mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-28 23:20:09 +03:00
deploy: 8c56e18e47
This commit is contained in:
parent
155c8f3a97
commit
eb4fbb70fd
6 changed files with 86 additions and 8 deletions
|
@ -296,6 +296,9 @@ granting them access to the Admin API, among other things.</p>
|
|||
</li>
|
||||
<li>
|
||||
<p><code>deactivated</code> - <strong>bool</strong>, optional. If unspecified, deactivation state will be left unchanged.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>locked</code> - <strong>bool</strong>, optional. If unspecified, locked state will be left unchanged.</p>
|
||||
<p>Note: the <code>password</code> field must also be set if both of the following are true:</p>
|
||||
<ul>
|
||||
<li><code>deactivated</code> is set to <code>false</code> and the user was previously deactivated (you are reactivating this user)</li>
|
||||
|
@ -368,6 +371,10 @@ that contain this value. This parameter is ignored when using the <code>name</co
|
|||
Defaults to <code>true</code> to include guest users.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>admins</code> - Optional flag to filter admins. If <code>true</code>, only admins are queried. If <code>false</code>, admins are excluded from
|
||||
the query. When the flag is absent (the default), <strong>both</strong> admins and non-admins are included in the search results.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>deactivated</code> - string representing a bool - Is optional and if <code>true</code> will <strong>include</strong> deactivated users.
|
||||
Defaults to <code>false</code> to exclude deactivated users.</p>
|
||||
</li>
|
||||
|
|
|
@ -6177,6 +6177,16 @@ enable SAML login. You can either put your entire pysaml config inline using the
|
|||
option, or you can specify a path to a psyaml config file with the sub-option <code>config_path</code>.
|
||||
This setting has the following sub-options:</p>
|
||||
<ul>
|
||||
<li><code>idp_name</code>: A user-facing name for this identity provider, which is used to
|
||||
offer the user a choice of login mechanisms.</li>
|
||||
<li><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</li>
|
||||
<li><code>idp_brand</code>: An optional brand for this identity provider, allowing clients
|
||||
to style the login flow according to the identity provider in question.
|
||||
See the <a href="https://spec.matrix.org/latest/">spec</a> for possible options here.</li>
|
||||
<li><code>sp_config</code>: the configuration for the pysaml2 Service Provider. See pysaml2 docs for format of config.
|
||||
Default values will be used for the <code>entityid</code> and <code>service</code> settings,
|
||||
so it is not normally necessary to specify them unless you need to
|
||||
|
@ -6335,7 +6345,7 @@ offer the user a choice of login mechanisms.</p>
|
|||
<li>
|
||||
<p><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format mxc://<server-name>/<media-id>. (An easy way to
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</p>
|
||||
</li>
|
||||
|
@ -6357,7 +6367,15 @@ is enabled) to discover the provider's endpoints.</p>
|
|||
</li>
|
||||
<li>
|
||||
<p><code>client_secret</code>: oauth2 client secret to use. May be omitted if
|
||||
<code>client_secret_jwt_key</code> is given, or if <code>client_auth_method</code> is 'none'.</p>
|
||||
<code>client_secret_jwt_key</code> is given, or if <code>client_auth_method</code> is 'none'.
|
||||
Must be omitted if <code>client_secret_path</code> is specified.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>client_secret_path</code>: path to the oauth2 client secret to use. With that
|
||||
it's not necessary to leak secrets into the config file itself.
|
||||
Mutually exclusive with <code>client_secret</code>. Can be omitted if
|
||||
<code>client_secret_jwt_key</code> is specified.</p>
|
||||
<p><em>Added in Synapse 1.91.0.</em></p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>client_secret_jwt_key</code>: Alternative to client_secret: details of a key used
|
||||
|
@ -6579,6 +6597,16 @@ Has the following sub-options:</p>
|
|||
<ul>
|
||||
<li><code>enabled</code>: Set this to true to enable authorization against a CAS server.
|
||||
Defaults to false.</li>
|
||||
<li><code>idp_name</code>: A user-facing name for this identity provider, which is used to
|
||||
offer the user a choice of login mechanisms.</li>
|
||||
<li><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</li>
|
||||
<li><code>idp_brand</code>: An optional brand for this identity provider, allowing clients
|
||||
to style the login flow according to the identity provider in question.
|
||||
See the <a href="https://spec.matrix.org/latest/">spec</a> for possible options here.</li>
|
||||
<li><code>server_url</code>: The URL of the CAS authorization endpoint.</li>
|
||||
<li><code>displayname_attribute</code>: The attribute of the CAS response to use as the display name.
|
||||
If no name is given here, no displayname will be set.</li>
|
||||
|
@ -6802,12 +6830,16 @@ user does not share a room with the requester.</p>
|
|||
If set to true, local users are more likely to appear above remote users when searching the
|
||||
user directory. Defaults to false.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>show_locked_users</code>: Defines whether to show locked users in search query results. Defaults to false.</p>
|
||||
</li>
|
||||
</ul>
|
||||
<p>Example configuration:</p>
|
||||
<pre><code class="language-yaml">user_directory:
|
||||
enabled: false
|
||||
search_all_users: true
|
||||
prefer_local_users: true
|
||||
show_locked_users: true
|
||||
</code></pre>
|
||||
<hr />
|
||||
<h3 id="user_consent"><a class="header" href="#user_consent"><code>user_consent</code></a></h3>
|
||||
|
@ -7503,7 +7535,7 @@ disable_existing_loggers: false
|
|||
<p>A structured logging system can be useful when your logs are destined for a
|
||||
machine to parse and process. By maintaining its machine-readable characteristics,
|
||||
it enables more efficient searching and aggregations when consumed by software
|
||||
such as the "ELK stack".</p>
|
||||
such as the <a href="https://opensource.com/article/18/9/open-source-log-aggregation-tools">ELK stack</a>.</p>
|
||||
<p>Synapse's structured logging system is configured via the file that Synapse's
|
||||
<code>log_config</code> config option points to. The file should include a formatter which
|
||||
uses the <code>synapse.logging.TerseJsonFormatter</code> class included with Synapse and a
|
||||
|
@ -13893,6 +13925,9 @@ granting them access to the Admin API, among other things.</p>
|
|||
</li>
|
||||
<li>
|
||||
<p><code>deactivated</code> - <strong>bool</strong>, optional. If unspecified, deactivation state will be left unchanged.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>locked</code> - <strong>bool</strong>, optional. If unspecified, locked state will be left unchanged.</p>
|
||||
<p>Note: the <code>password</code> field must also be set if both of the following are true:</p>
|
||||
<ul>
|
||||
<li><code>deactivated</code> is set to <code>false</code> and the user was previously deactivated (you are reactivating this user)</li>
|
||||
|
@ -13965,6 +14000,10 @@ that contain this value. This parameter is ignored when using the <code>name</co
|
|||
Defaults to <code>true</code> to include guest users.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>admins</code> - Optional flag to filter admins. If <code>true</code>, only admins are queried. If <code>false</code>, admins are excluded from
|
||||
the query. When the flag is absent (the default), <strong>both</strong> admins and non-admins are included in the search results.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>deactivated</code> - string representing a bool - Is optional and if <code>true</code> will <strong>include</strong> deactivated users.
|
||||
Defaults to <code>false</code> to exclude deactivated users.</p>
|
||||
</li>
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -150,7 +150,7 @@
|
|||
<p>A structured logging system can be useful when your logs are destined for a
|
||||
machine to parse and process. By maintaining its machine-readable characteristics,
|
||||
it enables more efficient searching and aggregations when consumed by software
|
||||
such as the "ELK stack".</p>
|
||||
such as the <a href="https://opensource.com/article/18/9/open-source-log-aggregation-tools">ELK stack</a>.</p>
|
||||
<p>Synapse's structured logging system is configured via the file that Synapse's
|
||||
<code>log_config</code> config option points to. The file should include a formatter which
|
||||
uses the <code>synapse.logging.TerseJsonFormatter</code> class included with Synapse and a
|
||||
|
|
|
@ -2640,6 +2640,16 @@ enable SAML login. You can either put your entire pysaml config inline using the
|
|||
option, or you can specify a path to a psyaml config file with the sub-option <code>config_path</code>.
|
||||
This setting has the following sub-options:</p>
|
||||
<ul>
|
||||
<li><code>idp_name</code>: A user-facing name for this identity provider, which is used to
|
||||
offer the user a choice of login mechanisms.</li>
|
||||
<li><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</li>
|
||||
<li><code>idp_brand</code>: An optional brand for this identity provider, allowing clients
|
||||
to style the login flow according to the identity provider in question.
|
||||
See the <a href="https://spec.matrix.org/latest/">spec</a> for possible options here.</li>
|
||||
<li><code>sp_config</code>: the configuration for the pysaml2 Service Provider. See pysaml2 docs for format of config.
|
||||
Default values will be used for the <code>entityid</code> and <code>service</code> settings,
|
||||
so it is not normally necessary to specify them unless you need to
|
||||
|
@ -2798,7 +2808,7 @@ offer the user a choice of login mechanisms.</p>
|
|||
<li>
|
||||
<p><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format mxc://<server-name>/<media-id>. (An easy way to
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</p>
|
||||
</li>
|
||||
|
@ -2820,7 +2830,15 @@ is enabled) to discover the provider's endpoints.</p>
|
|||
</li>
|
||||
<li>
|
||||
<p><code>client_secret</code>: oauth2 client secret to use. May be omitted if
|
||||
<code>client_secret_jwt_key</code> is given, or if <code>client_auth_method</code> is 'none'.</p>
|
||||
<code>client_secret_jwt_key</code> is given, or if <code>client_auth_method</code> is 'none'.
|
||||
Must be omitted if <code>client_secret_path</code> is specified.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>client_secret_path</code>: path to the oauth2 client secret to use. With that
|
||||
it's not necessary to leak secrets into the config file itself.
|
||||
Mutually exclusive with <code>client_secret</code>. Can be omitted if
|
||||
<code>client_secret_jwt_key</code> is specified.</p>
|
||||
<p><em>Added in Synapse 1.91.0.</em></p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>client_secret_jwt_key</code>: Alternative to client_secret: details of a key used
|
||||
|
@ -3042,6 +3060,16 @@ Has the following sub-options:</p>
|
|||
<ul>
|
||||
<li><code>enabled</code>: Set this to true to enable authorization against a CAS server.
|
||||
Defaults to false.</li>
|
||||
<li><code>idp_name</code>: A user-facing name for this identity provider, which is used to
|
||||
offer the user a choice of login mechanisms.</li>
|
||||
<li><code>idp_icon</code>: An optional icon for this identity provider, which is presented
|
||||
by clients and Synapse's own IdP picker page. If given, must be an
|
||||
MXC URI of the format <code>mxc://<server-name>/<media-id></code>. (An easy way to
|
||||
obtain such an MXC URI is to upload an image to an (unencrypted) room
|
||||
and then copy the "url" from the source of the event.)</li>
|
||||
<li><code>idp_brand</code>: An optional brand for this identity provider, allowing clients
|
||||
to style the login flow according to the identity provider in question.
|
||||
See the <a href="https://spec.matrix.org/latest/">spec</a> for possible options here.</li>
|
||||
<li><code>server_url</code>: The URL of the CAS authorization endpoint.</li>
|
||||
<li><code>displayname_attribute</code>: The attribute of the CAS response to use as the display name.
|
||||
If no name is given here, no displayname will be set.</li>
|
||||
|
@ -3265,12 +3293,16 @@ user does not share a room with the requester.</p>
|
|||
If set to true, local users are more likely to appear above remote users when searching the
|
||||
user directory. Defaults to false.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p><code>show_locked_users</code>: Defines whether to show locked users in search query results. Defaults to false.</p>
|
||||
</li>
|
||||
</ul>
|
||||
<p>Example configuration:</p>
|
||||
<pre><code class="language-yaml">user_directory:
|
||||
enabled: false
|
||||
search_all_users: true
|
||||
prefer_local_users: true
|
||||
show_locked_users: true
|
||||
</code></pre>
|
||||
<hr />
|
||||
<h3 id="user_consent"><a class="header" href="#user_consent"><code>user_consent</code></a></h3>
|
||||
|
|
Loading…
Reference in a new issue