Skip to content

Commit 1ac57df

Browse files
test
1 parent eff77b7 commit 1ac57df

2 files changed

Lines changed: 82 additions & 3 deletions

File tree

synapse/storage/databases/main/registration.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2589,7 +2589,6 @@ def user_delete_access_tokens_for_devices_txn(
25892589
"""
25902590
txn.execute(sql, args)
25912591
tokens_and_devices = txn.fetchall()
2592-
25932592
self._invalidate_cache_and_stream_bulk(
25942593
txn,
25952594
self.get_user_by_access_token,
@@ -2605,7 +2604,10 @@ def user_delete_access_tokens_for_devices_txn(
26052604
batch_device_ids,
26062605
)
26072606
results.extend(tokens_and_devices)
2608-
2607+
# Print after transaction completes (cache invalidation has happened)
2608+
if tokens_and_devices:
2609+
print(tokens_and_devices)
2610+
print(self.get_user_by_access_token(tokens_and_devices[0][0]))
26092611
return results
26102612

26112613
async def delete_access_token(self, access_token: str) -> None:

tests/rest/client/test_read_marker.py

Lines changed: 78 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,16 +18,20 @@
1818
# [This file includes modifications made by New Vector Limited]
1919
#
2020
#
21+
from typing import Any
22+
2123
from twisted.internet.testing import MemoryReactor
2224

2325
import synapse.rest.admin
2426
from synapse.api.constants import EventTypes
2527
from synapse.rest import admin
26-
from synapse.rest.client import login, read_marker, register, room
28+
from synapse.rest.client import devices, login, read_marker, register, room
2729
from synapse.server import HomeServer
2830
from synapse.util.clock import Clock
2931

3032
from tests import unittest
33+
from tests.replication._base import BaseMultiWorkerStreamTestCase
34+
from tests.rest.client.utils import make_request
3135

3236
ONE_HOUR_MS = 3600000
3337
ONE_DAY_MS = ONE_HOUR_MS * 24
@@ -39,6 +43,7 @@ class ReadMarkerTestCase(unittest.HomeserverTestCase):
3943
register.register_servlets,
4044
read_marker.register_servlets,
4145
room.register_servlets,
46+
devices.register_servlets,
4247
synapse.rest.admin.register_servlets,
4348
admin.register_servlets,
4449
]
@@ -149,3 +154,75 @@ def send_message() -> str:
149154
access_token=self.owner_tok,
150155
)
151156
self.assertEqual(channel.code, 200, channel.result)
157+
158+
def test_deleted_device_cannot_set_read_marker_or_send_message(self) -> None:
159+
"""
160+
Test that a deleted device cannot set a read marker or send a message.
161+
"""
162+
# Register a user and login with a specific device_id
163+
user_id = self.register_user("testuser", "password")
164+
device_id = "TEST_DEVICE_123"
165+
access_token = self.login("testuser", "password", device_id=device_id)
166+
print("access token: ", access_token)
167+
168+
# Create a room
169+
room_id = self.helper.create_room_as(user_id, tok=access_token)
170+
171+
# Send a message
172+
message_result = self.helper.send(room_id=room_id, body="Hello", tok=access_token)
173+
event_id = message_result["event_id"]
174+
175+
# Delete the device
176+
channel = self.make_request(
177+
"DELETE",
178+
f"devices/{device_id}",
179+
access_token=access_token,
180+
)
181+
182+
# If UI auth is required, provide it
183+
if channel.code == 401:
184+
session = channel.json_body["session"]
185+
channel = self.make_request(
186+
"DELETE",
187+
f"devices/{device_id}",
188+
access_token=access_token,
189+
content={
190+
"auth": {
191+
"type": "m.login.password",
192+
"user": "testuser",
193+
"password": "password",
194+
"session": session,
195+
},
196+
},
197+
)
198+
199+
self.assertEqual(channel.code, 200, channel.result)
200+
201+
# Try to set a read marker with the deleted device's token
202+
channel = self.make_request(
203+
"POST",
204+
f"/rooms/{room_id}/read_markers",
205+
content={
206+
"m.fully_read": event_id,
207+
},
208+
access_token=access_token,
209+
)
210+
# Should fail with 401 (unauthorized) since the device is deleted
211+
self.assertEqual(channel.code, 401, channel.result)
212+
self.assertEqual(channel.json_body["errcode"], "M_UNKNOWN_TOKEN")
213+
214+
# Try to send a message with the deleted device's token
215+
channel = self.make_request(
216+
"PUT",
217+
f"/rooms/{room_id}/send/m.room.message/test_msg",
218+
content={
219+
"msgtype": "m.text",
220+
"body": "This should fail",
221+
},
222+
access_token=access_token,
223+
)
224+
# Should fail with 401 (unauthorized) since the device is deleted
225+
self.assertEqual(channel.code, 401, channel.result)
226+
self.assertEqual(channel.json_body["errcode"], "M_UNKNOWN_TOKEN")
227+
228+

0 commit comments

Comments
 (0)