fix 'Sign in' button disabled on SSO-only servers when attempting access token login

Refactor required fields check on Bulk CSV upload (#59 )
Related to https://github.com/etkecc/synapse-admin/pull/32
2024-10-18 10:21:48 +03:00 · 2024-10-17 22:56:19 +03:00 · 2024-10-17 18:34:20 +03:00 · 2024-10-10 22:13:50 +03:00 · 2024-10-08 12:15:03 +03:00 · 2024-10-08 10:51:16 +03:00
32 changed files with 1188 additions and 674 deletions
--- a/.watchmanconfig
+++ b/.watchmanconfig
@@ -0,0 +1,5 @@
+{
+    "ignore_dirs": [
+        "testdata"
+    ]
+}
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ This project is built using [react-admin](https://marmelab.com/react-admin/).
 <!-- vim-markdown-toc GFM -->

 * [Fork differences](#fork-differences)
-  * [Available via CDN](#available-via-cdn)
+  * [Availability](#availability)
  * [Changes](#changes)
  * [Development](#development)
 * [Configuration](#configuration)
@@ -33,9 +33,11 @@ With [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologie
 fork is intended to be a more feature-rich version of the original project. The main goal is to provide a more
 user-friendly interface for managing Synapse homeservers.

-### Available via CDN
+### Availability

-On [admin.etke.cc](https://admin.etke.cc) you can find the latest version of this fork.
+* As a core/default component on [etke.cc](https://etke.cc/?utm_source=github&utm_medium=readme&utm_campaign=synapse-admin)
+* Via CDN on [admin.etke.cc](https://admin.etke.cc)
+* As a component in [Matrix-Docker-Ansible-Deploy Playbook](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-synapse-admin.md)

 ### Changes

@@ -60,6 +62,10 @@ The following changes are already implemented:
 * [Upgrade react-admin to v5](https://github.com/etkecc/synapse-admin/pull/40)
 * [Restrict actions on specific users](https://github.com/etkecc/synapse-admin/pull/42)
 * [Add `Contact support` menu item](https://github.com/etkecc/synapse-admin/pull/45)
+* [Provide options to delete media and redact events on user erase](https://github.com/etkecc/synapse-admin/pull/49)
+* [Authenticated Media support](https://github.com/etkecc/synapse-admin/pull/51)
+* [Better media preview/download](https://github.com/etkecc/synapse-admin/pull/53)
+* [Login with access token](https://github.com/etkecc/synapse-admin/pull/58)

 _the list will be updated as new changes are added_

@@ -136,7 +142,7 @@ Synapse-Admin provides a support link in the main menu - `Contact support`. By d

 ### Supported Synapse

-It needs at least [Synapse](https://github.com/element-hq/synapse) v1.93.0 for all functions to work as expected!
+It needs at least [Synapse](https://github.com/element-hq/synapse) v1.116.0 for all functions to work as expected!

 You get your server version with the request `/_synapse/admin/v1/server_version`.
 See also [Synapse version API](https://element-hq.github.io/synapse/latest/admin_api/version_api.html).
--- a/8
+++ b/8
@@ -25,11 +25,15 @@ run-dev:
 stop-dev:
    @docker-compose -f docker-compose-dev.yml stop

-
+# register a user in the dev stack
 register-user localpart password *admin:
 	docker-compose exec synapse register_new_matrix_user {{ if admin == "1" {"--admin"} else {"--no-admin"} }} -u {{ localpart }} -p {{ password }} -c /config/homeserver.yaml http://localhost:8008

-
+# run yarn {fix,lint,test} commands
+test:
+    @-yarn run fix
+    @-yarn run lint
+    @-yarn run test

 # run the app in a production mode
 run-prod: build
--- a/src/components/AdminLayout.tsx
+++ b/src/components/AdminLayout.tsx
@@ -1,16 +1,60 @@
-import { Layout, Menu } from 'react-admin';
-import LiveHelpIcon from '@mui/icons-material/LiveHelp';
+import { AppBar, Confirm, Layout, Logout, Menu, useLogout, UserMenu } from "react-admin";
+import LiveHelpIcon from "@mui/icons-material/LiveHelp";
+import { LoginMethod } from "../pages/LoginPage";
+import { useState } from "react";

 const DEFAULT_SUPPORT_LINK = "https://github.com/etkecc/synapse-admin/issues";
 const supportLink = (): string => {
  try {
-        new URL(localStorage.getItem("support_url") || ''); // Check if the URL is valid
+    new URL(localStorage.getItem("support_url") || ""); // Check if the URL is valid
    return localStorage.getItem("support_url") || DEFAULT_SUPPORT_LINK;
  } catch (e) {
    return DEFAULT_SUPPORT_LINK;
  }
 };

+const AdminUserMenu = () => {
+  const [open, setOpen] = useState(false);
+  const logout = useLogout();
+  const checkLoginType = (ev: React.MouseEvent<HTMLDivElement>) => {
+    const loginType: LoginMethod = (localStorage.getItem("login_type") || "credentials") as LoginMethod;
+    if (loginType === "accessToken") {
+      ev.stopPropagation();
+      setOpen(true);
+    }
+  };
+
+  const handleConfirm = () => {
+    setOpen(false);
+    logout();
+  };
+
+  const handleDialogClose = () => {
+    setOpen(false);
+    localStorage.removeItem("access_token");
+    localStorage.removeItem("login_type");
+    window.location.reload();
+  };
+
+  return (
+    <UserMenu>
+      <div onClickCapture={checkLoginType}>
+        <Logout />
+      </div>
+      <Confirm
+        isOpen={open}
+        title="synapseadmin.auth.logout_acces_token_dialog.title"
+        content="synapseadmin.auth.logout_acces_token_dialog.content"
+        onConfirm={handleConfirm}
+        onClose={handleDialogClose}
+        confirm="synapseadmin.auth.logout_acces_token_dialog.confirm"
+        cancel="synapseadmin.auth.logout_acces_token_dialog.cancel"
+      />
+    </UserMenu>
+  );
+};
+
+const AdminAppBar = () => <AppBar userMenu={<AdminUserMenu />} />;

 const AdminMenu = () => (
  <Menu>
@@ -20,7 +64,7 @@ const AdminMenu = () => (
 );

 export const AdminLayout = ({ children }) => (
-    <Layout menu={AdminMenu}>
+  <Layout appBar={AdminAppBar} menu={AdminMenu}>
    {children}
  </Layout>
 );
--- a/src/components/AvatarField.test.tsx
+++ b/src/components/AvatarField.test.tsx
@@ -1,18 +1,43 @@
-import { render, screen } from "@testing-library/react";
+import { render, screen, waitFor } from "@testing-library/react";
 import { RecordContextProvider } from "react-admin";
-
+import { act } from "react";
 import AvatarField from "./AvatarField";

 describe("AvatarField", () => {
-  it("shows image", () => {
+  beforeEach(() => {
+    // Mock fetch
+    global.fetch = jest.fn(() =>
+      Promise.resolve({
+        blob: () => Promise.resolve(new Blob(["mock image data"], { type: 'image/jpeg' })),
+      })
+    ) as jest.Mock;
+
+    // Mock URL.createObjectURL
+    global.URL.createObjectURL = jest.fn(() => "mock-object-url");
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
+  it.only("shows image", async () => {
    const value = {
-      avatar: "foo",
+      avatar: "mxc://serverName/mediaId",
    };
+
+    await act(async () => {
      render(
        <RecordContextProvider value={value}>
          <AvatarField source="avatar" />
        </RecordContextProvider>
      );
-    expect(screen.getByRole("img").getAttribute("src")).toBe("foo");
+    });
+
+    await waitFor(() => {
+      const img = screen.getByRole("img");
+      expect(img.getAttribute("src")).toBe("mock-object-url");
+    });
+
+    expect(global.fetch).toHaveBeenCalled();
  });
 });
--- a/src/components/AvatarField.tsx
+++ b/src/components/AvatarField.tsx
@@ -1,12 +1,36 @@
 import { get } from "lodash";
+import { Avatar, AvatarProps } from "@mui/material";
+import { FieldProps, useRecordContext } from "react-admin";
+import { useState, useEffect, useCallback } from "react";
+import { fetchAuthenticatedMedia } from "../utils/fetchMedia";

-import { Avatar } from "@mui/material";
-import { useRecordContext } from "react-admin";
-
-const AvatarField = ({ source, ...rest }) => {
-  const record = useRecordContext(rest);
-  const src = get(record, source)?.toString();
+const AvatarField = ({ source, ...rest }: AvatarProps & FieldProps) => {
  const { alt, classes, sizes, sx, variant } = rest;
+  const record = useRecordContext(rest);
+  const mxcURL = get(record, source)?.toString();
+
+  const [src, setSrc] = useState<string>("");
+
+  const fetchAvatar = useCallback(async (mxcURL: string) => {
+    const response = await fetchAuthenticatedMedia(mxcURL, "thumbnail");
+    const blob = await response.blob();
+    const blobURL = URL.createObjectURL(blob);
+    setSrc(blobURL);
+  }, []);
+
+  useEffect(() => {
+    if (mxcURL) {
+      fetchAvatar(mxcURL);
+    }
+
+    // Cleanup function to revoke the object URL
+    return () => {
+      if (src) {
+        URL.revokeObjectURL(src);
+      }
+    };
+  }, [mxcURL, fetchAvatar]);
+
  return <Avatar alt={alt} classes={classes} sizes={sizes} src={src} sx={sx} variant={variant} />;
 };

--- a/src/components/DeleteRoomButton.tsx
+++ b/src/components/DeleteRoomButton.tsx
@@ -16,7 +16,7 @@ const resourceName = "rooms";
 const DeleteRoomButton: React.FC<DeleteRoomButtonProps> = (props) => {
  const translate = useTranslate();
  const [open, setOpen] = useState(false);
-  const [block, setBlock] = useState(true);
+  const [block, setBlock] = useState(false);

  const notify = useNotify();
  const redirect = useRedirect();
@@ -78,7 +78,7 @@ const DeleteRoomButton: React.FC<DeleteRoomButtonProps> = (props) => {
              value={block}
              onChange={(event: React.ChangeEvent<HTMLInputElement>) => setBlock(event.target.checked)}
              label="resources.rooms.action.erase.fields.block"
-              defaultValue={true}
+              defaultValue={false}
            />
          </SimpleForm>
        </DialogContent>
--- a/src/components/DeleteUserButton.tsx
+++ b/src/components/DeleteUserButton.tsx
@@ -0,0 +1,117 @@
+import { Button, Dialog, DialogActions, DialogContent, DialogContentText, DialogTitle } from "@mui/material";
+import { Fragment, useState } from "react";
+import { SimpleForm, BooleanInput, useTranslate, RaRecord, useNotify, useRedirect, useDelete, NotificationType, useDeleteMany, Identifier, useUnselectAll } from "react-admin";
+import ActionDelete from "@mui/icons-material/Delete";
+import ActionCheck from "@mui/icons-material/CheckCircle";
+import AlertError from "@mui/icons-material/ErrorOutline";
+
+interface DeleteUserButtonProps {
+  selectedIds: Identifier[];
+  confirmTitle: string;
+  confirmContent: string;
+}
+
+const resourceName = "users";
+
+const DeleteUserButton: React.FC<DeleteUserButtonProps> = (props) => {
+  const translate = useTranslate();
+  const [open, setOpen] = useState(false);
+  const [deleteMedia, setDeleteMedia] = useState(false);
+  const [redactEvents, setRedactEvents] = useState(false);
+
+  const notify = useNotify();
+  const redirect = useRedirect();
+
+  const [deleteMany, { isLoading }] = useDeleteMany();
+  const unselectAll = useUnselectAll(resourceName);
+  const recordIds = props.selectedIds;
+
+  const handleDialogOpen = () => setOpen(true);
+  const handleDialogClose = () => setOpen(false);
+
+  const handleDelete = (values: {deleteMedia: boolean, redactEvents: boolean}) => {
+    deleteMany(
+      resourceName,
+      { ids: recordIds, meta: values },
+      {
+        onSuccess: () => {
+          notify("ra.notification.deleted", {
+            messageArgs: {
+              smart_count: recordIds.length,
+            },
+            type: 'info' as NotificationType,
+          });
+          handleDialogClose();
+          unselectAll();
+          redirect("/users");
+        },
+        onError: (error) =>
+          notify("ra.notification.data_provider_error", { type: 'error' as NotificationType }),
+      }
+    );
+  };
+
+  const handleConfirm = () => {
+    setOpen(false);
+    handleDelete({ deleteMedia: deleteMedia, redactEvents: redactEvents });
+  };
+
+  return (
+    <Fragment>
+      <Button
+        onClick={handleDialogOpen}
+        disabled={isLoading}
+        className={"ra-delete-button"}
+        key="button"
+        size="small"
+        sx={{
+          "&.MuiButton-sizeSmall": {
+            lineHeight: 1.5,
+          },
+        }}
+        color={"error"}
+        startIcon={<ActionDelete />}
+      >
+        {translate("ra.action.delete")}
+      </Button>
+      <Dialog open={open} onClose={handleDialogClose}>
+        <DialogTitle>{translate(props.confirmTitle)}</DialogTitle>
+        <DialogContent>
+          <DialogContentText>{translate(props.confirmContent)}</DialogContentText>
+          <SimpleForm toolbar={false}>
+            <BooleanInput
+              source="deleteMedia"
+              value={deleteMedia}
+              onChange={(event: React.ChangeEvent<HTMLInputElement>) => setDeleteMedia(event.target.checked)}
+              label="resources.users.action.delete_media"
+              defaultValue={false}
+            />
+            <BooleanInput
+              source="redactEvents"
+              value={redactEvents}
+              onChange={(event: React.ChangeEvent<HTMLInputElement>) => setRedactEvents(event.target.checked)}
+              label="resources.users.action.redact_events"
+              defaultValue={false}
+            />
+          </SimpleForm>
+        </DialogContent>
+        <DialogActions>
+          <Button disabled={false} onClick={handleDialogClose} startIcon={<AlertError />}>
+            {translate("ra.action.cancel")}
+          </Button>
+          <Button
+            disabled={false}
+            onClick={handleConfirm}
+            className={"ra-confirm RaConfirm-confirmPrimary"}
+            autoFocus
+            startIcon={<ActionCheck />}
+          >
+            {translate("ra.action.confirm")}
+          </Button>
+        </DialogActions>
+      </Dialog>
+    </Fragment>
+  );
+};
+
+export default DeleteUserButton;
--- a/src/components/ImportFeature.tsx
+++ b/src/components/ImportFeature.tsx
@@ -121,11 +121,7 @@ const FilePicker = () => {

  const verifyCsv = ({ data, meta, errors }: ParseResult<ImportLine>, { setValues, setStats, setError }) => {
    /* First, verify the presence of required fields */
-    const missingFields = expectedFields.filter(eF => {
-      const result = meta.fields?.find(mF => eF === mF);
-      if (result === undefined) { return eF; } // missing field
-      return undefined; // field found
-    });
+    const missingFields = expectedFields.filter(eF => !meta.fields?.find(mF => eF === mF));

    if (missingFields.length > 0) {
      setError(translate("import_users.error.required_field", { field: missingFields[0] }));
--- a/src/components/LoginFormBox.tsx
+++ b/src/components/LoginFormBox.tsx
@@ -0,0 +1,58 @@
+import { styled } from "@mui/material/styles";
+import { Box } from "@mui/material";
+
+const LoginFormBox = styled(Box)(({ theme }) => ({
+  display: "flex",
+  flexDirection: "column",
+  minHeight: "calc(100vh - 1rem)",
+  alignItems: "center",
+  justifyContent: "flex-start",
+  background: "url(./images/floating-cogs.svg)",
+  backgroundColor: "#f9f9f9",
+  backgroundRepeat: "no-repeat",
+  backgroundSize: "cover",
+
+  [`& .card`]: {
+    width: "30rem",
+    marginTop: "6rem",
+    marginBottom: "6rem",
+  },
+  [`& .avatar`]: {
+    margin: "1rem",
+    display: "flex",
+    justifyContent: "center",
+  },
+  [`& .icon`]: {
+    backgroundColor: theme.palette.grey[500],
+  },
+  [`& .hint`]: {
+    marginTop: "1em",
+    marginBottom: "1em",
+    display: "flex",
+    justifyContent: "center",
+    color: theme.palette.grey[600],
+  },
+  [`& .form`]: {
+    padding: "0 1rem 1rem 1rem",
+  },
+  [`& .select`]: {
+    marginBottom: "2rem",
+  },
+  [`& .actions`]: {
+    padding: "0 1rem 1rem 1rem",
+  },
+  [`& .serverVersion`]: {
+    color: theme.palette.grey[500],
+    fontFamily: "Roboto, Helvetica, Arial, sans-serif",
+    marginLeft: "0.5rem",
+  },
+  [`& .matrixVersions`]: {
+    color: theme.palette.grey[500],
+    fontFamily: "Roboto, Helvetica, Arial, sans-serif",
+    fontSize: "0.8rem",
+    marginBottom: "1rem",
+    marginLeft: "0.5rem",
+  },
+}));
+
+export default LoginFormBox;
--- a/src/components/media.tsx
+++ b/src/components/media.tsx
@@ -8,7 +8,9 @@ import DeleteSweepIcon from "@mui/icons-material/DeleteSweep";
 import FileOpenIcon from "@mui/icons-material/FileOpen";
 import LockIcon from "@mui/icons-material/Lock";
 import LockOpenIcon from "@mui/icons-material/LockOpen";
-import { Box, Dialog, DialogContent, DialogContentText, DialogTitle, Tooltip } from "@mui/material";
+import DownloadIcon from '@mui/icons-material/Download';
+import DownloadingIcon from '@mui/icons-material/Downloading';
+import { Grid2 as Grid, Box, Dialog, DialogContent, DialogContentText, DialogTitle, Tooltip, Link } from "@mui/material";
 import { alpha, useTheme } from "@mui/material/styles";
 import {
  BooleanInput,
@@ -29,12 +31,11 @@ import {
  useTranslate,
 } from "react-admin";
 import { useMutation } from "@tanstack/react-query";
-import { Link } from "react-router-dom";

 import { dateParser } from "./date";
 import { DeleteMediaParams, SynapseDataProvider } from "../synapse/dataProvider";
-import { getMediaUrl } from "../synapse/synapse";
 import storage from "../storage";
+import { fetchAuthenticatedMedia } from "../utils/fetchMedia";

 const DeleteMediaDialog = ({ open, onClose, onSubmit }) => {
  const translate = useTranslate();
@@ -311,48 +312,104 @@ export const QuarantineMediaButton = (props: ButtonProps) => {
  );
 };

-export const ViewMediaButton = ({ media_id, label }) => {
+export const ViewMediaButton = ({ mxcURL, label, uploadName, mimetype }) => {
  const translate = useTranslate();
-  const url = getMediaUrl(media_id);
+  const [loading, setLoading] = useState(false);
+  const isImage = mimetype && mimetype.startsWith("image/");
+
+  const openFileInNewTab = (blobURL: string) => {
+    const anchorElement = document.createElement("a");
+    anchorElement.href = blobURL;
+    anchorElement.target = "_blank";
+    document.body.appendChild(anchorElement);
+    anchorElement.click();
+    document.body.removeChild(anchorElement);
+    setTimeout(() => URL.revokeObjectURL(blobURL), 10);
+  };
+
+  const downloadFile = async (blobURL: string) => {
+    console.log("downloadFile", blobURL, uploadName);
+    const anchorElement = document.createElement("a");
+    anchorElement.href = blobURL;
+    anchorElement.download = uploadName;
+    document.body.appendChild(anchorElement);
+    anchorElement.click();
+    document.body.removeChild(anchorElement);
+    setTimeout(() => URL.revokeObjectURL(blobURL), 10);;
+  };
+
+  const handleFile = async (preview: boolean) => {
+    setLoading(true);
+    const response = await fetchAuthenticatedMedia(mxcURL, "original");
+    const blob = await response.blob();
+    const blobURL = URL.createObjectURL(blob);
+    if (preview) {
+      openFileInNewTab(blobURL);
+    } else {
+      downloadFile(blobURL);
+    }
+    setLoading(false);
+  };
+
  return (
-    <Box style={{ whiteSpace: "pre" }}>
+    <>
+      <Box display="flex" alignItems="center">
        <Tooltip title={translate("resources.users_media.action.open")}>
          <span>
+            {isImage && (
              <Button
-            component={Link}
-            to={url}
-            target="_blank"
-            rel="noopener"
-            style={{ minWidth: 0, paddingLeft: 0, paddingRight: 0 }}
+                disabled={loading}
+                onClick={() => handleFile(true)}
+                style={{ minWidth: 0, padding: 0, marginRight: 8 }}
              >
-            <FileOpenIcon />
+                {loading ? <DownloadingIcon /> : <FileOpenIcon />}
              </Button>
+            )}
          </span>
        </Tooltip>
-      {label}
+        <Button
+          disabled={loading}
+          onClick={() => handleFile(false)}
+          style={{ minWidth: 0, padding: 0, marginRight: 8 }}
+        >
+        {loading ? <DownloadingIcon /> : <DownloadIcon />}
+        </Button>
+        <span>{label}</span>
      </Box>
+    </>
  );
 };

 export const MediaIDField = ({ source }) => {
+  const record = useRecordContext();
+  if (!record) {
+    return null;
+  }
  const homeserver = storage.getItem("home_server");
-  const record = useRecordContext();
-  if (!record) return null;

-  const src = get(record, source)?.toString();
-  if (!src) return null;
+  const mediaID = get(record, source)?.toString();
+  if (!mediaID) {
+    return null;
+  }

-  return <ViewMediaButton media_id={`${homeserver}/${src}`} label={src} />;
+  const uploadName = decodeURIComponent(get(record, "upload_name")?.toString());
+  const mxcURL = `mxc://${homeserver}/${mediaID}`;
+
+  return <ViewMediaButton mxcURL={mxcURL} label={mediaID} uploadName={uploadName} mimetype={record.media_type}/>;
 };

-export const MXCField = ({ source }) => {
+export const ReportMediaContent = ({ source }) => {
  const record = useRecordContext();
-  if (!record) return null;
+  if (!record) {
+    return null;
+  }

-  const src = get(record, source)?.toString();
-  if (!src) return null;
+  const mxcURL = get(record, source)?.toString();
+  if (!mxcURL) {
+    return null;
+  }

-  const media_id = src.replace("mxc://", "");
+  const uploadName = decodeURIComponent(get(record, "event_json.content.body")?.toString());

-  return <ViewMediaButton media_id={media_id} label={src} />;
+  return <ViewMediaButton mxcURL={mxcURL} label={mxcURL} uploadName={uploadName} mimetype={record.media_type}/>;
 };
--- a/src/i18n/de.ts
+++ b/src/i18n/de.ts
@@ -22,6 +22,14 @@ const de: SynapseTranslationMessages = {
      protocol_error: "Die URL muss mit 'http://' oder 'https://' beginnen",
      url_error: "Keine gültige Matrix Server URL",
      sso_sign_in: "Anmeldung mit SSO",
+      credentials: "Anmeldedaten",
+      access_token: "Zugriffstoken",
+      logout_acces_token_dialog: {
+        title: "Sie verwenden ein bestehendes Matrix-Zugriffstoken.",
+        content: "Möchten Sie diese Sitzung (die anderswo, z.B. in einem Matrix-Client, verwendet werden könnte) beenden oder sich nur vom Admin-Panel abmelden?",
+        confirm: "Sitzung beenden",
+        cancel: "Nur vom Admin-Panel abmelden",
+      },
    },
    users: {
      invalid_user_id: "Lokaler Anteil der Matrix Benutzer-ID ohne Homeserver.",
@@ -151,12 +159,15 @@ const de: SynapseTranslationMessages = {
        password: "Durch die Änderung des Passworts wird der Benutzer von allen Sitzungen abgemeldet.",
        deactivate: "Sie müssen ein Passwort angeben, um ein Konto wieder zu aktivieren.",
        erase: "DSGVO konformes Löschen der Benutzerdaten.",
+        erase_text: "Das bedeutet, dass die von dem/den Benutzer(n) gesendeten Nachrichten für alle, die zum Zeitpunkt des Sendens im Raum waren, sichtbar bleiben, aber für Benutzer, die dem Raum später beitreten, nicht sichtbar sind.",
        erase_admin_error: "Das Löschen des eigenen Benutzers ist nicht erlaubt.",
        modify_managed_user_error: "Das Ändern eines vom System verwalteten Benutzers ist nicht zulässig.",
      },
      action: {
        erase: "Lösche Benutzerdaten",
-        erase_avatar: "Avatar löschen"
+        erase_avatar: "Avatar löschen",
+        delete_media: "Alle von dem/den Benutzer(n) hochgeladenen Medien löschen",
+        redact_events: "Schwärzen aller vom Benutzer gesendeten Ereignisse (-s)",
      },
    },
    rooms: {
--- a/src/i18n/en.ts
+++ b/src/i18n/en.ts
@@ -14,6 +14,14 @@ const en: SynapseTranslationMessages = {
      protocol_error: "URL has to start with 'http://' or 'https://'",
      url_error: "Not a valid Matrix server URL",
      sso_sign_in: "Sign in with SSO",
+      credentials: "Credentials",
+      access_token: "Access token",
+      logout_acces_token_dialog: {
+        title: "You are using an existing Matrix access token.",
+        content: "Do you want to destroy this session (that could be used elsewhere, e.g. in a Matrix client) or just logout from the admin panel?",
+        confirm: "Destroy session",
+        cancel: "Just logout from admin panel",
+      },
    },
    users: {
      invalid_user_id: "Localpart of a Matrix user-id without homeserver.",
@@ -142,12 +150,15 @@ const en: SynapseTranslationMessages = {
        password: "Changing password will log user out of all sessions.",
        deactivate: "You must provide a password to re-activate an account.",
        erase: "Mark the user as GDPR-erased",
+        erase_text: "This means messages sent by the user(-s) will still be visible by anyone who was in the room when these messages were sent, but hidden from users joining the room afterward.",
        erase_admin_error: "Deleting own user is not allowed.",
        modify_managed_user_error: "Modifying a system-managed user is not allowed.",
      },
      action: {
        erase: "Erase user data",
-        erase_avatar: "Erase avatar"
+        erase_avatar: "Erase avatar",
+        delete_media: "Delete all media uploaded by the user(-s)",
+        redact_events: "Redact all events sent by the user(-s)",
      },
    },
    rooms: {
--- a/src/i18n/fa.ts
+++ b/src/i18n/fa.ts
@@ -13,6 +13,14 @@ const fa: SynapseTranslationMessages = {
      protocol_error: "URL باید با 'http://' یا 'https://' شروع شود",
      url_error: "آدرس وارد شده یک سرور معتبر نیست",
      sso_sign_in: "با SSO وارد شوید",
+      credentials: "اعتبارنامه",
+      access_token: "توکن دسترسی",
+      logout_acces_token_dialog: {
+        title: "شما در حال استفاده از یک نشانه دسترسی ماتریکس موجود هستید.",
+        content: "آیا می‌خواهید این جلسه (که می‌تواند در جای دیگر، مانند یک کلاینت ماتریکس استفاده شود) را نابود کنید یا فقط از پنل مدیریت خارج شوید؟",
+        confirm: "نابودی جلسه",
+        cancel: "فقط خروج از پنل مدیریت",
+      },
    },
    users: {
      invalid_user_id: "بخش محلی یک شناسه کاربری ماتریکس بدون سرور خانگی.",
@@ -138,11 +146,15 @@ const fa: SynapseTranslationMessages = {
        password: "با تغییر رمز عبور کاربر از تمام دستگاه ها خارج می شود.",
        deactivate: "برای فعالسازی مجدد حساب باید رمز عبور وارد کنید.",
        erase: "کاربر را به عنوان GDPR پاک شده علامت گذاری کنید",
+        erase_text: "وهذا يعني أن الرسائل المرسلة من قبل المستخدم (المستخدمين) ستظل مرئية من قبل أي شخص كان في الغرفة عند إرسال هذه الرسائل، ولكنها مخفية عن المستخدمين الذين ينضمون إلى الغرفة بعد ذلك.",
        erase_admin_error: "حذف المستخدم الخاص غير مسموح به.",
        modify_managed_user_error: "لا يُسمح بتغيير المستخدم الذي يديره النظام.",
      },
      action: {
        erase: "پاک کردن اطلاعات کاربر",
+        erase_avatar: "محو الصورة الرمزية",
+        delete_media: "حذف جميع الوسائط التي تم تحميلها بواسطة المستخدم (المستخدمين)",
+        redact_events: "تنقيح جميع الأحداث المرسلة من قبل المستخدم (-s)",
      },
    },
    rooms: {
--- a/src/i18n/fr.ts
+++ b/src/i18n/fr.ts
@@ -13,6 +13,14 @@ const fr: SynapseTranslationMessages = {
      protocol_error: "L'URL doit commencer par « http:// » ou « https:// »",
      url_error: "L'URL du serveur Matrix n'est pas valide",
      sso_sign_in: "Se connecter avec l’authentification unique",
+      credentials: "Identifiants",
+      access_token: "Jeton d'accès",
+      logout_acces_token_dialog: {
+        title: "Vous utilisez un jeton d'accès Matrix existant.",
+        content: "Voulez-vous détruire cette session (qui pourrait être utilisée ailleurs, par exemple dans un client Matrix) ou simplement vous déconnecter du panneau d'administration?",
+        confirm: "Détruire la session",
+        cancel: "Se déconnecter simplement du panneau d'administration",
+      },
    },
    users: {
      invalid_user_id: "Partie locale d'un identifiant utilisateur Matrix sans le nom du serveur d’accueil.",
@@ -140,12 +148,15 @@ const fr: SynapseTranslationMessages = {
      helper: {
        deactivate: "Vous devrez fournir un mot de passe pour réactiver le compte.",
        erase: "Marquer l'utilisateur comme effacé conformément au RGPD",
+        erase_text: "Cela signifie que les messages envoyés par le(s) utilisateur(s) seront toujours visibles par toute personne qui se trouvait dans la salle au moment où ces messages ont été envoyés, mais qu'ils seront cachés aux utilisateurs qui rejoindront la salle par la suite.",
        erase_admin_error: "La suppression de son propre utilisateur n'est pas autorisée.",
        modify_managed_user_error: "La modification d'un utilisateur géré par le système n'est pas autorisée.",
      },
      action: {
        erase: "Effacer les données de l'utilisateur",
        erase_avatar: "Effacer l'avatar",
+        delete_media: "Supprimer tous les médias téléchargés par le(s) utilisateur(s)",
+        redact_events: "Expurger tous les événements envoyés par l'utilisateur(-s)",
      },
    },
    rooms: {
--- a/src/i18n/index.d.ts
+++ b/src/i18n/index.d.ts
@@ -11,6 +11,14 @@ interface SynapseTranslationMessages extends TranslationMessages {
      protocol_error: string;
      url_error: string;
      sso_sign_in: string;
+      credentials: string;
+      access_token: string;
+      logout_acces_token_dialog: {
+        title: string;
+        content: string;
+        confirm: string;
+        cancel: string;
+      };
    };
    users: {
      invalid_user_id: string;
@@ -138,12 +146,15 @@ interface SynapseTranslationMessages extends TranslationMessages {
        password?: string;
        deactivate: string;
        erase: string;
+        erase_text: string;
        erase_admin_error: string;
        modify_managed_user_error: string;
      };
      action: {
        erase: string;
        erase_avatar: string;
+        delete_media: string;
+        redact_events: string;
      };
    };
    rooms: {
--- a/src/i18n/it.ts
+++ b/src/i18n/it.ts
@@ -13,6 +13,14 @@ const it: SynapseTranslationMessages = {
      protocol_error: "L'URL deve iniziare per 'http://' o 'https://'",
      url_error: "URL del server Matrix non valido",
      sso_sign_in: "Accedi con SSO",
+      credentials: "Credenziali",
+      access_token: "Token di accesso",
+      logout_acces_token_dialog: {
+        title: "Stai utilizzando un token di accesso Matrix esistente.",
+        content: "Vuoi distruggere questa sessione (che potrebbe essere utilizzata altrove, ad esempio in un client Matrix) o semplicemente disconnetterti dal pannello di amministrazione?",
+        confirm: "Distruggi sessione",
+        cancel: "Disconnetti solo dal pannello di amministrazione",
+      },
    },
    users: {
      invalid_user_id: "ID utente non valido su questo homeserver.",
@@ -139,11 +147,15 @@ const it: SynapseTranslationMessages = {
        password: "Cambiando la password l'utente verrà disconnesso da tutte le sessioni attive.",
        deactivate: "Devi fornire una password per riattivare l'account.",
        erase: "Constrassegna l'utente come cancellato dal GDPR",
+        erase_text: "Ciò significa che i messaggi inviati dall'utente (o dagli utenti) saranno ancora visibili da chiunque si trovasse nella stanza al momento dell'invio, ma saranno nascosti agli utenti che si uniranno alla stanza in seguito.",
+        erase_admin_error: "Non è consentito eliminare il proprio utente.",
+        modify_managed_user_error: "La modifica di un utente gestito dal sistema non è consentita.",
      },
      action: {
        erase: "Cancella i dati dell'utente",
-        erase_admin_error: "Non è consentito eliminare il proprio utente.",
-        modify_managed_user_error: "La modifica di un utente gestito dal sistema non è consentita.",
+        erase_avatar: "Cancella l'avatar dell'utente",
+        delete_media: "Elimina tutti i media caricati dall'utente(-s)",
+        redact_events: "Ridurre tutti gli eventi inviati dall'utente(-s)",
      },
    },
    rooms: {
--- a/src/i18n/ru.ts
+++ b/src/i18n/ru.ts
@@ -22,6 +22,14 @@ const ru: SynapseTranslationMessages = {
      protocol_error: "Адрес должен начинаться с 'http://' или 'https://'",
      url_error: "Неверный адрес сервера Matrix",
      sso_sign_in: "Вход через SSO",
+      credentials: "Учетные данные",
+      access_token: "Токен доступа",
+      logout_acces_token_dialog: {
+        title: "Вы используете существующий токен доступа Matrix.",
+        content: "Вы хотите завершить эту сессию (которая может быть использована в другом месте, например, в клиенте Matrix) или просто выйти из панели администрирования?",
+        confirm: "Завершить сессию",
+        cancel: "Просто выйти из панели администрирования",
+      },
    },
    users: {
      invalid_user_id: "Локальная часть ID пользователя Matrix без адреса домашнего сервера.",
@@ -159,12 +167,15 @@ const ru: SynapseTranslationMessages = {
        password: "Смена пароля завершит все сессии пользователя.",
        deactivate: "Вы должны предоставить пароль для реактивации учётной записи.",
        erase: "Пометить пользователя как удалённого в соответствии с GDPR",
+        erase_text: "Это означает, что сообщения, отправленные пользователем (-ами), будут по-прежнему видны всем, кто находился в комнате в момент их отправки, но будут скрыты от пользователей, присоединившихся к комнате после этого.",
        erase_admin_error: "Удаление собственного пользователя запрещено.",
        modify_managed_user_error: "Изменение пользователя, управляемого системой, не допускается.",
      },
      action: {
        erase: "Удалить данные пользователя",
        erase_avatar: "Удалить аватар",
+        delete_media: "Удаление всех медиафайлов, загруженных пользователем (-ами)",
+        redact_events: "Удаление всех событий, отправленных пользователем (-ами)",
      },
      },
      rooms: {
@@ -418,6 +429,6 @@ const ru: SynapseTranslationMessages = {
        },
        helper: { length: "Длина токена, если токен не задан." },
      },
-  },
+},
 };
 export default ru;
--- a/src/i18n/zh.ts
+++ b/src/i18n/zh.ts
@@ -21,6 +21,14 @@ const zh: SynapseTranslationMessages = {
      protocol_error: "URL 需要以'http://'或'https://'作为起始",
      url_error: "不是一个有效的 Matrix 服务器地址",
      sso_sign_in: "使用 SSO 登录",
+      credentials: "凭证",
+      access_token: "访问令牌",
+      logout_acces_token_dialog: {
+        title: "您正在使用现有的 Matrix 访问令牌。",
+        content: "您想销毁此会话（可能在其他地方使用，例如在 Matrix 客户端中）还是仅从管理面板退出？",
+        confirm: "销毁会话",
+        cancel: "仅从管理面板退出",
+      },
    },
    users: {
      invalid_user_id: "必须要是一个有效的 Matrix 用户 ID ，例如 @user_id:homeserver",
@@ -143,12 +151,15 @@ const zh: SynapseTranslationMessages = {
      helper: {
        deactivate: "您必须提供一串密码来激活账户。",
        erase: "将用户标记为根据 GDPR 的要求抹除了",
+        erase_text: "这意味着用户发送的信息对于发送信息时在房间内的任何人来说都是可见的，但对于之后加入房间的用户来说则是隐藏的。",
        erase_admin_error: "不允许删除自己的用户",
        modify_managed_user_error: "不允许修改系统管理的用户。",
      },
      action: {
        erase: "抹除用户信息",
        erase_avatar: "抹掉头像",
+        delete_media: "删除用户上传的所有媒体",
+        redact_events: "重新编辑用户（-s）发送的所有事件",
      },
    },
    rooms: {
--- a/src/index.tsx
+++ b/src/index.tsx
@@ -9,8 +9,12 @@ import storage from "./storage";
 fetch("config.json")
  .then(res => res.json())
  .then(props => {
+    if (props.asManagedUsers) {
      storage.setItem("as_managed_users", JSON.stringify(props.asManagedUsers));
+    }
+    if (props.supportURL) {
      storage.setItem("support_url", props.supportURL);
+    }
    return createRoot(document.getElementById("root")).render(
      <React.StrictMode>
        <AppContext.Provider value={props}>
--- a/src/pages/LoginPage.tsx
+++ b/src/pages/LoginPage.tsx
@@ -1,8 +1,7 @@
 import { useState, useEffect } from "react";

 import LockIcon from "@mui/icons-material/Lock";
-import { Avatar, Box, Button, Card, CardActions, CircularProgress, MenuItem, Select, Typography } from "@mui/material";
-import { styled } from "@mui/material/styles";
+import { Avatar, Box, Button, Card, CardActions, CircularProgress, MenuItem, Select, Tab, Tabs, Typography } from "@mui/material";
 import {
  Form,
  FormDataConsumer,
@@ -17,7 +16,7 @@ import {
  useLocales,
 } from "react-admin";
 import { useFormContext } from "react-hook-form";
-
+import LoginFormBox from "../components/LoginFormBox";
 import { useAppContext } from "../AppContext";
 import {
  getServerVersion,
@@ -29,66 +28,18 @@ import {
 } from "../synapse/synapse";
 import storage from "../storage";

-const FormBox = styled(Box)(({ theme }) => ({
-  display: "flex",
-  flexDirection: "column",
-  minHeight: "calc(100vh - 1rem)",
-  alignItems: "center",
-  justifyContent: "flex-start",
-  background: "url(./images/floating-cogs.svg)",
-  backgroundColor: "#f9f9f9",
-  backgroundRepeat: "no-repeat",
-  backgroundSize: "cover",
-
-  [`& .card`]: {
-    width: "30rem",
-    marginTop: "6rem",
-    marginBottom: "6rem",
-  },
-  [`& .avatar`]: {
-    margin: "1rem",
-    display: "flex",
-    justifyContent: "center",
-  },
-  [`& .icon`]: {
-    backgroundColor: theme.palette.grey[500],
-  },
-  [`& .hint`]: {
-    marginTop: "1em",
-    marginBottom: "1em",
-    display: "flex",
-    justifyContent: "center",
-    color: theme.palette.grey[600],
-  },
-  [`& .form`]: {
-    padding: "0 1rem 1rem 1rem",
-  },
-  [`& .select`]: {
-    marginBottom: "2rem",
-  },
-  [`& .actions`]: {
-    padding: "0 1rem 1rem 1rem",
-  },
-  [`& .serverVersion`]: {
-    color: theme.palette.grey[500],
-    fontFamily: "Roboto, Helvetica, Arial, sans-serif",
-    marginLeft: "0.5rem",
-  },
-  [`& .matrixVersions`]: {
-    color: theme.palette.grey[500],
-    fontFamily: "Roboto, Helvetica, Arial, sans-serif",
-    fontSize: "0.8rem",
-    marginBottom: "1rem",
-    marginLeft: "0.5rem",
-  },
-}));
+export type LoginMethod = "credentials" | "accessToken";

 const LoginPage = () => {
  const login = useLogin();
  const notify = useNotify();
  const { restrictBaseUrl } = useAppContext();
  const allowSingleBaseUrl = typeof restrictBaseUrl === "string";
-  const allowMultipleBaseUrls = Array.isArray(restrictBaseUrl);
+  const allowMultipleBaseUrls =
+    Array.isArray(restrictBaseUrl) &&
+    restrictBaseUrl.length > 0 &&
+    restrictBaseUrl[0] !== "" &&
+    restrictBaseUrl[0] !== null;
  const allowAnyBaseUrl = !(allowSingleBaseUrl || allowMultipleBaseUrls);
  const [loading, setLoading] = useState(false);
  const [supportPassAuth, setSupportPassAuth] = useState(true);
@@ -98,8 +49,13 @@ const LoginPage = () => {
  const base_url = allowSingleBaseUrl ? restrictBaseUrl : storage.getItem("base_url");
  const [ssoBaseUrl, setSSOBaseUrl] = useState("");
  const loginToken = /\?loginToken=([a-zA-Z0-9_-]+)/.exec(window.location.href);
+  const [loginMethod, setLoginMethod] = useState<LoginMethod>("credentials");
+
+  useEffect(() => {
+    if (!loginToken) {
+      return;
+    }

-  if (loginToken) {
    const ssoToken = loginToken[1];
    console.log("SSO token is", ssoToken);
    // Prevent further requests
@@ -127,7 +83,7 @@ const LoginPage = () => {
        console.error(error);
      });
    }
-  }
+  }, [loginToken]);

  const validateBaseUrl = value => {
    if (!value.match(/^(http|https):\/\//)) {
@@ -212,6 +168,18 @@ const LoginPage = () => {
    }, [formData.base_url, form]);

    return (
+      <>
+        <Tabs
+          value={loginMethod}
+          onChange={(_, newValue) => setLoginMethod(newValue as LoginMethod)}
+          indicatorColor="primary"
+          textColor="primary"
+          centered
+        >
+          <Tab label={translate("synapseadmin.auth.credentials")} value="credentials" />
+          <Tab label={translate("synapseadmin.auth.access_token")} value="accessToken" />
+        </Tabs>
+        {loginMethod === "credentials" ? (
          <>
            <Box>
              <TextInput
@@ -236,6 +204,18 @@ const LoginPage = () => {
                validate={required()}
              />
            </Box>
+          </>
+        ) : (
+          <Box>
+            <TextInput
+              source="accessToken"
+              label="synapseadmin.auth.access_token"
+              disabled={loading}
+              resettable
+              validate={required()}
+            />
+          </Box>
+        )}
        <Box>
          <TextInput
            source="base_url"
@@ -263,7 +243,7 @@ const LoginPage = () => {

  return (
    <Form defaultValues={{ base_url: base_url }} onSubmit={handleSubmit} mode="onTouched">
-      <FormBox>
+      <LoginFormBox>
        <Card className="card">
          <Box className="avatar">
            {loading ? (
@@ -295,7 +275,7 @@ const LoginPage = () => {
                variant="contained"
                type="submit"
                color="primary"
-                disabled={loading || !supportPassAuth}
+                disabled={loading || !supportPassAuth && loginMethod !== "accessToken"}
                fullWidth
              >
                {translate("ra.auth.sign_in")}
@@ -312,7 +292,7 @@ const LoginPage = () => {
            </CardActions>
          </Box>
        </Card>
-      </FormBox>
+      </LoginFormBox>
      <Notification />
    </Form>
  );
--- a/src/resources/destinations.tsx
+++ b/src/resources/destinations.tsx
@@ -4,6 +4,7 @@ import AutorenewIcon from "@mui/icons-material/Autorenew";
 import DestinationsIcon from "@mui/icons-material/CloudQueue";
 import FolderSharedIcon from "@mui/icons-material/FolderShared";
 import ViewListIcon from "@mui/icons-material/ViewList";
+import ErrorIcon from '@mui/icons-material/Error';
 import {
  Button,
  Datagrid,
@@ -21,6 +22,7 @@ import {
  Tab,
  TabbedShowLayout,
  TextField,
+  FunctionField,
  TopToolbar,
  useRecordContext,
  useDelete,
@@ -35,13 +37,6 @@ import { get } from "lodash";

 const DestinationPagination = () => <Pagination rowsPerPageOptions={[10, 25, 50, 100, 500, 1000]} />;

-const destinationRowSx = (record: RaRecord) => ({
-  backgroundColor: record.retry_last_ts > 0 ? "warning.light" : "primary.contrastText",
-  "& .MuiButtonBase-root": {
-    color: "primary.dark",
-  },
-});
-
 const destinationFilters = [<SearchInput source="destination" alwaysOn />];

 export const DestinationReconnectButton = () => {
@@ -105,7 +100,22 @@ const RetryDateField = (props: DateFieldProps) => {
  return <DateField {...props} />;
 };

+
+const destinationFieldRender = (record: RaRecord) => {
+  if (record.retry_last_ts > 0) {
+    return (
+      <>
+        <ErrorIcon fontSize="inherit" color="error" sx={{verticalAlign: "middle"}}/>
+
+        {record.destination}
+      </>
+    );
+  }
+  return <> {record.destination} </>;
+}
+
 export const DestinationList = (props: ListProps) => {
+  const record = useRecordContext(props);
  return (
    <List
      {...props}
@@ -113,8 +123,8 @@ export const DestinationList = (props: ListProps) => {
      pagination={<DestinationPagination />}
      sort={{ field: "destination", order: "ASC" }}
    >
-      <Datagrid rowSx={destinationRowSx} rowClick={id => `${id}/show/rooms`} bulkActionButtons={false}>
-        <TextField source="destination" />
+      <Datagrid rowClick={id => `${id}/show/rooms`} bulkActionButtons={false}>
+        <FunctionField source="destination" render={destinationFieldRender} />
        <DateField source="failure_ts" showTime options={DATE_FORMAT} />
        <RetryDateField source="retry_last_ts" showTime options={DATE_FORMAT} />
        <TextField source="retry_interval" />
--- a/src/resources/reports.tsx
+++ b/src/resources/reports.tsx
@@ -22,7 +22,7 @@ import {
 } from "react-admin";

 import { DATE_FORMAT } from "../components/date";
-import { MXCField } from "../components/media";
+import { ReportMediaContent } from "../components/media";

 const ReportPagination = () => <Pagination rowsPerPageOptions={[10, 25, 50, 100, 500, 1000]} />;

@@ -62,7 +62,7 @@ export const ReportShow = (props: ShowProps) => {
          <TextField source="event_json.content.msgtype" />
          <TextField source="event_json.content.body" />
          <TextField source="event_json.content.info.mimetype" />
-          <MXCField source="event_json.content.url" />
+          <ReportMediaContent source="event_json.content.url" />
          <TextField source="event_json.content.format" />
          <TextField source="event_json.content.formatted_body" />
          <TextField source="event_json.content.algorithm" />
--- a/src/resources/room_directory.tsx
+++ b/src/resources/room_directory.tsx
@@ -26,9 +26,9 @@ import {
  useUnselectAll,
 } from "react-admin";
 import { useMutation } from "@tanstack/react-query";
-
 import AvatarField from "../components/AvatarField";

+
 const RoomDirectoryPagination = () => <Pagination rowsPerPageOptions={[100, 500, 1000, 2000]} />;

 export const RoomDirectoryUnpublishButton = (props: DeleteButtonProps) => {
@@ -144,7 +144,6 @@ export const RoomDirectoryList = () => (
    >
      <AvatarField
        source="avatar_src"
-        sortable={false}
        sx={{ height: "40px", width: "40px" }}
        label="resources.rooms.fields.avatar"
      />
--- a/src/resources/rooms.tsx
+++ b/src/resources/rooms.tsx
@@ -47,6 +47,7 @@ import {
 } from "./room_directory";
 import { DATE_FORMAT } from "../components/date";
 import DeleteRoomButton from "../components/DeleteRoomButton";
+import AvatarField from "../components/AvatarField";

 const RoomPagination = () => <Pagination rowsPerPageOptions={[10, 25, 50, 100, 500, 1000]} />;

@@ -90,6 +91,11 @@ export const RoomShow = (props: ShowProps) => {
    <Show {...props} actions={<RoomShowActions />} title={<RoomTitle />}>
      <TabbedShowLayout>
        <Tab label="synapseadmin.rooms.tabs.basic" icon={<ViewListIcon />}>
+          <AvatarField
+            source="avatar"
+            sx={{ height: "120px", width: "120px" }}
+            label="resources.rooms.fields.avatar"
+          />
          <TextField source="room_id" />
          <TextField source="name" />
          <TextField source="topic" />
--- a/src/resources/user_media_statistics.tsx
+++ b/src/resources/user_media_statistics.tsx
@@ -1,4 +1,4 @@
-import EqualizerIcon from "@mui/icons-material/Equalizer";
+import PermMediaIcon from "@mui/icons-material/PermMedia";
 import {
  Datagrid,
  ExportButton,
@@ -48,7 +48,7 @@ export const UserMediaStatsList = (props: ListProps) => (

 const resource: ResourceProps = {
  name: "user_media_statistics",
-  icon: EqualizerIcon,
+  icon: PermMediaIcon,
  list: UserMediaStatsList,
 };

--- a/src/resources/users.tsx
+++ b/src/resources/users.tsx
@@ -36,7 +36,6 @@ import {
  ResourceProps,
  SearchInput,
  SelectInput,
-  BulkDeleteButton,
  DeleteButton,
  maxLength,
  regex,
@@ -52,15 +51,17 @@ import {
  NumberField,
  useListContext,
  useNotify,
-  ToolbarClasses,
  Identifier,
+  ToolbarClasses,
  RaRecord,
  ImageInput,
  ImageField,
+  FunctionField,
 } from "react-admin";
 import { Link } from "react-router-dom";

 import AvatarField from "../components/AvatarField";
+import DeleteUserButton from "../components/DeleteUserButton";
 import { isASManaged } from "../components/mxid";
 import { ServerNoticeButton, ServerNoticeBulkButton } from "../components/ServerNotices";
 import { DATE_FORMAT } from "../components/date";
@@ -90,11 +91,6 @@ const UserListActions = () => {
  );
 };

-UserListActions.defaultProps = {
-  selectedIds: [],
-  onUnselectItems: () => null,
-};
-
 const UserPagination = () => <Pagination rowsPerPageOptions={[10, 25, 50, 100, 500, 1000]} />;

 const userFilters = [
@@ -141,20 +137,16 @@ const UserBulkActionButtons = () => {
    <>
      <ServerNoticeBulkButton />
      <UserPreventSelfDelete ownUserIsSelected={ownUserIsSelected} asManagedUserIsSelected={asManagedUserIsSelected}>
-        <BulkDeleteButton
-          label="resources.users.action.erase"
+        <DeleteUserButton
+          selectedIds={selectedIds}
          confirmTitle="resources.users.helper.erase"
-          mutationMode="pessimistic"
+          confirmContent="resources.users.helper.erase_text"
        />
      </UserPreventSelfDelete>
    </>
  );
 };

-const usersRowClick = (id: Identifier, resource: string, record: RaRecord): string => {
-  return `/users/${id}`;
-};
-
 export const UserList = (props: ListProps) => (
  <List
    {...props}
@@ -164,7 +156,10 @@ export const UserList = (props: ListProps) => (
    actions={<UserListActions />}
    pagination={<UserPagination />}
  >
-    <Datagrid rowClick={usersRowClick} bulkActionButtons={<UserBulkActionButtons />}>
+    <Datagrid
+      rowClick={(id: Identifier, resource: string) => `/${resource}/${id}`}
+      bulkActionButtons={<UserBulkActionButtons />}
+    >
      <AvatarField source="avatar_src" sx={{ height: "40px", width: "40px" }} sortBy="avatar_url" />
      <TextField source="id" sortBy="name" />
      <TextField source="displayname" />
@@ -200,15 +195,15 @@ const UserEditActions = () => {
  return (
    <TopToolbar>
      {!record?.deactivated && <ServerNoticeButton />}
+      {record && record.id && (
      <UserPreventSelfDelete ownUserIsSelected={ownUserIsSelected} asManagedUserIsSelected={asManagedUserIsSelected}>
-        <DeleteButton
-          label="resources.users.action.erase"
-          confirmTitle={translate("resources.users.helper.erase", {
-            smart_count: 1,
-          })}
-          mutationMode="pessimistic"
+        <DeleteUserButton
+          selectedIds={[record?.id]}
+          confirmTitle="resources.users.helper.erase"
+          confirmContent="resources.users.helper.erase_text"
        />
      </UserPreventSelfDelete>
+      )}
    </TopToolbar>
  );
 };
@@ -216,9 +211,7 @@ const UserEditActions = () => {
 export const UserCreate = (props: CreateProps) => (
  <Create
    {...props}
-    redirect={(resource, id, data) => {
-      return `users/${id}`;
-    }}
+    redirect={(resource: string | undefined, id: Identifier | undefined) => `${resource}/${id}`}
  >
    <SimpleForm>
      <TextInput source="id" autoComplete="off" validate={validateUser} />
@@ -323,14 +316,19 @@ export const UserEdit = (props: EditProps) => {
    <Edit {...props} title={<UserTitle />} actions={<UserEditActions />} mutationMode="pessimistic">
      <TabbedForm toolbar={<UserEditToolbar />}>
        <FormTab label={translate("resources.users.name", { smart_count: 1 })} icon={<PersonPinIcon />}>
-          <AvatarField source="avatar_src" sortable={false} sx={{ height: "120px", width: "120px" }} />
+          <AvatarField source="avatar_src" sx={{ height: "120px", width: "120px" }} />
          <BooleanInput source="avatar_erase" label="resources.users.action.erase_avatar" />
          <ImageInput
            source="avatar_file"
            label="resources.users.fields.avatar"
            accept={{ "image/*": [".png", ".jpg"] }}
          >
-            <ImageField source="src" title="Avatar" />
+            <ImageField source="src" title="Avatar" sx={{ '& img': {
+              width: "120px !important",
+              height: "120px !important",
+              objectFit: "cover !important",
+              borderRadius: '50% !important',
+            }}} />
          </ImageInput>
          <TextInput source="id" readOnly />
          <TextInput source="displayname" />
@@ -404,8 +402,8 @@ export const UserEdit = (props: EditProps) => {
              <DateField source="created_ts" showTime options={DATE_FORMAT} />
              <DateField source="last_access_ts" showTime options={DATE_FORMAT} />
              <NumberField source="media_length" />
-              <TextField source="media_type" />
-              <TextField source="upload_name" />
+              <TextField source="media_type" sx={{ display: "block", width: 200, wordBreak: "break-word" }} />
+              <FunctionField source="upload_name" render={record => decodeURIComponent(record.upload_name)} />
              <TextField source="quarantined_by" />
              <QuarantineMediaButton label="resources.quarantine_media.action.name" />
              <ProtectMediaButton label="resources.users_media.fields.safe_from_quarantine" />
--- a/src/synapse/authProvider.test.ts
+++ b/src/synapse/authProvider.test.ts
@@ -23,13 +23,13 @@ describe("authProvider", () => {
        })
      );

-      const ret: undefined = await authProvider.login({
+      const ret = await authProvider.login({
        base_url: "http://example.com",
        username: "@user:example.com",
        password: "secret",
      });

-      expect(ret).toBe(undefined);
+      expect(ret).toEqual({redirectTo: "/"});
      expect(fetch).toBeCalledWith("http://example.com/_matrix/client/r0/login", {
        body: '{"device_id":null,"initial_device_display_name":"Synapse Admin","type":"m.login.password","identifier":{"type":"m.id.user","user":"@user:example.com"},"password":"secret"}',
        headers: new Headers({
@@ -55,12 +55,12 @@ describe("authProvider", () => {
      })
    );

-    const ret: undefined = await authProvider.login({
+    const ret = await authProvider.login({
      base_url: "https://example.com/",
      loginToken: "login_token",
    });

-    expect(ret).toBe(undefined);
+    expect(ret).toEqual({redirectTo: "/"});
    expect(fetch).toHaveBeenCalledWith("https://example.com/_matrix/client/r0/login", {
      body: '{"device_id":null,"initial_device_display_name":"Synapse Admin","type":"m.login.token","token":"login_token"}',
      headers: new Headers({
--- a/src/synapse/authProvider.ts
+++ b/src/synapse/authProvider.ts
@@ -10,14 +10,16 @@ const authProvider: AuthProvider = {
    username,
    password,
    loginToken,
+    accessToken,
  }: {
    base_url: string;
    username: string;
    password: string;
    loginToken: string;
+    accessToken: string;
  }) => {
    console.log("login ");
-    const options: Options = {
+    let options: Options = {
      method: "POST",
      body: JSON.stringify(
        Object.assign(
@@ -55,11 +57,30 @@ const authProvider: AuthProvider = {
    storage.setItem("base_url", base_url);

    const decoded_base_url = window.decodeURIComponent(base_url);
-    const login_api_url = decoded_base_url + "/_matrix/client/r0/login";
+    let login_api_url = decoded_base_url + (accessToken ? "/_matrix/client/v3/account/whoami" : "/_matrix/client/r0/login");

    let response;
+
    try {
+      if (accessToken) {
+        // this a login with an already obtained access token, let's just validate it
+        options = {
+          headers: new Headers({
+            Accept: 'application/json',
+            Authorization: `Bearer ${accessToken}`,
+          }),
+        };
+      }
+
      response = await fetchUtils.fetchJson(login_api_url, options);
+      const json = response.json;
+      storage.setItem("home_server", accessToken ? base_url : json.home_server);
+      storage.setItem("user_id", json.user_id);
+      storage.setItem("access_token", accessToken ? accessToken : json.access_token);
+      storage.setItem("device_id", json.device_id);
+      storage.setItem("login_type", accessToken ? "accessToken" : "credentials");
+
+      return Promise.resolve({redirectTo: "/"});
    } catch(err) {
      const error = err as HttpError;
      const errorStatus = error.status;
@@ -73,12 +94,6 @@ const authProvider: AuthProvider = {
        )
      );
    }
-
-    const json = response.json;
-    storage.setItem("home_server", json.home_server);
-    storage.setItem("user_id", json.user_id);
-    storage.setItem("access_token", json.access_token);
-    storage.setItem("device_id", json.device_id);
  },
  // called when the user clicks on the logout button
  logout: async () => {
@@ -96,8 +111,14 @@ const authProvider: AuthProvider = {
    };

    if (typeof access_token === "string") {
+      try {
        await fetchUtils.fetchJson(logout_api_url, options);
+      } catch (err) {
+        console.log("Error logging out", err);
+      } finally {
        storage.removeItem("access_token");
+        storage.removeItem("login_type");
+      }
    }
  },
  // called when the API returns an error
--- a/src/synapse/dataProvider.ts
+++ b/src/synapse/dataProvider.ts
@@ -1,6 +1,7 @@
 import {
  DataProvider,
  DeleteParams,
+  DeleteManyParams,
  HttpError,
  Identifier,
  Options,
@@ -41,21 +42,16 @@ const jsonClient = async (url: string, options: Options = {}) => {
  }
 };

-const mxcUrlToHttp = (mxcUrl: string) => {
-  const homeserver = storage.getItem("base_url");
-  const re = /^mxc:\/\/([^/]+)\/(\w+)/;
-  const ret = re.exec(mxcUrl);
-  console.log("mxcClient " + ret);
-  if (ret == null) return null;
-  const serverName = ret[1];
-  const mediaId = ret[2];
-  return `${homeserver}/_matrix/media/r0/thumbnail/${serverName}/${mediaId}?width=24&height=24&method=scale`;
-};
-
 const filterUndefined = (obj: Record<string, any>) => {
  return Object.fromEntries(Object.entries(obj).filter(([key, value]) => value !== undefined));
 };

+interface Action {
+  endpoint: string;
+  method?: string;
+  body?: Record<string, any>;
+}
+
 interface Room {
  room_id: string;
  name?: string;
@@ -260,10 +256,10 @@ export interface SynapseDataProvider extends DataProvider {
 const resourceMap = {
  users: {
    path: "/_synapse/admin/v2/users",
-    map: (u: User) => ({
+    map: async (u: User) => ({
      ...u,
      id: returnMXID(u.name),
-      avatar_src: u.avatar_url ? mxcUrlToHttp(u.avatar_url) : undefined,
+      avatar_src: u.avatar_url ? u.avatar_url : undefined,
      is_guest: !!u.is_guest,
      admin: !!u.admin,
      deactivated: !!u.deactivated,
@@ -451,7 +447,7 @@ const resourceMap = {
      id: rd.room_id,
      public: !!rd.public,
      guest_access: !!rd.guest_access,
-      avatar_src: rd.avatar_url ? mxcUrlToHttp(rd.avatar_url) : undefined,
+      avatar_src: rd.avatar_url ? rd.avatar_url : undefined,
    }),
    data: "chunk",
    total: json => json.total_room_count_estimate,
@@ -557,8 +553,10 @@ const baseDataProvider: SynapseDataProvider = {
    const url = `${endpoint_url}?${new URLSearchParams(filterUndefined(query)).toString()}`;

    const { json } = await jsonClient(url);
+    const formattedData = await json[res.data].map(res.map);
+
    return {
-      data: json[res.data].map(res.map),
+      data: formattedData,
      total: res.total(json, from, perPage),
    };
  },
@@ -714,7 +712,7 @@ const baseDataProvider: SynapseDataProvider = {
  },

  deleteMany: async (resource, params) => {
-    console.log("deleteMany " + resource);
+    console.log("deleteMany " + resource, "params", params);
    const homeserver = storage.getItem("base_url");
    if (!homeserver || !(resource in resourceMap)) throw Error("Homeserver not set");

@@ -731,6 +729,7 @@ const baseDataProvider: SynapseDataProvider = {
          });
        })
      );
+
      return {
        data: responses.map(({ json }) => json),
      };
@@ -808,6 +807,39 @@ const dataProvider = withLifecycleCallbacks(baseDataProvider, [
      }
      return params;
    },
+    beforeDelete: async (params: DeleteParams<any>, dataProvider: DataProvider) => {
+      if (params.meta?.deleteMedia) {
+        const base_url = storage.getItem("base_url");
+        const endpoint_url = `${base_url}/_synapse/admin/v1/users/${encodeURIComponent(returnMXID(params.id))}/media`;
+        await jsonClient(endpoint_url, { method: "DELETE" });
+      }
+
+      if (params.meta?.redactEvents) {
+        const base_url = storage.getItem("base_url");
+        const endpoint_url = `${base_url}/_synapse/admin/v1/user/${encodeURIComponent(returnMXID(params.id))}/redact`;
+        await jsonClient(endpoint_url, { method: "POST", body: JSON.stringify({ rooms: [] }) });
+      }
+
+      return params;
+    },
+    beforeDeleteMany: async (params: DeleteManyParams<any>, dataProvider: DataProvider) => {
+      await Promise.all(
+        params.ids.map(async id => {
+          if (params.meta?.deleteMedia) {
+            const base_url = storage.getItem("base_url");
+            const endpoint_url = `${base_url}/_synapse/admin/v1/users/${encodeURIComponent(returnMXID(id))}/media`;
+            await jsonClient(endpoint_url, { method: "DELETE" });
+          }
+
+          if (params.meta?.redactEvents) {
+            const base_url = storage.getItem("base_url");
+            const endpoint_url = `${base_url}/_synapse/admin/v1/user/${encodeURIComponent(returnMXID(id))}/redact`;
+            await jsonClient(endpoint_url, { method: "POST", body: JSON.stringify({ rooms: [] }) });
+          }
+        })
+      );
+      return params;
+    },
  },
 ]);

--- a/src/synapse/synapse.ts
+++ b/src/synapse/synapse.ts
@@ -54,11 +54,6 @@ export const getSupportedLoginFlows = async baseUrl => {
  return response.json.flows;
 };

-export const getMediaUrl = media_id => {
-  const baseUrl = storage.getItem("base_url");
-  return `${baseUrl}/_matrix/media/v1/download/${media_id}?allow_redirect=true`;
-};
-
 /**
 * Generate a random MXID for current homeserver
 * @returns full MXID as string
--- a/src/utils/fetchMedia.ts
+++ b/src/utils/fetchMedia.ts
@@ -0,0 +1,43 @@
+import storage from "../storage";
+
+export const getServerAndMediaIdFromMxcUrl = (mxcUrl: string): { serverName: string, mediaId: string } => {
+    const re = /^mxc:\/\/([^/]+)\/(\w+)/;
+    const ret = re.exec(mxcUrl);
+    console.log("mxcClient " + ret);
+    if (ret == null) {
+      throw new Error("Invalid mxcUrl");
+    }
+    const serverName = ret[1];
+    const mediaId = ret[2];
+    return { serverName, mediaId };
+};
+
+export type MediaType = "thumbnail" | "original";
+
+export const fetchAuthenticatedMedia = async (mxcUrl: string, type: MediaType): Promise<Response> => {
+  const homeserver = storage.getItem("base_url");
+  const accessToken = storage.getItem("access_token");
+
+  const { serverName, mediaId } = getServerAndMediaIdFromMxcUrl(mxcUrl);
+  if (!serverName || !mediaId) {
+    throw new Error("Invalid mxcUrl");
+  }
+
+  let url = "";
+  if (type === "thumbnail") {
+    // ref: https://spec.matrix.org/latest/client-server-api/#thumbnails
+    url = `${homeserver}/_matrix/client/v1/media/thumbnail/${serverName}/${mediaId}?width=320&height=240&method=scale`;
+  } else if (type === "original") {
+    url = `${homeserver}/_matrix/client/v1/media/download/${serverName}/${mediaId}`;
+  } else {
+    throw new Error("Invalid authenticated media type");
+  }
+
+  const response = await fetch(`${url}`, {
+    headers: {
+      authorization: `Bearer ${accessToken}`,
+    },
+  });
+
+  return response;
+};
Author	SHA1	Message	Date
Aine	853d14c1ce	fix 'Sign in' button disabled on SSO-only servers when attempting access token login	2024-10-18 10:21:48 +03:00
jamazi	11a5cac709	Refactor required fields check on Bulk CSV upload (#59 ) Related to https://github.com/etkecc/synapse-admin/pull/32	2024-10-17 22:56:19 +03:00
Borislav Pantaleev	0d021021df	Add option for access token login (#58 ) * Fix SSO login flow, redirect is done after auth * Add accessToken login * Add confirmation for session destroy on accessToken logout * add translations, fix tests, minor renaming * update readme	2024-10-17 18:34:20 +03:00
Aine	19302466ef	update README.md	2024-10-10 22:13:50 +03:00
Aine	0594259ae4	make avatar field sortable in the users list	2024-10-08 12:15:03 +03:00
Aine	ba485bbb18	Merge branch 'master'	2024-10-08 10:51:16 +03:00
Dirk Klimpel	9fc005032c	Fix for empty user default tab after creation (#628 )	2024-10-08 09:20:55 +02:00
Aine	f5d6f24b30	correctly treat empty or "almost empty" restrictBaseUrl config option, fixes #56	2024-10-07 12:00:33 +03:00
Aine	a42efe7eda	do not color failed federation destinations, use an icon instead	2024-10-04 00:16:11 +03:00
Borislav Pantaleev	31d3712dbb	Better media preview/download implementation (#53 ) * Add download option for non image media * make view media button change the icon during the loading; update readme	2024-10-03 11:23:51 +03:00
Aine	a15dad4a31	ensure preview works for images only (for now)	2024-10-03 01:18:45 +03:00
Borislav Pantaleev	9062a6afb1	Remove Dialog window for image preview, open all media in new tab	2024-10-03 00:52:07 +03:00
Borislav Pantaleev	a79c3597d6	Authenticated Media Support (#51 ) * Fix AvatarField to work with authenticated media * Fix ViewMediaButton to work for user's media tab and reported events * remove console.log * cleanup AvatarField * use correct thumbnail size * fix AvatarField.test * ignore postgres data for watchman * fix new avatar preview * watchman should ignore testdata completely, instead of specific subdirs * update README * change user's media icon in sidebar - use the same icon as the media tab * Add preview for user media files if mimeType is image/* * Add new line in user media Dialog	2024-10-03 00:38:35 +03:00
Aine	470f1b5455	adjust 'redact all user events on remove' to the new API	2024-10-02 23:34:07 +03:00
Aine	46cc0e2fda	refactor users' after delete to react-admin lifecycle hooks, fixes #50	2024-09-29 19:46:00 +03:00
Aine	f3080e9468	Provide options to delete media and redact events on user erase (#49 ) * Provide options to delete media and redact events on user erase * update readme	2024-09-29 00:16:44 +03:00
Aine	f8fe1166e2	Do not block deleted rooms from being rejoined by default (UI option), fixes #48	2024-09-27 19:25:15 +03:00