-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make it possible to change user type #90
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Regarding your questionaround sanity check: In the end we'd like a user to not having to specify --user-type, it should have a resonable default. Post some example cli calls, that would help me review without testing myself :-) Cheers!
synadm/api.py
Outdated
@@ -556,6 +556,7 @@ def user_modify(self, user_id, password, display_name, threepid, | |||
data.update({"deactivated": True}) | |||
if deactivation == "activate": | |||
data.update({"deactivated": False}) | |||
data.update({"user_type": user_type}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if it's None? What does the API respond then? Valid? Was that the M_UNKNOWN response you were referring to?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, user_type
can be null
in the JSON in which case the field gets cleared (which is basically the “default” option).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Basically that's ok but the bad thing is that if any other property of a user gets changed, the user_type is always cleared. Do we have this behavior somewhere else already by any chance?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now that you mention it, it seems the activate/deactivate thing works just like that 😁 iʼll check tomorrow as itʼs bedtime for me now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was right; the activate/deactivate feature works just like this. If i don’t add --user-type
nor --clear-user-type
to the command line, it won’t get updated:
$ synadm user modify --password abcdef @test:matrix.local
Current user account settings:
{"name": "@test:matrix.local "is_guest": 0, "admin": false, "consent_version": null, "consent_ts": null, "consent_server_notice_sent": null, "appservice_id": null, "creation_ts": 1457796444, "user_type": null, "deactivated": false, "shadow_banned": false, "displayname": "Test Account", "avatar_url": null, "threepids": [], "external_ids": [], "erased": false}
User account settings to be modified:
Password will be set as provided on command line.
Are you sure you want to modify user? (y/N):
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just read the api docs: https://matrix-org.github.io/synapse/develop/admin_api/user_admin_api.html#create-or-modify-account
user_type is optional, I think you just need to make sure it isnt included at all when both of the 2 new options are not given on cli. So nothing gets cleared 🎉 Currently you always include it in the data sent to the endpoint.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gergelypolonkai I've added the missing condition as suggested in my previous post. I've just edited your feature branch. I hope that's ok.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change was necessary to prevent resetting user_type back to null, as we see in this output recorded prior to the fix:
(synadm38) ~/git/gergelypolonkai_synadm (user-type-edit) $ synadm user modify --display-name "TESTUSER1" testuser1
Current user account settings:
admin: 0
appservice_id: null
avatar_url: null
consent_server_notice_sent: null
consent_version: null
creation_ts: 1573653091
deactivated: 0
displayname: Test User 1
external_ids: []
is_guest: 0
name: '@testuser1:peek-a-boo.at'
password_hash: $secret
shadow_banned: null
threepids: []
user_type: bot
User account settings to be modified:
display_name: TESTUSER1
Are you sure you want to modify user? (y/N): y
admin: 0
appservice_id: null
avatar_url: null
consent_server_notice_sent: null
consent_version: null
creation_ts: 1573653091
deactivated: 0
displayname: TESTUSER1
external_ids: []
is_guest: 0
name: '@testuser1:peek-a-boo.at'
password_hash: $secret
shadow_banned: null
threepids: []
user_type: null
You don’t have to, but you can. Not having a user-type set (which can be achieved by using the |
Leave out user_type in the post data entirely when user_type is not passed from the cli, otherwise it would be reset to 'null', which is unexpected behaviour. According to the admin API docs the json text for user_type is optional.
We are almost ready to merge. I see a tiny thing in Other than that, LGTM. Final thoughts from @Ascurius and/or @JacksonChen666 would be appreciated! One usability thing I'm wondering about is: Is |
I'm not sure either... |
Hi @gergelypolonkai, I would like to take over this PR entirely, since we would like to include it in the next synadm release and there is some things left to do. I hope that is ok for you. Thanks for the submission of a useful feature! |
Co-authored-by: Jackson Chen <jackson@jacksonchen666.com>
I think I have made up my mind what seems to feel natural to me:
The term default is not stated as such in the admin api docs (https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#create-or-modify-account) but I still think that it's a very logical and self-explaining thing if we just call this user_type default |
I just wanted to put these changes into "suggested changes" with this neat feature here but I decided not to. It's quite some changes necessary and it's easier and less errror-prone if I just push that to the branch as one commit. I'll wait with that until you tell me your opinions about this idea. Thanks in advance! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. There are a few things I noticed:
--clear-user-type
or--user-type null
, I'm not sure.--user-type
will accept any argument, including non-existing user types. Should that be restricted to known valid options?
I really don't like
I was not sure about the restriction of the possible arguments either but would now say that it's better we leave this to unrestricted for now, since it could happen that new things are added to the list. The API will give us a nice response of M_UKNOWN |
I would lean towards a
|
Remove --clear-user-type option from user modify command and support an argument named 'regular' that submits a value of 'null' which effectively creates a default/regular matrix user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
> synadm user modify '@130:localhost:8480' --user-type support
Current user account settings:
{"name": "@130:localhost:8480", "is_guest": 1, "admin": true, "consent_version": null, "consent_ts": null, "consent_server_notice_sent": null, "appservice_id": null, "creation_ts": 1676753770, "user_type": "bot", "deactivated": false, "shadow_banned": false, "displayname": "130", "avatar_url": null, "threepids": [], "external_ids": [], "erased": false}
User account settings to be modified:
user_type: support
Are you sure you want to modify user? (y/N): y
{"name": "@130:localhost:8480", "is_guest": 1, "admin": true, "consent_version": null, "consent_ts": null, "consent_server_notice_sent": null, "appservice_id": null, "creation_ts": 1676753770, "user_type": "support", "deactivated": false, "shadow_banned": false, "displayname": "130", "avatar_url": null, "threepids": [], "external_ids": [], "erased": false}
> synadm user modify '@130:localhost:8480' --user-type regular
Current user account settings:
{"name": "@130:localhost:8480", "is_guest": 1, "admin": true, "consent_version": null, "consent_ts": null, "consent_server_notice_sent": null, "appservice_id": null, "creation_ts": 1676753770, "user_type": "support", "deactivated": false, "shadow_banned": false, "displayname": "130", "avatar_url": null, "threepids": [], "external_ids": [], "erased": false}
User account settings to be modified:
user_type: null
Are you sure you want to modify user? (y/N): y
{"name": "@130:localhost:8480", "is_guest": 1, "admin": true, "consent_version": null, "consent_ts": null, "consent_server_notice_sent": null, "appservice_id": null, "creation_ts": 1676753770, "user_type": "support", "deactivated": false, "shadow_banned": false, "displayname": "130", "avatar_url": null, "threepids": [], "external_ids": [], "erased": false}
This is broken and I don't know why (or it doesn't work (or not for guest accounts)). Also applies to revoking admin privileges (unrelated to this PR).
Also, the "regular" option feels kinda odd.
Basically, we have a problem that has nothing to do with this PR, but the PR has the same problems. |
I had just realized this issue but needed a break...consider my latest commit a draft |
Yep, I know it's broken. I didn't ask for a review yet for my latest commit, I was not finished, you are too fast (again ,-)))) Appreciated though! And very nice catch with admin privileges! I was not aware! That sucks! |
by simply passing a string. Otherwise setting the user_type to None (which means value 'null' in submitted json) would not be possible.
Ok, setting user-type now works. I worked around the "poor desing" of user_modify() by just passing a string 'null'. So the only thing that remains that you still think we don't have a good name for creating a regular, a normal, a default matrix user-type. I am running out of ideas and still think putting something like 'null' or 'clear' is not good usability, nor is ist it obvious what the user should expect. They would need to read the admin api docs to understand what that means. So that's why I still would like to ask you for a suggestion of how you think from a user-perspecitive what should that option be called. Consider these english sentences, which one does make the most self-explanatory sense to you?
|
a oneline-condition.
Ok so besides the final decision for option name I think this is good to go now. Please a final review @JacksonChen666 and thanks for all the suggestions! |
One more thing. We should consider how the help looks like for a final decision. I tried to put all the behaviour possibilities into it. Hope it's easily understood:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@JOJ0 synadm/api.py
Line 560 is incorrect. Check my suggestion that fixes, or pull from my branch (git pull https://github.com/JacksonChen666/synadm user-type-edit
).
(And no, I didn't mess my suggestion up, I checked.)
After applying my change correctly (either using git pull https://github.com/JacksonChen666/synadm user-type-edit
or using GitHub to commit the suggestion), you can assume an approval from me.
Co-authored-by: Jackson Chen <jackson@jacksonchen666.com>
Whoops, thanks for spotting this embarrassing mistake! :-) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(this is a blind-ish approval. I have already reviewed with my fix and my fix has been applied, so it's not so really a blind approval. but it is kind of blind, because i didn't test the changes after the fix was applied)
The user_type value is not checked (yet?) the code, although the spec allows only types
bot
andsupport
(and the API will respond withM_UNKNOWN
if an invalid value is sent). If it should be checked, let me know and i will update the PR.