This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Add an Admin API endpoint for looking up users based on 3PID #14405
Merged
Merged
Changes from all commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
44fab96
add admin api endpoint for looking up users based on 3PID
ashfame 8f1b629
add changelog file
ashfame c86e8ea
Update changelog.d/14405.feature
ashfame 95b8dad
Merge branch 'develop' into admin_api_3pid
ashfame 75dd63d
Update version number in docs
DMRobertson File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Add an [Admin API](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) endpoint for user lookup based on third-party ID (3PID). Contributed by @ashfame. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -41,14 +41,12 @@ | |
|
||
|
||
class UserRegisterTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets_for_client_rest_resource, | ||
profile.register_servlets, | ||
] | ||
|
||
def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer: | ||
|
||
self.url = "/_synapse/admin/v1/register" | ||
|
||
self.registration_handler = Mock() | ||
|
@@ -446,7 +444,6 @@ def test_register_mau_limit_reached(self) -> None: | |
|
||
|
||
class UsersListTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -1108,7 +1105,6 @@ def _validate_attributes_of_device_response(self, response: JsonDict) -> None: | |
|
||
|
||
class DeactivateAccountTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -1382,7 +1378,6 @@ def _is_erased(self, user_id: str, expect: bool) -> None: | |
|
||
|
||
class UserRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -2803,7 +2798,6 @@ def _check_fields(self, content: JsonDict) -> None: | |
|
||
|
||
class UserMembershipRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -2960,7 +2954,6 @@ def test_get_rooms_with_nonlocal_user(self) -> None: | |
|
||
|
||
class PushersRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -3089,7 +3082,6 @@ def test_get_pushers(self) -> None: | |
|
||
|
||
class UserMediaRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -3881,7 +3873,6 @@ def test_mau_limit(self) -> None: | |
], | ||
) | ||
class WhoisRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -3961,7 +3952,6 @@ def test_get_whois_user(self) -> None: | |
|
||
|
||
class ShadowBanRestTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -4042,7 +4032,6 @@ def test_success(self) -> None: | |
|
||
|
||
class RateLimitTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -4268,7 +4257,6 @@ def test_success(self) -> None: | |
|
||
|
||
class AccountDataTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -4358,7 +4346,6 @@ def test_success(self) -> None: | |
|
||
|
||
class UsersByExternalIdTestCase(unittest.HomeserverTestCase): | ||
|
||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
|
@@ -4442,3 +4429,97 @@ def test_success_urlencoded(self) -> None: | |
{"user_id": self.other_user}, | ||
channel.json_body, | ||
) | ||
|
||
|
||
class UsersByThreePidTestCase(unittest.HomeserverTestCase): | ||
servlets = [ | ||
synapse.rest.admin.register_servlets, | ||
login.register_servlets, | ||
] | ||
|
||
def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None: | ||
self.store = hs.get_datastores().main | ||
|
||
self.admin_user = self.register_user("admin", "pass", admin=True) | ||
self.admin_user_tok = self.login("admin", "pass") | ||
|
||
self.other_user = self.register_user("user", "pass") | ||
self.get_success( | ||
self.store.user_add_threepid( | ||
self.other_user, "email", "[email protected]", 1, 1 | ||
) | ||
) | ||
self.get_success( | ||
self.store.user_add_threepid(self.other_user, "msidn", "+1-12345678", 1, 1) | ||
) | ||
|
||
def test_no_auth(self) -> None: | ||
"""Try to look up a user without authentication.""" | ||
url = "/_synapse/admin/v1/threepid/email/users/user%40email.com" | ||
|
||
channel = self.make_request( | ||
"GET", | ||
url, | ||
) | ||
|
||
self.assertEqual(401, channel.code, msg=channel.json_body) | ||
self.assertEqual(Codes.MISSING_TOKEN, channel.json_body["errcode"]) | ||
|
||
def test_medium_does_not_exist(self) -> None: | ||
"""Tests that both a lookup for a medium that does not exist and a user that | ||
doesn't exist with that third party ID returns a 404""" | ||
# test for unknown medium | ||
url = "/_synapse/admin/v1/threepid/publickey/users/unknown-key" | ||
|
||
channel = self.make_request( | ||
"GET", | ||
url, | ||
access_token=self.admin_user_tok, | ||
) | ||
|
||
self.assertEqual(404, channel.code, msg=channel.json_body) | ||
self.assertEqual(Codes.NOT_FOUND, channel.json_body["errcode"]) | ||
|
||
# test for unknown user with a known medium | ||
url = "/_synapse/admin/v1/threepid/email/users/unknown" | ||
|
||
channel = self.make_request( | ||
"GET", | ||
url, | ||
access_token=self.admin_user_tok, | ||
) | ||
|
||
self.assertEqual(404, channel.code, msg=channel.json_body) | ||
self.assertEqual(Codes.NOT_FOUND, channel.json_body["errcode"]) | ||
|
||
def test_success(self) -> None: | ||
"""Tests a successful medium + address lookup""" | ||
# test for email medium with encoded value of [email protected] | ||
url = "/_synapse/admin/v1/threepid/email/users/user%40email.com" | ||
|
||
channel = self.make_request( | ||
"GET", | ||
url, | ||
access_token=self.admin_user_tok, | ||
) | ||
|
||
self.assertEqual(200, channel.code, msg=channel.json_body) | ||
self.assertEqual( | ||
{"user_id": self.other_user}, | ||
channel.json_body, | ||
) | ||
|
||
# test for msidn medium with encoded value of +1-12345678 | ||
url = "/_synapse/admin/v1/threepid/msidn/users/%2B1-12345678" | ||
|
||
channel = self.make_request( | ||
"GET", | ||
url, | ||
access_token=self.admin_user_tok, | ||
) | ||
|
||
self.assertEqual(200, channel.code, msg=channel.json_body) | ||
self.assertEqual( | ||
{"user_id": self.other_user}, | ||
channel.json_body, | ||
) |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is only going to find local users, i.e. we won't contact an identity server to lookup a 3PID bound to another homeserver? If so, it'd be good to say so in a short sentence.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, that was my intention. I am not sure if its supposed to do remote user lookups too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It shouldn't. The function that gets called is
synapse/synapse/storage/databases/main/registration.py
Lines 934 to 972 in cc3a52b
which amounts to
SELECT user_id FROM user_threepids WHERE medium = ? AND address = ? LIMIT 1
. AFAIK that table only contains threepids for local users.