|
|
@@ -2380,3 +2380,67 @@ class WhoisRestTestCase(unittest.HomeserverTestCase): |
|
|
|
self.assertEqual(200, channel.code, msg=channel.json_body) |
|
|
|
self.assertEqual(self.other_user, channel.json_body["user_id"]) |
|
|
|
self.assertIn("devices", channel.json_body) |
|
|
|
|
|
|
|
|
|
|
|
class ShadowBanRestTestCase(unittest.HomeserverTestCase): |
|
|
|
|
|
|
|
servlets = [ |
|
|
|
synapse.rest.admin.register_servlets, |
|
|
|
login.register_servlets, |
|
|
|
] |
|
|
|
|
|
|
|
def prepare(self, reactor, clock, hs): |
|
|
|
self.store = hs.get_datastore() |
|
|
|
|
|
|
|
self.admin_user = self.register_user("admin", "pass", admin=True) |
|
|
|
self.admin_user_tok = self.login("admin", "pass") |
|
|
|
|
|
|
|
self.other_user = self.register_user("user", "pass") |
|
|
|
|
|
|
|
self.url = "/_synapse/admin/v1/users/%s/shadow_ban" % urllib.parse.quote( |
|
|
|
self.other_user |
|
|
|
) |
|
|
|
|
|
|
|
def test_no_auth(self): |
|
|
|
""" |
|
|
|
Try to get information of an user without authentication. |
|
|
|
""" |
|
|
|
channel = self.make_request("POST", self.url) |
|
|
|
self.assertEqual(401, int(channel.result["code"]), msg=channel.result["body"]) |
|
|
|
self.assertEqual(Codes.MISSING_TOKEN, channel.json_body["errcode"]) |
|
|
|
|
|
|
|
def test_requester_is_not_admin(self): |
|
|
|
""" |
|
|
|
If the user is not a server admin, an error is returned. |
|
|
|
""" |
|
|
|
other_user_token = self.login("user", "pass") |
|
|
|
|
|
|
|
channel = self.make_request("POST", self.url, access_token=other_user_token) |
|
|
|
self.assertEqual(403, int(channel.result["code"]), msg=channel.result["body"]) |
|
|
|
self.assertEqual(Codes.FORBIDDEN, channel.json_body["errcode"]) |
|
|
|
|
|
|
|
def test_user_is_not_local(self): |
|
|
|
""" |
|
|
|
Tests that shadow-banning for a user that is not a local returns a 400 |
|
|
|
""" |
|
|
|
url = "/_synapse/admin/v1/whois/@unknown_person:unknown_domain" |
|
|
|
|
|
|
|
channel = self.make_request("POST", url, access_token=self.admin_user_tok) |
|
|
|
self.assertEqual(400, channel.code, msg=channel.json_body) |
|
|
|
|
|
|
|
def test_success(self): |
|
|
|
""" |
|
|
|
Shadow-banning should succeed for an admin. |
|
|
|
""" |
|
|
|
# The user starts off as not shadow-banned. |
|
|
|
other_user_token = self.login("user", "pass") |
|
|
|
result = self.get_success(self.store.get_user_by_access_token(other_user_token)) |
|
|
|
self.assertFalse(result.shadow_banned) |
|
|
|
|
|
|
|
channel = self.make_request("POST", self.url, access_token=self.admin_user_tok) |
|
|
|
self.assertEqual(200, channel.code, msg=channel.json_body) |
|
|
|
self.assertEqual({}, channel.json_body) |
|
|
|
|
|
|
|
# Ensure the user is shadow-banned (and the cache was cleared). |
|
|
|
result = self.get_success(self.store.get_user_by_access_token(other_user_token)) |
|
|
|
self.assertTrue(result.shadow_banned) |