Add admin API to send a server_notice to one/all users

[krombel]

In #3525 it got requested to have an easier way to send a server notice
to all users on the server.

Besides the query that got mentioned there this adds another command
which can be called via manhole to send those messages.

This PR adds admin API as follows:

http://localhost:8008/_matrix/client/api/v1/admin/send_server_notice/@dest:user?access_token=admin_access_token
JsonBodyToSend:
    {
        "event": {'msgtype':'m.text', 'body':'This is my message'}
    }
    or simply
    {
        'event_body': 'This is my message'
    }

@dest:user is optional

This would fix #3532

Signed-Off-By: Matthias Kesler krombel@krombel.de

[matrixbot]

Can one of the admins verify this patch?

[matrixbot]

Can one of the admins verify this patch?

[richvdh]

let's not add too much magic which is only meant to be used via the manhole. better to add admin apis.

[t3chguy]

Seems like all the Admin_APIs in https://github.com/matrix-org/synapse/tree/master/docs/admin_api reference r0, your example references v1

[t3chguy]

you seem to switch between v1 and r0 interchangeably...

[t3chguy]

so is it r0 or v1?

[krombel]

it was a copy/paste error. I got confused by the doc strings of the other methods.
It should be r0 AFAIK. I have changed it now

[t3chguy]

it seems like it is actually v1

[krombel]

It is that class but it adds the /client/r0/ endpoints as well.

[richvdh]

could you stick this under docs/admin_api, with a link here to say "there is an API which is documented at [...]"?

[richvdh]

under

[richvdh]

"a lot of users". Or better: "a large number of registered users."

[richvdh]

s/with//

[richvdh]

if you drop the access_token (which is kinda obvious), does this fit on one line?

If not, can you indent this line more?

also, I suggest @user:host rather than @dest:user

[richvdh]

I feel like sending a message to all users is a dangerous thing that might happen by accident. Would it be better to have separate APIs

/admin/send_server_notice_to_user/<user_id>

/admin/send_server_notice_to_all_users

?

[krombel]

It would cause some code duplication as I would have to create a new servlet for that.
Personally I think there is a reason why we require an admin token so that the admin should take care that (s)he does it right.
But I can change it if you like.

[richvdh]

well, fair enough. I won't insist.

[richvdh]

surely we should yield here to wait for the request to complete?

[richvdh]

I'm trying to figure out whether there is a difference in behaviour between /admin/send_server_notice/ (with a trailing slash and an empty user_id) and /admin/send_server_notice (with no trailing slash). AFAICT the former will fail, but the docs say it is valid?

I'd suggest that you should not accept /admin/send_server_notice/, and the docs should be updated to clarify.

[richvdh]

I have taken this PR as a basis for another implementation, over in #5121. It doesn't currently implement the "send-to-all" functionality, so that is left for a future PR. My feeling is that should be a separate endpoint anyway.

In the meantime, I'm going to close this PR. Thank you for your work on this, @krombel!

[eMPee584]

[…]
So is it currently possible to use a wildcard for the /admin/send_server_notice_to_user/ endpoint to send everyone a notice, or would it need to be scripted? @krombel's well-looking draft implementation of an endpoint seems to have been /dev/nulled?