Admin route for detecting if the user is an admin #6130
Comments
|
maybe /whois/ could simply be extended with an |
|
An admin user is a very Synapse orientated concept and putting it in whois would mean adding the concept to the spec for all, I think this would be better housed under the Synapse specific admin namespace |
|
Whois has a Synapse specific endpoint: |
|
(also the spec is fine with adding more fields to responses, just have to be wary of those fields changing value in the spec) |
Though currently it requires that the caller is an admin, @turt2live I think you are asking for a non-admin endpoint? |
|
I read through the code and it requires you to be an admin or be requesting the whois on yourself, which is the case is_admin is desired for |
|
I am asking for a way to determine if the access token gives the user Synapse admin rights. Synapse has an if statement where if you |
|
could you clarify the usecase here? Why do clients want to know if you are an admin? |
|
So they can show a "Deactivate this user" button. |
|
ok. I'm not quite clear why #6180 was rejected and have reopened it. That said, I'm not sure it's a great solution to the problem. |
|
I'm new to the matrix spec and synapse as a whole, so I just did what was requested in my pull request. Feel free to suggest better approaches and I'll see what I can do. |
|
This was added in #5914 |
Currently software abuses
/whoisfor checking admin state, though in some cases this is not useful because/whoiswill return a result if the requesting user is the target user. Some implementations get around this by querying a non-existent user to get an empty response if the requesting user is an admin.A route to just check if the user's access token givens them admin powers would be great.
The text was updated successfully, but these errors were encountered: