diff --git a/crates/cli/src/commands/manage.rs b/crates/cli/src/commands/manage.rs index 5bbd870ea..65aceda4d 100644 --- a/crates/cli/src/commands/manage.rs +++ b/crates/cli/src/commands/manage.rs @@ -638,6 +638,12 @@ impl Options { // synchronously yet. let user = repo.user().lock(&clock, user).await?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + if deactivate { warn!(%user.id, "Scheduling user deactivation"); repo.queue_job() @@ -668,6 +674,12 @@ impl Options { .await? .context("User not found")?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + if reactivate { warn!(%user.id, "Scheduling user reactivation"); repo.queue_job() diff --git a/crates/handlers/src/admin/v1/users/lock.rs b/crates/handlers/src/admin/v1/users/lock.rs index 6d6ccfcf9..e2ebfa574 100644 --- a/crates/handlers/src/admin/v1/users/lock.rs +++ b/crates/handlers/src/admin/v1/users/lock.rs @@ -4,10 +4,12 @@ // SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial // Please see LICENSE files in the repository root for full details. -use aide::{OperationIo, transform::TransformOperation}; +use aide::{NoApi, OperationIo, transform::TransformOperation}; use axum::{Json, response::IntoResponse}; use hyper::StatusCode; use mas_axum_utils::record_error; +use mas_data_model::BoxRng; +use mas_storage::queue::{ProvisionUserJob, QueueJobRepositoryExt}; use ulid::Ulid; use crate::{ @@ -69,6 +71,7 @@ pub async fn handler( CallContext { mut repo, clock, .. }: CallContext, + NoApi(mut rng): NoApi, id: UlidPathParam, ) -> Result>, RouteError> { let id = *id; @@ -80,6 +83,12 @@ pub async fn handler( let user = repo.user().lock(&clock, user).await?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + repo.save().await?; Ok(Json(SingleResponse::new( diff --git a/crates/handlers/src/admin/v1/users/unlock.rs b/crates/handlers/src/admin/v1/users/unlock.rs index 72987a9ff..c14d0b5d3 100644 --- a/crates/handlers/src/admin/v1/users/unlock.rs +++ b/crates/handlers/src/admin/v1/users/unlock.rs @@ -4,10 +4,12 @@ // SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial // Please see LICENSE files in the repository root for full details. -use aide::{OperationIo, transform::TransformOperation}; +use aide::{NoApi, OperationIo, transform::TransformOperation}; use axum::{Json, response::IntoResponse}; use hyper::StatusCode; use mas_axum_utils::record_error; +use mas_data_model::BoxRng; +use mas_storage::queue::{ProvisionUserJob, QueueJobRepositoryExt}; use ulid::Ulid; use crate::{ @@ -66,7 +68,10 @@ This DOES NOT reactivate a deactivated user, which will remain unavailable until #[tracing::instrument(name = "handler.admin.v1.users.unlock", skip_all)] pub async fn handler( - CallContext { mut repo, .. }: CallContext, + CallContext { + mut repo, clock, .. + }: CallContext, + NoApi(mut rng): NoApi, id: UlidPathParam, ) -> Result>, RouteError> { let id = *id; @@ -78,6 +83,12 @@ pub async fn handler( let user = repo.user().unlock(user).await?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + repo.save().await?; Ok(Json(SingleResponse::new( @@ -115,7 +126,7 @@ mod tests { // reactivate it state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); @@ -151,7 +162,7 @@ mod tests { // Provision the user on the homeserver state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); // but then deactivate it diff --git a/crates/handlers/src/graphql/mutations/user.rs b/crates/handlers/src/graphql/mutations/user.rs index 355c7d0ac..376652a46 100644 --- a/crates/handlers/src/graphql/mutations/user.rs +++ b/crates/handlers/src/graphql/mutations/user.rs @@ -551,6 +551,12 @@ impl UserMutations { let user = repo.user().lock(&state.clock(), user).await?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + if deactivate { info!(%user.id, "Scheduling deactivation of user"); repo.queue_job() @@ -570,6 +576,8 @@ impl UserMutations { input: UnlockUserInput, ) -> Result { let state = ctx.state(); + let clock = state.clock(); + let mut rng = state.rng(); let requester = ctx.requester(); let matrix = state.homeserver_connection(); @@ -592,6 +600,12 @@ impl UserMutations { let user = repo.user().reactivate(user).await?; let user = repo.user().unlock(user).await?; + // Schedule a job to provision the user so that the lock flag is propagated + // to Synapse + repo.queue_job() + .schedule_job(&mut rng, &clock, ProvisionUserJob::new(&user)) + .await?; + repo.save().await?; Ok(UnlockUserPayload::Unlocked(user))