From 48ade79bd5150c23c44c7c090568fe469e0b4f62 Mon Sep 17 00:00:00 2001 From: Brendan Abolivier Date: Mon, 15 Aug 2022 11:47:04 +0100 Subject: [PATCH] Update error code following review --- proposals/3866-user-not-approved-error.md | 35 ++++++++++++----------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/proposals/3866-user-not-approved-error.md b/proposals/3866-user-not-approved-error.md index 77fd37f26..7f8aa86f2 100644 --- a/proposals/3866-user-not-approved-error.md +++ b/proposals/3866-user-not-approved-error.md @@ -1,4 +1,4 @@ -# MSC3866: `M_USER_NOT_APPROVED` error code +# MSC3866: `M_USER_AWAITING_APPROVAL` error code Over the past few years, there has been some demand for the ability to let administrators of homeservers approve any new user created on their homeserver @@ -9,9 +9,9 @@ additional details such as an email address. ## Proposal -This document proposes the addition of a new `M_USER_NOT_APPROVED` error code to -the Matrix specification. This error code can be returned in two scenarios: -registration and login. +This document proposes the addition of a new `M_USER_AWAITING_APPROVAL` error +code to the Matrix specification. This error code can be returned in two +scenarios: registration and login. This proposal does not describe a way for the homeserver to alert an administrator about new accounts that are waiting to be reviewed, or a way for @@ -25,11 +25,11 @@ admin room). When a user successfully registers on a homeserver that is configured so that new accounts must be approved by an administrator, the final `POST /_matrix/client/v3/register` request is responded to with a `403 Forbidden` -response that includes the `M_USER_NOT_APPROVED` error code. For example: +response that includes the `M_USER_AWAITING_APPROVAL` error code. For example: ```json { - "errcode": "M_USER_NOT_APPROVED", + "errcode": "M_USER_AWAITING_APPROVAL", "error": "This account needs to be approved by an administrator before it can be used." } ``` @@ -38,12 +38,12 @@ response that includes the `M_USER_NOT_APPROVED` error code. For example: When a user whose account is still pending approval by a server administrator attempts to log in, `POST /_matrix/client/v3/login` requests are responded to -with a `403 Forbidden` response that includes the `M_USER_NOT_APPROVED` error -code. For example: +with a `403 Forbidden` response that includes the `M_USER_AWAITING_APPROVAL` +error code. For example: ```json { - "errcode": "M_USER_NOT_APPROVED", + "errcode": "M_USER_AWAITING_APPROVAL", "error": "This account is pending approval by a server administrator. Please try again later." } ``` @@ -77,14 +77,15 @@ of User-Interactive Authentication. ## Security considerations -It shouldn't be necessary to implement the `M_USER_NOT_APPROVED` error code on -other endpoints than `/register` and `/login`. This is because other endpoints -are either unauthenticated (in which case we don't care about whether the user -is approved) or authenticated via an access token (in which case the fact that -the user has an access token either means they've managed to log in (meaning -they've been approved) or a server administrator generated one for them). +It shouldn't be necessary to implement the `M_USER_AWAITING_APPROVAL` error code +on other endpoints than `/register` and `/login`. This is because other +endpoints are either unauthenticated (in which case we don't care about whether +the user is approved) or authenticated via an access token (in which case the +fact that the user has an access token either means they've managed to log in +(meaning they've been approved) or a server administrator generated one for +them). ## Unstable prefix -During development, `ORG_MATRIX_MSC3866_USER_NOT_APPROVED` must be used instead -of `M_USER_NOT_APPROVED`. +During development, `ORG_MATRIX_MSC3866_USER_AWAITING_APPROVAL` must be used +instead of `M_USER_AWAITING_APPROVAL`.