Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Update check_can_deactivate_user to not take a Requester
Browse files Browse the repository at this point in the history
  • Loading branch information
Half-Shot committed Mar 9, 2022
1 parent e66329f commit b780b20
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 13 deletions.
6 changes: 3 additions & 3 deletions docs/modules/third_party_rules_callbacks.md
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ async def check_can_shutdown_room(

Called when an admin user requests the shutdown of a room. The module must return a
boolean indicating whether the shutdown can go through. If the callback returns `False`,
the shutdown will not proceed and the caller will see a `M_FOBIDDEN` error.
the shutdown will not proceed and the caller will see a `M_FORBIDDEN` error.

If multiple modules implement this callback, they will be considered in order. If a
callback returns `True`, Synapse falls through to the next one. The value of the first
Expand All @@ -174,16 +174,16 @@ _First introduced in Synapse v1.5X.0_

```python
async def check_can_deactivate_user(
requester: "synapse.types.Requester",
user_id: str,
admin_user_id: str|None,
) -> bool:
```

Called when the deactivation of a user is requested. User deactivation can be
performed by an admin or the user themselves, so developers are encouraged to check the
requester when implementing this callback. The module must return a
boolean indicating whether the deactivation can go through. If the callback returns `False`,
the deactivation will not proceed and the caller will see a `M_FOBIDDEN` error.
the deactivation will not proceed and the caller will see a `M_FORBIDDEN` error.

If multiple modules implement this callback, they will be considered in order. If a
callback returns `True`, Synapse falls through to the next one. The value of the first
Expand Down
8 changes: 5 additions & 3 deletions synapse/events/third_party_rules.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
]
ON_NEW_EVENT_CALLBACK = Callable[[EventBase, StateMap[EventBase]], Awaitable]
CHECK_CAN_SHUTDOWN_ROOM_CALLBACK = Callable[[str, str], Awaitable[bool]]
CHECK_CAN_DEACTIVATE_USER_CALLBACK = Callable[[Requester, str], Awaitable[bool]]
CHECK_CAN_DEACTIVATE_USER_CALLBACK = Callable[[str, str | None], Awaitable[bool]]
ON_PROFILE_UPDATE_CALLBACK = Callable[[str, ProfileInfo, bool, bool], Awaitable]
ON_USER_DEACTIVATION_STATUS_CHANGED_CALLBACK = Callable[[str, bool, bool], Awaitable]

Expand Down Expand Up @@ -403,7 +403,9 @@ async def check_can_shutdown_room(self, user_id: str, room_id: str) -> bool:
return True

async def check_can_deactivate_user(
self, requester: Requester, user_id: str
self,
user_id: str,
admin_user_id: str | None,
) -> bool:
"""Intercept requests to deactivate a user. If `False` is returned, the
user should not be deactivated.
Expand All @@ -414,7 +416,7 @@ async def check_can_deactivate_user(
"""
for callback in self._check_can_deactivate_user_callbacks:
try:
if await callback(requester, user_id) is False:
if await callback(user_id, admin_user_id) is False:
return False
except Exception as e:
logger.exception(
Expand Down
2 changes: 1 addition & 1 deletion synapse/handlers/deactivate_account.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ async def deactivate_account(

# Check if this user can be deactivated
if not await self._third_party_rules.check_can_deactivate_user(
requester, user_id
user_id, requester.user.to_string() if by_admin else None
):
raise SynapseError(
403, "Deactivation of this user is forbidden", Codes.FORBIDDEN
Expand Down
12 changes: 6 additions & 6 deletions tests/rest/client/test_third_party_rules.py
Original file line number Diff line number Diff line change
Expand Up @@ -816,11 +816,11 @@ def test_check_can_deactivate_user(self) -> None:
deactivation_mock.assert_called_once()
args = deactivation_mock.call_args[0]

# Check that the mock was called with the right requester
# Check that the mock was called with the right user ID
self.assertEqual(args[0].user.to_string(), user_id)

# Check that the mock was called with the right user ID
self.assertEqual(args[1], user_id)
# Check that the admin user ID was not provided
self.assertEqual(args[1], None)

def test_check_can_deactivate_user_admin(self) -> None:
"""Tests that the on_user_deactivation_status_changed module callback is called
Expand Down Expand Up @@ -855,12 +855,12 @@ def test_check_can_deactivate_user_admin(self) -> None:
deactivation_mock.assert_called_once()
args = deactivation_mock.call_args[0]

# Check that the mock was called with the right requester
self.assertEqual(args[0].user.to_string(), admin_user_id)

# Check that the mock was called with the right user ID
self.assertEqual(args[1], user_id)

# Check that the mock was called with the right admin user id
self.assertEqual(args[0].user.to_string(), admin_user_id)

def test_check_can_shutdown_room(self) -> None:
"""Tests that the check_can_shutdown_room module callback is called
correctly when processing an admin's shutdown room request.
Expand Down

0 comments on commit b780b20

Please sign in to comment.