mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-18 08:54:54 +03:00
Allow updating passwords using the admin api without logging out devices (#12952)
This commit is contained in:
parent
e3163e2e11
commit
fcd8703508
3 changed files with 11 additions and 2 deletions
1
changelog.d/12952.feature
Normal file
1
changelog.d/12952.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Allow updating a user's password using the admin API without logging out their devices. Contributed by @jcgruenhage.
|
|
@ -115,7 +115,9 @@ URL parameters:
|
||||||
Body parameters:
|
Body parameters:
|
||||||
|
|
||||||
- `password` - string, optional. If provided, the user's password is updated and all
|
- `password` - string, optional. If provided, the user's password is updated and all
|
||||||
devices are logged out.
|
devices are logged out, unless `logout_devices` is set to `false`.
|
||||||
|
- `logout_devices` - bool, optional, defaults to `true`. If set to false, devices aren't
|
||||||
|
logged out even when `password` is provided.
|
||||||
- `displayname` - string, optional, defaults to the value of `user_id`.
|
- `displayname` - string, optional, defaults to the value of `user_id`.
|
||||||
- `threepids` - array, optional, allows setting the third-party IDs (email, msisdn)
|
- `threepids` - array, optional, allows setting the third-party IDs (email, msisdn)
|
||||||
- `medium` - string. Kind of third-party ID, either `email` or `msisdn`.
|
- `medium` - string. Kind of third-party ID, either `email` or `msisdn`.
|
||||||
|
|
|
@ -226,6 +226,13 @@ class UserRestServletV2(RestServlet):
|
||||||
if not isinstance(password, str) or len(password) > 512:
|
if not isinstance(password, str) or len(password) > 512:
|
||||||
raise SynapseError(HTTPStatus.BAD_REQUEST, "Invalid password")
|
raise SynapseError(HTTPStatus.BAD_REQUEST, "Invalid password")
|
||||||
|
|
||||||
|
logout_devices = body.get("logout_devices", True)
|
||||||
|
if not isinstance(logout_devices, bool):
|
||||||
|
raise SynapseError(
|
||||||
|
HTTPStatus.BAD_REQUEST,
|
||||||
|
"'logout_devices' parameter is not of type boolean",
|
||||||
|
)
|
||||||
|
|
||||||
deactivate = body.get("deactivated", False)
|
deactivate = body.get("deactivated", False)
|
||||||
if not isinstance(deactivate, bool):
|
if not isinstance(deactivate, bool):
|
||||||
raise SynapseError(
|
raise SynapseError(
|
||||||
|
@ -305,7 +312,6 @@ class UserRestServletV2(RestServlet):
|
||||||
await self.store.set_server_admin(target_user, set_admin_to)
|
await self.store.set_server_admin(target_user, set_admin_to)
|
||||||
|
|
||||||
if password is not None:
|
if password is not None:
|
||||||
logout_devices = True
|
|
||||||
new_password_hash = await self.auth_handler.hash(password)
|
new_password_hash = await self.auth_handler.hash(password)
|
||||||
|
|
||||||
await self.set_password_handler.set_password(
|
await self.set_password_handler.set_password(
|
||||||
|
|
Loading…
Reference in a new issue