Synapse: deprecate `/_matrix/client/*/admin`
Some of the admin API is exposed at various paths under /_matrix/client as well as /_synapse/admin. We should remove those paths to make it easier to lock down the admin api.
richvdh
All 10 comments
the other paths are:
/_matrix/client/api/v1/admin/_matrix/client/unstable/admin/_matrix/client/r0/admin
richvdh
on 26 Aug 2020
The first step here is to announce our intention to remove the old paths in a changelog.
richvdh
on 26 Aug 2020
The first step here is to announce our intention to remove the old paths in a changelog.
Should we do so in v1.20.0?
anoadragon453
on 28 Aug 2020
note that at least one of those endpoints made it into the spec: https://matrix.org/docs/spec/client_server/r0.6.1#get-matrix-client-r0-admin-whois-userid
turt2live
on 30 Aug 2020
note that at least one of those endpoints made it into the spec: https://matrix.org/docs/spec/client_server/r0.6.1#get-matrix-client-r0-admin-whois-userid
feh. we should replace and deprecate that too.
richvdh
on 1 Sep 2020
I've added the release-blocker label to remind us to do put a note about this in v1.20.0.
anoadragon453
on 3 Sep 2020
Note that this essentially means removing historical_admin_path_patterns, which is an easy way to find them all. 馃憤
clokep
on 16 Sep 2020
A deprecation warning for this has been added in the changelog for release v1.20.0: https://github.com/matrix-org/synapse/blob/v1.20.0/CHANGES.md#synapse-1200-2020-09-22
anoadragon453
on 22 Sep 2020
A deprecation warning for this has been added in the changelog for release v1.20.0: https://github.com/matrix-org/synapse/blob/v1.20.0/CHANGES.md#synapse-1200-2020-09-22
Thanks! Do we have any thoughts on how long before removing it? E.g. v1.21.0 seems fast?
clokep
on 22 Sep 2020
We're aiming to get v1.21.0 in the not-too-far future, so I'd leave it a bit longer.
anoadragon453
on 22 Sep 2020
Related issues
richvdh
路
3Comments
intelfx
路
3Comments
ptman
路
3Comments
ara4n
路
5Comments
alexrashed
路
4Comments
Most helpful comment
Should we do so in v1.20.0?