Merge commit '6a3504636' into dinsic-release-v1.12.x

* commit '6a3504636': (29 commits) Revert "Add options to disable setting profile info for prevent changes. (#7053)" Populate the room version from state events (#7070) Fix buggy condition in account validity handler (#7074) Use innerText instead of innerHTML Add type annotations and comments to auth handler (#7063) Lint Put the file in the templates directory Update wording and config Changelog Move the default SAML2 error HTML to a dedicated file Refactor a bit Also don't fail on aliases events in this case Lint Changelog Also don't filter out events sent by ignored users when checking state visibility Fix condition Don't filter out dummy events when we're checking the visibility of state Update sample_config.yaml Update synapse/config/registration.py lint, fix tests ...
matrix-org · Mar 24, 2020 · 6095a49 · 6095a49
2 parents 42cbe33 + 6a35046
commit 6095a49
Show file tree

Hide file tree

Showing 15 changed files with 302 additions and 149 deletions.
diff --git a/changelog.d/7063.misc b/changelog.d/7063.misc
@@ -0,0 +1 @@
+Add type annotations and comments to the auth handler.
diff --git a/changelog.d/7066.bugfix b/changelog.d/7066.bugfix
@@ -0,0 +1 @@
+Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token.
diff --git a/changelog.d/7067.feature b/changelog.d/7067.feature
@@ -0,0 +1 @@
+Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process.
diff --git a/changelog.d/7070.bugfix b/changelog.d/7070.bugfix
@@ -0,0 +1 @@
+Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause `/sync` to return with 404 errors about missing events and unknown rooms.
diff --git a/changelog.d/7074.bugfix b/changelog.d/7074.bugfix
@@ -0,0 +1 @@
+Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases.
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
@@ -1497,12 +1497,24 @@ saml2_config:
   #
   #grandfathered_mxid_source_attribute: upn
 
-  # Path to a file containing HTML content to serve in case an error happens
-  # when the user gets redirected from the SAML IdP back to Synapse.
-  # If no file is provided, this defaults to some minimalistic HTML telling the
-  # user that something went wrong and they should try authenticating again.
+  # Directory in which Synapse will try to find the template files below.
+  # If not set, default templates from within the Synapse package will be used.
+  #
+  # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.
+  # If you *do* uncomment it, you will need to make sure that all the templates
+  # below are in the directory.
+  #
+  # Synapse will look for the following templates in this directory:
+  #
+  # * HTML page to display to users if something goes wrong during the
+  #   authentication process: 'saml_error.html'.
   #
-  #error_html_path: /path/to/static/content/saml_error.html
+  #   This template doesn't currently need any variable to render.
+  #
+  # You can see the default templates at:
+  # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
+  #
+  #template_dir: "res/templates"
 
 
 

diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py
@@ -15,6 +15,9 @@
 # limitations under the License.
 
 import logging
+import os
+
+import pkg_resources
 
 from synapse.python_dependencies import DependencyException, check_requirements
 from synapse.util.module_loader import load_module, load_python_module
@@ -27,18 +30,6 @@
     "synapse.handlers.saml_handler.DefaultSamlMappingProvider"
 )
 
-SAML2_ERROR_DEFAULT_HTML = """
-<html>
-    <body>
-        <p>Oops! Something went wrong</p>
-        <p>
-            Try logging in again from your Matrix client and if the problem persists
-            please contact the server's administrator.
-        </p>
-    </body>
-</html>
-"""
-
 
 def _dict_merge(merge_dict, into_dict):
     """Do a deep merge of two dicts
@@ -172,12 +163,13 @@ def read_config(self, config, **kwargs):
             saml2_config.get("saml_session_lifetime", "5m")
         )
 
-        if "error_html_path" in config:
-            self.saml2_error_html_content = self.read_file(
-                config["error_html_path"], "saml2_config.error_html_path",
-            )
-        else:
-            self.saml2_error_html_content = SAML2_ERROR_DEFAULT_HTML
+        template_dir = saml2_config.get("template_dir")
+        if not template_dir:
+            template_dir = pkg_resources.resource_filename("synapse", "res/templates",)
+
+        self.saml2_error_html_content = self.read_file(
+            os.path.join(template_dir, "saml_error.html"), "saml2_config.saml_error",
+        )
 
     def _default_saml_config_dict(
         self, required_attributes: set, optional_attributes: set
@@ -345,12 +337,24 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs):
           #
           #grandfathered_mxid_source_attribute: upn
 
-          # Path to a file containing HTML content to serve in case an error happens
-          # when the user gets redirected from the SAML IdP back to Synapse.
-          # If no file is provided, this defaults to some minimalistic HTML telling the
-          # user that something went wrong and they should try authenticating again.
+          # Directory in which Synapse will try to find the template files below.
+          # If not set, default templates from within the Synapse package will be used.
+          #
+          # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.
+          # If you *do* uncomment it, you will need to make sure that all the templates
+          # below are in the directory.
+          #
+          # Synapse will look for the following templates in this directory:
+          #
+          # * HTML page to display to users if something goes wrong during the
+          #   authentication process: 'saml_error.html'.
+          #
+          #   This template doesn't currently need any variable to render.
+          #
+          # You can see the default templates at:
+          # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
           #
-          #error_html_path: /path/to/static/content/saml_error.html
+          #template_dir: "res/templates"
         """ % {
             "config_dir_path": config_dir_path
         }
diff --git a/synapse/handlers/account_validity.py b/synapse/handlers/account_validity.py
@@ -48,7 +48,11 @@ def __init__(self, hs):
         self._show_users_in_user_directory = self.hs.config.show_users_in_user_directory
         self.profile_handler = self.hs.get_profile_handler()
 
-        if self._account_validity.renew_by_email_enabled and load_jinja2_templates:
+        if (
+            self._account_validity.enabled
+            and self._account_validity.renew_by_email_enabled
+            and load_jinja2_templates
+        ):
             # Don't do email-specific configuration if renewal by email is disabled.
             try:
                 app_name = self.hs.config.email_app_name