0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-11-14 22:11:47 +01:00
Commit graph

22728 commits

Author SHA1 Message Date
Grant McLean
5c24d7b9eb
Check required power levels earlier in createRoom handler. (#15695)
* Check required power levels earlier in createRoom handler.

- If a server was configured to reject the creation of rooms with E2EE
  enabled (by specifying an unattainably high power level for
  "m.room.encryption" in default_power_level_content_override), the 403
  error was not being triggered until after the room was created and
  before the "m.room.power_levels" was sent.  This allowed a user to
  access the partially-configured room and complete the setup of E2EE
  and power levels manually.

- This change causes the power level overrides to be checked earlier and
  the request to be rejected before the user gains access to the room.

- A new `_validate_room_config` method is added to contain checks that
  should be run before a room is created.

- The new test case confirms that a user request is rejected by the new
  validation method.

Signed-off-by: Grant McLean <grant@catalyst.net.nz>

* Add a changelog file.

* Formatting fix for black.

* Remove unneeded line from test.

---------

Signed-off-by: Grant McLean <grant@catalyst.net.nz>
2023-06-07 16:21:25 +01:00
Erik Johnston
8934c11935 Merge branch 'master' into develop 2023-06-07 14:45:19 +01:00
Erik Johnston
140a76c00f Merge branch 'release-v1.85' 2023-06-07 14:45:09 +01:00
Erik Johnston
6cd6a2ae59 Update changelog 2023-06-07 13:07:40 +01:00
Erik Johnston
28423977be Update changelog 2023-06-07 13:04:20 +01:00
Erik Johnston
f7c6553ebc
Fix schema delta error in 1.85 (#15739)
Some users seem to have multiple rows per user / room with a null thread
ID, which we need to handle.
2023-06-07 13:02:42 +01:00
Erik Johnston
7acf7f2f8d 1.85.1 2023-06-07 10:51:17 +01:00
Erik Johnston
a701c089fa
Fix schema delta error in 1.85 (#15738)
There appears to be a race where you can end up with entries in
`event_push_summary` with both a `NULL` and `main` thread ID.

Fixes #15736

Introduced in #15597
2023-06-07 10:50:32 +01:00
Eric Eastwood
9d911b0da6
No need for the extra join since membership is built-in to current_state_events (#15731)
This helps with the upstream `is_host_joined()` and `is_host_invited()` functions.

`membership` was added to `current_state_events` in https://github.com/matrix-org/synapse/pull/5706 and forced in https://github.com/matrix-org/synapse/pull/13745
2023-06-06 22:19:57 -05:00
Eric Eastwood
8bfded81f3
Trace functions which return Awaitable (#15650) 2023-06-06 17:39:22 -05:00
Eric Eastwood
4e6390cb10
Update error to more plainly explain we can only authorize our own events (#15725) 2023-06-06 16:26:12 -05:00
Eric Eastwood
33c3550887
Add context for when/why to use the long_retries option when sending Federation requests (#15721) 2023-06-06 16:25:03 -05:00
Shay
6ee96e9366
Improve performance of user directory search (#15729) 2023-06-06 21:16:03 +01:00
Andrew Morgan
d43c72a6c8
Prevent "twisted trunk" and "latest deps" workflows from running on forks (#15726) 2023-06-06 18:29:54 +00:00
Sean Quah
dfd77f426e
Remove some unused server_name fields (#15723)
Signed-off-by: Sean Quah <seanq@matrix.org>
2023-06-06 12:32:29 +01:00
Erik Johnston
1a54953473 Merge remote-tracking branch 'origin/master' into develop 2023-06-06 10:59:20 +01:00
Erik Johnston
ad690037de Fix link in changelog 2023-06-06 10:58:32 +01:00
Erik Johnston
07fd6d82d7 Merge branch 'master' into develop 2023-06-06 10:49:04 +01:00
Erik Johnston
ec71214243 Fixup changelog 2023-06-06 10:06:21 +01:00
Erik Johnston
564f37aca6 1.85.0 2023-06-06 09:55:42 +01:00
Patrick Cloke
f880e64b11
Stabilize support for MSC3952: Intentional mentions. (#15520) 2023-06-06 09:11:07 +01:00
Eric Eastwood
f9561b9e37
Some house keeping on maybe_backfill() functions (#15709) 2023-06-05 23:38:52 -05:00
dependabot[bot]
ca8906be2c
Bump types-requests from 2.31.0.0 to 2.31.0.1 (#15715)
Bumps [types-requests](https://github.com/python/typeshed) from 2.31.0.0 to 2.31.0.1.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:39:34 +01:00
dependabot[bot]
2d97d5b1c3
Bump types-jsonschema from 4.17.0.7 to 4.17.0.8 (#15716)
Bumps [types-jsonschema](https://github.com/python/typeshed) from 4.17.0.7 to 4.17.0.8.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-jsonschema
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:32:25 +01:00
dependabot[bot]
1a7aa81715
Bump sentry-sdk from 1.22.1 to 1.25.0 (#15714)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.22.1 to 1.25.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.22.1...1.25.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:32:16 +01:00
dependabot[bot]
5feabbdf06
Bump pyasn1 from 0.4.8 to 0.5.0 (#15713)
Bumps [pyasn1](https://github.com/pyasn1/pyasn1) from 0.4.8 to 0.5.0.
- [Release notes](https://github.com/pyasn1/pyasn1/releases)
- [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst)
- [Commits](https://github.com/pyasn1/pyasn1/compare/v0.4.8...v0.5.0)

---
updated-dependencies:
- dependency-name: pyasn1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:32:07 +01:00
dependabot[bot]
36a5bcae2c
Bump library/redis from 6-bullseye to 7-bullseye in /docker (#15712)
Bumps library/redis from 6-bullseye to 7-bullseye.

---
updated-dependencies:
- dependency-name: library/redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:31:54 +01:00
dependabot[bot]
8ba530c0e3
Bump importlib-metadata from 6.1.0 to 6.6.0 (#15711)
Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 6.1.0 to 6.6.0.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v6.1.0...v6.6.0)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:31:41 +01:00
Shay
d0c4257f14
N + 3: Read from column full_user_id rather than user_id of tables profiles and user_filters (#15649) 2023-06-02 17:24:13 -07:00
Mathieu Velten
e0f2429d13
Add a catch-all * to the supported relation types when redacting (#15705)
This is an update to MSC3912 implementation
2023-06-02 13:13:50 +00:00
Eric Eastwood
30a5076da8
Log when events are (unexpectedly) filtered out of responses in tests (#14213)
See https://github.com/matrix-org/synapse/pull/14095#discussion_r990335492

This is useful because when see that a relevant event is an `outlier` or `soft-failed`, then that's a good unexpected indicator explaining why it's not showing up. `filter_events_for_client` is used in `/sync`, `/messages`, `/context` which are all common end-to-end assertion touch points (also notifications, relations).
2023-06-01 21:27:18 -05:00
H. Shay
8af29155ec Merge branch 'release-v1.85' into develop 2023-06-01 10:26:37 -07:00
H. Shay
4c0bffaca5 1.85.0rc2 2023-06-01 09:16:35 -07:00
Erik Johnston
5ed0e8c61f
Cache requests for user's devices from federation (#15675)
This should mitigate the issue where lots of different servers requests
the same user's devices all at once.
2023-06-01 13:25:20 +00:00
Hugh Nimmo-Smith
d1693f0362
Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388)
Implements stable support for MSC3882; this involves updating Synapse's support to
match the MSC / the spec says.

Continue to support the unstable version to allow clients to transition.
2023-06-01 08:52:51 -04:00
Patrick Cloke
a273561c22
Add a note about deprecating /register with a user property. (#15703)
Application services providing a "user" property (instead of "username") for
the /register endpoint was never specified. Deprecate this very old
fallback.
2023-06-01 08:21:37 -04:00
Shay
6d9e2fd878
Speed up background jobs populate_full_user_id_user_filters and populate_full_user_id_profiles (#15700) 2023-05-31 15:13:48 -07:00
Eric Eastwood
0b5f64ff09
Add Synapse version deploy annotations to Grafana dashboard (#15674)
Fix https://github.com/matrix-org/synapse/issues/15662

This manifests as purple lines that show up on all time series panels
that you can hover and see what version was deployed.

Also added a new "Deployed Synapse versions over time" panel
where the color block changes with each version. And mixed this
color block into the "Up" time series panel.

To get the Grafana dashboard JSON to copy here: use the **Share** icon at the top -> **Export** -> check the **Export for sharing externally** option -> **View JSON** or **Save to file**
2023-05-31 14:35:49 -05:00
Patrick Cloke
6f18812bb0
Add stubs package for lxml. (#15697)
The stubs have some issues so this has some generous cast
and ignores in it, but it is better than not having stubs.

Note that confusing that Element is a function which creates
_Element instances (and similarly for Comment).
2023-05-31 17:06:57 +00:00
Jason Little
874378c052
Docker fully qualified image names (#15689)
* Fully qualified docker image names for the main Dockerfile and Complement related.

* Fully qualified docker image names for Dockerfiles associated with building Debian release artifacts.

This one is harder and is separate from the other commit in case it wasn't correct or was unwanted. I decided to
do the expansion on the docker images in the Dockerfile itself, instead of the various source places that build
which distribution that is selected, as it would have been more invasive with the scripts breaking up the string
for tagging and such. This one is untested.

* Changelog

* Update docker/Dockerfile-workers

* Update docker/complement/Dockerfile

---------

Co-authored-by: reivilibre <olivier@librepush.net>
2023-05-31 15:13:31 +00:00
reivilibre
11e15d79b8
Fix a performance issue introduced in Synapse v1.83.0 which meant that purging rooms was very slow and database-intensive. (#15693)
* Add indices required to efficiently validate new foreign key constraints on stream_ordering

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-05-31 14:59:56 +01:00
Gabriel Féron
daf3a67908
Add get_canonical_room_alias to module API (#15450)
Co-authored-by: Boxdot <d@zerovolt.org>
2023-05-31 09:18:37 -04:00
Patrick Cloke
c01343de43
Add stricter mypy options (#15694)
Enable warn_unused_configs, strict_concatenate, disallow_subclassing_any,
and disallow_incomplete_defs.
2023-05-31 07:18:29 -04:00
David Robertson
6fc3deb029
Merge branch 'release-v1.85' into develop 2023-05-30 16:08:33 +01:00
Quentin Gliech
ceb3dd77db Enforce that an admin token also has the basic Matrix API scope 2023-05-30 09:43:06 -04:00
Quentin Gliech
32a2f05004 Make the config tests spawn the homeserver only when needed 2023-05-30 09:43:06 -04:00
Quentin Gliech
f739bde962 Reject tokens with multiple device scopes 2023-05-30 09:43:06 -04:00
Quentin Gliech
98afc57d59 Make OIDC scope constants 2023-05-30 09:43:06 -04:00
Quentin Gliech
14a5be9c4d Handle errors when introspecting tokens
This returns a proper 503 when the introspection endpoint is not working
for some reason, which should avoid logging out clients in those cases.
2023-05-30 09:43:06 -04:00
Quentin Gliech
ec9379d7e2 Newsfile. 2023-05-30 09:43:06 -04:00