Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client server delete devices #144

Merged
merged 4 commits into from
Aug 23, 2024
Merged

Client server delete devices #144

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
cf00e05
feat : added endpoint to delete devices, added checks for the request…
BichraiX Aug 21, 2024
34e91ac
feat : added function to get stream_ids by batches. Added device mess…
BichraiX Aug 22, 2024
1f9fa28
feat : added delete a single device endpoint
BichraiX Aug 23, 2024
786eb8c
fix : removed useless console logs
BichraiX Aug 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion packages/matrix-client-server/src/__testData__/buildUserDB.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,8 @@ const matrixDbQueries = [
'CREATE TABLE IF NOT EXISTS e2e_device_keys_json ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, ts_added_ms BIGINT NOT NULL, key_json TEXT NOT NULL, CONSTRAINT e2e_device_keys_json_uniqueness UNIQUE (user_id, device_id) )',
'CREATE TABLE IF NOT EXISTS e2e_one_time_keys_json ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, algorithm TEXT NOT NULL, key_id TEXT NOT NULL, ts_added_ms BIGINT NOT NULL, key_json TEXT NOT NULL, CONSTRAINT e2e_one_time_keys_json_uniqueness UNIQUE (user_id, device_id, algorithm, key_id) )',
'CREATE TABLE IF NOT EXISTS e2e_fallback_keys_json (user_id TEXT NOT NULL, device_id TEXT NOT NULL, algorithm TEXT NOT NULL, key_id TEXT NOT NULL, key_json TEXT NOT NULL, used BOOLEAN NOT NULL DEFAULT FALSE, CONSTRAINT e2e_fallback_keys_json_uniqueness UNIQUE (user_id, device_id, algorithm))',
'CREATE TABLE dehydrated_devices(user_id TEXT NOT NULL PRIMARY KEY,device_id TEXT NOT NULL,device_data TEXT NOT NULL)'
'CREATE TABLE dehydrated_devices(user_id TEXT NOT NULL PRIMARY KEY,device_id TEXT NOT NULL,device_data TEXT NOT NULL)',
'CREATE TABLE device_inbox ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, stream_id BIGINT NOT NULL, message_json TEXT NOT NULL , instance_name TEXT)'
]

// eslint-disable-next-line @typescript-eslint/promise-function-async
Expand Down
9 changes: 8 additions & 1 deletion packages/matrix-client-server/src/__testData__/setupTokens.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ export let validToken: string
export let validToken1: string
export let validToken2: string
export let validToken3: string
export let validToken4 : string
export let validRefreshToken1: string
export let validRefreshToken2: string
export let validRefreshToken3: string
Expand All @@ -18,6 +19,7 @@ export async function setupTokens(
validToken1 = randomString(64)
validToken2 = randomString(64)
validToken3 = randomString(64)
validToken4 = randomString(64)
const validRefreshTokenId1 = randomString(64)
const validRefreshTokenId2 = randomString(64)
const validRefreshTokenId3 = randomString(64)
Expand Down Expand Up @@ -141,7 +143,12 @@ export async function setupTokens(
validated_at: epoch(),
added_at: epoch()
})

await clientServer.matrixDb.insert('access_tokens', {
id: randomString(64),
user_id: '@validated:example.com',
device_id: 'thirddevice',
token: validToken4
})
await clientServer.matrixDb.insert('access_tokens', {
id: randomString(64),
user_id: '@thirduser:example.com',
Expand Down
82 changes: 49 additions & 33 deletions packages/matrix-client-server/src/account/3pid/3pid.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer wrongUserAccessToken`)
.send({
sid: 'sid',
client_secret: 'cs'
client_secret: 'clientsecret'
})
expect(response.statusCode).toBe(400)
expect(response.body).toHaveProperty('errcode', 'M_INVALID_PARAM')
Expand All @@ -140,7 +140,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken2}`)
.send({
sid: 'sid',
client_secret: 'cs'
client_secret: 'clientsecret'
})
expect(response.statusCode).toBe(401)
session = response.body.session
Expand All @@ -150,7 +150,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken2}`)
.send({
sid: 'sid',
client_secret: 'cs',
client_secret: 'clientsecret',
auth: {
type: 'm.login.password',
session,
Expand All @@ -165,23 +165,13 @@ describe('Use configuration file', () => {
expect(response1.body).toHaveProperty('errcode', 'M_FORBIDDEN')
expect(response1.body).toHaveProperty(
'error',
'The user does not have a password registered'
'The user does not have a password registered or the provided password is wrong.'
)
})
})
let sid: string
let token: string
it('should refuse an invalid secret', async () => {
const response1 = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
Expand All @@ -191,7 +181,7 @@ describe('Use configuration file', () => {
client_secret: 'my',
auth: {
type: 'm.login.password',
session,
session: 'session',
password:
'$2a$10$zQJv3V3Kjw7Jq7Ww1X7z5e1QXsVd1m3JdV9vG6t8Jv7jQz4Z5J1QK',
identifier: { type: 'm.id.user', user: '@testuser:example.com' }
Expand All @@ -202,16 +192,6 @@ describe('Use configuration file', () => {
expect(response.body).toHaveProperty('error', 'Invalid client_secret')
})
it('should refuse an invalid session ID', async () => {
const response1 = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
Expand All @@ -221,7 +201,7 @@ describe('Use configuration file', () => {
client_secret: 'mysecret',
auth: {
type: 'm.login.password',
session,
session: 'session',
password:
'$2a$10$zQJv3V3Kjw7Jq7Ww1X7z5e1QXsVd1m3JdV9vG6t8Jv7jQz4Z5J1QK',
identifier: { type: 'm.id.user', user: '@testuser:example.com' }
Expand All @@ -231,16 +211,33 @@ describe('Use configuration file', () => {
expect(response.body).toHaveProperty('errcode', 'M_INVALID_PARAM')
expect(response.body).toHaveProperty('error', 'Invalid session ID')
})
it('should return 400 for a wrong combination of client secret and session ID', async () => {
const response1 = await request(app)
it('should refuse an invalid auth', async () => {
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
client_secret: 'mysecret',
auth: {
type: 'invalidtype'
}
})
expect(response.statusCode).toBe(400)
expect(response.body).toHaveProperty('errcode', 'M_INVALID_PARAM')
expect(response.body).toHaveProperty(
'error',
'Invalid authentication data'
)
})
it('should return 400 for a wrong combination of client secret and session ID', async () => {
const response1 = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
.set('Accept', 'application/json')
.set('Authorization', `Bearer ${validToken}`)
.send({})
expect(response1.statusCode).toBe(401)
expect(response1.body).toHaveProperty('session')
session = response1.body.session
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/add')
Expand Down Expand Up @@ -283,7 +280,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
client_secret: 'mysecret'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
Expand Down Expand Up @@ -324,7 +321,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
client_secret: 'mysecret'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
Expand Down Expand Up @@ -352,7 +349,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
client_secret: 'mysecret'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
Expand Down Expand Up @@ -382,7 +379,7 @@ describe('Use configuration file', () => {
.set('Authorization', `Bearer ${validToken}`)
.send({
sid: 'sid',
client_secret: 'my'
client_secret: 'mysecret'
})
expect(response1.statusCode).toBe(401)
session = response1.body.session
Expand Down Expand Up @@ -431,6 +428,25 @@ describe('Use configuration file', () => {
// })
})
describe('/_matrix/client/v3/account/3pid/delete', () => {
it('should return 403 if the user is not an admin and the server does not allow it', async () => {
clientServer.conf.capabilities.enable_3pid_changes = false
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/delete')
.set('Authorization', `Bearer ${validToken}`)
.set('Accept', 'application/json')
.send({
medium: 'email',
address: '[email protected]'
})

expect(response.statusCode).toBe(403)
expect(response.body).toHaveProperty('errcode', 'M_FORBIDDEN')
expect(response.body).toHaveProperty(
'error',
'Cannot add 3pid as it is not allowed by server'
)
delete clientServer.conf.capabilities.enable_3pid_changes
})
it('should refuse an invalid medium', async () => {
const response = await request(app)
.post('/_matrix/client/v3/account/3pid/delete')
Expand Down
Loading
Loading