mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 16:00:02 +02:00 
			
		
		
		
	Initial organizations functionality: Creating orgs and inviting users
This commit is contained in:
		| @@ -18,12 +18,14 @@ CREATE TABLE users_collections ( | ||||
| ); | ||||
|  | ||||
| CREATE TABLE users_organizations ( | ||||
|   user_uuid TEXT    NOT NULL REFERENCES users (uuid), | ||||
|   org_uuid  TEXT    NOT NULL REFERENCES organizations (uuid), | ||||
|   uuid       TEXT    NOT NULL PRIMARY KEY, | ||||
|   user_uuid  TEXT    NOT NULL REFERENCES users (uuid), | ||||
|   org_uuid   TEXT    NOT NULL REFERENCES organizations (uuid), | ||||
|  | ||||
|   key       TEXT    NOT NULL, | ||||
|   status    INTEGER NOT NULL, | ||||
|   type      INTEGER NOT NULL, | ||||
|   access_all BOOLEAN NOT NULL, | ||||
|   key        TEXT    NOT NULL, | ||||
|   status     INTEGER NOT NULL, | ||||
|   type       INTEGER NOT NULL, | ||||
|  | ||||
|   PRIMARY KEY (user_uuid, org_uuid) | ||||
|   UNIQUE (user_uuid, org_uuid) | ||||
| ); | ||||
|   | ||||
| @@ -60,8 +60,18 @@ fn register(data: Json<RegisterData>, conn: DbConn) -> EmptyResult { | ||||
| } | ||||
|  | ||||
| #[get("/accounts/profile")] | ||||
| fn profile(headers: Headers) -> JsonResult { | ||||
|     Ok(Json(headers.user.to_json())) | ||||
| fn profile(headers: Headers, conn: DbConn) -> JsonResult { | ||||
|     Ok(Json(headers.user.to_json(&conn))) | ||||
| } | ||||
|  | ||||
| #[get("/users/<uuid>/public-key")] | ||||
| fn get_public_keys(uuid: String, headers: Headers, conn: DbConn) -> JsonResult { | ||||
|     let user = match User::find_by_uuid(&uuid, &conn) { | ||||
|         Some(user) => user, | ||||
|         None => err!("User doesn't exist") | ||||
|     }; | ||||
|  | ||||
|     Ok(Json(json!(user.public_key))) | ||||
| } | ||||
|  | ||||
| #[post("/accounts/keys", data = "<data>")] | ||||
| @@ -75,7 +85,7 @@ fn post_keys(data: Json<KeysData>, headers: Headers, conn: DbConn) -> JsonResult | ||||
|  | ||||
|     user.save(&conn); | ||||
|  | ||||
|     Ok(Json(user.to_json())) | ||||
|     Ok(Json(user.to_json(&conn))) | ||||
| } | ||||
|  | ||||
| #[derive(Deserialize)] | ||||
|   | ||||
| @@ -23,7 +23,7 @@ use CONFIG; | ||||
|  | ||||
| #[get("/sync")] | ||||
| fn sync(headers: Headers, conn: DbConn) -> JsonResult { | ||||
|     let user_json = headers.user.to_json(); | ||||
|     let user_json = headers.user.to_json(&conn); | ||||
|  | ||||
|     let folders = Folder::find_by_user(&headers.user.uuid, &conn); | ||||
|     let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect(); | ||||
| @@ -112,7 +112,7 @@ fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonR | ||||
|     Ok(Json(cipher.to_json(&headers.host, &conn))) | ||||
| } | ||||
|  | ||||
| fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult {   | ||||
| fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult { | ||||
|     if let Some(ref folder_id) = data.folderId { | ||||
|         match Folder::find_by_uuid(folder_id, conn) { | ||||
|             Some(folder) => { | ||||
| @@ -188,7 +188,6 @@ fn copy_values(from: &Value, to: &mut Value) { | ||||
|         for (key, val) in map { | ||||
|             copy_values(val, &mut to[util::upcase_first(key)]); | ||||
|         } | ||||
|  | ||||
|     } else if let Some(array) = from.as_array() { | ||||
|         // Initialize array with null values | ||||
|         *to = json!(vec![Value::Null; array.len()]); | ||||
| @@ -196,7 +195,6 @@ fn copy_values(from: &Value, to: &mut Value) { | ||||
|         for (index, val) in array.iter().enumerate() { | ||||
|             copy_values(val, &mut to[index]); | ||||
|         } | ||||
|       | ||||
|     } else { | ||||
|         *to = from.clone(); | ||||
|     } | ||||
| @@ -375,7 +373,7 @@ fn delete_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) -> | ||||
|  | ||||
|     let uuids = match data.get("ids") { | ||||
|         Some(ids) => match ids.as_array() { | ||||
|             Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}), | ||||
|             Some(ids) => ids.iter().filter_map(|uuid| { uuid.as_str() }), | ||||
|             None => err!("Posted ids field is not an array") | ||||
|         }, | ||||
|         None => err!("Request missing ids field") | ||||
| @@ -405,16 +403,16 @@ fn move_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) -> Em | ||||
|                         } | ||||
|                         None => err!("Folder doesn't exist") | ||||
|                     } | ||||
|                 }, | ||||
|                 } | ||||
|                 None => err!("Folder id provided in wrong format") | ||||
|             } | ||||
|         }, | ||||
|         } | ||||
|         None => None | ||||
|     }; | ||||
|  | ||||
|     let uuids = match data.get("ids") { | ||||
|         Some(ids) => match ids.as_array() { | ||||
|             Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}), | ||||
|             Some(ids) => ids.iter().filter_map(|uuid| { uuid.as_str() }), | ||||
|             None => err!("Posted ids field is not an array") | ||||
|         }, | ||||
|         None => err!("Request missing ids field") | ||||
|   | ||||
| @@ -14,6 +14,7 @@ pub fn routes() -> Vec<Route> { | ||||
|     routes![ | ||||
|         register, | ||||
|         profile, | ||||
|         get_public_keys, | ||||
|         post_keys, | ||||
|         post_password, | ||||
|         post_sstamp, | ||||
| @@ -53,7 +54,15 @@ pub fn routes() -> Vec<Route> { | ||||
|         activate_authenticator, | ||||
|         disable_authenticator, | ||||
|  | ||||
|         create_organization, | ||||
|         get_user_collections, | ||||
|         get_org_collections, | ||||
|         get_org_details, | ||||
|         get_org_users, | ||||
|         get_collection_users, | ||||
|         send_invite, | ||||
|         confirm_invite, | ||||
|         delete_user, | ||||
|  | ||||
|         clear_device_token, | ||||
|         put_device_token, | ||||
|   | ||||
| @@ -8,22 +8,34 @@ use db::models::*; | ||||
| use api::{JsonResult, EmptyResult}; | ||||
| use auth::Headers; | ||||
|  | ||||
|  | ||||
| #[derive(Deserialize)] | ||||
| #[allow(non_snake_case)] | ||||
| struct OrgData { | ||||
|     billingEmail: String, | ||||
|     collectionName: String, | ||||
|     key: String, | ||||
|     name: String, | ||||
|     planType: String, | ||||
| } | ||||
|  | ||||
| #[post("/organizations", data = "<data>")] | ||||
| fn create_organization(headers: Headers, data: Json<Value>, conn: DbConn) -> JsonResult { | ||||
|     /* | ||||
|     Data is a JSON Object with the following entries | ||||
|         billingEmail	<email> | ||||
|         collectionName	<encrypted_collection_name> | ||||
|         key	            <key> | ||||
|         name	        <unencrypted_name> | ||||
|         planType	    free | ||||
|     */ | ||||
| fn create_organization(headers: Headers, data: Json<OrgData>, conn: DbConn) -> JsonResult { | ||||
|     let data: OrgData = data.into_inner(); | ||||
|  | ||||
|     // We need to add the following key to the users jwt claims | ||||
|     // orgowner: "<org-id>" | ||||
|     let mut org = Organization::new(data.name, data.billingEmail); | ||||
|     let mut user_org = UserOrganization::new( | ||||
|         headers.user.uuid, org.uuid.clone()); | ||||
|  | ||||
|     // This function returns organization.to_json(); | ||||
|     err!("Not implemented") | ||||
|     user_org.key = data.key; | ||||
|     user_org.access_all = true; | ||||
|     user_org.type_ = UserOrgType::Owner as i32; | ||||
|     user_org.status = UserOrgStatus::Confirmed as i32; | ||||
|  | ||||
|     org.save(&conn); | ||||
|     user_org.save(&conn); | ||||
|  | ||||
|     Ok(Json(org.to_json())) | ||||
| } | ||||
|  | ||||
|  | ||||
| @@ -50,6 +62,35 @@ fn get_org_collections(org_id: String, headers: Headers, conn: DbConn) -> JsonRe | ||||
|     }))) | ||||
| } | ||||
|  | ||||
| #[derive(FromForm)] | ||||
| #[allow(non_snake_case)] | ||||
| struct OrgIdData { | ||||
|     organizationId: String | ||||
| } | ||||
|  | ||||
| #[get("/ciphers/organization-details?<data>")] | ||||
| fn get_org_details(data: OrgIdData, headers: Headers, conn: DbConn) -> JsonResult { | ||||
|  | ||||
|     // Get list of ciphers in org? | ||||
|  | ||||
|     Ok(Json(json!({ | ||||
|         "Data": [], | ||||
|         "Object": "list" | ||||
|     }))) | ||||
| } | ||||
|  | ||||
| #[get("/organizations/<org_id>/users")] | ||||
| fn get_org_users(org_id: String, headers: Headers, conn: DbConn) -> JsonResult { | ||||
|     // TODO Check if user in org | ||||
|  | ||||
|     let users = UserOrganization::find_by_org(&org_id, &conn); | ||||
|     let users_json: Vec<Value> = users.iter().map(|c| c.to_json_details(&conn)).collect(); | ||||
|  | ||||
|     Ok(Json(json!({ | ||||
|         "Data": users_json, | ||||
|         "Object": "list" | ||||
|     }))) | ||||
| } | ||||
|  | ||||
| #[get("/organizations/<org_id>/collections/<coll_id>/users")] | ||||
| fn get_collection_users(org_id: String, coll_id: String, headers: Headers, conn: DbConn) -> JsonResult { | ||||
| @@ -78,10 +119,94 @@ fn get_collection_users(org_id: String, coll_id: String, headers: Headers, conn: | ||||
|     }))) | ||||
| } | ||||
|  | ||||
| #[derive(Deserialize)] | ||||
| #[allow(non_snake_case)] | ||||
| struct InviteCollectionData { | ||||
|     id: String, | ||||
|     readOnly: bool, | ||||
| } | ||||
|  | ||||
| //******************************************************************************************** | ||||
| /* | ||||
|     We need to modify 'GET /api/profile' to return the users organizations, instead of [] | ||||
| #[derive(Deserialize)] | ||||
| #[allow(non_snake_case)] | ||||
| struct InviteData { | ||||
|     emails: Vec<String>, | ||||
|     #[serde(rename = "type")] | ||||
|     type_: String, | ||||
|     collections: Vec<InviteCollectionData>, | ||||
|     accessAll: bool, | ||||
|  | ||||
|     The elements from that array come from organization.to_json_profile() | ||||
| */ | ||||
| } | ||||
|  | ||||
| #[post("/organizations/<org_id>/users/invite", data = "<data>")] | ||||
| fn send_invite(org_id: String, data: Json<InviteData>, headers: Headers, conn: DbConn) -> EmptyResult { | ||||
|     let data: InviteData = data.into_inner(); | ||||
|  | ||||
|     // TODO Check that user is in org and admin or more | ||||
|  | ||||
|     for user_opt in data.emails.iter().map(|email| User::find_by_mail(email, &conn)) { | ||||
|         match user_opt { | ||||
|             None => err!("User email does not exist"), | ||||
|             Some(user) => { | ||||
|                 // TODO Check that user is not already in org | ||||
|  | ||||
|                 let mut user_org = UserOrganization::new( | ||||
|                     user.uuid, org_id.clone()); | ||||
|  | ||||
|                 if data.accessAll { | ||||
|                     user_org.access_all = data.accessAll; | ||||
|                 } else { | ||||
|                     err!("Select collections unimplemented") | ||||
|                     // TODO create Users_collections | ||||
|                 } | ||||
|  | ||||
|                 user_org.type_ = match data.type_.as_ref() { | ||||
|                     "Owner" => UserOrgType::Owner, | ||||
|                     "Admin" => UserOrgType::Admin, | ||||
|                     "User" => UserOrgType::User, | ||||
|                     _ => err!("Invalid type") | ||||
|                 } as i32; | ||||
|  | ||||
|                 user_org.save(&conn); | ||||
|             } | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     Ok(()) | ||||
| } | ||||
|  | ||||
| #[post("/organizations/<org_id>/users/<user_id>/confirm", data = "<data>")] | ||||
| fn confirm_invite(org_id: String, user_id: String, data: Json<Value>, headers: Headers, conn: DbConn) -> EmptyResult { | ||||
|     // TODO Check that user is in org and admin or more | ||||
|  | ||||
|     let mut user_org = match UserOrganization::find_by_user_and_org( | ||||
|         &user_id, &org_id, &conn) { | ||||
|         Some(user_org) => user_org, | ||||
|         None => err!("Can't find user") | ||||
|     }; | ||||
|  | ||||
|     if user_org.status != UserOrgStatus::Accepted as i32 { | ||||
|         err!("User in invalid state") | ||||
|     } | ||||
|  | ||||
|     user_org.status = UserOrgStatus::Confirmed as i32; | ||||
|     user_org.key = match data["key"].as_str() { | ||||
|         Some(key) => key.to_string(), | ||||
|         None => err!("Invalid key provided") | ||||
|     }; | ||||
|  | ||||
|     user_org.save(&conn); | ||||
|  | ||||
|     Ok(()) | ||||
| } | ||||
|  | ||||
| #[post("/organizations/<org_id>/users/<user_id>/delete")] | ||||
| fn delete_user(org_id: String, user_id: String, headers: Headers, conn: DbConn) -> EmptyResult { | ||||
|     // TODO Check that user is in org and admin or more | ||||
|     // TODO To delete a user you need either: | ||||
|     //      - To be yourself | ||||
|     //      - To be of a superior type (ex. Owner can delete Admin and User, Admin can delete User) | ||||
|  | ||||
|     // Delete users_organizations and users_collections from this org | ||||
|  | ||||
|     unimplemented!(); | ||||
| } | ||||
| @@ -19,7 +19,6 @@ pub fn routes() -> Vec<Route> { | ||||
| #[post("/connect/token", data = "<connect_data>")] | ||||
| fn login(connect_data: Form<ConnectData>, device_type: DeviceType, conn: DbConn) -> JsonResult { | ||||
|     let data = connect_data.get(); | ||||
|     println!("{:#?}", data); | ||||
|  | ||||
|     let mut device = match data.grant_type { | ||||
|         GrantType::RefreshToken => { | ||||
| @@ -98,7 +97,9 @@ fn login(connect_data: Form<ConnectData>, device_type: DeviceType, conn: DbConn) | ||||
|     }; | ||||
|  | ||||
|     let user = User::find_by_uuid(&device.user_uuid, &conn).unwrap(); | ||||
|     let (access_token, expires_in) = device.refresh_tokens(&user); | ||||
|     let orgs = UserOrganization::find_by_user(&user.uuid, &conn); | ||||
|  | ||||
|     let (access_token, expires_in) = device.refresh_tokens(&user, orgs); | ||||
|     device.save(&conn); | ||||
|  | ||||
|     Ok(Json(json!({ | ||||
|   | ||||
| @@ -72,6 +72,10 @@ pub struct JWTClaims { | ||||
|     pub email: String, | ||||
|     pub email_verified: bool, | ||||
|  | ||||
|     pub orgowner: Vec<String>, | ||||
|     pub orgadmin: Vec<String>, | ||||
|     pub orguser: Vec<String>, | ||||
|  | ||||
|     // user security_stamp | ||||
|     pub sstamp: String, | ||||
|     // device uuid | ||||
|   | ||||
| @@ -1,4 +1,3 @@ | ||||
| use chrono::{NaiveDateTime, Utc}; | ||||
| use serde_json::Value as JsonValue; | ||||
| 
 | ||||
| use uuid::Uuid; | ||||
| @@ -18,8 +17,6 @@ pub struct Collection { | ||||
| /// Local methods
 | ||||
| impl Collection { | ||||
|     pub fn new(org_uuid: String, name: String) -> Self { | ||||
|         let now = Utc::now().naive_utc(); | ||||
| 
 | ||||
|         Self { | ||||
|             uuid: Uuid::new_v4().to_string(), | ||||
| 
 | ||||
| @@ -46,8 +43,6 @@ use db::schema::collections; | ||||
| /// Database methods
 | ||||
| impl Collection { | ||||
|     pub fn save(&mut self, conn: &DbConn) -> bool { | ||||
|         self.updated_at = Utc::now().naive_utc(); | ||||
| 
 | ||||
|         match diesel::replace_into(collections::table) | ||||
|             .values(&*self) | ||||
|             .execute(&**conn) { | ||||
| @@ -40,7 +40,7 @@ impl Device { | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn refresh_tokens(&mut self, user: &super::User) -> (String, i64) { | ||||
|     pub fn refresh_tokens(&mut self, user: &super::User, orgs: Vec<super::UserOrganization>) -> (String, i64) { | ||||
|         // If there is no refresh token, we create one | ||||
|         if self.refresh_token.is_empty() { | ||||
|             use data_encoding::BASE64URL; | ||||
| @@ -51,9 +51,14 @@ impl Device { | ||||
|  | ||||
|         // Update the expiration of the device and the last update date | ||||
|         let time_now = Utc::now().naive_utc(); | ||||
|  | ||||
|         self.updated_at = time_now; | ||||
|  | ||||
|  | ||||
|         let orgowner: Vec<_> = orgs.iter().filter(|o| o.type_ == 0).map(|o| o.org_uuid.clone()).collect(); | ||||
|         let orgadmin: Vec<_> = orgs.iter().filter(|o| o.type_ == 1).map(|o| o.org_uuid.clone()).collect(); | ||||
|         let orguser: Vec<_> = orgs.iter().filter(|o| o.type_ == 2).map(|o| o.org_uuid.clone()).collect(); | ||||
|  | ||||
|  | ||||
|         // Create the JWT claims struct, to send to the client | ||||
|         use auth::{encode_jwt, JWTClaims, DEFAULT_VALIDITY, JWT_ISSUER}; | ||||
|         let claims = JWTClaims { | ||||
| @@ -61,16 +66,23 @@ impl Device { | ||||
|             exp: (time_now + *DEFAULT_VALIDITY).timestamp(), | ||||
|             iss: JWT_ISSUER.to_string(), | ||||
|             sub: user.uuid.to_string(), | ||||
|  | ||||
|             premium: true, | ||||
|             name: user.name.to_string(), | ||||
|             email: user.email.to_string(), | ||||
|             email_verified: true, | ||||
|  | ||||
|             orgowner, | ||||
|             orgadmin, | ||||
|             orguser, | ||||
|  | ||||
|             sstamp: user.security_stamp.to_string(), | ||||
|             device: self.uuid.to_string(), | ||||
|             scope: vec!["api".into(), "offline_access".into()], | ||||
|             amr: vec!["Application".into()], | ||||
|         }; | ||||
|  | ||||
|  | ||||
|         (encode_jwt(&claims), DEFAULT_VALIDITY.num_seconds()) | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -4,8 +4,16 @@ mod device; | ||||
| mod folder; | ||||
| mod user; | ||||
|  | ||||
| mod collection; | ||||
| mod organization; | ||||
|  | ||||
| pub use self::attachment::Attachment; | ||||
| pub use self::cipher::Cipher; | ||||
| pub use self::device::Device; | ||||
| pub use self::folder::Folder; | ||||
| pub use self::user::User; | ||||
|  | ||||
| pub use self::collection::Collection; | ||||
| pub use self::organization::Organization; | ||||
|  | ||||
| pub use self::organization::{UserOrganization, UserOrgStatus, UserOrgType}; | ||||
|   | ||||
| @@ -1,116 +0,0 @@ | ||||
| use chrono::{NaiveDateTime, Utc}; | ||||
| use serde_json::Value as JsonValue; | ||||
|  | ||||
| use uuid::Uuid; | ||||
|  | ||||
| #[derive(Debug, Identifiable, Queryable, Insertable)] | ||||
| #[table_name = "organizations"] | ||||
| #[primary_key(uuid)] | ||||
| pub struct Organization { | ||||
|     pub uuid: String, | ||||
|     pub name: String, | ||||
|     pub billing_email: String, | ||||
|  | ||||
|     pub key: String, | ||||
| } | ||||
|  | ||||
| /// Local methods | ||||
| impl Organization { | ||||
|     pub fn new(name: String, billing_email: String, key: String) -> Self { | ||||
|         let now = Utc::now().naive_utc(); | ||||
|  | ||||
|         Self { | ||||
|             uuid: Uuid::new_v4().to_string(), | ||||
|  | ||||
|             name, | ||||
|             billing_email, | ||||
|             key, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn to_json(&self) -> JsonValue { | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
|             "Name": self.name, | ||||
|  | ||||
|             "BusinessName": null, | ||||
|             "BusinessAddress1":	null, | ||||
|             "BusinessAddress2":	null, | ||||
|             "BusinessAddress3":	null, | ||||
|             "BusinessCountry": null, | ||||
|             "BusinessTaxNumber": null, | ||||
|             "BillingEmail":self.billing_email, | ||||
|             "Plan": "Free", | ||||
|             "PlanType": 0, // Free plan | ||||
|  | ||||
|             "Seats": 10, | ||||
|             "MaxCollections": 10, | ||||
|  | ||||
|             "UseGroups": false, | ||||
|             "UseDirectory": false, | ||||
|             "UseEvents": false, | ||||
|             "UseTotp": false, | ||||
|  | ||||
|             "Object": "organization", | ||||
|         }) | ||||
|     } | ||||
|  | ||||
|     pub fn to_json_profile(&self) -> JsonValue { | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
|             "Name": self.name, | ||||
|  | ||||
|             "Seats": 10, | ||||
|             "MaxCollections": 10, | ||||
|  | ||||
|             "UseGroups": false, | ||||
|             "UseDirectory": false, | ||||
|             "UseEvents": false, | ||||
|             "UseTotp": false, | ||||
|  | ||||
|             "MaxStorageGb": null, | ||||
|  | ||||
|             // These are probably per user | ||||
|             "Key": self.key, | ||||
|             "Status": 2, // Confirmed | ||||
|             "Type": 0, // Owner | ||||
|             "Enabled": true, | ||||
|  | ||||
|             "Object": "profileOrganization", | ||||
|         }) | ||||
|     } | ||||
| } | ||||
|  | ||||
| use diesel; | ||||
| use diesel::prelude::*; | ||||
| use db::DbConn; | ||||
| use db::schema::organizations; | ||||
|  | ||||
| /// Database methods | ||||
| impl Organization { | ||||
|     pub fn save(&mut self, conn: &DbConn) -> bool { | ||||
|         self.updated_at = Utc::now().naive_utc(); | ||||
|  | ||||
|         match diesel::replace_into(organizations::table) | ||||
|             .values(&*self) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row inserted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn delete(self, conn: &DbConn) -> bool { | ||||
|         match diesel::delete(organizations::table.filter( | ||||
|             organizations::uuid.eq(self.uuid))) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row deleted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> { | ||||
|         organizations::table | ||||
|             .filter(organizations::uuid.eq(uuid)) | ||||
|             .first::<Self>(&**conn).ok() | ||||
|     } | ||||
| } | ||||
							
								
								
									
										214
									
								
								src/db/models/organization.rs
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										214
									
								
								src/db/models/organization.rs
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,214 @@ | ||||
| use serde_json::Value as JsonValue; | ||||
|  | ||||
| use uuid::Uuid; | ||||
|  | ||||
| #[derive(Debug, Identifiable, Queryable, Insertable)] | ||||
| #[table_name = "organizations"] | ||||
| #[primary_key(uuid)] | ||||
| pub struct Organization { | ||||
|     pub uuid: String, | ||||
|     pub name: String, | ||||
|     pub billing_email: String, | ||||
| } | ||||
|  | ||||
| #[derive(Debug, Identifiable, Queryable, Insertable)] | ||||
| #[table_name = "users_organizations"] | ||||
| #[primary_key(uuid)] | ||||
| pub struct UserOrganization { | ||||
|     pub uuid: String, | ||||
|     pub user_uuid: String, | ||||
|     pub org_uuid: String, | ||||
|  | ||||
|     pub access_all: bool, | ||||
|     pub key: String, | ||||
|     pub status: i32, | ||||
|     pub type_: i32, | ||||
| } | ||||
|  | ||||
| pub enum UserOrgStatus { | ||||
|     Invited = 0, | ||||
|     Accepted = 1, | ||||
|     Confirmed = 2, | ||||
| } | ||||
|  | ||||
| pub enum UserOrgType { | ||||
|     Owner = 0, | ||||
|     Admin = 1, | ||||
|     User = 2, | ||||
| } | ||||
|  | ||||
| /// Local methods | ||||
| impl Organization { | ||||
|     pub fn new(name: String, billing_email: String) -> Self { | ||||
|         Self { | ||||
|             uuid: Uuid::new_v4().to_string(), | ||||
|  | ||||
|             name, | ||||
|             billing_email, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn to_json(&self) -> JsonValue { | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
|             "Name": self.name, | ||||
|             "Seats": 10, | ||||
|             "MaxCollections": 10, | ||||
|  | ||||
|             "Use2fa": false, | ||||
|             "UseDirectory": false, | ||||
|             "UseEvents": false, | ||||
|             "UseGroups": false, | ||||
|             "UseTotp": false, | ||||
|  | ||||
|             "BusinessName": null, | ||||
|             "BusinessAddress1":	null, | ||||
|             "BusinessAddress2":	null, | ||||
|             "BusinessAddress3":	null, | ||||
|             "BusinessCountry": null, | ||||
|             "BusinessTaxNumber": null, | ||||
|  | ||||
|             "BillingEmail": self.billing_email, | ||||
|             "Plan": "Free", | ||||
|             "PlanType": 0, // Free plan | ||||
|  | ||||
|             "Object": "organization", | ||||
|         }) | ||||
|     } | ||||
| } | ||||
|  | ||||
| impl UserOrganization { | ||||
|     pub fn new(user_uuid: String, org_uuid: String) -> Self { | ||||
|         Self { | ||||
|             uuid: Uuid::new_v4().to_string(), | ||||
|  | ||||
|             user_uuid, | ||||
|             org_uuid, | ||||
|  | ||||
|             access_all: false, | ||||
|             key: String::new(), | ||||
|             status: UserOrgStatus::Accepted as i32, | ||||
|             type_: UserOrgType::User as i32, | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
|  | ||||
| use diesel; | ||||
| use diesel::prelude::*; | ||||
| use db::DbConn; | ||||
| use db::schema::organizations; | ||||
| use db::schema::users_organizations; | ||||
|  | ||||
| /// Database methods | ||||
| impl Organization { | ||||
|     pub fn save(&mut self, conn: &DbConn) -> bool { | ||||
|         match diesel::replace_into(organizations::table) | ||||
|             .values(&*self) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row inserted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn delete(self, conn: &DbConn) -> bool { | ||||
|         match diesel::delete(organizations::table.filter( | ||||
|             organizations::uuid.eq(self.uuid))) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row deleted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> { | ||||
|         organizations::table | ||||
|             .filter(organizations::uuid.eq(uuid)) | ||||
|             .first::<Self>(&**conn).ok() | ||||
|     } | ||||
| } | ||||
|  | ||||
| impl UserOrganization { | ||||
|     pub fn to_json(&self, conn: &DbConn) -> JsonValue { | ||||
|         let org = Organization::find_by_uuid(&self.org_uuid, conn).unwrap(); | ||||
|  | ||||
|         json!({ | ||||
|             "Id": self.org_uuid, | ||||
|             "Name": org.name, | ||||
|             "Seats": 10, | ||||
|             "MaxCollections": 10, | ||||
|  | ||||
|             "Use2fa": false, | ||||
|             "UseDirectory": false, | ||||
|             "UseEvents": false, | ||||
|             "UseGroups": false, | ||||
|             "UseTotp": false, | ||||
|  | ||||
|             "MaxStorageGb": null, | ||||
|  | ||||
|             // These are per user | ||||
|             "Key": self.key, | ||||
|             "Status": self.status, | ||||
|             "Type": self.type_, | ||||
|             "Enabled": true, | ||||
|  | ||||
|             "Object": "profileOrganization", | ||||
|         }) | ||||
|     } | ||||
|  | ||||
|     pub fn to_json_details(&self, conn: &DbConn) -> JsonValue { | ||||
|         use super::User; | ||||
|         let user = User::find_by_uuid(&self.user_uuid, conn).unwrap(); | ||||
|  | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
|             "UserId": user.uuid, | ||||
|             "Name": user.name, | ||||
|             "Email": user.email, | ||||
|  | ||||
|             "Status": self.status, | ||||
|             "Type": self.type_, | ||||
|             "AccessAll": true, | ||||
|  | ||||
|             "Object": "organizationUserUserDetails", | ||||
|         }) | ||||
|     } | ||||
|  | ||||
|     pub fn save(&mut self, conn: &DbConn) -> bool { | ||||
|         match diesel::replace_into(users_organizations::table) | ||||
|             .values(&*self) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row inserted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn delete(self, conn: &DbConn) -> bool { | ||||
|         match diesel::delete(users_organizations::table.filter( | ||||
|             users_organizations::uuid.eq(self.uuid))) | ||||
|             .execute(&**conn) { | ||||
|             Ok(1) => true, // One row deleted | ||||
|             _ => false, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> { | ||||
|         users_organizations::table | ||||
|             .filter(users_organizations::user_uuid.eq(user_uuid)) | ||||
|             .load::<Self>(&**conn).expect("Error loading user organizations") | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> { | ||||
|         users_organizations::table | ||||
|             .filter(users_organizations::org_uuid.eq(org_uuid)) | ||||
|             .load::<Self>(&**conn).expect("Error loading user organizations") | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_user_and_org(user_uuid: &str, org_uuid: &str, conn: &DbConn) -> Option<Self> { | ||||
|         users_organizations::table | ||||
|             .filter(users_organizations::user_uuid.eq(user_uuid)) | ||||
|             .filter(users_organizations::org_uuid.eq(org_uuid)) | ||||
|             .first::<Self>(&**conn).ok() | ||||
|     } | ||||
| } | ||||
|  | ||||
|  | ||||
| @@ -115,8 +115,21 @@ impl User { | ||||
|             true | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
| use diesel; | ||||
| use diesel::prelude::*; | ||||
| use db::DbConn; | ||||
| use db::schema::users; | ||||
|  | ||||
| /// Database methods | ||||
| impl User { | ||||
|     pub fn to_json(&self, conn: &DbConn) -> JsonValue { | ||||
|         use super::UserOrganization; | ||||
|  | ||||
|         let orgs = UserOrganization::find_by_user(&self.uuid, conn); | ||||
|         let orgs_json: Vec<JsonValue> = orgs.iter().map(|c| c.to_json(&conn)).collect(); | ||||
|  | ||||
|     pub fn to_json(&self) -> JsonValue { | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
|             "Name": self.name, | ||||
| @@ -129,19 +142,12 @@ impl User { | ||||
|             "Key": self.key, | ||||
|             "PrivateKey": self.private_key, | ||||
|             "SecurityStamp": self.security_stamp, | ||||
|             "Organizations": [], | ||||
|             "Organizations": orgs_json, | ||||
|             "Object": "profile" | ||||
|         }) | ||||
|     } | ||||
| } | ||||
|  | ||||
| use diesel; | ||||
| use diesel::prelude::*; | ||||
| use db::DbConn; | ||||
| use db::schema::users; | ||||
|  | ||||
| /// Database methods | ||||
| impl User { | ||||
|     pub fn save(&mut self, conn: &DbConn) -> bool { | ||||
|         self.updated_at = Utc::now().naive_utc(); | ||||
|  | ||||
|   | ||||
| @@ -95,9 +95,11 @@ table! { | ||||
| } | ||||
|  | ||||
| table! { | ||||
|     users_organizations (user_uuid, org_uuid) { | ||||
|     users_organizations (uuid) { | ||||
|         uuid -> Text, | ||||
|         user_uuid -> Text, | ||||
|         org_uuid -> Text, | ||||
|         access_all -> Bool, | ||||
|         key -> Text, | ||||
|         status -> Integer, | ||||
|         #[sql_name = "type"] | ||||
|   | ||||
		Reference in New Issue
	
	Block a user