Skip to content

Commit d97a7fe

Browse files
test
1 parent f8106b3 commit d97a7fe

2 files changed

Lines changed: 79 additions & 3 deletions

File tree

synapse/storage/databases/main/registration.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2589,7 +2589,6 @@ def user_delete_access_tokens_for_devices_txn(
25892589
"""
25902590
txn.execute(sql, args)
25912591
tokens_and_devices = txn.fetchall()
2592-
25932592
self._invalidate_cache_and_stream_bulk(
25942593
txn,
25952594
self.get_user_by_access_token,
@@ -2605,7 +2604,10 @@ def user_delete_access_tokens_for_devices_txn(
26052604
batch_device_ids,
26062605
)
26072606
results.extend(tokens_and_devices)
2608-
2607+
# Print after transaction completes (cache invalidation has happened)
2608+
if tokens_and_devices:
2609+
print(tokens_and_devices)
2610+
print(self.get_user_by_access_token(tokens_and_devices[0][0]))
26092611
return results
26102612

26112613
async def delete_access_token(self, access_token: str) -> None:

tests/rest/client/test_read_marker.py

Lines changed: 75 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,12 +18,13 @@
1818
# [This file includes modifications made by New Vector Limited]
1919
#
2020
#
21+
2122
from twisted.internet.testing import MemoryReactor
2223

2324
import synapse.rest.admin
2425
from synapse.api.constants import EventTypes
2526
from synapse.rest import admin
26-
from synapse.rest.client import login, read_marker, register, room
27+
from synapse.rest.client import devices, login, read_marker, register, room
2728
from synapse.server import HomeServer
2829
from synapse.util.clock import Clock
2930

@@ -39,6 +40,7 @@ class ReadMarkerTestCase(unittest.HomeserverTestCase):
3940
register.register_servlets,
4041
read_marker.register_servlets,
4142
room.register_servlets,
43+
devices.register_servlets,
4244
synapse.rest.admin.register_servlets,
4345
admin.register_servlets,
4446
]
@@ -149,3 +151,75 @@ def send_message() -> str:
149151
access_token=self.owner_tok,
150152
)
151153
self.assertEqual(channel.code, 200, channel.result)
154+
155+
def test_deleted_device_cannot_set_read_marker_or_send_message(self) -> None:
156+
"""
157+
Test that a deleted device cannot set a read marker or send a message.
158+
"""
159+
# Register a user and login with a specific device_id
160+
user_id = self.register_user("testuser", "password")
161+
device_id = "TEST_DEVICE_123"
162+
access_token = self.login("testuser", "password", device_id=device_id)
163+
print("access token: ", access_token)
164+
165+
# Create a room
166+
room_id = self.helper.create_room_as(user_id, tok=access_token)
167+
168+
# Send a message
169+
message_result = self.helper.send(
170+
room_id=room_id, body="Hello", tok=access_token
171+
)
172+
event_id = message_result["event_id"]
173+
174+
# Delete the device
175+
channel = self.make_request(
176+
"DELETE",
177+
f"devices/{device_id}",
178+
access_token=access_token,
179+
)
180+
181+
# If UI auth is required, provide it
182+
if channel.code == 401:
183+
session = channel.json_body["session"]
184+
channel = self.make_request(
185+
"DELETE",
186+
f"devices/{device_id}",
187+
access_token=access_token,
188+
content={
189+
"auth": {
190+
"type": "m.login.password",
191+
"user": "testuser",
192+
"password": "password",
193+
"session": session,
194+
},
195+
},
196+
)
197+
198+
self.assertEqual(channel.code, 200, channel.result)
199+
200+
# Try to set a read marker with the deleted device's token
201+
channel = self.make_request(
202+
"POST",
203+
f"/rooms/{room_id}/read_markers",
204+
content={
205+
"m.fully_read": event_id,
206+
},
207+
access_token=access_token,
208+
)
209+
# Should fail with 401 (unauthorized) since the device is deleted
210+
self.assertEqual(channel.code, 401, channel.result)
211+
self.assertEqual(channel.json_body["errcode"], "M_UNKNOWN_TOKEN")
212+
213+
# Try to send a message with the deleted device's token
214+
channel = self.make_request(
215+
"PUT",
216+
f"/rooms/{room_id}/send/m.room.message/test_msg",
217+
content={
218+
"msgtype": "m.text",
219+
"body": "This should fail",
220+
},
221+
access_token=access_token,
222+
)
223+
# Should fail with 401 (unauthorized) since the device is deleted
224+
self.assertEqual(channel.code, 401, channel.result)
225+
self.assertEqual(channel.json_body["errcode"], "M_UNKNOWN_TOKEN")

0 commit comments

Comments
 (0)