Add Emergency contact feature

Signed-off-by: thelittlefireman <thelittlefireman@users.noreply.github.com>
2025-09-10 18:55:57 +03:00 · 2021-03-24 20:15:55 +01:00
parent 8c10de3edd
commit 4ab9362971
37 changed files with 1619 additions and 13 deletions
--- a/src/db/models/emergency_access.rs
+++ b/src/db/models/emergency_access.rs
@@ -0,0 +1,288 @@
+use chrono::{NaiveDateTime, Utc};
+use serde_json::Value;
+
+use super::User;
+
+db_object! {
+    #[derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset)]
+    #[table_name = "emergency_access"]
+    #[changeset_options(treat_none_as_null="true")]
+    #[belongs_to(User, foreign_key = "grantor_uuid")]
+    #[primary_key(uuid)]
+    pub struct EmergencyAccess {
+        pub uuid: String,
+        pub grantor_uuid: String,
+        pub grantee_uuid: Option<String>,
+        pub email: Option<String>,
+        pub key_encrypted: Option<String>,
+        pub atype: i32, //EmergencyAccessType
+        pub status: i32, //EmergencyAccessStatus
+        pub wait_time_days: i32,
+        pub recovery_initiated_at: Option<NaiveDateTime>,
+        pub last_notification_at: Option<NaiveDateTime>,
+        pub updated_at: NaiveDateTime,
+        pub created_at: NaiveDateTime,
+    }
+}
+
+/// Local methods
+
+impl EmergencyAccess {
+    pub fn new(grantor_uuid: String, email: Option<String>, status: i32, atype: i32, wait_time_days: i32) -> Self {
+        Self {
+            uuid: crate::util::get_uuid(),
+            grantor_uuid,
+            grantee_uuid: None,
+            email,
+            status,
+            atype,
+            wait_time_days,
+            recovery_initiated_at: None,
+            created_at: Utc::now().naive_utc(),
+            updated_at: Utc::now().naive_utc(),
+            key_encrypted: None,
+            last_notification_at: None,
+        }
+    }
+
+    pub fn get_atype_as_str(&self) -> &'static str {
+        if self.atype == EmergencyAccessType::View as i32 {
+            "View"
+        } else {
+            "Takeover"
+        }
+    }
+
+    pub fn to_json(&self) -> Value {
+        json!({
+            "Id": self.uuid,
+            "Status": self.status,
+            "Type": self.atype,
+            "WaitTimeDays": self.wait_time_days,
+            "Object": "emergencyAccess",
+        })
+    }
+
+    pub fn to_json_grantor_details(&self, conn: &DbConn) -> Value {
+        // find grantor
+        let grantor_user = User::find_by_uuid(&self.grantor_uuid, conn).unwrap();
+        json!({
+             "Id": self.uuid,
+            "Status": self.status,
+            "Type": self.atype,
+            "WaitTimeDays": self.wait_time_days,
+            "GrantorId": grantor_user.uuid,
+            "Email": grantor_user.email,
+            "Name": grantor_user.name,
+            "Object": "emergencyAccessGrantorDetails",})
+    }
+
+    pub fn to_json_grantee_details(&self, conn: &DbConn) -> Value {
+        if self.grantee_uuid.is_some() {
+            let grantee_user =
+                User::find_by_uuid(&self.grantee_uuid.clone().unwrap(), conn).expect("Grantee user not found.");
+
+            json!({
+                "Id": self.uuid,
+                "Status": self.status,
+                "Type": self.atype,
+                "WaitTimeDays": self.wait_time_days,
+                "GranteeId": grantee_user.uuid,
+                "Email": grantee_user.email,
+                "Name": grantee_user.name,
+                "Object": "emergencyAccessGranteeDetails",})
+        } else if self.email.is_some() {
+            let grantee_user = User::find_by_mail(&self.email.clone().unwrap(), conn).expect("Grantee user not found.");
+            json!({
+                    "Id": self.uuid,
+                    "Status": self.status,
+                    "Type": self.atype,
+                    "WaitTimeDays": self.wait_time_days,
+                    "GranteeId": grantee_user.uuid,
+                    "Email": grantee_user.email,
+                    "Name": grantee_user.name,
+                    "Object": "emergencyAccessGranteeDetails",})
+        } else {
+            json!({
+                "Id": self.uuid,
+                "Status": self.status,
+                "Type": self.atype,
+                "WaitTimeDays": self.wait_time_days,
+                "GranteeId": "",
+                "Email": "",
+                "Name": "",
+                "Object": "emergencyAccessGranteeDetails",})
+        }
+    }
+}
+
+#[derive(Copy, Clone, PartialEq, Eq, num_derive::FromPrimitive)]
+pub enum EmergencyAccessType {
+    View = 0,
+    Takeover = 1,
+}
+
+impl EmergencyAccessType {
+    pub fn from_str(s: &str) -> Option<Self> {
+        match s {
+            "0" | "View" => Some(EmergencyAccessType::View),
+            "1" | "Takeover" => Some(EmergencyAccessType::Takeover),
+            _ => None,
+        }
+    }
+}
+
+impl PartialEq<i32> for EmergencyAccessType {
+    fn eq(&self, other: &i32) -> bool {
+        *other == *self as i32
+    }
+}
+
+impl PartialEq<EmergencyAccessType> for i32 {
+    fn eq(&self, other: &EmergencyAccessType) -> bool {
+        *self == *other as i32
+    }
+}
+
+pub enum EmergencyAccessStatus {
+    Invited = 0,
+    Accepted = 1,
+    Confirmed = 2,
+    RecoveryInitiated = 3,
+    RecoveryApproved = 4,
+}
+
+// region Database methods
+
+use crate::db::DbConn;
+
+use crate::api::EmptyResult;
+use crate::error::MapResult;
+
+impl EmergencyAccess {
+    pub fn save(&mut self, conn: &DbConn) -> EmptyResult {
+        User::update_uuid_revision(&self.grantor_uuid, conn);
+        self.updated_at = Utc::now().naive_utc();
+
+        db_run! { conn:
+            sqlite, mysql {
+                match diesel::replace_into(emergency_access::table)
+                    .values(EmergencyAccessDb::to_db(self))
+                    .execute(conn)
+                {
+                    Ok(_) => Ok(()),
+                    // Record already exists and causes a Foreign Key Violation because replace_into() wants to delete the record first.
+                    Err(diesel::result::Error::DatabaseError(diesel::result::DatabaseErrorKind::ForeignKeyViolation, _)) => {
+                        diesel::update(emergency_access::table)
+                            .filter(emergency_access::uuid.eq(&self.uuid))
+                            .set(EmergencyAccessDb::to_db(self))
+                            .execute(conn)
+                            .map_res("Error updating emergency access")
+                    }
+                    Err(e) => Err(e.into()),
+                }.map_res("Error saving emergency access")
+            }
+            postgresql {
+                let value = EmergencyAccessDb::to_db(self);
+                diesel::insert_into(emergency_access::table)
+                    .values(&value)
+                    .on_conflict(emergency_access::uuid)
+                    .do_update()
+                    .set(&value)
+                    .execute(conn)
+                    .map_res("Error saving emergency access")
+            }
+        }
+    }
+
+    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> EmptyResult {
+        for user_org in Self::find_all_by_grantor_uuid(user_uuid, conn) {
+            user_org.delete(conn)?;
+        }
+        for user_org in Self::find_all_by_grantee_uuid(user_uuid, conn) {
+            user_org.delete(conn)?;
+        }
+        Ok(())
+    }
+
+    pub fn delete(self, conn: &DbConn) -> EmptyResult {
+        User::update_uuid_revision(&self.grantor_uuid, conn);
+
+        db_run! { conn: {
+            diesel::delete(emergency_access::table.filter(emergency_access::uuid.eq(self.uuid)))
+                .execute(conn)
+                .map_res("Error removing user from organization")
+        }}
+    }
+
+    pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::uuid.eq(uuid))
+                .first::<EmergencyAccessDb>(conn)
+                .ok().from_db()
+        }}
+    }
+
+    pub fn find_by_grantor_uuid_and_grantee_uuid_or_email(
+        grantor_uuid: &str,
+        grantee_uuid: &str,
+        email: &str,
+        conn: &DbConn,
+    ) -> Option<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::grantor_uuid.eq(grantor_uuid))
+                .filter(emergency_access::grantee_uuid.eq(grantee_uuid).or(emergency_access::email.eq(email)))
+                .first::<EmergencyAccessDb>(conn)
+                .ok().from_db()
+        }}
+    }
+
+    pub fn find_all_recoveries(conn: &DbConn) -> Vec<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::status.eq(EmergencyAccessStatus::RecoveryInitiated as i32))
+                .load::<EmergencyAccessDb>(conn).expect("Error loading emergency_access").from_db()
+
+        }}
+    }
+
+    pub fn find_by_uuid_and_grantor_uuid(uuid: &str, grantor_uuid: &str, conn: &DbConn) -> Option<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::uuid.eq(uuid))
+                .filter(emergency_access::grantor_uuid.eq(grantor_uuid))
+                .first::<EmergencyAccessDb>(conn)
+                .ok().from_db()
+        }}
+    }
+
+    pub fn find_all_by_grantee_uuid(grantee_uuid: &str, conn: &DbConn) -> Vec<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::grantee_uuid.eq(grantee_uuid))
+                .load::<EmergencyAccessDb>(conn).expect("Error loading emergency_access").from_db()
+        }}
+    }
+
+    pub fn find_invited_by_grantee_email(grantee_email: &str, conn: &DbConn) -> Option<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::email.eq(grantee_email))
+                .filter(emergency_access::status.eq(EmergencyAccessStatus::Invited as i32))
+                .first::<EmergencyAccessDb>(conn)
+                .ok().from_db()
+        }}
+    }
+
+    pub fn find_all_by_grantor_uuid(grantor_uuid: &str, conn: &DbConn) -> Vec<Self> {
+        db_run! { conn: {
+            emergency_access::table
+                .filter(emergency_access::grantor_uuid.eq(grantor_uuid))
+                .load::<EmergencyAccessDb>(conn).expect("Error loading emergency_access").from_db()
+        }}
+    }
+}
+
+// endregion
--- a/src/db/models/mod.rs
+++ b/src/db/models/mod.rs
@@ -2,6 +2,7 @@ mod attachment;
 mod cipher;
 mod collection;
 mod device;
+mod emergency_access;
 mod favorite;
 mod folder;
 mod org_policy;
@@ -14,6 +15,7 @@ pub use self::attachment::Attachment;
 pub use self::cipher::Cipher;
 pub use self::collection::{Collection, CollectionCipher, CollectionUser};
 pub use self::device::Device;
+pub use self::emergency_access::{EmergencyAccess, EmergencyAccessStatus, EmergencyAccessType};
 pub use self::favorite::Favorite;
 pub use self::folder::{Folder, FolderCipher};
 pub use self::org_policy::{OrgPolicy, OrgPolicyType};
--- a/src/db/models/user.rs
+++ b/src/db/models/user.rs
@@ -176,7 +176,7 @@ impl User {
    }
 }

-use super::{Cipher, Device, Favorite, Folder, Send, TwoFactor, UserOrgType, UserOrganization};
+use super::{Cipher, Device, EmergencyAccess, Favorite, Folder, Send, TwoFactor, UserOrgType, UserOrganization};
 use crate::db::DbConn;

 use crate::api::EmptyResult;
@@ -266,6 +266,7 @@ impl User {
        }

        Send::delete_all_by_user(&self.uuid, conn)?;
+        EmergencyAccess::delete_all_by_user(&self.uuid, conn)?;
        UserOrganization::delete_all_by_user(&self.uuid, conn)?;
        Cipher::delete_all_by_user(&self.uuid, conn)?;
        Favorite::delete_all_by_user(&self.uuid, conn)?;
--- a/src/db/schemas/mysql/schema.rs
+++ b/src/db/schemas/mysql/schema.rs
@@ -192,6 +192,23 @@ table! {
    }
 }

+table! {
+    emergency_access (uuid) {
+        uuid -> Text,
+        grantor_uuid -> Text,
+        grantee_uuid -> Nullable<Text>,
+        email -> Nullable<Text>,
+        key_encrypted -> Nullable<Text>,
+        atype -> Integer,
+        status -> Integer,
+        wait_time_days -> Integer,
+        recovery_initiated_at -> Nullable<Timestamp>,
+        last_notification_at -> Nullable<Timestamp>,
+        updated_at -> Timestamp,
+        created_at -> Timestamp,
+    }
+}
+
 joinable!(attachments -> ciphers (cipher_uuid));
 joinable!(ciphers -> organizations (organization_uuid));
 joinable!(ciphers -> users (user_uuid));
@@ -210,6 +227,7 @@ joinable!(users_collections -> collections (collection_uuid));
 joinable!(users_collections -> users (user_uuid));
 joinable!(users_organizations -> organizations (org_uuid));
 joinable!(users_organizations -> users (user_uuid));
+joinable!(emergency_access -> users (grantor_uuid));

 allow_tables_to_appear_in_same_query!(
    attachments,
@@ -227,4 +245,5 @@ allow_tables_to_appear_in_same_query!(
    users,
    users_collections,
    users_organizations,
+    emergency_access,
 );
--- a/src/db/schemas/postgresql/schema.rs
+++ b/src/db/schemas/postgresql/schema.rs
@@ -192,6 +192,23 @@ table! {
    }
 }

+table! {
+    emergency_access (uuid) {
+        uuid -> Text,
+        grantor_uuid -> Text,
+        grantee_uuid -> Nullable<Text>,
+        email -> Nullable<Text>,
+        key_encrypted -> Nullable<Text>,
+        atype -> Integer,
+        status -> Integer,
+        wait_time_days -> Integer,
+        recovery_initiated_at -> Nullable<Timestamp>,
+        last_notification_at -> Nullable<Timestamp>,
+        updated_at -> Timestamp,
+        created_at -> Timestamp,
+    }
+}
+
 joinable!(attachments -> ciphers (cipher_uuid));
 joinable!(ciphers -> organizations (organization_uuid));
 joinable!(ciphers -> users (user_uuid));
@@ -210,6 +227,7 @@ joinable!(users_collections -> collections (collection_uuid));
 joinable!(users_collections -> users (user_uuid));
 joinable!(users_organizations -> organizations (org_uuid));
 joinable!(users_organizations -> users (user_uuid));
+joinable!(emergency_access -> users (grantor_uuid));

 allow_tables_to_appear_in_same_query!(
    attachments,
@@ -227,4 +245,5 @@ allow_tables_to_appear_in_same_query!(
    users,
    users_collections,
    users_organizations,
+    emergency_access,
 );
--- a/src/db/schemas/sqlite/schema.rs
+++ b/src/db/schemas/sqlite/schema.rs
@@ -192,6 +192,23 @@ table! {
    }
 }

+table! {
+    emergency_access (uuid) {
+        uuid -> Text,
+        grantor_uuid -> Text,
+        grantee_uuid -> Nullable<Text>,
+        email -> Nullable<Text>,
+        key_encrypted -> Nullable<Text>,
+        atype -> Integer,
+        status -> Integer,
+        wait_time_days -> Integer,
+        recovery_initiated_at -> Nullable<Timestamp>,
+        last_notification_at -> Nullable<Timestamp>,
+        updated_at -> Timestamp,
+        created_at -> Timestamp,
+    }
+}
+
 joinable!(attachments -> ciphers (cipher_uuid));
 joinable!(ciphers -> organizations (organization_uuid));
 joinable!(ciphers -> users (user_uuid));
@@ -210,6 +227,7 @@ joinable!(users_collections -> collections (collection_uuid));
 joinable!(users_collections -> users (user_uuid));
 joinable!(users_organizations -> organizations (org_uuid));
 joinable!(users_organizations -> users (user_uuid));
+joinable!(emergency_access -> users (grantor_uuid));

 allow_tables_to_appear_in_same_query!(
    attachments,
@@ -227,4 +245,5 @@ allow_tables_to_appear_in_same_query!(
    users,
    users_collections,
    users_organizations,
+    emergency_access,
 );