diff --git a/docs/registering-users.md b/docs/registering-users.md index 50dd92a96..cf0ede41b 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -24,11 +24,14 @@ If you've just installed Matrix, **to finalize the installation process**, it's ----- -The script `/usr/local/bin/matrix-make-user-admin` may be used to upgrade a user's privileges: + +## Adding/Removing Administrator privileges to an existing user. + +The script `/usr/local/bin/matrix-change-user-admin-status` may be used to change a user's admin privileges. * log on to your server with ssh -* execute with the username: +* execute with the username and 0/1 (0 = non-admin | 1 = admin) ``` -/usr/local/bin/matrix-make-user-admin +/usr/local/bin/matrix-change-user-admin-status <0/1> ``` diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index 865379d3b..f2fac643b 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -34,9 +34,9 @@ where `` is the hash returned by the docker command above. Use the Synapse User Admin API as described here: https://github.com/matrix-org/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password -Note this method will log the user out of all of their clients while the other options do not. +This requires an access token from a server admin account. *This method will also log the user out of all of their clients while the other options do not.* -This option requires an access token from a server admin account. If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-make-user-admin` script as described in [registering-users.md](registering-users.md). +If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-change-user-admin-status` script as described in [registering-users.md](registering-users.md). ### Example: To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command: diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml index 9ee09381e..16c276770 100644 --- a/roles/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/matrix-postgres/tasks/setup_postgres.yml @@ -73,13 +73,19 @@ mode: 0750 when: matrix_postgres_enabled|bool -- name: Ensure matrix-make-user-admin script created +- name: Ensure matrix-change-user-admin-status script created template: - src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2" - dest: "/usr/local/bin/matrix-make-user-admin" + src: "{{ role_path }}/templates/usr-local-bin/matrix-change-user-admin-status.j2" + dest: "/usr/local/bin/matrix-change-user-admin-status" mode: 0750 when: matrix_postgres_enabled|bool +- name: (Migration) Ensure old matrix-make-user-admin script deleted + file: + path: "/usr/local/bin/matrix-make-user-admin" + state: absent + when: matrix_postgres_enabled|bool + - name: Ensure matrix-postgres-update-user-password-hash script created template: src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2" @@ -146,6 +152,6 @@ state: absent with_items: - matrix-postgres-cli - - matrix-make-user-admin + - matrix-change-user-admin-status - matrix-postgres-update-user-password-hash when: "not matrix_postgres_enabled|bool" diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 b/roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 new file mode 100644 index 000000000..5f66ca6cd --- /dev/null +++ b/roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 @@ -0,0 +1,19 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +if [ $# -ne 2 ]; then + echo "Usage: "$0" <0/1>" + echo "Usage: 0 = non-admin" + echo "Usage: 1 = admin" + exit 1 +fi + +docker run \ + -it \ + --rm \ + --user=991:991 \ + --cap-drop=ALL \ + --env-file=/matrix/postgres/env-postgres-psql \ + --network matrix \ + postgres:12.1-alpine \ + psql -h matrix-postgres -c "UPDATE users set admin=$2 WHERE name like '@$1:{{ matrix_domain }}'" \ No newline at end of file diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-make-user-admin.j2 b/roles/matrix-postgres/templates/usr-local-bin/matrix-make-user-admin.j2 deleted file mode 100644 index f8daa6a76..000000000 --- a/roles/matrix-postgres/templates/usr-local-bin/matrix-make-user-admin.j2 +++ /dev/null @@ -1,17 +0,0 @@ -#jinja2: lstrip_blocks: "True" -#!/bin/bash - -if [ $# -ne 1 ]; then - echo "Usage: "$0" " - exit 1 -fi - -docker run \ - -it \ - --rm \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --cap-drop=ALL \ - --env-file={{ matrix_postgres_base_path }}/env-postgres-psql \ - --network {{ matrix_docker_network }} \ - {{ matrix_postgres_docker_image_to_use }} \ - psql -h {{ matrix_postgres_connection_hostname }} -c "UPDATE users set admin=1 WHERE name like '@$1:{{ matrix_domain }}'"