Element-web: Implement cancelling 3pid invites
Blocked on support from synapse (https://github.com/matrix-org/synapse/issues/1473)
ara4n
All 7 comments
I have no idea why we've never done this; it should be trivial - surely we just delete the 3PID invite from the DAG. Does it even need synapse changes?
ara4n
on 12 Sep 2018
yeah, i just deleted a stuck one via /devtools by setting the body of the 3pid invite state event to {} and it dutifully disappeared. the only nastiness is that you end up with
in the timeline, plus the empty state event obviously hangs around forever, but that's a problem of https://github.com/matrix-org/matrix-doc/issues/456
ara4n
on 12 Sep 2018
ara4n
on 12 Sep 2018
Wouldn't you'd also need to invalidate the invite in the IS so it doesn't try and say the user can join?
turt2live
on 12 Sep 2018
You could, but i'm not sure it's the end of the world, given the IS will try exchange the 3pid invite for a real invite, which will fail because the 3pid invite will have been deleted (aka replaced by {})
ara4n
on 12 Sep 2018
Any update on this?
thomas4019
on 4 Jan 2019
This is an important security feature actually, as 3PID unaccepted invites hang around forever and are impossible to revoke currently. So if a user wishes to disinvite a user that never had a chance to accept, he/she can't and a user who should not have access to a room can join undesired at any time.
gdvine
on 30 Jan 2019
Related issues
PureTryOut
路
3Comments
anoadragon453
路
3Comments
richvdh
路
3Comments
richvdh
路
3Comments
niedzielski
路
3Comments
Most helpful comment
This is an important security feature actually, as 3PID unaccepted invites hang around forever and are impossible to revoke currently. So if a user wishes to disinvite a user that never had a chance to accept, he/she can't and a user who should not have access to a room can join undesired at any time.