From e12eed8f337429ec6640b964d242dac6650e362e Mon Sep 17 00:00:00 2001 From: Olivier 'reivilibre Date: Fri, 13 Mar 2026 15:46:44 +0000 Subject: [PATCH] Update ProvisionRequest with locked flag --- crates/handlers/src/admin/v1/users/add.rs | 2 +- crates/handlers/src/admin/v1/users/reactivate.rs | 4 ++-- crates/handlers/src/compat/login.rs | 6 +++--- crates/handlers/src/compat/tests.rs | 2 +- crates/handlers/src/graphql/tests.rs | 2 +- crates/handlers/src/oauth2/introspection.rs | 4 ++-- crates/matrix-synapse/src/modern.rs | 3 +++ crates/matrix/src/lib.rs | 11 ++++++++++- crates/matrix/src/mock.rs | 2 +- crates/tasks/src/matrix.rs | 8 ++++++-- 10 files changed, 30 insertions(+), 14 deletions(-) diff --git a/crates/handlers/src/admin/v1/users/add.rs b/crates/handlers/src/admin/v1/users/add.rs index 07e87fb40..9b3307e8d 100644 --- a/crates/handlers/src/admin/v1/users/add.rs +++ b/crates/handlers/src/admin/v1/users/add.rs @@ -166,7 +166,7 @@ pub async fn handler( let user = repo.user().add(&mut rng, &clock, params.username).await?; homeserver - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .map_err(RouteError::Homeserver)?; diff --git a/crates/handlers/src/admin/v1/users/reactivate.rs b/crates/handlers/src/admin/v1/users/reactivate.rs index 835ef0b40..01f83888a 100644 --- a/crates/handlers/src/admin/v1/users/reactivate.rs +++ b/crates/handlers/src/admin/v1/users/reactivate.rs @@ -129,7 +129,7 @@ mod tests { // because this endpoint will try to reactivate it state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); state @@ -181,7 +181,7 @@ mod tests { // Provision the user on the homeserver state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); diff --git a/crates/handlers/src/compat/login.rs b/crates/handlers/src/compat/login.rs index ebb5d32c1..6aa0fb53d 100644 --- a/crates/handlers/src/compat/login.rs +++ b/crates/handlers/src/compat/login.rs @@ -935,7 +935,7 @@ mod tests { .unwrap(); state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, locked)) .await .unwrap(); @@ -1238,7 +1238,7 @@ mod tests { state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); @@ -1343,7 +1343,7 @@ mod tests { state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); diff --git a/crates/handlers/src/compat/tests.rs b/crates/handlers/src/compat/tests.rs index cb6b76aba..da1e8e501 100644 --- a/crates/handlers/src/compat/tests.rs +++ b/crates/handlers/src/compat/tests.rs @@ -223,7 +223,7 @@ async fn create_test_user(state: &TestState, username: &str) -> mas_data_model:: // Provision the user on the homeserver state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); diff --git a/crates/handlers/src/graphql/tests.rs b/crates/handlers/src/graphql/tests.rs index 888d477d0..7fed79c09 100644 --- a/crates/handlers/src/graphql/tests.rs +++ b/crates/handlers/src/graphql/tests.rs @@ -530,7 +530,7 @@ async fn test_oauth2_client_credentials(pool: PgPool) { // so we need to do it manually state .homeserver_connection - .provision_user(&ProvisionRequest::new("alice", user_id)) + .provision_user(&ProvisionRequest::new("alice", user_id, false)) .await .unwrap(); diff --git a/crates/handlers/src/oauth2/introspection.rs b/crates/handlers/src/oauth2/introspection.rs index 17f508921..c093ed7bc 100644 --- a/crates/handlers/src/oauth2/introspection.rs +++ b/crates/handlers/src/oauth2/introspection.rs @@ -805,7 +805,7 @@ mod tests { state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); @@ -1005,7 +1005,7 @@ mod tests { state .homeserver_connection - .provision_user(&ProvisionRequest::new(&user.username, &user.sub)) + .provision_user(&ProvisionRequest::new(&user.username, &user.sub, false)) .await .unwrap(); diff --git a/crates/matrix-synapse/src/modern.rs b/crates/matrix-synapse/src/modern.rs index 3d70f52de..198072b31 100644 --- a/crates/matrix-synapse/src/modern.rs +++ b/crates/matrix-synapse/src/modern.rs @@ -141,6 +141,8 @@ impl HomeserverConnection for SynapseConnection { set_emails: Option>, #[serde(skip_serializing_if = "std::ops::Not::not")] unset_emails: bool, + #[serde(skip_serializing_if = "Option::is_none")] + locked: Option, } let mut body = Request { @@ -151,6 +153,7 @@ impl HomeserverConnection for SynapseConnection { unset_avatar_url: false, set_emails: None, unset_emails: false, + locked: Some(request.locked()), }; request.on_displayname(|displayname| match displayname { diff --git a/crates/matrix/src/lib.rs b/crates/matrix/src/lib.rs index f1fbe9c83..cb8534eb7 100644 --- a/crates/matrix/src/lib.rs +++ b/crates/matrix/src/lib.rs @@ -33,6 +33,7 @@ enum FieldAction { pub struct ProvisionRequest { localpart: String, sub: String, + locked: bool, displayname: FieldAction, avatar_url: FieldAction, emails: FieldAction>, @@ -45,11 +46,13 @@ impl ProvisionRequest { /// /// * `localpart` - The localpart of the user to provision. /// * `sub` - The `sub` of the user, aka the internal ID. + /// * `locked` - Whether the user is locked. #[must_use] - pub fn new(localpart: impl Into, sub: impl Into) -> Self { + pub fn new(localpart: impl Into, sub: impl Into, locked: bool) -> Self { Self { localpart: localpart.into(), sub: sub.into(), + locked, displayname: FieldAction::DoNothing, avatar_url: FieldAction::DoNothing, emails: FieldAction::DoNothing, @@ -68,6 +71,12 @@ impl ProvisionRequest { &self.localpart } + /// Get the locked flag of the user to provision + #[must_use] + pub fn locked(&self) -> bool { + self.locked + } + /// Ask to set the displayname of the user. /// /// # Parameters diff --git a/crates/matrix/src/mock.rs b/crates/matrix/src/mock.rs index 4180597e2..1334d7e4f 100644 --- a/crates/matrix/src/mock.rs +++ b/crates/matrix/src/mock.rs @@ -234,7 +234,7 @@ mod tests { assert!(conn.upsert_device("test", device, None).await.is_err()); assert!(conn.delete_device("test", device).await.is_err()); - let request = ProvisionRequest::new("test", "test") + let request = ProvisionRequest::new("test", "test", false) .set_displayname("Test User".into()) .set_avatar_url("mxc://example.org/1234567890".into()) .set_emails(vec!["test@example.org".to_owned()]); diff --git a/crates/tasks/src/matrix.rs b/crates/tasks/src/matrix.rs index 68905fe53..2f12ce6da 100644 --- a/crates/tasks/src/matrix.rs +++ b/crates/tasks/src/matrix.rs @@ -60,8 +60,12 @@ impl RunnableJob for ProvisionUserJob { .into_iter() .map(|email| email.email) .collect(); - let mut request = - ProvisionRequest::new(user.username.clone(), user.sub.clone()).set_emails(emails); + let mut request = ProvisionRequest::new( + user.username.clone(), + user.sub.clone(), + user.locked_at.is_some(), + ) + .set_emails(emails); if let Some(display_name) = self.display_name_to_set() { request = request.set_displayname(display_name.to_owned());