gitlord
/
synapse
зеркало из https://github.com/matrix-org/synapse.git
1
0
Форкнуть 0
Код Задачи 0 Релизы 671 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
23021 коммит
842 Ветки
428 MiB
 
 
 
 
 
 
Дерево: 001fc7bd19
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '001fc7bd19'
${ noResults }
synapse/synapse/rest/admin/registration_tokens.py

342 строки
11 KiB
Исходник Вина История 

  1. # Copyright 2021 Callum Brown

  2. #

  3. # Licensed under the Apache License, Version 2.0 (the "License");

  4. # you may not use this file except in compliance with the License.

  5. # You may obtain a copy of the License at

  6. #

  7. #     http://www.apache.org/licenses/LICENSE-2.0

  8. #

  9. # Unless required by applicable law or agreed to in writing, software

  10. # distributed under the License is distributed on an "AS IS" BASIS,

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. # See the License for the specific language governing permissions and

  13. # limitations under the License.

  14. 

  15. import logging

  16. import string

  17. from http import HTTPStatus

  18. from typing import TYPE_CHECKING, Tuple

  19. 

  20. from synapse.api.errors import Codes, NotFoundError, SynapseError

  21. from synapse.http.servlet import (

  22.     RestServlet,

  23.     parse_boolean,

  24.     parse_json_object_from_request,

  25. )

  26. from synapse.http.site import SynapseRequest

  27. from synapse.rest.admin._base import admin_patterns, assert_requester_is_admin

  28. from synapse.types import JsonDict

  29. 

  30. if TYPE_CHECKING:

  31.     from synapse.server import HomeServer

  32. 

  33. logger = logging.getLogger(__name__)

  34. 

  35. 

  36. class ListRegistrationTokensRestServlet(RestServlet):

  37.     """List registration tokens.

  38. 

  39.     To list all tokens:

  40. 

  41.         GET /_synapse/admin/v1/registration_tokens

  42. 

  43.         200 OK

  44. 

  45.         {

  46.             "registration_tokens": [

  47.                 {

  48.                     "token": "abcd",

  49.                     "uses_allowed": 3,

  50.                     "pending": 0,

  51.                     "completed": 1,

  52.                     "expiry_time": null

  53.                 },

  54.                 {

  55.                     "token": "wxyz",

  56.                     "uses_allowed": null,

  57.                     "pending": 0,

  58.                     "completed": 9,

  59.                     "expiry_time": 1625394937000

  60.                 }

  61.             ]

  62.         }

  63. 

  64.     The optional query parameter `valid` can be used to filter the response.

  65.     If it is `true`, only valid tokens are returned. If it is `false`, only

  66.     tokens that have expired or have had all uses exhausted are returned.

  67.     If it is omitted, all tokens are returned regardless of validity.

  68.     """

  69. 

  70.     PATTERNS = admin_patterns("/registration_tokens$")

  71. 

  72.     def __init__(self, hs: "HomeServer"):

  73.         self.auth = hs.get_auth()

  74.         self.store = hs.get_datastores().main

  75. 

  76.     async def on_GET(self, request: SynapseRequest) -> Tuple[int, JsonDict]:

  77.         await assert_requester_is_admin(self.auth, request)

  78.         valid = parse_boolean(request, "valid")

  79.         token_list = await self.store.get_registration_tokens(valid)

  80.         return HTTPStatus.OK, {"registration_tokens": token_list}

  81. 

  82. 

  83. class NewRegistrationTokenRestServlet(RestServlet):

  84.     """Create a new registration token.

  85. 

  86.     For example, to create a token specifying some fields:

  87. 

  88.         POST /_synapse/admin/v1/registration_tokens/new

  89. 

  90.         {

  91.             "token": "defg",

  92.             "uses_allowed": 1

  93.         }

  94. 

  95.         200 OK

  96. 

  97.         {

  98.             "token": "defg",

  99.             "uses_allowed": 1,

  100.             "pending": 0,

  101.             "completed": 0,

  102.             "expiry_time": null

  103.         }

  104. 

  105.     Defaults are used for any fields not specified.

  106.     """

  107. 

  108.     PATTERNS = admin_patterns("/registration_tokens/new$")

  109. 

  110.     def __init__(self, hs: "HomeServer"):

  111.         self.auth = hs.get_auth()

  112.         self.store = hs.get_datastores().main

  113.         self.clock = hs.get_clock()

  114.         # A string of all the characters allowed to be in a registration_token

  115.         self.allowed_chars = string.ascii_letters + string.digits + "._~-"

  116.         self.allowed_chars_set = set(self.allowed_chars)

  117. 

  118.     async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:

  119.         await assert_requester_is_admin(self.auth, request)

  120.         body = parse_json_object_from_request(request)

  121. 

  122.         if "token" in body:

  123.             token = body["token"]

  124.             if not isinstance(token, str):

  125.                 raise SynapseError(

  126.                     HTTPStatus.BAD_REQUEST,

  127.                     "token must be a string",

  128.                     Codes.INVALID_PARAM,

  129.                 )

  130.             if not (0 < len(token) <= 64):

  131.                 raise SynapseError(

  132.                     HTTPStatus.BAD_REQUEST,

  133.                     "token must not be empty and must not be longer than 64 characters",

  134.                     Codes.INVALID_PARAM,

  135.                 )

  136.             if not set(token).issubset(self.allowed_chars_set):

  137.                 raise SynapseError(

  138.                     HTTPStatus.BAD_REQUEST,

  139.                     "token must consist only of characters matched by the regex [A-Za-z0-9-_]",

  140.                     Codes.INVALID_PARAM,

  141.                 )

  142. 

  143.         else:

  144.             # Get length of token to generate (default is 16)

  145.             length = body.get("length", 16)

  146.             if type(length) is not int:  # noqa: E721

  147.                 raise SynapseError(

  148.                     HTTPStatus.BAD_REQUEST,

  149.                     "length must be an integer",

  150.                     Codes.INVALID_PARAM,

  151.                 )

  152.             if not (0 < length <= 64):

  153.                 raise SynapseError(

  154.                     HTTPStatus.BAD_REQUEST,

  155.                     "length must be greater than zero and not greater than 64",

  156.                     Codes.INVALID_PARAM,

  157.                 )

  158. 

  159.             # Generate token

  160.             token = await self.store.generate_registration_token(

  161.                 length, self.allowed_chars

  162.             )

  163. 

  164.         uses_allowed = body.get("uses_allowed", None)

  165.         if not (

  166.             uses_allowed is None

  167.             or (type(uses_allowed) is int and uses_allowed >= 0)  # noqa: E721

  168.         ):

  169.             raise SynapseError(

  170.                 HTTPStatus.BAD_REQUEST,

  171.                 "uses_allowed must be a non-negative integer or null",

  172.                 Codes.INVALID_PARAM,

  173.             )

  174. 

  175.         expiry_time = body.get("expiry_time", None)

  176.         if expiry_time is not None and type(expiry_time) is not int:  # noqa: E721

  177.             raise SynapseError(

  178.                 HTTPStatus.BAD_REQUEST,

  179.                 "expiry_time must be an integer or null",

  180.                 Codes.INVALID_PARAM,

  181.             )

  182.         if (

  183.             type(expiry_time) is int  # noqa: E721

  184.             and expiry_time < self.clock.time_msec()

  185.         ):

  186.             raise SynapseError(

  187.                 HTTPStatus.BAD_REQUEST,

  188.                 "expiry_time must not be in the past",

  189.                 Codes.INVALID_PARAM,

  190.             )

  191. 

  192.         created = await self.store.create_registration_token(

  193.             token, uses_allowed, expiry_time

  194.         )

  195.         if not created:

  196.             raise SynapseError(

  197.                 HTTPStatus.BAD_REQUEST,

  198.                 f"Token already exists: {token}",

  199.                 Codes.INVALID_PARAM,

  200.             )

  201. 

  202.         resp = {

  203.             "token": token,

  204.             "uses_allowed": uses_allowed,

  205.             "pending": 0,

  206.             "completed": 0,

  207.             "expiry_time": expiry_time,

  208.         }

  209.         return HTTPStatus.OK, resp

  210. 

  211. 

  212. class RegistrationTokenRestServlet(RestServlet):

  213.     """Retrieve, update, or delete the given token.

  214. 

  215.     For example,

  216. 

  217.     to retrieve a token:

  218. 

  219.         GET /_synapse/admin/v1/registration_tokens/abcd

  220. 

  221.         200 OK

  222. 

  223.         {

  224.             "token": "abcd",

  225.             "uses_allowed": 3,

  226.             "pending": 0,

  227.             "completed": 1,

  228.             "expiry_time": null

  229.         }

  230. 

  231. 

  232.     to update a token:

  233. 

  234.         PUT /_synapse/admin/v1/registration_tokens/defg

  235. 

  236.         {

  237.             "uses_allowed": 5,

  238.             "expiry_time": 4781243146000

  239.         }

  240. 

  241.         200 OK

  242. 

  243.         {

  244.             "token": "defg",

  245.             "uses_allowed": 5,

  246.             "pending": 0,

  247.             "completed": 0,

  248.             "expiry_time": 4781243146000

  249.         }

  250. 

  251. 

  252.     to delete a token:

  253. 

  254.         DELETE /_synapse/admin/v1/registration_tokens/wxyz

  255. 

  256.         200 OK

  257. 

  258.         {}

  259.     """

  260. 

  261.     PATTERNS = admin_patterns("/registration_tokens/(?P<token>[^/]*)$")

  262. 

  263.     def __init__(self, hs: "HomeServer"):

  264.         self.clock = hs.get_clock()

  265.         self.auth = hs.get_auth()

  266.         self.store = hs.get_datastores().main

  267. 

  268.     async def on_GET(self, request: SynapseRequest, token: str) -> Tuple[int, JsonDict]:

  269.         """Retrieve a registration token."""

  270.         await assert_requester_is_admin(self.auth, request)

  271.         token_info = await self.store.get_one_registration_token(token)

  272. 

  273.         # If no result return a 404

  274.         if token_info is None:

  275.             raise NotFoundError(f"No such registration token: {token}")

  276. 

  277.         return HTTPStatus.OK, token_info

  278. 

  279.     async def on_PUT(self, request: SynapseRequest, token: str) -> Tuple[int, JsonDict]:

  280.         """Update a registration token."""

  281.         await assert_requester_is_admin(self.auth, request)

  282.         body = parse_json_object_from_request(request)

  283.         new_attributes = {}

  284. 

  285.         # Only add uses_allowed to new_attributes if it is present and valid

  286.         if "uses_allowed" in body:

  287.             uses_allowed = body["uses_allowed"]

  288.             if not (

  289.                 uses_allowed is None

  290.                 or (type(uses_allowed) is int and uses_allowed >= 0)  # noqa: E721

  291.             ):

  292.                 raise SynapseError(

  293.                     HTTPStatus.BAD_REQUEST,

  294.                     "uses_allowed must be a non-negative integer or null",

  295.                     Codes.INVALID_PARAM,

  296.                 )

  297.             new_attributes["uses_allowed"] = uses_allowed

  298. 

  299.         if "expiry_time" in body:

  300.             expiry_time = body["expiry_time"]

  301.             if expiry_time is not None and type(expiry_time) is not int:  # noqa: E721

  302.                 raise SynapseError(

  303.                     HTTPStatus.BAD_REQUEST,

  304.                     "expiry_time must be an integer or null",

  305.                     Codes.INVALID_PARAM,

  306.                 )

  307.             if (

  308.                 type(expiry_time) is int  # noqa: E721

  309.                 and expiry_time < self.clock.time_msec()

  310.             ):

  311.                 raise SynapseError(

  312.                     HTTPStatus.BAD_REQUEST,

  313.                     "expiry_time must not be in the past",

  314.                     Codes.INVALID_PARAM,

  315.                 )

  316.             new_attributes["expiry_time"] = expiry_time

  317. 

  318.         if len(new_attributes) == 0:

  319.             # Nothing to update, get token info to return

  320.             token_info = await self.store.get_one_registration_token(token)

  321.         else:

  322.             token_info = await self.store.update_registration_token(

  323.                 token, new_attributes

  324.             )

  325. 

  326.         # If no result return a 404

  327.         if token_info is None:

  328.             raise NotFoundError(f"No such registration token: {token}")

  329. 

  330.         return HTTPStatus.OK, token_info

  331. 

  332.     async def on_DELETE(

  333.         self, request: SynapseRequest, token: str

  334.     ) -> Tuple[int, JsonDict]:

  335.         """Delete a registration token."""

  336.         await assert_requester_is_admin(self.auth, request)

  337. 

  338.         if await self.store.delete_registration_token(token):

  339.             return HTTPStatus.OK, {}

  340. 

  341.         raise NotFoundError(f"No such registration token: {token}")