, _ = yield self.registration_handler.register(generate_token=False)
|
||||||
|
access_token = self.auth_handler.generate_access_token(user_id, ["guest = true"])
|
||||||
|
defer.returnValue((200, {
|
||||||
|
"user_id": user_id,
|
||||||
|
"access_token": access_token,
|
||||||
|
"home_server": self.hs.hostname,
|
||||||
|
}))
|
||||||
|
|
||||||
|
|
||||||
def register_servlets(hs, http_server):
|
def register_servlets(hs, http_server):
|
||||||
RegisterRestServlet(hs).register(http_server)
|
RegisterRestServlet(hs).register(http_server)
|
||||||
|
|
|
@ -20,12 +20,14 @@ from synapse.http.servlet import (
|
||||||
)
|
)
|
||||||
from synapse.handlers.sync import SyncConfig
|
from synapse.handlers.sync import SyncConfig
|
||||||
from synapse.types import StreamToken
|
from synapse.types import StreamToken
|
||||||
|
from synapse.events import FrozenEvent
|
||||||
from synapse.events.utils import (
|
from synapse.events.utils import (
|
||||||
serialize_event, format_event_for_client_v2_without_event_id,
|
serialize_event, format_event_for_client_v2_without_event_id,
|
||||||
)
|
)
|
||||||
from synapse.api.filtering import Filter
|
from synapse.api.filtering import FilterCollection
|
||||||
from ._base import client_v2_pattern
|
from ._base import client_v2_pattern
|
||||||
|
|
||||||
|
import copy
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
@ -36,100 +38,77 @@ class SyncRestServlet(RestServlet):
|
||||||
|
|
||||||
GET parameters::
|
GET parameters::
|
||||||
timeout(int): How long to wait for new events in milliseconds.
|
timeout(int): How long to wait for new events in milliseconds.
|
||||||
limit(int): Maxiumum number of events per room to return.
|
|
||||||
gap(bool): Create gaps the message history if limit is exceeded to
|
|
||||||
ensure that the client has the most recent messages. Defaults to
|
|
||||||
"true".
|
|
||||||
sort(str,str): tuple of sort key (e.g. "timeline") and direction
|
|
||||||
(e.g. "asc", "desc"). Defaults to "timeline,asc".
|
|
||||||
since(batch_token): Batch token when asking for incremental deltas.
|
since(batch_token): Batch token when asking for incremental deltas.
|
||||||
set_presence(str): What state the device presence should be set to.
|
set_presence(str): What state the device presence should be set to.
|
||||||
default is "online".
|
default is "online".
|
||||||
backfill(bool): Should the HS request message history from other
|
|
||||||
servers. This may take a long time making it unsuitable for clients
|
|
||||||
expecting a prompt response. Defaults to "true".
|
|
||||||
filter(filter_id): A filter to apply to the events returned.
|
filter(filter_id): A filter to apply to the events returned.
|
||||||
filter_*: Filter override parameters.
|
|
||||||
|
|
||||||
Response JSON::
|
Response JSON::
|
||||||
{
|
{
|
||||||
"next_batch": // batch token for the next /sync
|
"next_batch": // batch token for the next /sync
|
||||||
"private_user_data": // private events for this user.
|
"presence": // presence data for the user.
|
||||||
"public_user_data": // public events for all users including the
|
"rooms": {
|
||||||
// public events for this user.
|
"joined": { // Joined rooms being updated.
|
||||||
"rooms": [{ // List of rooms with updates.
|
"${room_id}": { // Id of the room being updated
|
||||||
"room_id": // Id of the room being updated
|
|
||||||
"limited": // Was the per-room event limit exceeded?
|
|
||||||
"published": // Is the room published by our HS?
|
|
||||||
"event_map": // Map of EventID -> event JSON.
|
"event_map": // Map of EventID -> event JSON.
|
||||||
"events": { // The recent events in the room if gap is "true"
|
"timeline": { // The recent events in the room if gap is "true"
|
||||||
// otherwise the next events in the room.
|
"limited": // Was the per-room event limit exceeded?
|
||||||
"batch": [] // list of EventIDs in the "event_map".
|
// otherwise the next events in the room.
|
||||||
"prev_batch": // back token for getting previous events.
|
"events": [] // list of EventIDs in the "event_map".
|
||||||
|
"prev_batch": // back token for getting previous events.
|
||||||
}
|
}
|
||||||
"state": [] // list of EventIDs updating the current state to
|
"state": {"events": []} // list of EventIDs updating the
|
||||||
// be what it should be at the end of the batch.
|
// current state to be what it should
|
||||||
"ephemeral": []
|
// be at the end of the batch.
|
||||||
}]
|
"ephemeral": {"events": []} // list of event objects
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"invited": {}, // Invited rooms being updated.
|
||||||
|
"archived": {} // Archived rooms being updated.
|
||||||
|
}
|
||||||
}
|
}
|
||||||
"""
|
"""
|
||||||
|
|
||||||
PATTERN = client_v2_pattern("/sync$")
|
PATTERN = client_v2_pattern("/sync$")
|
||||||
ALLOWED_SORT = set(["timeline,asc", "timeline,desc"])
|
ALLOWED_PRESENCE = set(["online", "offline"])
|
||||||
ALLOWED_PRESENCE = set(["online", "offline", "idle"])
|
|
||||||
|
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super(SyncRestServlet, self).__init__()
|
super(SyncRestServlet, self).__init__()
|
||||||
self.auth = hs.get_auth()
|
self.auth = hs.get_auth()
|
||||||
|
self.event_stream_handler = hs.get_handlers().event_stream_handler
|
||||||
self.sync_handler = hs.get_handlers().sync_handler
|
self.sync_handler = hs.get_handlers().sync_handler
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
self.filtering = hs.get_filtering()
|
self.filtering = hs.get_filtering()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
user, client = yield self.auth.get_user_by_req(request)
|
user, token_id, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
timeout = parse_integer(request, "timeout", default=0)
|
timeout = parse_integer(request, "timeout", default=0)
|
||||||
limit = parse_integer(request, "limit", required=True)
|
|
||||||
gap = parse_boolean(request, "gap", default=True)
|
|
||||||
sort = parse_string(
|
|
||||||
request, "sort", default="timeline,asc",
|
|
||||||
allowed_values=self.ALLOWED_SORT
|
|
||||||
)
|
|
||||||
since = parse_string(request, "since")
|
since = parse_string(request, "since")
|
||||||
set_presence = parse_string(
|
set_presence = parse_string(
|
||||||
request, "set_presence", default="online",
|
request, "set_presence", default="online",
|
||||||
allowed_values=self.ALLOWED_PRESENCE
|
allowed_values=self.ALLOWED_PRESENCE
|
||||||
)
|
)
|
||||||
backfill = parse_boolean(request, "backfill", default=False)
|
|
||||||
filter_id = parse_string(request, "filter", default=None)
|
filter_id = parse_string(request, "filter", default=None)
|
||||||
|
full_state = parse_boolean(request, "full_state", default=False)
|
||||||
|
|
||||||
logger.info(
|
logger.info(
|
||||||
"/sync: user=%r, timeout=%r, limit=%r, gap=%r, sort=%r, since=%r,"
|
"/sync: user=%r, timeout=%r, since=%r,"
|
||||||
" set_presence=%r, backfill=%r, filter_id=%r" % (
|
" set_presence=%r, filter_id=%r" % (
|
||||||
user, timeout, limit, gap, sort, since, set_presence,
|
user, timeout, since, set_presence, filter_id
|
||||||
backfill, filter_id
|
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO(mjark): Load filter and apply overrides.
|
|
||||||
try:
|
try:
|
||||||
filter = yield self.filtering.get_user_filter(
|
filter = yield self.filtering.get_user_filter(
|
||||||
user.localpart, filter_id
|
user.localpart, filter_id
|
||||||
)
|
)
|
||||||
except:
|
except:
|
||||||
filter = Filter({})
|
filter = FilterCollection({})
|
||||||
# filter = filter.apply_overrides(http_request)
|
|
||||||
# if filter.matches(event):
|
|
||||||
# # stuff
|
|
||||||
|
|
||||||
sync_config = SyncConfig(
|
sync_config = SyncConfig(
|
||||||
user=user,
|
user=user,
|
||||||
client_info=client,
|
|
||||||
gap=gap,
|
|
||||||
limit=limit,
|
|
||||||
sort=sort,
|
|
||||||
backfill=backfill,
|
|
||||||
filter=filter,
|
filter=filter,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -138,43 +117,154 @@ class SyncRestServlet(RestServlet):
|
||||||
else:
|
else:
|
||||||
since_token = None
|
since_token = None
|
||||||
|
|
||||||
sync_result = yield self.sync_handler.wait_for_sync_for_user(
|
if set_presence == "online":
|
||||||
sync_config, since_token=since_token, timeout=timeout
|
yield self.event_stream_handler.started_stream(user)
|
||||||
)
|
|
||||||
|
try:
|
||||||
|
sync_result = yield self.sync_handler.wait_for_sync_for_user(
|
||||||
|
sync_config, since_token=since_token, timeout=timeout,
|
||||||
|
full_state=full_state
|
||||||
|
)
|
||||||
|
finally:
|
||||||
|
if set_presence == "online":
|
||||||
|
self.event_stream_handler.stopped_stream(user)
|
||||||
|
|
||||||
time_now = self.clock.time_msec()
|
time_now = self.clock.time_msec()
|
||||||
|
|
||||||
|
joined = self.encode_joined(
|
||||||
|
sync_result.joined, filter, time_now, token_id
|
||||||
|
)
|
||||||
|
|
||||||
|
invited = self.encode_invited(
|
||||||
|
sync_result.invited, filter, time_now, token_id
|
||||||
|
)
|
||||||
|
|
||||||
|
archived = self.encode_archived(
|
||||||
|
sync_result.archived, filter, time_now, token_id
|
||||||
|
)
|
||||||
|
|
||||||
response_content = {
|
response_content = {
|
||||||
"public_user_data": self.encode_user_data(
|
"presence": self.encode_presence(
|
||||||
sync_result.public_user_data, filter, time_now
|
sync_result.presence, filter, time_now
|
||||||
),
|
|
||||||
"private_user_data": self.encode_user_data(
|
|
||||||
sync_result.private_user_data, filter, time_now
|
|
||||||
),
|
|
||||||
"rooms": self.encode_rooms(
|
|
||||||
sync_result.rooms, filter, time_now, client.token_id
|
|
||||||
),
|
),
|
||||||
|
"rooms": {
|
||||||
|
"joined": joined,
|
||||||
|
"invited": invited,
|
||||||
|
"archived": archived,
|
||||||
|
},
|
||||||
"next_batch": sync_result.next_batch.to_string(),
|
"next_batch": sync_result.next_batch.to_string(),
|
||||||
}
|
}
|
||||||
|
|
||||||
defer.returnValue((200, response_content))
|
defer.returnValue((200, response_content))
|
||||||
|
|
||||||
def encode_user_data(self, events, filter, time_now):
|
def encode_presence(self, events, filter, time_now):
|
||||||
return events
|
formatted = []
|
||||||
|
for event in events:
|
||||||
|
event = copy.deepcopy(event)
|
||||||
|
event['sender'] = event['content'].pop('user_id')
|
||||||
|
formatted.append(event)
|
||||||
|
return {"events": filter.filter_presence(formatted)}
|
||||||
|
|
||||||
def encode_rooms(self, rooms, filter, time_now, token_id):
|
def encode_joined(self, rooms, filter, time_now, token_id):
|
||||||
return [
|
"""
|
||||||
self.encode_room(room, filter, time_now, token_id)
|
Encode the joined rooms in a sync result
|
||||||
for room in rooms
|
|
||||||
]
|
:param list[synapse.handlers.sync.JoinedSyncResult] rooms: list of sync
|
||||||
|
results for rooms this user is joined to
|
||||||
|
:param FilterCollection filter: filters to apply to the results
|
||||||
|
:param int time_now: current time - used as a baseline for age
|
||||||
|
calculations
|
||||||
|
:param int token_id: ID of the user's auth token - used for namespacing
|
||||||
|
of transaction IDs
|
||||||
|
|
||||||
|
:return: the joined rooms list, in our response format
|
||||||
|
:rtype: dict[str, dict[str, object]]
|
||||||
|
"""
|
||||||
|
joined = {}
|
||||||
|
for room in rooms:
|
||||||
|
joined[room.room_id] = self.encode_room(
|
||||||
|
room, filter, time_now, token_id
|
||||||
|
)
|
||||||
|
|
||||||
|
return joined
|
||||||
|
|
||||||
|
def encode_invited(self, rooms, filter, time_now, token_id):
|
||||||
|
"""
|
||||||
|
Encode the invited rooms in a sync result
|
||||||
|
|
||||||
|
:param list[synapse.handlers.sync.InvitedSyncResult] rooms: list of
|
||||||
|
sync results for rooms this user is joined to
|
||||||
|
:param FilterCollection filter: filters to apply to the results
|
||||||
|
:param int time_now: current time - used as a baseline for age
|
||||||
|
calculations
|
||||||
|
:param int token_id: ID of the user's auth token - used for namespacing
|
||||||
|
of transaction IDs
|
||||||
|
|
||||||
|
:return: the invited rooms list, in our response format
|
||||||
|
:rtype: dict[str, dict[str, object]]
|
||||||
|
"""
|
||||||
|
invited = {}
|
||||||
|
for room in rooms:
|
||||||
|
invite = serialize_event(
|
||||||
|
room.invite, time_now, token_id=token_id,
|
||||||
|
event_format=format_event_for_client_v2_without_event_id,
|
||||||
|
)
|
||||||
|
invited_state = invite.get("unsigned", {}).pop("invite_room_state", [])
|
||||||
|
invited_state.append(invite)
|
||||||
|
invited[room.room_id] = {
|
||||||
|
"invite_state": {"events": invited_state}
|
||||||
|
}
|
||||||
|
|
||||||
|
return invited
|
||||||
|
|
||||||
|
def encode_archived(self, rooms, filter, time_now, token_id):
|
||||||
|
"""
|
||||||
|
Encode the archived rooms in a sync result
|
||||||
|
|
||||||
|
:param list[synapse.handlers.sync.ArchivedSyncResult] rooms: list of
|
||||||
|
sync results for rooms this user is joined to
|
||||||
|
:param FilterCollection filter: filters to apply to the results
|
||||||
|
:param int time_now: current time - used as a baseline for age
|
||||||
|
calculations
|
||||||
|
:param int token_id: ID of the user's auth token - used for namespacing
|
||||||
|
of transaction IDs
|
||||||
|
|
||||||
|
:return: the invited rooms list, in our response format
|
||||||
|
:rtype: dict[str, dict[str, object]]
|
||||||
|
"""
|
||||||
|
joined = {}
|
||||||
|
for room in rooms:
|
||||||
|
joined[room.room_id] = self.encode_room(
|
||||||
|
room, filter, time_now, token_id, joined=False
|
||||||
|
)
|
||||||
|
|
||||||
|
return joined
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def encode_room(room, filter, time_now, token_id):
|
def encode_room(room, filter, time_now, token_id, joined=True):
|
||||||
|
"""
|
||||||
|
:param JoinedSyncResult|ArchivedSyncResult room: sync result for a
|
||||||
|
single room
|
||||||
|
:param FilterCollection filter: filters to apply to the results
|
||||||
|
:param int time_now: current time - used as a baseline for age
|
||||||
|
calculations
|
||||||
|
:param int token_id: ID of the user's auth token - used for namespacing
|
||||||
|
of transaction IDs
|
||||||
|
:param joined: True if the user is joined to this room - will mean
|
||||||
|
we handle ephemeral events
|
||||||
|
|
||||||
|
:return: the room, encoded in our response format
|
||||||
|
:rtype: dict[str, object]
|
||||||
|
"""
|
||||||
event_map = {}
|
event_map = {}
|
||||||
state_events = filter.filter_room_state(room.state)
|
state_dict = room.state
|
||||||
recent_events = filter.filter_room_events(room.events)
|
timeline_events = filter.filter_room_timeline(room.timeline.events)
|
||||||
|
|
||||||
|
state_dict = SyncRestServlet._rollback_state_for_timeline(
|
||||||
|
state_dict, timeline_events)
|
||||||
|
|
||||||
|
state_events = filter.filter_room_state(state_dict.values())
|
||||||
state_event_ids = []
|
state_event_ids = []
|
||||||
recent_event_ids = []
|
|
||||||
for event in state_events:
|
for event in state_events:
|
||||||
# TODO(mjark): Respect formatting requirements in the filter.
|
# TODO(mjark): Respect formatting requirements in the filter.
|
||||||
event_map[event.event_id] = serialize_event(
|
event_map[event.event_id] = serialize_event(
|
||||||
|
@ -183,25 +273,91 @@ class SyncRestServlet(RestServlet):
|
||||||
)
|
)
|
||||||
state_event_ids.append(event.event_id)
|
state_event_ids.append(event.event_id)
|
||||||
|
|
||||||
for event in recent_events:
|
timeline_event_ids = []
|
||||||
|
for event in timeline_events:
|
||||||
# TODO(mjark): Respect formatting requirements in the filter.
|
# TODO(mjark): Respect formatting requirements in the filter.
|
||||||
event_map[event.event_id] = serialize_event(
|
event_map[event.event_id] = serialize_event(
|
||||||
event, time_now, token_id=token_id,
|
event, time_now, token_id=token_id,
|
||||||
event_format=format_event_for_client_v2_without_event_id,
|
event_format=format_event_for_client_v2_without_event_id,
|
||||||
)
|
)
|
||||||
recent_event_ids.append(event.event_id)
|
timeline_event_ids.append(event.event_id)
|
||||||
|
|
||||||
|
private_user_data = filter.filter_room_private_user_data(
|
||||||
|
room.private_user_data
|
||||||
|
)
|
||||||
|
|
||||||
result = {
|
result = {
|
||||||
"room_id": room.room_id,
|
|
||||||
"event_map": event_map,
|
"event_map": event_map,
|
||||||
"events": {
|
"timeline": {
|
||||||
"batch": recent_event_ids,
|
"events": timeline_event_ids,
|
||||||
"prev_batch": room.prev_batch.to_string(),
|
"prev_batch": room.timeline.prev_batch.to_string(),
|
||||||
|
"limited": room.timeline.limited,
|
||||||
},
|
},
|
||||||
"state": state_event_ids,
|
"state": {"events": state_event_ids},
|
||||||
"limited": room.limited,
|
"private_user_data": {"events": private_user_data},
|
||||||
"published": room.published,
|
|
||||||
"ephemeral": room.ephemeral,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if joined:
|
||||||
|
ephemeral_events = filter.filter_room_ephemeral(room.ephemeral)
|
||||||
|
result["ephemeral"] = {"events": ephemeral_events}
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _rollback_state_for_timeline(state, timeline):
|
||||||
|
"""
|
||||||
|
Wind the state dictionary backwards, so that it represents the
|
||||||
|
state at the start of the timeline, rather than at the end.
|
||||||
|
|
||||||
|
:param dict[(str, str), synapse.events.EventBase] state: the
|
||||||
|
state dictionary. Will be updated to the state before the timeline.
|
||||||
|
:param list[synapse.events.EventBase] timeline: the event timeline
|
||||||
|
:return: updated state dictionary
|
||||||
|
"""
|
||||||
|
logger.debug("Processing state dict %r; timeline %r", state,
|
||||||
|
[e.get_dict() for e in timeline])
|
||||||
|
|
||||||
|
result = state.copy()
|
||||||
|
|
||||||
|
for timeline_event in reversed(timeline):
|
||||||
|
if not timeline_event.is_state():
|
||||||
|
continue
|
||||||
|
|
||||||
|
event_key = (timeline_event.type, timeline_event.state_key)
|
||||||
|
|
||||||
|
logger.debug("Considering %s for removal", event_key)
|
||||||
|
|
||||||
|
state_event = result.get(event_key)
|
||||||
|
if (state_event is None or
|
||||||
|
state_event.event_id != timeline_event.event_id):
|
||||||
|
# the event in the timeline isn't present in the state
|
||||||
|
# dictionary.
|
||||||
|
#
|
||||||
|
# the most likely cause for this is that there was a fork in
|
||||||
|
# the event graph, and the state is no longer valid. Really,
|
||||||
|
# the event shouldn't be in the timeline. We're going to ignore
|
||||||
|
# it for now, however.
|
||||||
|
logger.warn("Found state event %r in timeline which doesn't "
|
||||||
|
"match state dictionary", timeline_event)
|
||||||
|
continue
|
||||||
|
|
||||||
|
prev_event_id = timeline_event.unsigned.get("replaces_state", None)
|
||||||
|
logger.debug("Replacing %s with %s in state dict",
|
||||||
|
timeline_event.event_id, prev_event_id)
|
||||||
|
|
||||||
|
if prev_event_id is None:
|
||||||
|
del result[event_key]
|
||||||
|
else:
|
||||||
|
result[event_key] = FrozenEvent({
|
||||||
|
"type": timeline_event.type,
|
||||||
|
"state_key": timeline_event.state_key,
|
||||||
|
"content": timeline_event.unsigned['prev_content'],
|
||||||
|
"sender": timeline_event.unsigned['prev_sender'],
|
||||||
|
"event_id": prev_event_id,
|
||||||
|
"room_id": timeline_event.room_id,
|
||||||
|
})
|
||||||
|
logger.debug("New value: %r", result.get(event_key))
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
|
106
synapse/rest/client/v2_alpha/tags.py
Normal file
106
synapse/rest/client/v2_alpha/tags.py
Normal file
|
@ -0,0 +1,106 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from ._base import client_v2_pattern
|
||||||
|
|
||||||
|
from synapse.http.servlet import RestServlet
|
||||||
|
from synapse.api.errors import AuthError, SynapseError
|
||||||
|
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
import logging
|
||||||
|
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class TagListServlet(RestServlet):
|
||||||
|
"""
|
||||||
|
GET /user/{user_id}/rooms/{room_id}/tags HTTP/1.1
|
||||||
|
"""
|
||||||
|
PATTERN = client_v2_pattern(
|
||||||
|
"/user/(?P<user_id>[^/]*)/rooms/(?P<room_id>[^/]*)/tags"
|
||||||
|
)
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(TagListServlet, self).__init__()
|
||||||
|
self.auth = hs.get_auth()
|
||||||
|
self.store = hs.get_datastore()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_GET(self, request, user_id, room_id):
|
||||||
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
if user_id != auth_user.to_string():
|
||||||
|
raise AuthError(403, "Cannot get tags for other users.")
|
||||||
|
|
||||||
|
tags = yield self.store.get_tags_for_room(user_id, room_id)
|
||||||
|
|
||||||
|
defer.returnValue((200, {"tags": tags}))
|
||||||
|
|
||||||
|
|
||||||
|
class TagServlet(RestServlet):
|
||||||
|
"""
|
||||||
|
PUT /user/{user_id}/rooms/{room_id}/tags/{tag} HTTP/1.1
|
||||||
|
DELETE /user/{user_id}/rooms/{room_id}/tags/{tag} HTTP/1.1
|
||||||
|
"""
|
||||||
|
PATTERN = client_v2_pattern(
|
||||||
|
"/user/(?P<user_id>[^/]*)/rooms/(?P<room_id>[^/]*)/tags/(?P<tag>[^/]*)"
|
||||||
|
)
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(TagServlet, self).__init__()
|
||||||
|
self.auth = hs.get_auth()
|
||||||
|
self.store = hs.get_datastore()
|
||||||
|
self.notifier = hs.get_notifier()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_PUT(self, request, user_id, room_id, tag):
|
||||||
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
if user_id != auth_user.to_string():
|
||||||
|
raise AuthError(403, "Cannot add tags for other users.")
|
||||||
|
|
||||||
|
try:
|
||||||
|
content_bytes = request.content.read()
|
||||||
|
body = json.loads(content_bytes)
|
||||||
|
except:
|
||||||
|
raise SynapseError(400, "Invalid tag JSON")
|
||||||
|
|
||||||
|
max_id = yield self.store.add_tag_to_room(user_id, room_id, tag, body)
|
||||||
|
|
||||||
|
yield self.notifier.on_new_event(
|
||||||
|
"private_user_data_key", max_id, users=[user_id]
|
||||||
|
)
|
||||||
|
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_DELETE(self, request, user_id, room_id, tag):
|
||||||
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
if user_id != auth_user.to_string():
|
||||||
|
raise AuthError(403, "Cannot add tags for other users.")
|
||||||
|
|
||||||
|
max_id = yield self.store.remove_tag_from_room(user_id, room_id, tag)
|
||||||
|
|
||||||
|
yield self.notifier.on_new_event(
|
||||||
|
"private_user_data_key", max_id, users=[user_id]
|
||||||
|
)
|
||||||
|
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
|
||||||
|
def register_servlets(hs, http_server):
|
||||||
|
TagListServlet(hs).register(http_server)
|
||||||
|
TagServlet(hs).register(http_server)
|
56
synapse/rest/client/v2_alpha/tokenrefresh.py
Normal file
56
synapse/rest/client/v2_alpha/tokenrefresh.py
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2015 OpenMarket Ltd
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
from synapse.api.errors import AuthError, StoreError, SynapseError
|
||||||
|
from synapse.http.servlet import RestServlet
|
||||||
|
|
||||||
|
from ._base import client_v2_pattern, parse_json_dict_from_request
|
||||||
|
|
||||||
|
|
||||||
|
class TokenRefreshRestServlet(RestServlet):
|
||||||
|
"""
|
||||||
|
Exchanges refresh tokens for a pair of an access token and a new refresh
|
||||||
|
token.
|
||||||
|
"""
|
||||||
|
PATTERN = client_v2_pattern("/tokenrefresh")
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
super(TokenRefreshRestServlet, self).__init__()
|
||||||
|
self.hs = hs
|
||||||
|
self.store = hs.get_datastore()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_POST(self, request):
|
||||||
|
body = parse_json_dict_from_request(request)
|
||||||
|
try:
|
||||||
|
old_refresh_token = body["refresh_token"]
|
||||||
|
auth_handler = self.hs.get_handlers().auth_handler
|
||||||
|
(user_id, new_refresh_token) = yield self.store.exchange_refresh_token(
|
||||||
|
old_refresh_token, auth_handler.generate_refresh_token)
|
||||||
|
new_access_token = yield auth_handler.issue_access_token(user_id)
|
||||||
|
defer.returnValue((200, {
|
||||||
|
"access_token": new_access_token,
|
||||||
|
"refresh_token": new_refresh_token,
|
||||||
|
}))
|
||||||
|
except KeyError:
|
||||||
|
raise SynapseError(400, "Missing required key 'refresh_token'.")
|
||||||
|
except StoreError:
|
||||||
|
raise AuthError(403, "Did not recognize refresh token")
|
||||||
|
|
||||||
|
|
||||||
|
def register_servlets(hs, http_server):
|
||||||
|
TokenRefreshRestServlet(hs).register(http_server)
|
|
@ -16,9 +16,9 @@
|
||||||
|
|
||||||
from twisted.web.resource import Resource
|
from twisted.web.resource import Resource
|
||||||
from synapse.http.server import respond_with_json_bytes
|
from synapse.http.server import respond_with_json_bytes
|
||||||
from syutil.crypto.jsonsign import sign_json
|
from signedjson.sign import sign_json
|
||||||
from syutil.base64util import encode_base64
|
from unpaddedbase64 import encode_base64
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
from OpenSSL import crypto
|
from OpenSSL import crypto
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
|
|
@ -16,9 +16,9 @@
|
||||||
|
|
||||||
from twisted.web.resource import Resource
|
from twisted.web.resource import Resource
|
||||||
from synapse.http.server import respond_with_json_bytes
|
from synapse.http.server import respond_with_json_bytes
|
||||||
from syutil.crypto.jsonsign import sign_json
|
from signedjson.sign import sign_json
|
||||||
from syutil.base64util import encode_base64
|
from unpaddedbase64 import encode_base64
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
from hashlib import sha256
|
from hashlib import sha256
|
||||||
from OpenSSL import crypto
|
from OpenSSL import crypto
|
||||||
import logging
|
import logging
|
||||||
|
|
|
@ -66,7 +66,7 @@ class ContentRepoResource(resource.Resource):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def map_request_to_name(self, request):
|
def map_request_to_name(self, request):
|
||||||
# auth the user
|
# auth the user
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
|
|
||||||
# namespace all file uploads on the user
|
# namespace all file uploads on the user
|
||||||
prefix = base64.urlsafe_b64encode(
|
prefix = base64.urlsafe_b64encode(
|
||||||
|
|
|
@ -70,7 +70,7 @@ class UploadResource(BaseMediaResource):
|
||||||
@request_handler
|
@request_handler
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _async_render_POST(self, request):
|
def _async_render_POST(self, request):
|
||||||
auth_user, client = yield self.auth.get_user_by_req(request)
|
auth_user, _, _ = yield self.auth.get_user_by_req(request)
|
||||||
# TODO: The checks here are a bit late. The content will have
|
# TODO: The checks here are a bit late. The content will have
|
||||||
# already been uploaded to a tmp file at this point
|
# already been uploaded to a tmp file at this point
|
||||||
content_length = request.getHeader("Content-Length")
|
content_length = request.getHeader("Content-Length")
|
||||||
|
|
|
@ -19,7 +19,9 @@
|
||||||
# partial one for unit test mocking.
|
# partial one for unit test mocking.
|
||||||
|
|
||||||
# Imports required for the default HomeServer() implementation
|
# Imports required for the default HomeServer() implementation
|
||||||
|
from twisted.web.client import BrowserLikePolicyForHTTPS
|
||||||
from synapse.federation import initialize_http_replication
|
from synapse.federation import initialize_http_replication
|
||||||
|
from synapse.http.client import SimpleHttpClient, InsecureInterceptableContextFactory
|
||||||
from synapse.notifier import Notifier
|
from synapse.notifier import Notifier
|
||||||
from synapse.api.auth import Auth
|
from synapse.api.auth import Auth
|
||||||
from synapse.handlers import Handlers
|
from synapse.handlers import Handlers
|
||||||
|
@ -27,7 +29,6 @@ from synapse.state import StateHandler
|
||||||
from synapse.storage import DataStore
|
from synapse.storage import DataStore
|
||||||
from synapse.util import Clock
|
from synapse.util import Clock
|
||||||
from synapse.util.distributor import Distributor
|
from synapse.util.distributor import Distributor
|
||||||
from synapse.util.lockutils import LockManager
|
|
||||||
from synapse.streams.events import EventSources
|
from synapse.streams.events import EventSources
|
||||||
from synapse.api.ratelimiting import Ratelimiter
|
from synapse.api.ratelimiting import Ratelimiter
|
||||||
from synapse.crypto.keyring import Keyring
|
from synapse.crypto.keyring import Keyring
|
||||||
|
@ -68,7 +69,6 @@ class BaseHomeServer(object):
|
||||||
'auth',
|
'auth',
|
||||||
'rest_servlet_factory',
|
'rest_servlet_factory',
|
||||||
'state_handler',
|
'state_handler',
|
||||||
'room_lock_manager',
|
|
||||||
'notifier',
|
'notifier',
|
||||||
'distributor',
|
'distributor',
|
||||||
'resource_for_client',
|
'resource_for_client',
|
||||||
|
@ -87,6 +87,8 @@ class BaseHomeServer(object):
|
||||||
'pusherpool',
|
'pusherpool',
|
||||||
'event_builder_factory',
|
'event_builder_factory',
|
||||||
'filtering',
|
'filtering',
|
||||||
|
'http_client_context_factory',
|
||||||
|
'simple_http_client',
|
||||||
]
|
]
|
||||||
|
|
||||||
def __init__(self, hostname, **kwargs):
|
def __init__(self, hostname, **kwargs):
|
||||||
|
@ -174,6 +176,17 @@ class HomeServer(BaseHomeServer):
|
||||||
def build_auth(self):
|
def build_auth(self):
|
||||||
return Auth(self)
|
return Auth(self)
|
||||||
|
|
||||||
|
def build_http_client_context_factory(self):
|
||||||
|
config = self.get_config()
|
||||||
|
return (
|
||||||
|
InsecureInterceptableContextFactory()
|
||||||
|
if config.use_insecure_ssl_client_just_for_testing_do_not_use
|
||||||
|
else BrowserLikePolicyForHTTPS()
|
||||||
|
)
|
||||||
|
|
||||||
|
def build_simple_http_client(self):
|
||||||
|
return SimpleHttpClient(self)
|
||||||
|
|
||||||
def build_v1auth(self):
|
def build_v1auth(self):
|
||||||
orf = Auth(self)
|
orf = Auth(self)
|
||||||
# Matrix spec makes no reference to what HTTP status code is returned,
|
# Matrix spec makes no reference to what HTTP status code is returned,
|
||||||
|
@ -186,9 +199,6 @@ class HomeServer(BaseHomeServer):
|
||||||
def build_state_handler(self):
|
def build_state_handler(self):
|
||||||
return StateHandler(self)
|
return StateHandler(self)
|
||||||
|
|
||||||
def build_room_lock_manager(self):
|
|
||||||
return LockManager()
|
|
||||||
|
|
||||||
def build_distributor(self):
|
def build_distributor(self):
|
||||||
return Distributor()
|
return Distributor()
|
||||||
|
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
from synapse.util.async import run_on_reactor
|
|
||||||
from synapse.util.caches.expiringcache import ExpiringCache
|
from synapse.util.caches.expiringcache import ExpiringCache
|
||||||
from synapse.api.constants import EventTypes
|
from synapse.api.constants import EventTypes
|
||||||
from synapse.api.errors import AuthError
|
from synapse.api.errors import AuthError
|
||||||
|
@ -32,10 +31,6 @@ import hashlib
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
def _get_state_key_from_event(event):
|
|
||||||
return event.state_key
|
|
||||||
|
|
||||||
|
|
||||||
KeyStateTuple = namedtuple("KeyStateTuple", ("context", "type", "state_key"))
|
KeyStateTuple = namedtuple("KeyStateTuple", ("context", "type", "state_key"))
|
||||||
|
|
||||||
|
|
||||||
|
@ -76,7 +71,7 @@ class StateHandler(object):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_current_state(self, room_id, event_type=None, state_key=""):
|
def get_current_state(self, room_id, event_type=None, state_key=""):
|
||||||
""" Returns the current state for the room as a list. This is done by
|
""" Retrieves the current state for the room. This is done by
|
||||||
calling `get_latest_events_in_room` to get the leading edges of the
|
calling `get_latest_events_in_room` to get the leading edges of the
|
||||||
event graph and then resolving any of the state conflicts.
|
event graph and then resolving any of the state conflicts.
|
||||||
|
|
||||||
|
@ -85,6 +80,8 @@ class StateHandler(object):
|
||||||
|
|
||||||
If `event_type` is specified, then the method returns only the one
|
If `event_type` is specified, then the method returns only the one
|
||||||
event (or None) with that `event_type` and `state_key`.
|
event (or None) with that `event_type` and `state_key`.
|
||||||
|
|
||||||
|
:returns map from (type, state_key) to event
|
||||||
"""
|
"""
|
||||||
event_ids = yield self.store.get_latest_event_ids_in_room(room_id)
|
event_ids = yield self.store.get_latest_event_ids_in_room(room_id)
|
||||||
|
|
||||||
|
@ -119,8 +116,6 @@ class StateHandler(object):
|
||||||
Returns:
|
Returns:
|
||||||
an EventContext
|
an EventContext
|
||||||
"""
|
"""
|
||||||
yield run_on_reactor()
|
|
||||||
|
|
||||||
context = EventContext()
|
context = EventContext()
|
||||||
|
|
||||||
if outlier:
|
if outlier:
|
||||||
|
@ -184,9 +179,10 @@ class StateHandler(object):
|
||||||
""" Given a list of event_ids this method fetches the state at each
|
""" Given a list of event_ids this method fetches the state at each
|
||||||
event, resolves conflicts between them and returns them.
|
event, resolves conflicts between them and returns them.
|
||||||
|
|
||||||
Return format is a tuple: (`state_group`, `state_events`), where the
|
:returns a Deferred tuple of (`state_group`, `state`, `prev_state`).
|
||||||
first is the name of a state group if one and only one is involved,
|
`state_group` is the name of a state group if one and only one is
|
||||||
otherwise `None`.
|
involved. `state` is a map from (type, state_key) to event, and
|
||||||
|
`prev_state` is a list of event ids.
|
||||||
"""
|
"""
|
||||||
logger.debug("resolve_state_groups event_ids %s", event_ids)
|
logger.debug("resolve_state_groups event_ids %s", event_ids)
|
||||||
|
|
||||||
|
@ -262,6 +258,11 @@ class StateHandler(object):
|
||||||
return self._resolve_events(state_sets)
|
return self._resolve_events(state_sets)
|
||||||
|
|
||||||
def _resolve_events(self, state_sets, event_type=None, state_key=""):
|
def _resolve_events(self, state_sets, event_type=None, state_key=""):
|
||||||
|
"""
|
||||||
|
:returns a tuple (new_state, prev_states). new_state is a map
|
||||||
|
from (type, state_key) to event. prev_states is a list of event_ids.
|
||||||
|
:rtype: (dict[(str, str), synapse.events.FrozenEvent], list[str])
|
||||||
|
"""
|
||||||
state = {}
|
state = {}
|
||||||
for st in state_sets:
|
for st in state_sets:
|
||||||
for e in st:
|
for e in st:
|
||||||
|
@ -314,19 +315,23 @@ class StateHandler(object):
|
||||||
|
|
||||||
We resolve conflicts in the following order:
|
We resolve conflicts in the following order:
|
||||||
1. power levels
|
1. power levels
|
||||||
2. memberships
|
2. join rules
|
||||||
3. other events.
|
3. memberships
|
||||||
|
4. other events.
|
||||||
"""
|
"""
|
||||||
resolved_state = {}
|
resolved_state = {}
|
||||||
power_key = (EventTypes.PowerLevels, "")
|
power_key = (EventTypes.PowerLevels, "")
|
||||||
if power_key in conflicted_state.items():
|
if power_key in conflicted_state:
|
||||||
power_levels = conflicted_state[power_key]
|
events = conflicted_state[power_key]
|
||||||
resolved_state[power_key] = self._resolve_auth_events(power_levels)
|
logger.debug("Resolving conflicted power levels %r", events)
|
||||||
|
resolved_state[power_key] = self._resolve_auth_events(
|
||||||
|
events, auth_events)
|
||||||
|
|
||||||
auth_events.update(resolved_state)
|
auth_events.update(resolved_state)
|
||||||
|
|
||||||
for key, events in conflicted_state.items():
|
for key, events in conflicted_state.items():
|
||||||
if key[0] == EventTypes.JoinRules:
|
if key[0] == EventTypes.JoinRules:
|
||||||
|
logger.debug("Resolving conflicted join rules %r", events)
|
||||||
resolved_state[key] = self._resolve_auth_events(
|
resolved_state[key] = self._resolve_auth_events(
|
||||||
events,
|
events,
|
||||||
auth_events
|
auth_events
|
||||||
|
@ -336,6 +341,7 @@ class StateHandler(object):
|
||||||
|
|
||||||
for key, events in conflicted_state.items():
|
for key, events in conflicted_state.items():
|
||||||
if key[0] == EventTypes.Member:
|
if key[0] == EventTypes.Member:
|
||||||
|
logger.debug("Resolving conflicted member lists %r", events)
|
||||||
resolved_state[key] = self._resolve_auth_events(
|
resolved_state[key] = self._resolve_auth_events(
|
||||||
events,
|
events,
|
||||||
auth_events
|
auth_events
|
||||||
|
@ -345,6 +351,7 @@ class StateHandler(object):
|
||||||
|
|
||||||
for key, events in conflicted_state.items():
|
for key, events in conflicted_state.items():
|
||||||
if key not in resolved_state:
|
if key not in resolved_state:
|
||||||
|
logger.debug("Resolving conflicted state %r:%r", key, events)
|
||||||
resolved_state[key] = self._resolve_normal_events(
|
resolved_state[key] = self._resolve_normal_events(
|
||||||
events, auth_events
|
events, auth_events
|
||||||
)
|
)
|
||||||
|
|
50
synapse/static/client/login/index.html
Normal file
50
synapse/static/client/login/index.html
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title> Login </title>
|
||||||
|
<meta name='viewport' content='width=device-width, initial-scale=1, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0'>
|
||||||
|
<link rel="stylesheet" href="style.css">
|
||||||
|
<script src="js/jquery-2.1.3.min.js"></script>
|
||||||
|
<script src="js/login.js"></script>
|
||||||
|
</head>
|
||||||
|
<body onload="matrixLogin.onLoad()">
|
||||||
|
<center>
|
||||||
|
<br/>
|
||||||
|
<h1>Log in with one of the following methods</h1>
|
||||||
|
|
||||||
|
<span id="feedback" style="color: #f00"></span>
|
||||||
|
<br/>
|
||||||
|
<br/>
|
||||||
|
|
||||||
|
<div id="loading">
|
||||||
|
<img src="spinner.gif" />
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="cas_flow" class="login_flow" style="display:none"
|
||||||
|
onclick="gotoCas(); return false;">
|
||||||
|
CAS Authentication: <button id="cas_button" style="margin: 10px">Log in</button>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<br/>
|
||||||
|
|
||||||
|
<form id="password_form" class="login_flow" style="display:none"
|
||||||
|
onsubmit="matrixLogin.password_login(); return false;">
|
||||||
|
<div>
|
||||||
|
Password Authentication:<br/>
|
||||||
|
|
||||||
|
<div style="text-align: center">
|
||||||
|
<input id="user_id" size="32" type="text" placeholder="Matrix ID (e.g. bob)" autocapitalize="off" autocorrect="off" />
|
||||||
|
<br/>
|
||||||
|
<input id="password" size="32" type="password" placeholder="Password"/>
|
||||||
|
<br/>
|
||||||
|
|
||||||
|
<button type="submit" style="margin: 10px">Log in</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<div id="no_login_types" type="button" class="login_flow" style="display:none">
|
||||||
|
Log in currently unavailable.
|
||||||
|
</div>
|
||||||
|
</center>
|
||||||
|
</body>
|
||||||
|
</html>
|
153
synapse/static/client/login/js/login.js
Normal file
153
synapse/static/client/login/js/login.js
Normal file
|
@ -0,0 +1,153 @@
|
||||||
|
window.matrixLogin = {
|
||||||
|
endpoint: location.origin + "/_matrix/client/api/v1/login",
|
||||||
|
serverAcceptsPassword: false,
|
||||||
|
serverAcceptsCas: false
|
||||||
|
};
|
||||||
|
|
||||||
|
var submitPassword = function(user, pwd) {
|
||||||
|
console.log("Logging in with password...");
|
||||||
|
var data = {
|
||||||
|
type: "m.login.password",
|
||||||
|
user: user,
|
||||||
|
password: pwd,
|
||||||
|
};
|
||||||
|
$.post(matrixLogin.endpoint, JSON.stringify(data), function(response) {
|
||||||
|
show_login();
|
||||||
|
matrixLogin.onLogin(response);
|
||||||
|
}).error(errorFunc);
|
||||||
|
};
|
||||||
|
|
||||||
|
var submitToken = function(loginToken) {
|
||||||
|
console.log("Logging in with login token...");
|
||||||
|
var data = {
|
||||||
|
type: "m.login.token",
|
||||||
|
token: loginToken
|
||||||
|
};
|
||||||
|
$.post(matrixLogin.endpoint, JSON.stringify(data), function(response) {
|
||||||
|
show_login();
|
||||||
|
matrixLogin.onLogin(response);
|
||||||
|
}).error(errorFunc);
|
||||||
|
};
|
||||||
|
|
||||||
|
var errorFunc = function(err) {
|
||||||
|
show_login();
|
||||||
|
|
||||||
|
if (err.responseJSON && err.responseJSON.error) {
|
||||||
|
setFeedbackString(err.responseJSON.error + " (" + err.responseJSON.errcode + ")");
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
setFeedbackString("Request failed: " + err.status);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
var gotoCas = function() {
|
||||||
|
var this_page = window.location.origin + window.location.pathname;
|
||||||
|
var redirect_url = matrixLogin.endpoint + "/cas/redirect?redirectUrl=" + encodeURIComponent(this_page);
|
||||||
|
window.location.replace(redirect_url);
|
||||||
|
}
|
||||||
|
|
||||||
|
var setFeedbackString = function(text) {
|
||||||
|
$("#feedback").text(text);
|
||||||
|
};
|
||||||
|
|
||||||
|
var show_login = function() {
|
||||||
|
$("#loading").hide();
|
||||||
|
|
||||||
|
if (matrixLogin.serverAcceptsPassword) {
|
||||||
|
$("#password_form").show();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (matrixLogin.serverAcceptsCas) {
|
||||||
|
$("#cas_flow").show();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!matrixLogin.serverAcceptsPassword && !matrixLogin.serverAcceptsCas) {
|
||||||
|
$("#no_login_types").show();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
var show_spinner = function() {
|
||||||
|
$("#password_form").hide();
|
||||||
|
$("#cas_flow").hide();
|
||||||
|
$("#no_login_types").hide();
|
||||||
|
$("#loading").show();
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
var fetch_info = function(cb) {
|
||||||
|
$.get(matrixLogin.endpoint, function(response) {
|
||||||
|
var serverAcceptsPassword = false;
|
||||||
|
var serverAcceptsCas = false;
|
||||||
|
for (var i=0; i<response.flows.length; i++) {
|
||||||
|
var flow = response.flows[i];
|
||||||
|
if ("m.login.cas" === flow.type) {
|
||||||
|
matrixLogin.serverAcceptsCas = true;
|
||||||
|
console.log("Server accepts CAS");
|
||||||
|
}
|
||||||
|
|
||||||
|
if ("m.login.password" === flow.type) {
|
||||||
|
matrixLogin.serverAcceptsPassword = true;
|
||||||
|
console.log("Server accepts password");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
cb();
|
||||||
|
}).error(errorFunc);
|
||||||
|
}
|
||||||
|
|
||||||
|
matrixLogin.onLoad = function() {
|
||||||
|
fetch_info(function() {
|
||||||
|
if (!try_token()) {
|
||||||
|
show_login();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
matrixLogin.password_login = function() {
|
||||||
|
var user = $("#user_id").val();
|
||||||
|
var pwd = $("#password").val();
|
||||||
|
|
||||||
|
setFeedbackString("");
|
||||||
|
|
||||||
|
show_spinner();
|
||||||
|
submitPassword(user, pwd);
|
||||||
|
};
|
||||||
|
|
||||||
|
matrixLogin.onLogin = function(response) {
|
||||||
|
// clobber this function
|
||||||
|
console.log("onLogin - This function should be replaced to proceed.");
|
||||||
|
console.log(response);
|
||||||
|
};
|
||||||
|
|
||||||
|
var parseQsFromUrl = function(query) {
|
||||||
|
var result = {};
|
||||||
|
query.split("&").forEach(function(part) {
|
||||||
|
var item = part.split("=");
|
||||||
|
var key = item[0];
|
||||||
|
var val = item[1];
|
||||||
|
|
||||||
|
if (val) {
|
||||||
|
val = decodeURIComponent(val);
|
||||||
|
}
|
||||||
|
result[key] = val
|
||||||
|
});
|
||||||
|
return result;
|
||||||
|
};
|
||||||
|
|
||||||
|
var try_token = function() {
|
||||||
|
var pos = window.location.href.indexOf("?");
|
||||||
|
if (pos == -1) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
var qs = parseQsFromUrl(window.location.href.substr(pos+1));
|
||||||
|
|
||||||
|
var loginToken = qs.loginToken;
|
||||||
|
|
||||||
|
if (!loginToken) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
submitToken(loginToken);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
};
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue