gitlord
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Code Issues 0 Releases 671 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21377 Commits
842 Branches
288 MiB
 
 
 
 
 
 
Tree: 42d261c32f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '42d261c32f'
${ noResults }
synapse/tests/handlers/test_deactivate_account.py

337 lines
11 KiB
Raw Blame History 

  1. # Copyright 2021 The Matrix.org Foundation C.I.C.

  2. #

  3. # Licensed under the Apache License, Version 2.0 (the "License");

  4. # you may not use this file except in compliance with the License.

  5. # You may obtain a copy of the License at

  6. #

  7. #     http://www.apache.org/licenses/LICENSE-2.0

  8. #

  9. # Unless required by applicable law or agreed to in writing, software

  10. # distributed under the License is distributed on an "AS IS" BASIS,

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. # See the License for the specific language governing permissions and

  13. # limitations under the License.

  14. 

  15. from twisted.test.proto_helpers import MemoryReactor

  16. 

  17. from synapse.api.constants import AccountDataTypes

  18. from synapse.push.rulekinds import PRIORITY_CLASS_MAP

  19. from synapse.rest import admin

  20. from synapse.rest.client import account, login

  21. from synapse.server import HomeServer

  22. from synapse.synapse_rust.push import PushRule

  23. from synapse.util import Clock

  24. 

  25. from tests.unittest import HomeserverTestCase

  26. 

  27. 

  28. class DeactivateAccountTestCase(HomeserverTestCase):

  29.     servlets = [

  30.         login.register_servlets,

  31.         admin.register_servlets,

  32.         account.register_servlets,

  33.     ]

  34. 

  35.     def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:

  36.         self._store = hs.get_datastores().main

  37. 

  38.         self.user = self.register_user("user", "pass")

  39.         self.token = self.login("user", "pass")

  40. 

  41.     def _deactivate_my_account(self) -> None:

  42.         """

  43.         Deactivates the account `self.user` using `self.token` and asserts

  44.         that it returns a 200 success code.

  45.         """

  46.         req = self.make_request(

  47.             "POST",

  48.             "account/deactivate",

  49.             {

  50.                 "auth": {

  51.                     "type": "m.login.password",

  52.                     "user": self.user,

  53.                     "password": "pass",

  54.                 },

  55.                 "erase": True,

  56.             },

  57.             access_token=self.token,

  58.         )

  59. 

  60.         self.assertEqual(req.code, 200, req)

  61. 

  62.     def test_global_account_data_deleted_upon_deactivation(self) -> None:

  63.         """

  64.         Tests that global account data is removed upon deactivation.

  65.         """

  66.         # Add some account data

  67.         self.get_success(

  68.             self._store.add_account_data_for_user(

  69.                 self.user,

  70.                 AccountDataTypes.DIRECT,

  71.                 {"@someone:remote": ["!somewhere:remote"]},

  72.             )

  73.         )

  74. 

  75.         # Check that we actually added some.

  76.         self.assertIsNotNone(

  77.             self.get_success(

  78.                 self._store.get_global_account_data_by_type_for_user(

  79.                     self.user, AccountDataTypes.DIRECT

  80.                 )

  81.             ),

  82.         )

  83. 

  84.         # Request the deactivation of our account

  85.         self._deactivate_my_account()

  86. 

  87.         # Check that the account data does not persist.

  88.         self.assertIsNone(

  89.             self.get_success(

  90.                 self._store.get_global_account_data_by_type_for_user(

  91.                     self.user, AccountDataTypes.DIRECT

  92.                 )

  93.             ),

  94.         )

  95. 

  96.     def test_room_account_data_deleted_upon_deactivation(self) -> None:

  97.         """

  98.         Tests that room account data is removed upon deactivation.

  99.         """

  100.         room_id = "!room:test"

  101. 

  102.         # Add some room account data

  103.         self.get_success(

  104.             self._store.add_account_data_to_room(

  105.                 self.user,

  106.                 room_id,

  107.                 "m.fully_read",

  108.                 {"event_id": "$aaaa:test"},

  109.             )

  110.         )

  111. 

  112.         # Check that we actually added some.

  113.         self.assertIsNotNone(

  114.             self.get_success(

  115.                 self._store.get_account_data_for_room_and_type(

  116.                     self.user, room_id, "m.fully_read"

  117.                 )

  118.             ),

  119.         )

  120. 

  121.         # Request the deactivation of our account

  122.         self._deactivate_my_account()

  123. 

  124.         # Check that the account data does not persist.

  125.         self.assertIsNone(

  126.             self.get_success(

  127.                 self._store.get_account_data_for_room_and_type(

  128.                     self.user, room_id, "m.fully_read"

  129.                 )

  130.             ),

  131.         )

  132. 

  133.     def _is_custom_rule(self, push_rule: PushRule) -> bool:

  134.         """

  135.         Default rules start with a dot: such as .m.rule and .im.vector.

  136.         This function returns true iff a rule is custom (not default).

  137.         """

  138.         return "/." not in push_rule.rule_id

  139. 

  140.     def test_push_rules_deleted_upon_account_deactivation(self) -> None:

  141.         """

  142.         Push rules are a special case of account data.

  143.         They are stored separately but get sent to the client as account data in /sync.

  144.         This tests that deactivating a user deletes push rules along with the rest

  145.         of their account data.

  146.         """

  147. 

  148.         # Add a push rule

  149.         self.get_success(

  150.             self._store.add_push_rule(

  151.                 self.user,

  152.                 "personal.override.rule1",

  153.                 PRIORITY_CLASS_MAP["override"],

  154.                 [],

  155.                 [],

  156.             )

  157.         )

  158. 

  159.         # Test the rule exists

  160.         filtered_push_rules = self.get_success(

  161.             self._store.get_push_rules_for_user(self.user)

  162.         )

  163.         # Filter out default rules; we don't care

  164.         push_rules = [

  165.             r for r, _ in filtered_push_rules.rules() if self._is_custom_rule(r)

  166.         ]

  167.         # Check our rule made it

  168.         self.assertEqual(len(push_rules), 1)

  169.         self.assertEqual(push_rules[0].rule_id, "personal.override.rule1")

  170.         self.assertEqual(push_rules[0].priority_class, 5)

  171.         self.assertEqual(push_rules[0].conditions, [])

  172.         self.assertEqual(push_rules[0].actions, [])

  173. 

  174.         # Request the deactivation of our account

  175.         self._deactivate_my_account()

  176. 

  177.         filtered_push_rules = self.get_success(

  178.             self._store.get_push_rules_for_user(self.user)

  179.         )

  180.         # Filter out default rules; we don't care

  181.         push_rules = [

  182.             r for r, _ in filtered_push_rules.rules() if self._is_custom_rule(r)

  183.         ]

  184.         # Check our rule no longer exists

  185.         self.assertEqual(push_rules, [], push_rules)

  186. 

  187.     def test_ignored_users_deleted_upon_deactivation(self) -> None:

  188.         """

  189.         Ignored users are a special case of account data.

  190.         They get denormalised into the `ignored_users` table upon being stored as

  191.         account data.

  192.         Test that a user's list of ignored users is deleted upon deactivation.

  193.         """

  194. 

  195.         # Add an ignored user

  196.         self.get_success(

  197.             self._store.add_account_data_for_user(

  198.                 self.user,

  199.                 AccountDataTypes.IGNORED_USER_LIST,

  200.                 {"ignored_users": {"@sheltie:test": {}}},

  201.             )

  202.         )

  203. 

  204.         # Test the user is ignored

  205.         self.assertEqual(

  206.             self.get_success(self._store.ignored_by("@sheltie:test")), {self.user}

  207.         )

  208. 

  209.         # Request the deactivation of our account

  210.         self._deactivate_my_account()

  211. 

  212.         # Test the user is no longer ignored by the user that was deactivated

  213.         self.assertEqual(

  214.             self.get_success(self._store.ignored_by("@sheltie:test")), set()

  215.         )

  216. 

  217.     def _rerun_retroactive_account_data_deletion_update(self) -> None:

  218.         # Reset the 'all done' flag

  219.         self._store.db_pool.updates._all_done = False

  220. 

  221.         self.get_success(

  222.             self._store.db_pool.simple_insert(

  223.                 "background_updates",

  224.                 {

  225.                     "update_name": "delete_account_data_for_deactivated_users",

  226.                     "progress_json": "{}",

  227.                 },

  228.             )

  229.         )

  230. 

  231.         self.wait_for_background_updates()

  232. 

  233.     def test_account_data_deleted_retroactively_by_background_update_if_deactivated(

  234.         self,

  235.     ) -> None:

  236.         """

  237.         Tests that a user, who deactivated their account before account data was

  238.         deleted automatically upon deactivation, has their account data retroactively

  239.         scrubbed by the background update.

  240.         """

  241. 

  242.         # Request the deactivation of our account

  243.         self._deactivate_my_account()

  244. 

  245.         # Add some account data

  246.         # (we do this after the deactivation so that the act of deactivating doesn't

  247.         # clear it out. This emulates a user that was deactivated before this was cleared

  248.         # upon deactivation.)

  249.         self.get_success(

  250.             self._store.add_account_data_for_user(

  251.                 self.user,

  252.                 AccountDataTypes.DIRECT,

  253.                 {"@someone:remote": ["!somewhere:remote"]},

  254.             )

  255.         )

  256. 

  257.         # Check that the account data is there.

  258.         self.assertIsNotNone(

  259.             self.get_success(

  260.                 self._store.get_global_account_data_by_type_for_user(

  261.                     self.user,

  262.                     AccountDataTypes.DIRECT,

  263.                 )

  264.             ),

  265.         )

  266. 

  267.         # Re-run the retroactive deletion update

  268.         self._rerun_retroactive_account_data_deletion_update()

  269. 

  270.         # Check that the account data was cleared.

  271.         self.assertIsNone(

  272.             self.get_success(

  273.                 self._store.get_global_account_data_by_type_for_user(

  274.                     self.user,

  275.                     AccountDataTypes.DIRECT,

  276.                 )

  277.             ),

  278.         )

  279. 

  280.     def test_account_data_preserved_by_background_update_if_not_deactivated(

  281.         self,

  282.     ) -> None:

  283.         """

  284.         Tests that the background update does not scrub account data for users that have

  285.         not been deactivated.

  286.         """

  287. 

  288.         # Add some account data

  289.         # (we do this after the deactivation so that the act of deactivating doesn't

  290.         # clear it out. This emulates a user that was deactivated before this was cleared

  291.         # upon deactivation.)

  292.         self.get_success(

  293.             self._store.add_account_data_for_user(

  294.                 self.user,

  295.                 AccountDataTypes.DIRECT,

  296.                 {"@someone:remote": ["!somewhere:remote"]},

  297.             )

  298.         )

  299. 

  300.         # Check that the account data is there.

  301.         self.assertIsNotNone(

  302.             self.get_success(

  303.                 self._store.get_global_account_data_by_type_for_user(

  304.                     self.user,

  305.                     AccountDataTypes.DIRECT,

  306.                 )

  307.             ),

  308.         )

  309. 

  310.         # Re-run the retroactive deletion update

  311.         self._rerun_retroactive_account_data_deletion_update()

  312. 

  313.         # Check that the account data was NOT cleared.

  314.         self.assertIsNotNone(

  315.             self.get_success(

  316.                 self._store.get_global_account_data_by_type_for_user(

  317.                     self.user,

  318.                     AccountDataTypes.DIRECT,

  319.                 )

  320.             ),

  321.         )

  322. 

  323.     def test_deactivate_account_needs_auth(self) -> None:

  324.         """

  325.         Tests that making a request to /deactivate with an empty body

  326.         succeeds in starting the user-interactive auth flow.

  327.         """

  328.         req = self.make_request(

  329.             "POST",

  330.             "account/deactivate",

  331.             {},

  332.             access_token=self.token,

  333.         )

  334. 

  335.         self.assertEqual(req.code, 401, req)

  336.         self.assertEqual(req.json_body["flows"], [{"stages": ["m.login.password"]}])