From ff815c033340da092116e96626fe1dfc8ea940bb Mon Sep 17 00:00:00 2001 From: Jason Robinson Date: Tue, 6 Feb 2024 16:00:56 +0200 Subject: [PATCH] syn2mas: Skip access tokens that don't have a device ID These can't be migrated. They are likely enirely valid tokens created by puppeting a user via the Synapse admin api. Treating them as fatal errors will make it impossible to migrate any host that has ever used this admin API feature. --- tools/syn2mas/src/advisor.mts | 2 +- tools/syn2mas/src/migrate.mts | 13 ++++--------- tools/syn2mas/src/types/SAccessToken.d.ts | 2 +- 3 files changed, 6 insertions(+), 11 deletions(-) diff --git a/tools/syn2mas/src/advisor.mts b/tools/syn2mas/src/advisor.mts index 4ba58b570..ed2bde38e 100644 --- a/tools/syn2mas/src/advisor.mts +++ b/tools/syn2mas/src/advisor.mts @@ -161,7 +161,7 @@ export async function advisor(): Promise { ); if (accessTokensWithoutDeviceId > 0) { error( - `Synapse database contains ${accessTokensWithoutDeviceId} access tokens without an associated device_id which aren't supported during migration`, + `Synapse database contains ${accessTokensWithoutDeviceId} access tokens without an associated device_id which will be skipped during migration`, ); } diff --git a/tools/syn2mas/src/migrate.mts b/tools/syn2mas/src/migrate.mts index 39c9bfc9c..f78b9c8e6 100644 --- a/tools/syn2mas/src/migrate.mts +++ b/tools/syn2mas/src/migrate.mts @@ -337,16 +337,11 @@ export async function migrate(): Promise { const synapseAccessTokens = await synapse .select("*") .from("access_tokens") - .where({ user_id: user.name }); + .where({ user_id: user.name }) + // Skip tokens without devices. + // These can be for example short-lived tokens created by puppeting a user over the Synapse admin API. + .whereNotNull("device_id"); for (const accessToken of synapseAccessTokens) { - if (!accessToken.device_id) { - warningsForUser += 1; - warn( - `Skipping access token ${accessToken.token} for user ${user.name} with no device_id`, - ); - continue; - } - const tokenCreatedAt = accessToken.last_validated ? new Date(parseInt(`${accessToken.last_validated}`)) : masUser.created_at; diff --git a/tools/syn2mas/src/types/SAccessToken.d.ts b/tools/syn2mas/src/types/SAccessToken.d.ts index bbf495712..adc66e03f 100644 --- a/tools/syn2mas/src/types/SAccessToken.d.ts +++ b/tools/syn2mas/src/types/SAccessToken.d.ts @@ -32,7 +32,7 @@ CREATE TABLE access_tokens ( export interface SAccessToken { id: Id; user_id: SynapseUserId; - device_id?: string; + device_id: string; token: string; valid_until_ms?: number; puppets_user_id?: SynapseUserId;