From 338e6d91c31af737fd636fccc6b6183bee8500b1 Mon Sep 17 00:00:00 2001
From: Aine <97398200+aine-etke@users.noreply.github.com>
Date: Tue, 24 Sep 2024 16:58:17 +0300
Subject: [PATCH] synapse-admin v0.10.3-etke16: Upgrade to react-admin v5,
 restrict actions on specific users (#3543)

* synapse-admin v0.10.3-etke15: Upgrade to react-admin v5

* v0.10.3-etke16

* fix linter

* add _auto and _custom vars

* Use 2 spaces before #noqa var-naming

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
---
 .../matrix-synapse-admin/defaults/main.yml    | 22 ++++++++++++++++++-
 .../templates/config.json.j2                  |  3 ++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml
index d02d65a6f..ea4edabb0 100644
--- a/roles/custom/matrix-synapse-admin/defaults/main.yml
+++ b/roles/custom/matrix-synapse-admin/defaults/main.yml
@@ -14,7 +14,7 @@ matrix_synapse_admin_container_image_self_build: false
 matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git"
 
 # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin
-matrix_synapse_admin_version: v0.10.3-etke14
+matrix_synapse_admin_version: v0.10.3-etke16
 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}"
 matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else 'ghcr.io/' }}"
 matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}"
@@ -174,3 +174,23 @@ matrix_synapse_admin_configuration: "{{ matrix_synapse_admin_configuration_defau
 # Controls the restrictBaseUrl configuration setting, which, if defined,
 # restricts the homeserver(s), so that the user can no longer define a homeserver manually during login.
 matrix_synapse_admin_config_restrictBaseUrl: "{{ [matrix_homeserver_url] }}"  # noqa var-naming
+
+# Controls the asManagedUsers configuration setting (managed by playbook), which, if defined,
+# restricts modifications of the specified users (e.g., bridge-managed).
+# You should use JS regex syntax to match the user IDs.
+# Example for mautrix-telegram: ["^@telegram_[a-zA-Z0-9]+:example\\.com$"]
+# WARNING: you want to use matrix_synapse_admin_config_asManagedUsers_custom instead of this variable.
+matrix_synapse_admin_config_asManagedUsers_auto: []  # noqa var-naming
+
+# Controls the asManagedUsers configuration setting (managed per host), which, if defined,
+# restricts modifications of the specified users (e.g., bridge-managed).
+# You should use JS regex syntax to match the user IDs.
+# Example for mautrix-telegram: ["^@telegram_[a-zA-Z0-9]+:example\\.com$"]
+matrix_synapse_admin_config_asManagedUsers_custom: []  # noqa var-naming
+
+# Controls the asManagedUsers configuration setting, which, if defined,
+# restricts modifications of the specified users (e.g., bridge-managed).
+# You should use JS regex syntax to match the user IDs.
+# Example for mautrix-telegram: ["^@telegram_[a-zA-Z0-9]+:example\\.com$"]
+# WARNING: you want to use matrix_synapse_admin_config_asManagedUsers_custom instead of this variable.
+matrix_synapse_admin_config_asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers_auto + matrix_synapse_admin_config_asManagedUsers_custom }}"  # noqa var-naming
diff --git a/roles/custom/matrix-synapse-admin/templates/config.json.j2 b/roles/custom/matrix-synapse-admin/templates/config.json.j2
index dbd32d6d4..dcf44aeb6 100644
--- a/roles/custom/matrix-synapse-admin/templates/config.json.j2
+++ b/roles/custom/matrix-synapse-admin/templates/config.json.j2
@@ -1,3 +1,4 @@
 {
-	"restrictBaseUrl": {{ matrix_synapse_admin_config_restrictBaseUrl | to_json }}
+	"restrictBaseUrl": {{ matrix_synapse_admin_config_restrictBaseUrl | to_json }},
+	"asManagedUsers": {{ matrix_synapse_admin_config_asManagedUsers | to_json }}
 }