Skip to content

New admin API endpoint to reactivate users & align what lock/unlock/deactivate does in the admin API #4768

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Jul 17, 2025
Merged

New admin API endpoint to reactivate users & align what lock/unlock/deactivate does in the admin API #4768

merged 7 commits into from
Jul 17, 2025

Conversation

AndrewFerr
Copy link
Member

@AndrewFerr AndrewFerr commented Jul 9, 2025
edited by sandhose
Loading

Fixes #4740

This changes the lock/unlock/deactivate endpoints to:

  • only do what they claim to do (unlock doesn't reactivate, deactivate doesn't lock)
  • do most of it right away, not in a background task

@cloudflare-workers-and-pages Cloudflare Workers and Pages
Copy link

cloudflare-workers-and-pages bot commented Jul 9, 2025
edited
Loading

Deploying matrix-authentication-service-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: 8ac2770
Status: ✅  Deploy successful!
Preview URL: https://9d9449c8.matrix-authentication-service-docs.pages.dev
Branch Preview URL: https://af-rest-reactivate.matrix-authentication-service-docs.pages.dev

View logs

@AndrewFerr AndrewFerr marked this pull request as draft July 10, 2025 19:26
@AndrewFerr
Copy link
Member Author

Marking this as draft until it makes use of #4775 to test the updating of the deactivated_at timestamp on {d,r}eactivation.

@AndrewFerr AndrewFerr marked this pull request as ready for review July 14, 2025 18:43
sandhose
sandhose requested changes Jul 15, 2025
View reviewed changes
@AndrewFerr AndrewFerr force-pushed the af/rest-reactivate branch from 9e89708 to 4c40c25 Compare July 16, 2025 14:03
@AndrewFerr AndrewFerr requested a review from sandhose July 16, 2025 14:37
sandhose
sandhose requested changes Jul 16, 2025
View reviewed changes
Copy link
Member

@sandhose sandhose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there! I just want to avoid changes in behaviour on the GraphQL API, as it's used in our tools that haven't migrated to the admin API yet… unless you want to also fix those tools :D

@AndrewFerr AndrewFerr requested a review from sandhose July 16, 2025 18:16
@AndrewFerr
Add admin API endpoint to reactivate user
a8b8c8e
@AndrewFerr
Update schema
13a21cc
@AndrewFerr
Separate active state from lock state in admin API
6c1afee 
- Allow the admin API to deactivate a user without locking it, and to
  unlock a user without reactivating it.
- Make unlock-and-reactivate flows unset the "deactivated_at" timestamp.
- Revert adding an "unlock" parameter on `ReactivateUserJob`, as the
  option is used only by the admin API which doesn't use a job.
@AndrewFerr
Format
eca22d3
@AndrewFerr
Satisfy Clippy
df80326
@AndrewFerr
Decouple (un)locking from (re/de)activation
d807975 
Unify the admin API, CLI, and GraphQL API in not having the unlock
command also reactivate, or the deactivate command also lock.

Still let the unlock command of the CLI and GraphQL API to also
reactivate the target user, albeit as a non-default option.
@AndrewFerr
Revert GraphQL's unlock to also reactivate
8ac2770 
Unlike the CLI and admin API, leave the behaviour of the GraphQL's
unlock handler unchanged from before, so as to not break internal
tooling that depends on it.

Also update its documentation description to make note of the fact that
it reactivates in addition to unlocks.
@AndrewFerr AndrewFerr force-pushed the af/rest-reactivate branch from 43806cd to 8ac2770 Compare July 16, 2025 18:17
@sandhose sandhose changed the title Add admin API endpoint to reactivate user New admin API endpoint to reactivate users & align what lock/unlock/deactivate does in the admin API Jul 17, 2025
@sandhose sandhose added the A-Admin-API Related to the admin API label Jul 17, 2025
@sandhose sandhose merged commit 176c059 into main Jul 17, 2025
28 checks passed
@sandhose sandhose deleted the af/rest-reactivate branch July 17, 2025 07:11
@sandhose sandhose mentioned this pull request Jul 17, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sandhose sandhose sandhose approved these changes

Assignees

No one assigned

Labels

A-Admin-API Related to the admin API

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

REST Admin API to reactivate user

2 participants

@AndrewFerr @sandhose