mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-28 05:39:36 +03:00
Add an Admin API endpoint for looking up users based on 3PID (#14405)
This commit is contained in:
parent
3a4f80f8c6
commit
a3623af74e
5 changed files with 161 additions and 13 deletions
1
changelog.d/14405.feature
Normal file
1
changelog.d/14405.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add an [Admin API](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) endpoint for user lookup based on third-party ID (3PID). Contributed by @ashfame.
|
|
@ -1197,3 +1197,42 @@ Returns a `404` HTTP status code if no user was found, with a response body like
|
||||||
```
|
```
|
||||||
|
|
||||||
_Added in Synapse 1.68.0._
|
_Added in Synapse 1.68.0._
|
||||||
|
|
||||||
|
|
||||||
|
### Find a user based on their Third Party ID (ThreePID or 3PID)
|
||||||
|
|
||||||
|
The API is:
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /_synapse/admin/v1/threepid/$medium/users/$address
|
||||||
|
```
|
||||||
|
|
||||||
|
When a user matched the given address for the given medium, an HTTP code `200` with a response body like the following is returned:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"user_id": "@hello:example.org"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
**Parameters**
|
||||||
|
|
||||||
|
The following parameters should be set in the URL:
|
||||||
|
|
||||||
|
- `medium` - Kind of third-party ID, either `email` or `msisdn`.
|
||||||
|
- `address` - Value of the third-party ID.
|
||||||
|
|
||||||
|
The `address` may have characters that are not URL-safe, so it is advised to URL-encode those parameters.
|
||||||
|
|
||||||
|
**Errors**
|
||||||
|
|
||||||
|
Returns a `404` HTTP status code if no user was found, with a response body like this:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"errcode":"M_NOT_FOUND",
|
||||||
|
"error":"User not found"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
_Added in Synapse 1.72.0._
|
||||||
|
|
|
@ -81,6 +81,7 @@ from synapse.rest.admin.users import (
|
||||||
ShadowBanRestServlet,
|
ShadowBanRestServlet,
|
||||||
UserAdminServlet,
|
UserAdminServlet,
|
||||||
UserByExternalId,
|
UserByExternalId,
|
||||||
|
UserByThreePid,
|
||||||
UserMembershipRestServlet,
|
UserMembershipRestServlet,
|
||||||
UserRegisterServlet,
|
UserRegisterServlet,
|
||||||
UserRestServletV2,
|
UserRestServletV2,
|
||||||
|
@ -277,6 +278,7 @@ def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
|
||||||
RoomMessagesRestServlet(hs).register(http_server)
|
RoomMessagesRestServlet(hs).register(http_server)
|
||||||
RoomTimestampToEventRestServlet(hs).register(http_server)
|
RoomTimestampToEventRestServlet(hs).register(http_server)
|
||||||
UserByExternalId(hs).register(http_server)
|
UserByExternalId(hs).register(http_server)
|
||||||
|
UserByThreePid(hs).register(http_server)
|
||||||
|
|
||||||
# Some servlets only get registered for the main process.
|
# Some servlets only get registered for the main process.
|
||||||
if hs.config.worker.worker_app is None:
|
if hs.config.worker.worker_app is None:
|
||||||
|
|
|
@ -1224,3 +1224,28 @@ class UserByExternalId(RestServlet):
|
||||||
raise NotFoundError("User not found")
|
raise NotFoundError("User not found")
|
||||||
|
|
||||||
return HTTPStatus.OK, {"user_id": user_id}
|
return HTTPStatus.OK, {"user_id": user_id}
|
||||||
|
|
||||||
|
|
||||||
|
class UserByThreePid(RestServlet):
|
||||||
|
"""Find a user based on 3PID of a particular medium"""
|
||||||
|
|
||||||
|
PATTERNS = admin_patterns("/threepid/(?P<medium>[^/]*)/users/(?P<address>[^/]*)")
|
||||||
|
|
||||||
|
def __init__(self, hs: "HomeServer"):
|
||||||
|
self._auth = hs.get_auth()
|
||||||
|
self._store = hs.get_datastores().main
|
||||||
|
|
||||||
|
async def on_GET(
|
||||||
|
self,
|
||||||
|
request: SynapseRequest,
|
||||||
|
medium: str,
|
||||||
|
address: str,
|
||||||
|
) -> Tuple[int, JsonDict]:
|
||||||
|
await assert_requester_is_admin(self._auth, request)
|
||||||
|
|
||||||
|
user_id = await self._store.get_user_id_by_threepid(medium, address)
|
||||||
|
|
||||||
|
if user_id is None:
|
||||||
|
raise NotFoundError("User not found")
|
||||||
|
|
||||||
|
return HTTPStatus.OK, {"user_id": user_id}
|
||||||
|
|
|
@ -41,14 +41,12 @@ from tests.unittest import override_config
|
||||||
|
|
||||||
|
|
||||||
class UserRegisterTestCase(unittest.HomeserverTestCase):
|
class UserRegisterTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets_for_client_rest_resource,
|
synapse.rest.admin.register_servlets_for_client_rest_resource,
|
||||||
profile.register_servlets,
|
profile.register_servlets,
|
||||||
]
|
]
|
||||||
|
|
||||||
def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer:
|
def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer:
|
||||||
|
|
||||||
self.url = "/_synapse/admin/v1/register"
|
self.url = "/_synapse/admin/v1/register"
|
||||||
|
|
||||||
self.registration_handler = Mock()
|
self.registration_handler = Mock()
|
||||||
|
@ -446,7 +444,6 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class UsersListTestCase(unittest.HomeserverTestCase):
|
class UsersListTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -1108,7 +1105,6 @@ class UserDevicesTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class DeactivateAccountTestCase(unittest.HomeserverTestCase):
|
class DeactivateAccountTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -1382,7 +1378,6 @@ class DeactivateAccountTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class UserRestTestCase(unittest.HomeserverTestCase):
|
class UserRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -2803,7 +2798,6 @@ class UserRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class UserMembershipRestTestCase(unittest.HomeserverTestCase):
|
class UserMembershipRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -2960,7 +2954,6 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class PushersRestTestCase(unittest.HomeserverTestCase):
|
class PushersRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -3089,7 +3082,6 @@ class PushersRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class UserMediaRestTestCase(unittest.HomeserverTestCase):
|
class UserMediaRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -3881,7 +3873,6 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
class WhoisRestTestCase(unittest.HomeserverTestCase):
|
class WhoisRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -3961,7 +3952,6 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class ShadowBanRestTestCase(unittest.HomeserverTestCase):
|
class ShadowBanRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -4042,7 +4032,6 @@ class ShadowBanRestTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class RateLimitTestCase(unittest.HomeserverTestCase):
|
class RateLimitTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -4268,7 +4257,6 @@ class RateLimitTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class AccountDataTestCase(unittest.HomeserverTestCase):
|
class AccountDataTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -4358,7 +4346,6 @@ class AccountDataTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
|
|
||||||
class UsersByExternalIdTestCase(unittest.HomeserverTestCase):
|
class UsersByExternalIdTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
servlets = [
|
servlets = [
|
||||||
synapse.rest.admin.register_servlets,
|
synapse.rest.admin.register_servlets,
|
||||||
login.register_servlets,
|
login.register_servlets,
|
||||||
|
@ -4442,3 +4429,97 @@ class UsersByExternalIdTestCase(unittest.HomeserverTestCase):
|
||||||
{"user_id": self.other_user},
|
{"user_id": self.other_user},
|
||||||
channel.json_body,
|
channel.json_body,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class UsersByThreePidTestCase(unittest.HomeserverTestCase):
|
||||||
|
servlets = [
|
||||||
|
synapse.rest.admin.register_servlets,
|
||||||
|
login.register_servlets,
|
||||||
|
]
|
||||||
|
|
||||||
|
def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
|
||||||
|
self.store = hs.get_datastores().main
|
||||||
|
|
||||||
|
self.admin_user = self.register_user("admin", "pass", admin=True)
|
||||||
|
self.admin_user_tok = self.login("admin", "pass")
|
||||||
|
|
||||||
|
self.other_user = self.register_user("user", "pass")
|
||||||
|
self.get_success(
|
||||||
|
self.store.user_add_threepid(
|
||||||
|
self.other_user, "email", "user@email.com", 1, 1
|
||||||
|
)
|
||||||
|
)
|
||||||
|
self.get_success(
|
||||||
|
self.store.user_add_threepid(self.other_user, "msidn", "+1-12345678", 1, 1)
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_no_auth(self) -> None:
|
||||||
|
"""Try to look up a user without authentication."""
|
||||||
|
url = "/_synapse/admin/v1/threepid/email/users/user%40email.com"
|
||||||
|
|
||||||
|
channel = self.make_request(
|
||||||
|
"GET",
|
||||||
|
url,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(401, channel.code, msg=channel.json_body)
|
||||||
|
self.assertEqual(Codes.MISSING_TOKEN, channel.json_body["errcode"])
|
||||||
|
|
||||||
|
def test_medium_does_not_exist(self) -> None:
|
||||||
|
"""Tests that both a lookup for a medium that does not exist and a user that
|
||||||
|
doesn't exist with that third party ID returns a 404"""
|
||||||
|
# test for unknown medium
|
||||||
|
url = "/_synapse/admin/v1/threepid/publickey/users/unknown-key"
|
||||||
|
|
||||||
|
channel = self.make_request(
|
||||||
|
"GET",
|
||||||
|
url,
|
||||||
|
access_token=self.admin_user_tok,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(404, channel.code, msg=channel.json_body)
|
||||||
|
self.assertEqual(Codes.NOT_FOUND, channel.json_body["errcode"])
|
||||||
|
|
||||||
|
# test for unknown user with a known medium
|
||||||
|
url = "/_synapse/admin/v1/threepid/email/users/unknown"
|
||||||
|
|
||||||
|
channel = self.make_request(
|
||||||
|
"GET",
|
||||||
|
url,
|
||||||
|
access_token=self.admin_user_tok,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(404, channel.code, msg=channel.json_body)
|
||||||
|
self.assertEqual(Codes.NOT_FOUND, channel.json_body["errcode"])
|
||||||
|
|
||||||
|
def test_success(self) -> None:
|
||||||
|
"""Tests a successful medium + address lookup"""
|
||||||
|
# test for email medium with encoded value of user@email.com
|
||||||
|
url = "/_synapse/admin/v1/threepid/email/users/user%40email.com"
|
||||||
|
|
||||||
|
channel = self.make_request(
|
||||||
|
"GET",
|
||||||
|
url,
|
||||||
|
access_token=self.admin_user_tok,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(200, channel.code, msg=channel.json_body)
|
||||||
|
self.assertEqual(
|
||||||
|
{"user_id": self.other_user},
|
||||||
|
channel.json_body,
|
||||||
|
)
|
||||||
|
|
||||||
|
# test for msidn medium with encoded value of +1-12345678
|
||||||
|
url = "/_synapse/admin/v1/threepid/msidn/users/%2B1-12345678"
|
||||||
|
|
||||||
|
channel = self.make_request(
|
||||||
|
"GET",
|
||||||
|
url,
|
||||||
|
access_token=self.admin_user_tok,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(200, channel.code, msg=channel.json_body)
|
||||||
|
self.assertEqual(
|
||||||
|
{"user_id": self.other_user},
|
||||||
|
channel.json_body,
|
||||||
|
)
|
||||||
|
|
Loading…
Reference in a new issue