continuwuation/continuwuity
10
27
Fork 25
Code Issues 89 Pull requests 28 Projects Releases 18 Packages 3 Activity Actions

feat: account suspension #766

New issue
Closed
opened 2025-04-16 19:34:33 +00:00 by nex · 2 comments
nex commented 2025-04-16 19:34:33 +00:00
Owner
Copy link

While we can already deactivate accounts in a way that effectively locks them, however, if there is no way to contact the locked user out-of-band to supply them with a new password, there is no way to "unlock" the account in a way that allows it to be used again.

Account suspension is less effective than locking, so if we do end up implementing these, locking should ideally be priorities over suspension - clients losing state isn't much of a concern when most of them have a way to perform a new initial sync anyway.

While we can already deactivate accounts in a way that effectively locks them, however, if there is no way to contact the locked user out-of-band to supply them with a new password, there is no way to "unlock" the account in a way that allows it to be used again. Account suspension is less effective than locking, so if we do end up implementing these, locking should ideally be priorities over suspension - clients losing state isn't much of a concern when most of them have a way to perform a new initial sync anyway.
nex changed title from feat: account locking and suspension to feat: account suspension 2025-06-24 21:22:30 +00:00
nex commented 2025-06-24 21:24:21 +00:00
Author
Owner
Copy link

Locking is being dropped from the scope of this issue because most admins I've spoken to have assessed that suspension is generally the desired course of action instead of locking, since locking is basically just non-nuclear deactivation (which we already support), whereas suspension basically just makes users read-only and has minimal affect on a legitimate user if they are accidentally suspended and later unsuspended.

When implementing, a synapse-compatible HTTP endpoint will also likely be added to allow moderation bots like Draupnir and Meowlnir to automatically issue suspensions for users who wind up on policy lists.

Locking is being dropped from the scope of this issue because most admins I've spoken to have assessed that suspension is generally the desired course of action instead of locking, since locking is basically just non-nuclear deactivation (which we already support), whereas suspension basically just makes users read-only and has minimal affect on a legitimate user if they are accidentally suspended and later unsuspended. When implementing, a synapse-compatible HTTP endpoint will also likely be added to allow moderation bots like Draupnir and Meowlnir to automatically issue suspensions for users who wind up on policy lists.
nex commented 2025-08-21 15:47:47 +00:00
Author
Owner
Copy link

closed by #876, the HTTP endpoint will be added by whatever PR closes #922

closed by #876, the HTTP endpoint will be added by whatever PR closes #922
nex closed this issue 2025-08-21 15:47:47 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
tom/ci-fedora-rpm
nex/feat/provide-fast-joins
hydra/public
nex/feat/force-leave-room
renovate/actions-checkout-5.x
nex/feat/manual-extremities
illegal-car-mods
jade/dep-updates
jade/renovate-config-changes
renovate/termimad-0.x
renovate/cargo_toml-0.x
nex/fix/sync/leave-omission
renovate/toml-0.x
renovate/rand-0.x
renovate/nix-0.x
renovate/minicbor-serde-0.x
renovate/ctor-0.x
renovate/axum-client-ip-0.x
renovate/axum-monorepo
jade/rocksdb-10-5
nex/fed-improvements
tom/fixes
nex/feat/async-media
nex/feat/4277-harmonized-reporting-endpoints
nex/feat/fast-joins-hack-do-not-use-DO-NOT-USE
jade/musl-images
nex/feat/better-logging
trigger-ci-so-latest-isnt-on-illegal-car-mods
jade/parking_lot
jade/docs-updates-20250701
nex/fix/msc4307
nex/feat/pins-backfill
jade/upload-ci-binaries
jade/admin-command-docs
jade/tuwunel-2025-06
jade/tuwunel-2025-06-old
jade/ai-slop-db-docs
nex/fix-create-auth
jade/version-stats
jade/read-receipts
dahsa_uwu/axum-0.8
jade/rust-toolchain-no-targets
jade/logging-features
jade/syncv5-typing
jade/msc2815
jade/relations
jade/purge-sync-tokens
morguldir/see-eye
jade/css-small-screen
nex/wip-751
tuwunel-rebase
test
oddlid/rename-admin-room-bot
strawberry/nix-ci-stuff
strawberry/valgrind
strawberry/morgs-snake-sync-jason-main
newer-media-endpoints
folly-coroutines-async-io
federation-retry-timer-port
bad-attempt-at-extracting-homeserver-signing-key
room-deletion-attempt-do-not-use
v0.5.0-rc.7
v0.5.0-rc.6
v0.5.0-rc.5
v0.5.0-rc4
v0.5.0-rc3
v0.5.0-rc2
v0.5.0-rc
v0.4.7-rc
v0.4.6
v0.4.6-rc
v0.4.5-rc
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
Labels
Clear labels   
Bug

Something isn't working as intended

  
Cherry-picking

Commits picked from other conduit projects

  
Database

This requires or includes changes to the database

  
Dependencies

Something dependency related

  
Dependencies/Renovate

Automatic dependency upgrades by Renovate

  
Difficulty
Easy
Low difficulty to implement - touches few parts of the codebase, low complexity

  
Difficulty
Hard
High difficulty to implement - touches many parts of the codebase, high complexity

  
Difficulty
Medium
Medium difficulty to implement - touches more parts of the codebase, higher complexity

  
Documentation

Improvements or additions to documentation

  
Enhancement

New feature or request

  
Good first issue

Good for newcomers

  
Help wanted

Additional eyes and keyboards are required for this one

  
Inherited

Issues that have been inhereted from the project pre-fork

  
Matrix/Administration

Features pertaining to homeserver administration

  
Matrix/Appservices

Features pertaining to the appservice API

  
Matrix/Auth

Features pertaining to authentication

  
Matrix/Client

Features pertaining to client-to-server interactions

  
Matrix/Core

   
Matrix/Federation

Features pertaining to server-to-server interactions

  
Matrix/MSC

Features pertaining to unstable matrix features

  
Matrix/Media

Features pertaining to media interactions

  
Meta

Related to housekeeping, maintenance, or other repo-meta.

  
Meta/Packaging

Packaging

  
Priority
Blocking
This issue is blocking the next release

  
Priority
High
This issue is very important

  
Priority
Low
This issue is of a rather low priority

  
Security

This item is related to general security

  
Status
Confirmed

  
Status
Duplicate
This issue or pull request already exists

  
Status
Invalid
This issue doesn't seem right

  
Status
Needs Investigation
This issue needs further investigation

  
To-Merge

   
Wont fix

This will not be worked on

  
old/ci/cd

Ci/CD

Archived

  
old/rust

Pull requests that update Rust code

Archived

No labels
Bug
Cherry-picking
Database
Dependencies
Dependencies/Renovate
Difficulty
Easy
Difficulty
Hard
Difficulty
Medium
Documentation
Enhancement
Good first issue
Help wanted
Inherited
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Core
Matrix/Federation
Matrix/MSC
Matrix/Media
Meta
Meta/Packaging
Priority
Blocking
Priority
High
Priority
Low
Security
Status
Confirmed
Status
Duplicate
Status
Invalid
Status
Needs Investigation
To-Merge
Wont fix
old/ci/cd
old/rust
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: continuwuation/continuwuity#766
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?