Skip to content

Add an admin API to search for children of a room #19021

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 13 commits into
base: develop
Choose a base branch
from
Open

Add an admin API to search for children of a room #19021

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
f963b82
add admin api to search for parent space of room and other rooms in s…
H-Shay Oct 6, 2025
e664088
docs + tests
H-Shay Oct 6, 2025
58c6a79
newsfragment
H-Shay Oct 6, 2025
fcb54a3
rewrite to model after cs hierarchy endpoint
H-Shay Oct 15, 2025
5f50fd5
update docs and tests
H-Shay Oct 15, 2025
76b86cf
update newsfragment
H-Shay Oct 15, 2025
8f78840
Merge branch 'develop' into shay/admin_spaces
H-Shay Oct 15, 2025
501257e
requested changes
H-Shay Oct 17, 2025
6d8c5c0
requested changes
H-Shay Oct 20, 2025
6148cb7
requested changes
H-Shay Oct 21, 2025
c187583
Merge branch 'develop' into shay/admin_spaces
H-Shay Oct 21, 2025
e119448
lint
H-Shay Oct 21, 2025
99eb9eb
fix up docs
H-Shay Oct 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changelog.d/19021.feature
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Add an [Admin API](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/index.html) to allow an admin
to search for room details and any children in a provided room.
73 changes: 73 additions & 0 deletions docs/admin_api/rooms.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1115,3 +1115,76 @@ Example response:
]
}
```

# Admin Space Hierarchy Endpoint

This API allows an admin to fetch the space/room hierarchy for a given space, returning details about that room and any children
the room may have, paginating over the space tree in a depth-first manner to locate child rooms. This is functionally similar to the [CS Hierarchy](https://spec.matrix.org/v1.16/client-server-api/#get_matrixclientv1roomsroomidhierarchy) endpoint but does not return information about any remote
rooms that the server is not currently participating in and does not check for room membership when returning room summaries.

**Parameters**

The following query parameters are available:

* `from` - An optional pagination token, provided when there are more rooms to return than the limit.
* `limit` - Maximum amount of rooms to return. Must be a non-negative integer, defaults to `50`.
* `max_depth` - The maximum depth in the tree to explore, must be a non-negative integer. 0 would correspond to just the root room, 1 would include just the root room's children, etc. If not provided will recurse into the space tree without limit.

Request:

```http
GET /_synapse/admin/v1/rooms/<room_id>/hierarchy
```

Response:

```json
{
"rooms":
[
{"aliases": [],
"children_state": [
{
"content": {
"via": ["local_test_server"]
},
"origin_server_ts": 1500,
"sender": "@user:test",
"state_key": "!QrMkkqBSwYRIFNFCso:test",
"type": "m.space.child"
}
],
"creation_event_id": "$bVkNVtm4aDw4c0LRf_U5Ad7mZSo4WKzzQKImrk_rQcg",
"creator": "@user:test",
"guest_can_join": false,
"is_space": true,
"join_rule": "public",
"name": null,
"num_joined_members": 1,
"power_users": ["@user:test"],
"room_creation_ts": 1400,
"room_id": "!sPOpNyMHbZAoAOsOFL:test",
"room_type": "m.space",
"topic": null,
"world_readable": false
},

{
"aliases": [],
"children_state": [],
"creation_event_id": "$kymNeN-gA5kzLwZ6FEQUu0_2MfeenYKINSO3dUuLYf8",
"creator": "@user:test",
"guest_can_join": true,
"is_space": false,
"join_rule": "invite",
"name": "nefarious",
"num_joined_members": 1,
"power_users": ["@user:test"],
"room_creation_ts": 999,
"room_id": "!QrMkkqBSwYRIFNFCso:test",
"topic": "being bad",
"world_readable": false}
],
"next_batch": "KUYmRbeSpAoaAIgOKGgyaCEn"
}
```
50 changes: 38 additions & 12 deletions synapse/handlers/room_summary.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,8 @@ def __init__(self, hs: "HomeServer"):
str,
str,
bool,
bool,
bool,
Optional[int],
Optional[int],
Optional[str],
Expand All @@ -133,6 +135,8 @@ async def get_room_hierarchy(
requester: Requester,
requested_room_id: str,
suggested_only: bool = False,
omit_remote_rooms: bool = False,
admin_skip_room_visibility_check: bool = False,
max_depth: Optional[int] = None,
limit: Optional[int] = None,
from_token: Optional[str] = None,
Expand All @@ -146,6 +150,9 @@ async def get_room_hierarchy(
requested_room_id: The room ID to start the hierarchy at (the "root" room).
suggested_only: Whether we should only return children with the "suggested"
flag set.
omit_remote_rooms: Whether to omit rooms which the server is not currently participating in
admin_skip_room_visibility_check: Whether to skip checking if the room can be accessed by the requester,
used for the admin endpoints.
max_depth: The maximum depth in the tree to explore, must be a
non-negative integer.

Expand Down Expand Up @@ -173,6 +180,8 @@ async def get_room_hierarchy(
requester.user.to_string(),
requested_room_id,
suggested_only,
omit_remote_rooms,
admin_skip_room_visibility_check,
max_depth,
limit,
from_token,
Expand All @@ -182,6 +191,8 @@ async def get_room_hierarchy(
requester.user.to_string(),
requested_room_id,
suggested_only,
omit_remote_rooms,
admin_skip_room_visibility_check,
max_depth,
limit,
from_token,
Expand All @@ -193,6 +204,8 @@ async def _get_room_hierarchy(
requester: str,
requested_room_id: str,
suggested_only: bool = False,
omit_remote_rooms: bool = False,
admin_skip_room_visibility_check: bool = False,
max_depth: Optional[int] = None,
limit: Optional[int] = None,
from_token: Optional[str] = None,
Expand All @@ -204,17 +217,18 @@ async def _get_room_hierarchy(
local_room = await self._store.is_host_joined(
requested_room_id, self._server_name
)
if local_room and not await self._is_local_room_accessible(
requested_room_id, requester
):
raise UnstableSpecAuthError(
403,
"User %s not in room %s, and room previews are disabled"
% (requester, requested_room_id),
errcode=Codes.NOT_JOINED,
)
if not admin_skip_room_visibility_check:
if local_room and not await self._is_local_room_accessible(
requested_room_id, requester
):
raise UnstableSpecAuthError(
403,
"User %s not in room %s, and room previews are disabled"
% (requester, requested_room_id),
errcode=Codes.NOT_JOINED,
)

if not local_room:
if not local_room and not omit_remote_rooms:
room_hierarchy = await self._summarize_remote_room_hierarchy(
_RoomQueueEntry(requested_room_id, remote_room_hosts or ()),
False,
Expand Down Expand Up @@ -247,6 +261,9 @@ async def _get_room_hierarchy(
or requested_room_id != pagination_session["room_id"]
or suggested_only != pagination_session["suggested_only"]
or max_depth != pagination_session["max_depth"]
or omit_remote_rooms != pagination_session["omit_remote_rooms"]
or admin_skip_room_visibility_check
!= pagination_session["admin_skip_room_visibility_check"]
):
raise SynapseError(400, "Unknown pagination token", Codes.INVALID_PARAM)

Expand Down Expand Up @@ -301,10 +318,11 @@ async def _get_room_hierarchy(
None,
room_id,
suggested_only,
admin_skip_room_visibility_check=admin_skip_room_visibility_check,
)

# Otherwise, attempt to use information for federation.
else:
elif not omit_remote_rooms:
# A previous call might have included information for this room.
# It can be used if either:
#
Expand Down Expand Up @@ -378,6 +396,8 @@ async def _get_room_hierarchy(
"room_id": requested_room_id,
"suggested_only": suggested_only,
"max_depth": max_depth,
"omit_remote_rooms": omit_remote_rooms,
"admin_skip_room_visibility_check": admin_skip_room_visibility_check,
# The stored state.
"room_queue": [
attr.astuple(room_entry) for room_entry in room_queue
Expand Down Expand Up @@ -460,6 +480,7 @@ async def _summarize_local_room(
room_id: str,
suggested_only: bool,
include_children: bool = True,
admin_skip_room_visibility_check: bool = False,
) -> Optional["_RoomEntry"]:
"""
Generate a room entry and a list of event entries for a given room.
Expand All @@ -476,11 +497,16 @@ async def _summarize_local_room(
Otherwise, all children are returned.
include_children:
Whether to include the events of any children.
admin_skip_room_visibility_check: Whether to skip checking if the room can be accessed by the requester,
used for the admin endpoints.

Returns:
A room entry if the room should be returned. None, otherwise.
"""
if not await self._is_local_room_accessible(room_id, requester, origin):
if (
not admin_skip_room_visibility_check
and not await self._is_local_room_accessible(room_id, requester, origin)
):
return None

room_entry = await self._build_room_entry(room_id, for_federation=bool(origin))
Expand Down
2 changes: 2 additions & 0 deletions synapse/rest/admin/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@
RegistrationTokenRestServlet,
)
from synapse.rest.admin.rooms import (
AdminRoomHierarchy,
BlockRoomRestServlet,
DeleteRoomStatusByDeleteIdRestServlet,
DeleteRoomStatusByRoomIdRestServlet,
Expand Down Expand Up @@ -342,6 +343,7 @@ def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
ExperimentalFeaturesRestServlet(hs).register(http_server)
SuspendAccountRestServlet(hs).register(http_server)
ScheduledTasksRestServlet(hs).register(http_server)
AdminRoomHierarchy(hs).register(http_server)
EventRestServlet(hs).register(http_server)


Expand Down
40 changes: 40 additions & 0 deletions synapse/rest/admin/rooms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,46 @@
logger = logging.getLogger(__name__)


class AdminRoomHierarchy(RestServlet):
"""
Given a room, returns room details on that room and any space children of the provided room.
Does not return information about remote rooms which the server is not currently
participating in
"""

PATTERNS = admin_patterns("/rooms/(?P<room_id>[^/]*)/hierarchy$")

def __init__(self, hs: "HomeServer"):
self._auth = hs.get_auth()
self._room_summary_handler = hs.get_room_summary_handler()
self._store = hs.get_datastores().main
self._storage_controllers = hs.get_storage_controllers()

async def on_GET(
self, request: SynapseRequest, room_id: str
) -> Tuple[int, JsonDict]:
requester = await self._auth.get_user_by_req(request)
await assert_user_is_admin(self._auth, requester)

max_depth = parse_integer(request, "max_depth")
limit = parse_integer(request, "limit")

# we omit returning remote rooms that the server is not currently participating in,
# as that information shouldn't be available to the server admin (as they are not
# participating in those rooms)
Copy link
Contributor

@MadLittleMods MadLittleMods Oct 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't feel like the correct or whole reason why as far as I can tell. Context #19021 (comment)

I feel like this should read more like:

We omit remote rooms because we only care about managing rooms local to the homeserver. This also immensely helps with the response time of the endpoint since we don't need to reach out over federation. There is a trade-off where this will leave holes where xxx (see other conversation).

that information shouldn't be available to the server admin (as they are not participating in those rooms)

Why is that the case?

As far as I can tell, GET /_matrix/federation/v1/hierarchy/{roomId} is at the server-level and is for peeking so there would be no issue for the admins' server to ask other servers about the remote /hierarchy.

children the requesting server could feasibly peek/join are returned

-- Spec: GET /_matrix/federation/v1/hierarchy/{roomId}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking narrowly of restricted remote rooms (ie not public/peekable) - I've amended the comment to be clearer, hopefully it's better.

room_entry_summary = await self._room_summary_handler.get_room_hierarchy(
requester,
room_id,
omit_remote_rooms=True,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will we be leaving holes in the /hierarchy by not looking for remote rooms? (I think so)

For example, if no one from the server is joined to a given sub-space but is joined to some rooms in the sub-space, we would never see the structure here. It might be strange that no one is joined to a m.space.child but seems possible.

But the federation /hierarchy endpoint only seems to return public rooms that would be peekable and joined without an invite. So it would only fill in public holes.

Holes from private space rooms are expected unless someone is joined.

admin_skip_room_visibility_check=True,
max_depth=max_depth,
limit=limit,
from_token=parse_string(request, "from"),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from_token being a string instead of actual token seems like a mistake to me but this is prior art ⏩

)

return HTTPStatus.OK, room_entry_summary


class RoomRestV2Servlet(RestServlet):
"""Delete a room from server asynchronously with a background task.
Expand Down
Loading
Loading