Quentin Gliech
c4e7cf1a27
Use dynamic filters on browser sessions
2024-07-16 18:23:23 +02:00
Quentin Gliech
aa992d31f8
Use dynamic filters on users
2024-07-16 18:23:23 +02:00
Quentin Gliech
76c033b76a
Use dynamic filters on user emails
2024-07-16 18:23:23 +02:00
Quentin Gliech
112f673e22
Use dynamic filters on upstream OAuth 2.0 providers
2024-07-16 18:23:23 +02:00
Quentin Gliech
7c2c310cac
Use dynamic filters on upstream OAuth 2.0 links
2024-07-16 18:23:23 +02:00
Quentin Gliech
7c54c5f2e6
Use dynamic filters on OAuth 2.0 sessions
2024-07-16 18:23:23 +02:00
Quentin Gliech
df7bc53826
Use dynamic filters on compatibility SSO logins
2024-07-16 18:23:23 +02:00
Quentin Gliech
15c2c740a7
Use dynamic filters on compatibility sessions
2024-07-16 18:23:23 +02:00
Quentin Gliech
452024764a
Add a trait to help building dynamic filters
2024-07-16 18:23:23 +02:00
reivilibre
1afd2a2906
Remove OPA-based password policy enforcement ( #2875 )
...
Co-authored-by: Quentin Gliech <quenting@element.io >
2024-07-16 14:33:04 +01:00
Quentin Gliech
e47f26fde6
Update the query introspection data
2024-07-16 14:13:11 +02:00
Quentin Gliech
6db455412f
Kill all sessions when deactivating a user
2024-07-16 14:13:11 +02:00
Quentin Gliech
857b76bb04
Make mas-cli manage kill-sessions
finish sessions in bulk
2024-07-16 14:13:11 +02:00
Quentin Gliech
dcaf65e6e7
Batch finish browser sessions
2024-07-16 14:13:11 +02:00
Quentin Gliech
04b96b87b8
Batch finish OAuth 2.0 sessions
2024-07-16 14:13:11 +02:00
Quentin Gliech
f8d12cc305
Batch finish compatibility sessions
2024-07-16 14:13:11 +02:00
Quentin Gliech
fa32387ca5
Show whether the user is deactivated on the homeserver in the GraphQL API
...
Fix #2375
2024-07-16 13:20:28 +02:00
Quentin Gliech
bac2db9884
GraphQL API to unlock a user
...
Fixes #2101
2024-07-16 13:20:28 +02:00
Quentin Gliech
0207495225
Add a way to reactivate users on the homeserver
2024-07-16 13:20:28 +02:00
Quentin Gliech
3eab10672f
Add a lock during syncs of user devices
2024-07-16 09:32:07 +02:00
Quentin Gliech
695228ade4
Provision users on the fake homeserver in tests
...
Because we now provision devices synchronously, we need to update the
tests so that the users exist on the fake homeserver.
2024-07-16 09:32:07 +02:00
Quentin Gliech
35c06ac27b
Deprecate the ProvisionDeviceJob
and DeleteDeviceJob
jobs
2024-07-16 09:32:07 +02:00
Quentin Gliech
037cf996a8
Provision the devices synchronously
...
This means Synapse won't have to provision them on the fly anymore
2024-07-16 09:32:07 +02:00
Quentin Gliech
11fd3b231a
Don't hold the database connection for too long
2024-07-16 09:32:07 +02:00
Quentin Gliech
bf276289b6
Fully sync the devices with the homeserver
2024-07-16 09:32:07 +02:00
reivilibre
fbc360d1a9
Backend work to support minimum password complexity ( #2965 )
...
* config: Add minimum password complexity option
* PasswordManager: add function for checking if complexity is sufficient
* Enforce password complexity on registration, change and recovery
* cli: Use exit code 1 for weak passwords
This seems preferable to exit code 0, but ideally we should choose one
and document it.
* Expose minimum password complexity score over GraphQL
2024-07-11 10:17:39 +01:00
Quentin Gliech
f849b487cf
graphql: users query to list users with a few filters
2024-07-05 13:44:14 +02:00
Quentin Gliech
8a1ac9cc91
graphql: move the users queries to their own module
2024-07-05 13:44:14 +02:00
Quentin Gliech
e75df0752d
storage: methods to list and count users with filters and pagination
2024-07-05 13:44:14 +02:00
dependabot[bot]
9486460aae
build(deps): bump serde_with from 3.8.2 to 3.8.3
...
Bumps [serde_with](https://github.com/jonasbb/serde_with ) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/jonasbb/serde_with/releases )
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.2...v3.8.3 )
---
updated-dependencies:
- dependency-name: serde_with
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-07-05 10:29:10 +02:00
Christian Tramnitz
3ab733bf3a
Fix RFC1918 network in default proxy configuration ( #2908 )
2024-07-05 08:22:39 +00:00
Quentin Gliech
b6c11b5a21
Fix a reference in a doc comment
2024-07-05 10:07:40 +02:00
Quentin Gliech
2336b1b1c6
Initialize the crypto backend in the mas-oidc-client tests
2024-07-05 10:07:40 +02:00
Quentin Gliech
57c87071d1
Update some dependencies and the cargo-deny allowlist
2024-07-05 10:07:40 +02:00
Quentin Gliech
798ca90241
Fix mas-cli
...
This does a few things:
- move `bytes` to workspace dependencies
- write an hyper-based transport for Sentry
- ignore OTEL errors related to propagations
- fix everything else in mas-cli
2024-07-05 10:07:40 +02:00
Quentin Gliech
dafc781957
Move Sentry to the workspace dependencies and upgrade
2024-07-05 10:07:40 +02:00
Quentin Gliech
2e63e3da71
Write an adapter for opentelemetry-http
2024-07-05 10:07:40 +02:00
Quentin Gliech
d4cbbd97d8
mas-iana-codegen: use rustls not the native TLS stack
2024-07-05 10:07:40 +02:00
Quentin Gliech
07c9989e63
Upgrade async-graphql, fix mas-handlers & mas-axum-utils tests
...
This also replaces the init_tracing test helper with a general setup
test helper, so that it also initializes the rustls crypto backend.
2024-07-05 10:07:40 +02:00
Quentin Gliech
e7f50a92d6
Move tower-http dep to the workspace and adapt mas-axum-utils
...
We removed here the Timeout layer on the HTTP client service, because it
required the body to be Default, which isn't the case anymore. Not sure
what to do about it.
2024-07-05 10:07:40 +02:00
Quentin Gliech
f338aacf26
Fix the mas-http tests
2024-07-05 10:07:40 +02:00
Quentin Gliech
dcb9bdeecf
Remove the client features from mas-oidc-client and replace it in tests
2024-07-05 10:07:40 +02:00
Quentin Gliech
ea85be55e6
Upgrade rustls and update mas-http client bits
2024-07-05 10:07:40 +02:00
Quentin Gliech
cd7f69e93b
Update mas-iana-codegen to use reqwest
2024-07-05 10:07:40 +02:00
Quentin Gliech
925f85c2c2
Upgrade headers
and adapt mas-tower tracer context utils
2024-07-05 10:07:40 +02:00
Quentin Gliech
a7a9369469
Upgrade most HTTP/Hyper crates and make mas-listener work
2024-07-05 10:07:40 +02:00
Quentin Gliech
edb01f1e98
Box the CLI command futures to reduce the size of the try_main future
2024-07-05 09:54:18 +02:00
Quentin Gliech
eff66726d5
New config options to set the database certificates
2024-07-05 09:54:18 +02:00
dependabot[bot]
f73d8624b4
build(deps): bump zeroize from 1.7.0 to 1.8.1
...
Bumps [zeroize](https://github.com/RustCrypto/utils ) from 1.7.0 to 1.8.1.
- [Commits](https://github.com/RustCrypto/utils/compare/zeroize-v1.7.0...zeroize-v1.8.1 )
---
updated-dependencies:
- dependency-name: zeroize
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-07-01 13:40:43 +02:00
dependabot[bot]
790571fbb9
build(deps): bump psl from 2.1.48 to 2.1.49
...
Bumps [psl](https://github.com/addr-rs/psl ) from 2.1.48 to 2.1.49.
- [Release notes](https://github.com/addr-rs/psl/releases )
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.48...v2.1.49 )
---
updated-dependencies:
- dependency-name: psl
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-07-01 13:40:37 +02:00