Skip to content

Allow a few admin APIs used by MAS to run on workers #18313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
May 2, 2025
Merged

Allow a few admin APIs used by MAS to run on workers #18313

merged 14 commits into from
May 2, 2025

Conversation

sandhose
Copy link
Member

@sandhose sandhose commented Apr 4, 2025

This should be reviewed commit by commit.

It adds a few admin servlets that are used by MAS when in delegation mode to workers

This is lacking documentation, but we need this for the m.org migration

@sandhose sandhose requested a review from a team as a code owner April 4, 2025 14:39
@sandhose sandhose force-pushed the quenting/morg-mas-fixes branch from 4a6639b to 03d716e Compare April 6, 2025 16:10
reivilibre
reivilibre reviewed Apr 7, 2025
View reviewed changes
synapse/handlers/set_password.py Outdated
Comment on lines 58 to 59
# If the device_handler is None, then password changing is disabled.
if self._device_handler is None:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no problem for a rollout, but for merging to mainline I worry if clarity suffers a bit with this indirection? but should think about it later

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah - I see why this was done.
We could go back to the previous check on can_change_password but then we still need to deal with checking if _device_handler is None.

Maybe it's better to combine the two?
ie.

if not self._auth_handler.can_change_password() or self._device_handler is None:

That would keep the clarity here and negate the need for the comment.

Thoughts?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did something like that in fcccca4

@sandhose sandhose requested a review from a team April 15, 2025 09:44
@sandhose sandhose requested a review from devonh April 15, 2025 15:47
devonh
devonh reviewed Apr 15, 2025
View reviewed changes
@sandhose sandhose force-pushed the quenting/morg-mas-fixes branch from c5cd804 to ccd3b30 Compare May 2, 2025 10:32
anoadragon453
anoadragon453 approved these changes May 2, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor, non-blocking points. Otherwise LGTM.

anoadragon453
anoadragon453 reviewed May 2, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, and can you update the worker documentation with the newly-allowed endpoints, please?

@sandhose sandhose requested a review from anoadragon453 May 2, 2025 11:33
@github-actions github-actions bot deployed to PR Documentation Preview May 2, 2025 11:34 Active
sandhose and others added 14 commits May 2, 2025 14:12
@sandhose
Propagate cache invalidation
fb40a99
@sandhose
Move several methods from the RegistrationBackgroundUpdateStore to th…
22df047 
…e RegistrationWokerStore.
@sandhose
Allow a few admin endpoints on workers when MAS delegation is enabled
14ea5aa
@sandhose
Allow a few other servlets on non-main process
c0b9930
@sandhose
Allow the SetPasswordHandler to be instantiated on workers when passw…
864ed16 
…ord changing is disabled
@sandhose
Newsfile
65e2f03
@sandhose
Allow mounting GET /_synapse/admin/v2/users/{user_id}/devices on workers
3b1b222
@sandhose
Don't register the deactivate account servlet
005984a
@reivilibre @sandhose
allow_master_cross_signing_key_replacement_without_uia: move to worke…
dd224b9 
…r store
@sandhose
Make the logic on the password handler more obvious
b87a993
@sandhose @devonh
if *not* allowed
4e7a2d6 
Co-authored-by: Devon Hudson <[email protected]>
@sandhose @anoadragon453
Update synapse/rest/admin/devices.py
167372c 
Co-authored-by: Andrew Morgan <[email protected]>
@sandhose
Check if we're in MSC3861 mode in register_servlets
13e239d
@sandhose
Document which additional endpoints can be handled by the worker
842b8cf
@sandhose sandhose force-pushed the quenting/morg-mas-fixes branch from c46853a to 842b8cf Compare May 2, 2025 12:12
@github-actions github-actions bot deployed to PR Documentation Preview May 2, 2025 12:13 Active
anoadragon453
anoadragon453 approved these changes May 2, 2025
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note we typically don't force-push post review, as otherwise it's difficult to see what's changed.

@sandhose sandhose merged commit b8146d4 into develop May 2, 2025
41 checks passed
@sandhose sandhose deleted the quenting/morg-mas-fixes branch May 2, 2025 13:38
MatMaul pushed a commit to tchapgouv/synapse that referenced this pull request May 12, 2025
@sandhose @reivilibre
@devonh @anoadragon453 @MatMaul
Allow a few admin APIs used by MAS to run on workers (element-hq#18313)
6f16aa0 
This should be reviewed commit by commit.

It adds a few admin servlets that are used by MAS when in delegation
mode to workers

---------

Co-authored-by: Olivier 'reivilibre <[email protected]>
Co-authored-by: Devon Hudson <[email protected]>
Co-authored-by: Andrew Morgan <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devonh devonh devonh left review comments

@reivilibre reivilibre reivilibre left review comments

@anoadragon453 anoadragon453 anoadragon453 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sandhose @anoadragon453 @devonh @reivilibre