Implement poor man's admin panel

src/db/models/cipher.rs

@@ -182,6 +182,13 @@ impl Cipher {
         Ok(())
     }
 
+    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> QueryResult<()> {
+        for cipher in Self::find_owned_by_user(user_uuid, &conn) {
+            cipher.delete(&conn)?;
+        }
+        Ok(())
+    }
+
     pub fn move_to_folder(&self, folder_uuid: Option<String>, user_uuid: &str, conn: &DbConn) -> Result<(), &str> {
         match self.get_folder_uuid(&user_uuid, &conn)  {
             None => {

src/db/models/device.rs

@@ -123,13 +123,17 @@ impl Device {
         }
     }
 
-    pub fn delete(self, conn: &DbConn) -> bool {
-        match diesel::delete(devices::table.filter(
-            devices::uuid.eq(self.uuid)))
-            .execute(&**conn) {
-            Ok(1) => true, // One row deleted
-            _ => false,
+    pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
+        diesel::delete(devices::table.filter(
+            devices::uuid.eq(self.uuid)
+        )).execute(&**conn).and(Ok(()))
+    }
+
+    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> QueryResult<()> {
+        for device in Self::find_by_user(user_uuid, &conn) {
+            device.delete(&conn)?;
         }
+        Ok(())
     }
 
     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {

src/db/models/folder.rs

@@ -93,6 +93,13 @@ impl Folder {
         ).execute(&**conn).and(Ok(()))
     }
 
+    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> QueryResult<()> {
+        for folder in Self::find_by_user(user_uuid, &conn) {
+            folder.delete(&conn)?;
+        }
+        Ok(())
+    }
+
     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {
         folders::table
             .filter(folders::uuid.eq(uuid))

src/db/models/organization.rs

@@ -1,7 +1,7 @@
 use serde_json::Value as JsonValue;
 
 use uuid::Uuid;
-use super::{User, CollectionUser};
+use super::{User, CollectionUser, Invitation};
 
 #[derive(Debug, Identifiable, Queryable, Insertable)]
 #[table_name = "organizations"]
@@ -51,6 +51,8 @@ impl UserOrgType {
 
 /// Local methods
 impl Organization {
+    pub const VIRTUAL_ID: &'static str = "00000000-0000-0000-0000-000000000000";
+
     pub fn new(name: String, billing_email: String) -> Self {
         Self {
             uuid: Uuid::new_v4().to_string(),
@@ -60,6 +62,14 @@ impl Organization {
         }
     }
 
+    pub fn new_virtual() -> Self {
+        Self {
+            uuid: String::from(Organization::VIRTUAL_ID),
+            name: String::from("bitwarden_rs"),
+            billing_email: String::from("none@none.none")
+        }
+    }
+
     pub fn to_json(&self) -> JsonValue {
         json!({
             "Id": self.uuid,
@@ -103,6 +113,20 @@ impl UserOrganization {
             type_: UserOrgType::User as i32,
         }
     }
+
+    pub fn new_virtual(user_uuid: String, type_: UserOrgType, status: UserOrgStatus) -> Self {
+        Self {
+            uuid: user_uuid.clone(),
+
+            user_uuid,
+            org_uuid: String::from(Organization::VIRTUAL_ID),
+
+            access_all: true,
+            key: String::new(),
+            status: status as i32,
+            type_: type_ as i32,
+        }
+    }
 }
 
 
@@ -114,6 +138,10 @@ use db::schema::{organizations, users_organizations, users_collections, ciphers_
 /// Database methods
 impl Organization {
     pub fn save(&mut self, conn: &DbConn) -> bool {
+        if self.uuid == Organization::VIRTUAL_ID {
+            return false
+        }
+
         UserOrganization::find_by_org(&self.uuid, conn)
         .iter()
         .for_each(|user_org| {
@@ -131,6 +159,10 @@ impl Organization {
     pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
         use super::{Cipher, Collection};
 
+        if self.uuid == Organization::VIRTUAL_ID {
+            return Err(diesel::result::Error::NotFound)
+        }
+
         Cipher::delete_all_by_organization(&self.uuid, &conn)?;
         Collection::delete_all_by_organization(&self.uuid, &conn)?;
         UserOrganization::delete_all_by_organization(&self.uuid, &conn)?;
@@ -143,6 +175,9 @@ impl Organization {
     }
 
     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {
+        if uuid == Organization::VIRTUAL_ID { 
+            return Some(Self::new_virtual()) 
+        };
         organizations::table
             .filter(organizations::uuid.eq(uuid))
             .first::<Self>(&**conn).ok()
@@ -232,6 +267,9 @@ impl UserOrganization {
     }
 
     pub fn save(&mut self, conn: &DbConn) -> bool {
+        if self.org_uuid == Organization::VIRTUAL_ID {
+            return false
+        }
         User::update_uuid_revision(&self.user_uuid, conn);
 
         match diesel::replace_into(users_organizations::table)
@@ -243,6 +281,9 @@ impl UserOrganization {
     }
 
     pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
+        if self.org_uuid == Organization::VIRTUAL_ID {
+            return Err(diesel::result::Error::NotFound)
+        }
         User::update_uuid_revision(&self.user_uuid, conn);
 
         CollectionUser::delete_all_by_user(&self.user_uuid, &conn)?;
@@ -261,6 +302,13 @@ impl UserOrganization {
         Ok(())
     }
 
+    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> QueryResult<()> {
+        for user_org in Self::find_any_state_by_user(&user_uuid, &conn) {
+            user_org.delete(&conn)?;
+        }
+        Ok(())
+    }
+
     pub fn has_full_access(self) -> bool {
         self.access_all || self.type_ < UserOrgType::User as i32
     }
@@ -292,10 +340,29 @@ impl UserOrganization {
             .load::<Self>(&**conn).unwrap_or_default()
     }
 
-    pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {
+    pub fn find_any_state_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> {
         users_organizations::table
-            .filter(users_organizations::org_uuid.eq(org_uuid))
-            .load::<Self>(&**conn).expect("Error loading user organizations")
+            .filter(users_organizations::user_uuid.eq(user_uuid))
+            .load::<Self>(&**conn).unwrap_or_default()
+    }
+
+    pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {
+        if org_uuid == Organization::VIRTUAL_ID {
+            User::get_all(&*conn).iter().map(|user| {
+                Self::new_virtual(
+                    user.uuid.clone(),
+                    UserOrgType::User,
+                    if Invitation::find_by_mail(&user.email, &conn).is_some() {
+                        UserOrgStatus::Invited
+                    } else {
+                        UserOrgStatus::Confirmed
+                    })
+            }).collect()
+        } else {
+            users_organizations::table
+                .filter(users_organizations::org_uuid.eq(org_uuid))
+                .load::<Self>(&**conn).expect("Error loading user organizations")
+        }
     }
 
     pub fn find_by_org_and_type(org_uuid: &str, type_: i32, conn: &DbConn) -> Vec<Self> {

src/db/models/user.rs

@@ -103,22 +103,31 @@ impl User {
     pub fn reset_security_stamp(&mut self) {
         self.security_stamp = Uuid::new_v4().to_string();
     }
+
+    pub fn is_server_admin(&self) -> bool {
+        match CONFIG.server_admin_email {
+            Some(ref server_admin_email) => &self.email == server_admin_email,
+            None => false
+        }
+    }
 }
 
 use diesel;
 use diesel::prelude::*;
 use db::DbConn;
 use db::schema::{users, invitations};
+use super::{Cipher, Folder, Device, UserOrganization, UserOrgType};
 
 /// Database methods
 impl User {
     pub fn to_json(&self, conn: &DbConn) -> JsonValue {
-        use super::UserOrganization;
-        use super::TwoFactor;
+        use super::{UserOrganization, UserOrgType, UserOrgStatus, TwoFactor};
 
-        let orgs = UserOrganization::find_by_user(&self.uuid, conn);
+        let mut orgs = UserOrganization::find_by_user(&self.uuid, conn);
+        if self.is_server_admin() {
+            orgs.push(UserOrganization::new_virtual(self.uuid.clone(), UserOrgType::Owner, UserOrgStatus::Confirmed));
+        }
         let orgs_json: Vec<JsonValue> = orgs.iter().map(|c| c.to_json(&conn)).collect();
-
         let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty();
 
         json!({
@@ -150,13 +159,27 @@ impl User {
         }
     }
 
-    pub fn delete(self, conn: &DbConn) -> bool {
-        match diesel::delete(users::table.filter(
-            users::uuid.eq(self.uuid)))
-            .execute(&**conn) {
-            Ok(1) => true, // One row deleted
-            _ => false,
+    pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
+        for user_org in UserOrganization::find_by_user(&self.uuid, &*conn) {
+            if user_org.type_ == UserOrgType::Owner as i32 {
+                if UserOrganization::find_by_org_and_type(
+                    &user_org.org_uuid, 
+                    UserOrgType::Owner as i32, &conn
+                ).len() <= 1 {
+                    return Err(diesel::result::Error::NotFound);
+                }
+            }
         }
+
+        UserOrganization::delete_all_by_user(&self.uuid, &*conn)?;
+        Cipher::delete_all_by_user(&self.uuid, &*conn)?;
+        Folder::delete_all_by_user(&self.uuid, &*conn)?;
+        Device::delete_all_by_user(&self.uuid, &*conn)?;
+        Invitation::take(&self.email, &*conn); // Delete invitation if any
+
+        diesel::delete(users::table.filter(
+        users::uuid.eq(self.uuid)))
+        .execute(&**conn).and(Ok(()))
     }
 
     pub fn update_uuid_revision(uuid: &str, conn: &DbConn) {
@@ -190,6 +213,11 @@ impl User {
             .filter(users::uuid.eq(uuid))
             .first::<Self>(&**conn).ok()
     }
+
+    pub fn get_all(conn: &DbConn) -> Vec<Self> {
+        users::table
+        .load::<Self>(&**conn).expect("Error loading users")
+    }
 }
 
 #[derive(Debug, Identifiable, Queryable, Insertable)]