gitlord
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Code Issues 0 Releases 671 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23022 Commits
842 Branches
342 MiB
 
 
 
 
 
 
Tree: 9ec3da06da
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9ec3da06da'
${ noResults }
synapse/tests/handlers/test_register.py

816 lines
31 KiB
Raw Blame History 

  1. # Copyright 2015, 2016 OpenMarket Ltd

  2. #

  3. # Licensed under the Apache License, Version 2.0 (the "License");

  4. # you may not use this file except in compliance with the License.

  5. # You may obtain a copy of the License at

  6. #

  7. #     http://www.apache.org/licenses/LICENSE-2.0

  8. #

  9. # Unless required by applicable law or agreed to in writing, software

  10. # distributed under the License is distributed on an "AS IS" BASIS,

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. # See the License for the specific language governing permissions and

  13. # limitations under the License.

  14. 

  15. from typing import Any, Collection, List, Optional, Tuple

  16. from unittest.mock import AsyncMock, Mock

  17. 

  18. from twisted.test.proto_helpers import MemoryReactor

  19. 

  20. from synapse.api.auth.internal import InternalAuth

  21. from synapse.api.constants import UserTypes

  22. from synapse.api.errors import (

  23.     CodeMessageException,

  24.     Codes,

  25.     ResourceLimitError,

  26.     SynapseError,

  27. )

  28. from synapse.module_api import ModuleApi

  29. from synapse.server import HomeServer

  30. from synapse.spam_checker_api import RegistrationBehaviour

  31. from synapse.types import (

  32.     JsonDict,

  33.     Requester,

  34.     RoomAlias,

  35.     RoomID,

  36.     UserID,

  37.     create_requester,

  38. )

  39. from synapse.util import Clock

  40. 

  41. from tests.unittest import override_config

  42. from tests.utils import mock_getRawHeaders

  43. 

  44. from .. import unittest

  45. 

  46. 

  47. class TestSpamChecker:

  48.     def __init__(self, config: None, api: ModuleApi):

  49.         api.register_spam_checker_callbacks(

  50.             check_registration_for_spam=self.check_registration_for_spam,

  51.         )

  52. 

  53.     @staticmethod

  54.     def parse_config(config: JsonDict) -> None:

  55.         return None

  56. 

  57.     async def check_registration_for_spam(

  58.         self,

  59.         email_threepid: Optional[dict],

  60.         username: Optional[str],

  61.         request_info: Collection[Tuple[str, str]],

  62.         auth_provider_id: Optional[str],

  63.     ) -> RegistrationBehaviour:

  64.         return RegistrationBehaviour.ALLOW

  65. 

  66. 

  67. class DenyAll(TestSpamChecker):

  68.     async def check_registration_for_spam(

  69.         self,

  70.         email_threepid: Optional[dict],

  71.         username: Optional[str],

  72.         request_info: Collection[Tuple[str, str]],

  73.         auth_provider_id: Optional[str],

  74.     ) -> RegistrationBehaviour:

  75.         return RegistrationBehaviour.DENY

  76. 

  77. 

  78. class BanAll(TestSpamChecker):

  79.     async def check_registration_for_spam(

  80.         self,

  81.         email_threepid: Optional[dict],

  82.         username: Optional[str],

  83.         request_info: Collection[Tuple[str, str]],

  84.         auth_provider_id: Optional[str],

  85.     ) -> RegistrationBehaviour:

  86.         return RegistrationBehaviour.SHADOW_BAN

  87. 

  88. 

  89. class BanBadIdPUser(TestSpamChecker):

  90.     async def check_registration_for_spam(

  91.         self,

  92.         email_threepid: Optional[dict],

  93.         username: Optional[str],

  94.         request_info: Collection[Tuple[str, str]],

  95.         auth_provider_id: Optional[str] = None,

  96.     ) -> RegistrationBehaviour:

  97.         # Reject any user coming from CAS and whose username contains profanity

  98.         if auth_provider_id == "cas" and username and "flimflob" in username:

  99.             return RegistrationBehaviour.DENY

  100.         return RegistrationBehaviour.ALLOW

  101. 

  102. 

  103. class TestLegacyRegistrationSpamChecker:

  104.     def __init__(self, config: None, api: ModuleApi):

  105.         pass

  106. 

  107.     async def check_registration_for_spam(

  108.         self,

  109.         email_threepid: Optional[dict],

  110.         username: Optional[str],

  111.         request_info: Collection[Tuple[str, str]],

  112.     ) -> RegistrationBehaviour:

  113.         return RegistrationBehaviour.ALLOW

  114. 

  115. 

  116. class LegacyAllowAll(TestLegacyRegistrationSpamChecker):

  117.     async def check_registration_for_spam(

  118.         self,

  119.         email_threepid: Optional[dict],

  120.         username: Optional[str],

  121.         request_info: Collection[Tuple[str, str]],

  122.     ) -> RegistrationBehaviour:

  123.         return RegistrationBehaviour.ALLOW

  124. 

  125. 

  126. class LegacyDenyAll(TestLegacyRegistrationSpamChecker):

  127.     async def check_registration_for_spam(

  128.         self,

  129.         email_threepid: Optional[dict],

  130.         username: Optional[str],

  131.         request_info: Collection[Tuple[str, str]],

  132.     ) -> RegistrationBehaviour:

  133.         return RegistrationBehaviour.DENY

  134. 

  135. 

  136. class RegistrationTestCase(unittest.HomeserverTestCase):

  137.     """Tests the RegistrationHandler."""

  138. 

  139.     def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer:

  140.         hs_config = self.default_config()

  141. 

  142.         # some of the tests rely on us having a user consent version

  143.         hs_config.setdefault("user_consent", {}).update(

  144.             {

  145.                 "version": "test_consent_version",

  146.                 "template_dir": ".",

  147.             }

  148.         )

  149.         hs_config["max_mau_value"] = 50

  150.         hs_config["limit_usage_by_mau"] = True

  151. 

  152.         # Don't attempt to reach out over federation.

  153.         self.mock_federation_client = Mock()

  154.         self.mock_federation_client.make_query.side_effect = CodeMessageException(

  155.             500, ""

  156.         )

  157. 

  158.         hs = self.setup_test_homeserver(

  159.             config=hs_config, federation_client=self.mock_federation_client

  160.         )

  161. 

  162.         return hs

  163. 

  164.     def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:

  165.         self.handler = self.hs.get_registration_handler()

  166.         self.store = self.hs.get_datastores().main

  167.         self.lots_of_users = 100

  168.         self.small_number_of_users = 1

  169. 

  170.         self.requester = create_requester("@requester:test")

  171. 

  172.     def test_user_is_created_and_logged_in_if_doesnt_exist(self) -> None:

  173.         frank = UserID.from_string("@frank:test")

  174.         user_id = frank.to_string()

  175.         requester = create_requester(user_id)

  176.         result_user_id, result_token = self.get_success(

  177.             self.get_or_create_user(requester, frank.localpart, "Frankie")

  178.         )

  179.         self.assertEqual(result_user_id, user_id)

  180.         self.assertIsInstance(result_token, str)

  181.         self.assertGreater(len(result_token), 20)

  182. 

  183.     def test_if_user_exists(self) -> None:

  184.         store = self.hs.get_datastores().main

  185.         frank = UserID.from_string("@frank:test")

  186.         self.get_success(

  187.             store.register_user(user_id=frank.to_string(), password_hash=None)

  188.         )

  189.         local_part = frank.localpart

  190.         user_id = frank.to_string()

  191.         requester = create_requester(user_id)

  192.         result_user_id, result_token = self.get_success(

  193.             self.get_or_create_user(requester, local_part, None)

  194.         )

  195.         self.assertEqual(result_user_id, user_id)

  196.         self.assertTrue(result_token is not None)

  197. 

  198.     @override_config({"limit_usage_by_mau": False})

  199.     def test_mau_limits_when_disabled(self) -> None:

  200.         # Ensure does not throw exception

  201.         self.get_success(self.get_or_create_user(self.requester, "a", "display_name"))

  202. 

  203.     @override_config({"limit_usage_by_mau": True})

  204.     def test_get_or_create_user_mau_not_blocked(self) -> None:

  205.         self.store.count_monthly_users = AsyncMock(  # type: ignore[method-assign]

  206.             return_value=self.hs.config.server.max_mau_value - 1

  207.         )

  208.         # Ensure does not throw exception

  209.         self.get_success(self.get_or_create_user(self.requester, "c", "User"))

  210. 

  211.     @override_config({"limit_usage_by_mau": True})

  212.     def test_get_or_create_user_mau_blocked(self) -> None:

  213.         self.store.get_monthly_active_count = AsyncMock(return_value=self.lots_of_users)

  214.         self.get_failure(

  215.             self.get_or_create_user(self.requester, "b", "display_name"),

  216.             ResourceLimitError,

  217.         )

  218. 

  219.         self.store.get_monthly_active_count = AsyncMock(

  220.             return_value=self.hs.config.server.max_mau_value

  221.         )

  222.         self.get_failure(

  223.             self.get_or_create_user(self.requester, "b", "display_name"),

  224.             ResourceLimitError,

  225.         )

  226. 

  227.     @override_config({"limit_usage_by_mau": True})

  228.     def test_register_mau_blocked(self) -> None:

  229.         self.store.get_monthly_active_count = AsyncMock(return_value=self.lots_of_users)

  230.         self.get_failure(

  231.             self.handler.register_user(localpart="local_part"), ResourceLimitError

  232.         )

  233. 

  234.         self.store.get_monthly_active_count = AsyncMock(

  235.             return_value=self.hs.config.server.max_mau_value

  236.         )

  237.         self.get_failure(

  238.             self.handler.register_user(localpart="local_part"), ResourceLimitError

  239.         )

  240. 

  241.     @override_config(

  242.         {"auto_join_rooms": ["#room:test"], "auto_join_rooms_for_guests": False}

  243.     )

  244.     def test_auto_join_rooms_for_guests(self) -> None:

  245.         user_id = self.get_success(

  246.             self.handler.register_user(localpart="jeff", make_guest=True),

  247.         )

  248.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  249.         self.assertEqual(len(rooms), 0)

  250. 

  251.     @override_config({"auto_join_rooms": ["#room:test"]})

  252.     def test_auto_create_auto_join_rooms(self) -> None:

  253.         room_alias_str = "#room:test"

  254.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  255.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  256.         directory_handler = self.hs.get_directory_handler()

  257.         room_alias = RoomAlias.from_string(room_alias_str)

  258.         room_id = self.get_success(directory_handler.get_association(room_alias))

  259. 

  260.         self.assertTrue(room_id["room_id"] in rooms)

  261.         self.assertEqual(len(rooms), 1)

  262. 

  263.     @override_config({"auto_join_rooms": []})

  264.     def test_auto_create_auto_join_rooms_with_no_rooms(self) -> None:

  265.         frank = UserID.from_string("@frank:test")

  266.         user_id = self.get_success(self.handler.register_user(frank.localpart))

  267.         self.assertEqual(user_id, frank.to_string())

  268.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  269.         self.assertEqual(len(rooms), 0)

  270. 

  271.     @override_config({"auto_join_rooms": ["#room:another"]})

  272.     def test_auto_create_auto_join_where_room_is_another_domain(self) -> None:

  273.         frank = UserID.from_string("@frank:test")

  274.         user_id = self.get_success(self.handler.register_user(frank.localpart))

  275.         self.assertEqual(user_id, frank.to_string())

  276.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  277.         self.assertEqual(len(rooms), 0)

  278. 

  279.     @override_config(

  280.         {"auto_join_rooms": ["#room:test"], "autocreate_auto_join_rooms": False}

  281.     )

  282.     def test_auto_create_auto_join_where_auto_create_is_false(self) -> None:

  283.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  284.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  285.         self.assertEqual(len(rooms), 0)

  286. 

  287.     @override_config({"auto_join_rooms": ["#room:test"]})

  288.     def test_auto_create_auto_join_rooms_when_user_is_not_a_real_user(self) -> None:

  289.         room_alias_str = "#room:test"

  290.         self.store.is_real_user = AsyncMock(return_value=False)

  291.         user_id = self.get_success(self.handler.register_user(localpart="support"))

  292.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  293.         self.assertEqual(len(rooms), 0)

  294.         directory_handler = self.hs.get_directory_handler()

  295.         room_alias = RoomAlias.from_string(room_alias_str)

  296.         self.get_failure(directory_handler.get_association(room_alias), SynapseError)

  297. 

  298.     @override_config({"auto_join_rooms": ["#room:test"]})

  299.     def test_auto_create_auto_join_rooms_when_user_is_the_first_real_user(self) -> None:

  300.         room_alias_str = "#room:test"

  301. 

  302.         self.store.count_real_users = AsyncMock(return_value=1)  # type: ignore[method-assign]

  303.         self.store.is_real_user = AsyncMock(return_value=True)

  304.         user_id = self.get_success(self.handler.register_user(localpart="real"))

  305.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  306.         directory_handler = self.hs.get_directory_handler()

  307.         room_alias = RoomAlias.from_string(room_alias_str)

  308.         room_id = self.get_success(directory_handler.get_association(room_alias))

  309. 

  310.         self.assertTrue(room_id["room_id"] in rooms)

  311.         self.assertEqual(len(rooms), 1)

  312. 

  313.     @override_config({"auto_join_rooms": ["#room:test"]})

  314.     def test_auto_create_auto_join_rooms_when_user_is_not_the_first_real_user(

  315.         self,

  316.     ) -> None:

  317.         self.store.count_real_users = AsyncMock(return_value=2)  # type: ignore[method-assign]

  318.         self.store.is_real_user = AsyncMock(return_value=True)

  319.         user_id = self.get_success(self.handler.register_user(localpart="real"))

  320.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  321.         self.assertEqual(len(rooms), 0)

  322. 

  323.     @override_config(

  324.         {

  325.             "auto_join_rooms": ["#room:test"],

  326.             "autocreate_auto_join_rooms_federated": False,

  327.         }

  328.     )

  329.     def test_auto_create_auto_join_rooms_federated(self) -> None:

  330.         """

  331.         Auto-created rooms that are private require an invite to go to the user

  332.         (instead of directly joining it).

  333.         """

  334.         room_alias_str = "#room:test"

  335.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  336. 

  337.         # Ensure the room was created.

  338.         directory_handler = self.hs.get_directory_handler()

  339.         room_alias = RoomAlias.from_string(room_alias_str)

  340.         room_id = self.get_success(directory_handler.get_association(room_alias))

  341. 

  342.         # Ensure the room is properly not federated.

  343.         room = self.get_success(self.store.get_room_with_stats(room_id["room_id"]))

  344.         assert room is not None

  345.         self.assertFalse(room["federatable"])

  346.         self.assertFalse(room["public"])

  347.         self.assertEqual(room["join_rules"], "public")

  348.         self.assertIsNone(room["guest_access"])

  349. 

  350.         # The user should be in the room.

  351.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  352.         self.assertIn(room_id["room_id"], rooms)

  353. 

  354.     @override_config(

  355.         {"auto_join_rooms": ["#room:test"], "auto_join_mxid_localpart": "support"}

  356.     )

  357.     def test_auto_join_mxid_localpart(self) -> None:

  358.         """

  359.         Ensure the user still needs up in the room created by a different user.

  360.         """

  361.         # Ensure the support user exists.

  362.         inviter = "@support:test"

  363. 

  364.         room_alias_str = "#room:test"

  365.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  366. 

  367.         # Ensure the room was created.

  368.         directory_handler = self.hs.get_directory_handler()

  369.         room_alias = RoomAlias.from_string(room_alias_str)

  370.         room_id = self.get_success(directory_handler.get_association(room_alias))

  371. 

  372.         # Ensure the room is properly a public room.

  373.         room = self.get_success(self.store.get_room_with_stats(room_id["room_id"]))

  374.         assert room is not None

  375.         self.assertEqual(room["join_rules"], "public")

  376. 

  377.         # Both users should be in the room.

  378.         rooms = self.get_success(self.store.get_rooms_for_user(inviter))

  379.         self.assertIn(room_id["room_id"], rooms)

  380.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  381.         self.assertIn(room_id["room_id"], rooms)

  382. 

  383.         # Register a second user, which should also end up in the room.

  384.         user_id = self.get_success(self.handler.register_user(localpart="bob"))

  385.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  386.         self.assertIn(room_id["room_id"], rooms)

  387. 

  388.     @override_config(

  389.         {

  390.             "auto_join_rooms": ["#room:test"],

  391.             "autocreate_auto_join_room_preset": "private_chat",

  392.             "auto_join_mxid_localpart": "support",

  393.         }

  394.     )

  395.     def test_auto_create_auto_join_room_preset(self) -> None:

  396.         """

  397.         Auto-created rooms that are private require an invite to go to the user

  398.         (instead of directly joining it).

  399.         """

  400.         # Ensure the support user exists.

  401.         inviter = "@support:test"

  402. 

  403.         room_alias_str = "#room:test"

  404.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  405. 

  406.         # Ensure the room was created.

  407.         directory_handler = self.hs.get_directory_handler()

  408.         room_alias = RoomAlias.from_string(room_alias_str)

  409.         room_id = self.get_success(directory_handler.get_association(room_alias))

  410. 

  411.         # Ensure the room is properly a private room.

  412.         room = self.get_success(self.store.get_room_with_stats(room_id["room_id"]))

  413.         assert room is not None

  414.         self.assertFalse(room["public"])

  415.         self.assertEqual(room["join_rules"], "invite")

  416.         self.assertEqual(room["guest_access"], "can_join")

  417. 

  418.         # Both users should be in the room.

  419.         rooms = self.get_success(self.store.get_rooms_for_user(inviter))

  420.         self.assertIn(room_id["room_id"], rooms)

  421.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  422.         self.assertIn(room_id["room_id"], rooms)

  423. 

  424.         # Register a second user, which should also end up in the room.

  425.         user_id = self.get_success(self.handler.register_user(localpart="bob"))

  426.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  427.         self.assertIn(room_id["room_id"], rooms)

  428. 

  429.     @override_config(

  430.         {

  431.             "auto_join_rooms": ["#room:test"],

  432.             "autocreate_auto_join_room_preset": "private_chat",

  433.             "auto_join_mxid_localpart": "support",

  434.         }

  435.     )

  436.     def test_auto_create_auto_join_room_preset_guest(self) -> None:

  437.         """

  438.         Auto-created rooms that are private require an invite to go to the user

  439.         (instead of directly joining it).

  440. 

  441.         This should also work for guests.

  442.         """

  443.         inviter = "@support:test"

  444. 

  445.         room_alias_str = "#room:test"

  446.         user_id = self.get_success(

  447.             self.handler.register_user(localpart="jeff", make_guest=True)

  448.         )

  449. 

  450.         # Ensure the room was created.

  451.         directory_handler = self.hs.get_directory_handler()

  452.         room_alias = RoomAlias.from_string(room_alias_str)

  453.         room_id = self.get_success(directory_handler.get_association(room_alias))

  454. 

  455.         # Ensure the room is properly a private room.

  456.         room = self.get_success(self.store.get_room_with_stats(room_id["room_id"]))

  457.         assert room is not None

  458.         self.assertFalse(room["public"])

  459.         self.assertEqual(room["join_rules"], "invite")

  460.         self.assertEqual(room["guest_access"], "can_join")

  461. 

  462.         # Both users should be in the room.

  463.         rooms = self.get_success(self.store.get_rooms_for_user(inviter))

  464.         self.assertIn(room_id["room_id"], rooms)

  465.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  466.         self.assertIn(room_id["room_id"], rooms)

  467. 

  468.     @override_config(

  469.         {

  470.             "auto_join_rooms": ["#room:test"],

  471.             "autocreate_auto_join_room_preset": "private_chat",

  472.             "auto_join_mxid_localpart": "support",

  473.         }

  474.     )

  475.     def test_auto_create_auto_join_room_preset_invalid_permissions(self) -> None:

  476.         """

  477.         Auto-created rooms that are private require an invite, check that

  478.         registration doesn't completely break if the inviter doesn't have proper

  479.         permissions.

  480.         """

  481.         inviter = "@support:test"

  482. 

  483.         # Register an initial user to create the room and such (essentially this

  484.         # is a subset of test_auto_create_auto_join_room_preset).

  485.         room_alias_str = "#room:test"

  486.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  487. 

  488.         # Ensure the room was created.

  489.         directory_handler = self.hs.get_directory_handler()

  490.         room_alias = RoomAlias.from_string(room_alias_str)

  491.         room_id = self.get_success(directory_handler.get_association(room_alias))

  492. 

  493.         # Ensure the room exists.

  494.         self.get_success(self.store.get_room_with_stats(room_id["room_id"]))

  495. 

  496.         # Both users should be in the room.

  497.         rooms = self.get_success(self.store.get_rooms_for_user(inviter))

  498.         self.assertIn(room_id["room_id"], rooms)

  499.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  500.         self.assertIn(room_id["room_id"], rooms)

  501. 

  502.         # Lower the permissions of the inviter.

  503.         event_creation_handler = self.hs.get_event_creation_handler()

  504.         requester = create_requester(inviter)

  505.         event, unpersisted_context = self.get_success(

  506.             event_creation_handler.create_event(

  507.                 requester,

  508.                 {

  509.                     "type": "m.room.power_levels",

  510.                     "state_key": "",

  511.                     "room_id": room_id["room_id"],

  512.                     "content": {"invite": 100, "users": {inviter: 0}},

  513.                     "sender": inviter,

  514.                 },

  515.             )

  516.         )

  517.         context = self.get_success(unpersisted_context.persist(event))

  518.         self.get_success(

  519.             event_creation_handler.handle_new_client_event(

  520.                 requester, events_and_context=[(event, context)]

  521.             )

  522.         )

  523. 

  524.         # Register a second user, which won't be be in the room (or even have an invite)

  525.         # since the inviter no longer has the proper permissions.

  526.         user_id = self.get_success(self.handler.register_user(localpart="bob"))

  527. 

  528.         # This user should not be in any rooms.

  529.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  530.         invited_rooms = self.get_success(

  531.             self.store.get_invited_rooms_for_local_user(user_id)

  532.         )

  533.         self.assertEqual(rooms, set())

  534.         self.assertEqual(invited_rooms, [])

  535. 

  536.     @override_config(

  537.         {

  538.             "user_consent": {

  539.                 "block_events_error": "Error",

  540.                 "require_at_registration": True,

  541.             },

  542.             "form_secret": "53cr3t",

  543.             "public_baseurl": "http://test",

  544.             "auto_join_rooms": ["#room:test"],

  545.         },

  546.     )

  547.     def test_auto_create_auto_join_where_no_consent(self) -> None:

  548.         """Test to ensure that the first user is not auto-joined to a room if

  549.         they have not given general consent.

  550.         """

  551. 

  552.         # Given:-

  553.         #    * a user must give consent,

  554.         #    * they have not given that consent

  555.         #    * The server is configured to auto-join to a room

  556.         # (and autocreate if necessary)

  557. 

  558.         # When:-

  559.         #   * the user is registered

  560.         user_id = self.get_success(self.handler.register_user(localpart="jeff"))

  561. 

  562.         # Then:-

  563.         #   * Ensure that they have not been joined to the room

  564.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  565.         self.assertEqual(len(rooms), 0)

  566. 

  567.         # The user provides consent; ensure they are now in the rooms.

  568.         self.get_success(self.handler.post_consent_actions(user_id))

  569.         rooms = self.get_success(self.store.get_rooms_for_user(user_id))

  570.         self.assertEqual(len(rooms), 1)

  571. 

  572.     def test_register_support_user(self) -> None:

  573.         user_id = self.get_success(

  574.             self.handler.register_user(localpart="user", user_type=UserTypes.SUPPORT)

  575.         )

  576.         d = self.store.is_support_user(user_id)

  577.         self.assertTrue(self.get_success(d))

  578. 

  579.     def test_register_not_support_user(self) -> None:

  580.         user_id = self.get_success(self.handler.register_user(localpart="user"))

  581.         d = self.store.is_support_user(user_id)

  582.         self.assertFalse(self.get_success(d))

  583. 

  584.     def test_invalid_user_id(self) -> None:

  585.         invalid_user_id = "^abcd"

  586.         self.get_failure(

  587.             self.handler.register_user(localpart=invalid_user_id), SynapseError

  588.         )

  589. 

  590.     def test_special_chars(self) -> None:

  591.         """Ensure that characters which are allowed in Matrix IDs work."""

  592.         valid_user_id = "a1234_-./=+"

  593.         user_id = self.get_success(self.handler.register_user(localpart=valid_user_id))

  594.         self.assertEqual(user_id, f"@{valid_user_id}:test")

  595. 

  596.     def test_invalid_user_id_length(self) -> None:

  597.         invalid_user_id = "x" * 256

  598.         self.get_failure(

  599.             self.handler.register_user(localpart=invalid_user_id), SynapseError

  600.         )

  601. 

  602.     @override_config(

  603.         {

  604.             "modules": [

  605.                 {

  606.                     "module": TestSpamChecker.__module__ + ".DenyAll",

  607.                 }

  608.             ]

  609.         }

  610.     )

  611.     def test_spam_checker_deny(self) -> None:

  612.         """A spam checker can deny registration, which results in an error."""

  613.         self.get_failure(self.handler.register_user(localpart="user"), SynapseError)

  614. 

  615.     @override_config(

  616.         {

  617.             "spam_checker": [

  618.                 {

  619.                     "module": TestSpamChecker.__module__ + ".LegacyAllowAll",

  620.                 }

  621.             ]

  622.         }

  623.     )

  624.     def test_spam_checker_legacy_allow(self) -> None:

  625.         """Tests that a legacy spam checker implementing the legacy 3-arg version of the

  626.         check_registration_for_spam callback is correctly called.

  627. 

  628.         In this test and the following one we test both success and failure to make sure

  629.         any failure comes from the spam checker (and not something else failing in the

  630.         call stack) and any success comes from the spam checker (and not because a

  631.         misconfiguration prevented it from being loaded).

  632.         """

  633.         self.get_success(self.handler.register_user(localpart="user"))

  634. 

  635.     @override_config(

  636.         {

  637.             "spam_checker": [

  638.                 {

  639.                     "module": TestSpamChecker.__module__ + ".LegacyDenyAll",

  640.                 }

  641.             ]

  642.         }

  643.     )

  644.     def test_spam_checker_legacy_deny(self) -> None:

  645.         """Tests that a legacy spam checker implementing the legacy 3-arg version of the

  646.         check_registration_for_spam callback is correctly called.

  647. 

  648.         In this test and the previous one we test both success and failure to make sure

  649.         any failure comes from the spam checker (and not something else failing in the

  650.         call stack) and any success comes from the spam checker (and not because a

  651.         misconfiguration prevented it from being loaded).

  652.         """

  653.         self.get_failure(self.handler.register_user(localpart="user"), SynapseError)

  654. 

  655.     @override_config(

  656.         {

  657.             "modules": [

  658.                 {

  659.                     "module": TestSpamChecker.__module__ + ".BanAll",

  660.                 }

  661.             ]

  662.         }

  663.     )

  664.     def test_spam_checker_shadow_ban(self) -> None:

  665.         """A spam checker can choose to shadow-ban a user, which allows registration to succeed."""

  666.         user_id = self.get_success(self.handler.register_user(localpart="user"))

  667. 

  668.         # Get an access token.

  669.         token = "testtok"

  670.         self.get_success(

  671.             self.store.add_access_token_to_user(

  672.                 user_id=user_id, token=token, device_id=None, valid_until_ms=None

  673.             )

  674.         )

  675. 

  676.         # Ensure the user was marked as shadow-banned.

  677.         request = Mock(args={})

  678.         request.args[b"access_token"] = [token.encode("ascii")]

  679.         request.requestHeaders.getRawHeaders = mock_getRawHeaders()

  680.         auth = InternalAuth(self.hs)

  681.         requester = self.get_success(auth.get_user_by_req(request))

  682. 

  683.         self.assertTrue(requester.shadow_banned)

  684. 

  685.     @override_config(

  686.         {

  687.             "modules": [

  688.                 {

  689.                     "module": TestSpamChecker.__module__ + ".BanBadIdPUser",

  690.                 }

  691.             ]

  692.         }

  693.     )

  694.     def test_spam_checker_receives_sso_type(self) -> None:

  695.         """Test rejecting registration based on SSO type"""

  696.         f = self.get_failure(

  697.             self.handler.register_user(localpart="bobflimflob", auth_provider_id="cas"),

  698.             SynapseError,

  699.         )

  700.         exception = f.value

  701. 

  702.         # We return 429 from the spam checker for denied registrations

  703.         self.assertIsInstance(exception, SynapseError)

  704.         self.assertEqual(exception.code, 429)

  705. 

  706.         # Check the same username can register using SAML

  707.         self.get_success(

  708.             self.handler.register_user(localpart="bobflimflob", auth_provider_id="saml")

  709.         )

  710. 

  711.     async def get_or_create_user(

  712.         self,

  713.         requester: Requester,

  714.         localpart: str,

  715.         displayname: Optional[str],

  716.         password_hash: Optional[str] = None,

  717.     ) -> Tuple[str, str]:

  718.         """Creates a new user if the user does not exist,

  719.         else revokes all previous access tokens and generates a new one.

  720. 

  721.         XXX: this used to be in the main codebase, but was only used by this file,

  722.         so got moved here. TODO: get rid of it, probably

  723. 

  724.         Args:

  725.             localpart : The local part of the user ID to register. If None,

  726.               one will be randomly generated.

  727.         Returns:

  728.             A tuple of (user_id, access_token).

  729.         """

  730.         if localpart is None:

  731.             raise SynapseError(400, "Request must include user id")

  732.         await self.hs.get_auth_blocking().check_auth_blocking()

  733.         need_register = True

  734. 

  735.         try:

  736.             await self.handler.check_username(localpart)

  737.         except SynapseError as e:

  738.             if e.errcode == Codes.USER_IN_USE:

  739.                 need_register = False

  740.             else:

  741.                 raise

  742. 

  743.         user = UserID(localpart, self.hs.hostname)

  744.         user_id = user.to_string()

  745.         token = self.hs.get_auth_handler().generate_access_token(user)

  746. 

  747.         if need_register:

  748.             await self.handler.register_with_store(

  749.                 user_id=user_id,

  750.                 password_hash=password_hash,

  751.                 create_profile_with_displayname=user.localpart,

  752.             )

  753.         else:

  754.             await self.hs.get_auth_handler().delete_access_tokens_for_user(user_id)

  755. 

  756.         await self.store.add_access_token_to_user(

  757.             user_id=user_id, token=token, device_id=None, valid_until_ms=None

  758.         )

  759. 

  760.         if displayname is not None:

  761.             # logger.info("setting user display name: %s -> %s", user_id, displayname)

  762.             await self.hs.get_profile_handler().set_displayname(

  763.                 user, requester, displayname, by_admin=True

  764.             )

  765. 

  766.         return user_id, token

  767. 

  768. 

  769. class RemoteAutoJoinTestCase(unittest.HomeserverTestCase):

  770.     """Tests auto-join on remote rooms."""

  771. 

  772.     def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer:

  773.         self.room_id = "!roomid:remotetest"

  774. 

  775.         async def update_membership(*args: Any, **kwargs: Any) -> None:

  776.             pass

  777. 

  778.         async def lookup_room_alias(

  779.             *args: Any, **kwargs: Any

  780.         ) -> Tuple[RoomID, List[str]]:

  781.             return RoomID.from_string(self.room_id), ["remotetest"]

  782. 

  783.         self.room_member_handler = Mock(spec=["update_membership", "lookup_room_alias"])

  784.         self.room_member_handler.update_membership.side_effect = update_membership

  785.         self.room_member_handler.lookup_room_alias.side_effect = lookup_room_alias

  786. 

  787.         hs = self.setup_test_homeserver(room_member_handler=self.room_member_handler)

  788.         return hs

  789. 

  790.     def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:

  791.         self.handler = self.hs.get_registration_handler()

  792.         self.store = self.hs.get_datastores().main

  793. 

  794.     @override_config({"auto_join_rooms": ["#room:remotetest"]})

  795.     def test_auto_create_auto_join_remote_room(self) -> None:

  796.         """Tests that we don't attempt to create remote rooms, and that we don't attempt

  797.         to invite ourselves to rooms we're not in."""

  798. 

  799.         # Register a first user; this should call _create_and_join_rooms

  800.         self.get_success(self.handler.register_user(localpart="jeff"))

  801. 

  802.         _, kwargs = self.room_member_handler.update_membership.call_args

  803. 

  804.         self.assertEqual(kwargs["room_id"], self.room_id)

  805.         self.assertEqual(kwargs["action"], "join")

  806.         self.assertEqual(kwargs["remote_room_hosts"], ["remotetest"])

  807. 

  808.         # Register a second user; this should call _join_rooms

  809.         self.get_success(self.handler.register_user(localpart="jeff2"))

  810. 

  811.         _, kwargs = self.room_member_handler.update_membership.call_args

  812. 

  813.         self.assertEqual(kwargs["room_id"], self.room_id)

  814.         self.assertEqual(kwargs["action"], "join")

  815.         self.assertEqual(kwargs["remote_room_hosts"], ["remotetest"])