mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-27 00:10:02 +02:00 
			
		
		
		
	Finish invite functionality, and remove virtual organization
This commit is contained in:
		| @@ -40,11 +40,10 @@ fn invite_user(data: JsonUpcase<InviteData>, _token: AdminToken, conn: DbConn) - | ||||
|         err!("Invitations are not allowed") | ||||
|     } | ||||
|  | ||||
|     let mut invitation = Invitation::new(data.Email.clone()); | ||||
|     let mut user = User::new(data.Email); | ||||
|  | ||||
|     let mut invitation = Invitation::new(data.Email); | ||||
|     invitation.save(&conn)?; | ||||
|     user.save(&conn)?; | ||||
|  | ||||
|     // TODO: Might want to send an email? | ||||
|  | ||||
|     Ok(Json(json!({}))) | ||||
| } | ||||
|   | ||||
| @@ -426,45 +426,42 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade | ||||
|  | ||||
|         }; | ||||
|  | ||||
|         // Don't create UserOrganization in virtual organization | ||||
|         let mut org_user_id = None; | ||||
|         if org_id != Organization::VIRTUAL_ID { | ||||
|             let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone()); | ||||
|             let access_all = data.AccessAll.unwrap_or(false); | ||||
|             new_user.access_all = access_all; | ||||
|             new_user.type_ = new_type; | ||||
|             new_user.status = user_org_status; | ||||
|         let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone()); | ||||
|         let access_all = data.AccessAll.unwrap_or(false); | ||||
|         new_user.access_all = access_all; | ||||
|         new_user.type_ = new_type; | ||||
|         new_user.status = user_org_status; | ||||
|  | ||||
|             // If no accessAll, add the collections received | ||||
|             if !access_all { | ||||
|                 for col in &data.Collections { | ||||
|                     match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) { | ||||
|                         None => err!("Collection not found in Organization"), | ||||
|                         Some(collection) => { | ||||
|                             CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn)?; | ||||
|                         } | ||||
|         // If no accessAll, add the collections received | ||||
|         if !access_all { | ||||
|             for col in &data.Collections { | ||||
|                 match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) { | ||||
|                     None => err!("Collection not found in Organization"), | ||||
|                     Some(collection) => { | ||||
|                         CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn)?; | ||||
|                     } | ||||
|                 } | ||||
|             } | ||||
|  | ||||
|             new_user.save(&conn)?; | ||||
|             org_user_id = Some(new_user.uuid.clone()); | ||||
|         } | ||||
|  | ||||
|         new_user.save(&conn)?; | ||||
|  | ||||
|         if CONFIG.mail.is_some() { | ||||
|             let org_name = match Organization::find_by_uuid(&org_id, &conn) { | ||||
|                 Some(org) => org.name, | ||||
|                 None => err!("Error looking up organization") | ||||
|             }; | ||||
|             let claims = generate_invite_claims(user.uuid.to_string(), user.email.clone(), org_id.clone(), org_user_id.clone()); | ||||
|             let claims = generate_invite_claims(user.uuid.to_string(), user.email.clone(), org_id.clone(), Some(new_user.uuid.clone())); | ||||
|             let invite_token = encode_jwt(&claims); | ||||
|             if let Some(ref mail_config) = CONFIG.mail { | ||||
|                 if let Err(e) = mail::send_invite(&email, &org_id, &org_user_id.unwrap_or(Organization::VIRTUAL_ID.to_string()),  | ||||
|                 if let Err(e) = mail::send_invite(&email, &org_id, &new_user.uuid,  | ||||
|                                                   &invite_token, &org_name, mail_config) { | ||||
|                     err!(format!("There has been a problem sending the email: {}", e)) | ||||
|                 } | ||||
|             } | ||||
|         } | ||||
|  | ||||
|         new_user.save(&conn)?; | ||||
|     } | ||||
|  | ||||
|     Ok(()) | ||||
| @@ -480,10 +477,6 @@ fn reinvite_user(org_id: String, user_org: String, _headers: AdminHeaders, conn: | ||||
|         err!("SMTP is not configured.") | ||||
|     } | ||||
|  | ||||
|     if org_id == Organization::VIRTUAL_ID { | ||||
|         err!("This functionality is incompatible with the bitwarden_rs virtual organization. Please delete the user and send a new invitation.") | ||||
|     } | ||||
|  | ||||
|     let user_org = match UserOrganization::find_by_uuid(&user_org, &conn) { | ||||
|         Some(user_org) => user_org, | ||||
|         None => err!("UserOrg not found."), | ||||
| @@ -682,20 +675,6 @@ fn edit_user(org_id: String, org_user_id: String, data: JsonUpcase<EditUserData> | ||||
|  | ||||
| #[delete("/organizations/<org_id>/users/<org_user_id>")] | ||||
| fn delete_user(org_id: String, org_user_id: String, headers: AdminHeaders, conn: DbConn) -> EmptyResult { | ||||
|     // We're deleting user in virtual Organization. Delete User, not UserOrganization | ||||
|     if org_id == Organization::VIRTUAL_ID { | ||||
|         match User::find_by_uuid(&org_user_id, &conn) { | ||||
|             Some(user_to_delete) => { | ||||
|                 if user_to_delete.uuid == headers.user.uuid { | ||||
|                     err!("Delete your account in the account settings") | ||||
|                 } else { | ||||
|                     user_to_delete.delete(&conn)?; | ||||
|                 } | ||||
|             }, | ||||
|             None => err!("User not found") | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     let user_to_delete = match UserOrganization::find_by_uuid_and_org(&org_user_id, &org_id, &conn) { | ||||
|         Some(user) => user, | ||||
|         None => err!("User to delete isn't member of the organization") | ||||
|   | ||||
							
								
								
									
										10
									
								
								src/auth.rs
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								src/auth.rs
									
									
									
									
									
								
							| @@ -131,7 +131,7 @@ use rocket::Outcome; | ||||
| use rocket::request::{self, Request, FromRequest}; | ||||
|  | ||||
| use crate::db::DbConn; | ||||
| use crate::db::models::{User, Organization, UserOrganization, UserOrgType, UserOrgStatus, Device}; | ||||
| use crate::db::models::{User, UserOrganization, UserOrgType, UserOrgStatus, Device}; | ||||
|  | ||||
| pub struct Headers { | ||||
|     pub host: String, | ||||
| @@ -245,13 +245,7 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders { | ||||
|                                     err_handler!("The current user isn't confirmed member of the organization") | ||||
|                                 } | ||||
|                             } | ||||
|                             None => { | ||||
|                                 if headers.user.is_server_admin() && org_id == Organization::VIRTUAL_ID { | ||||
|                                     UserOrganization::new_virtual(headers.user.uuid.clone(), UserOrgType::Owner, UserOrgStatus::Confirmed) | ||||
|                                 } else { | ||||
|                                     err_handler!("The current user isn't member of the organization") | ||||
|                                 } | ||||
|                             } | ||||
|                             None => err_handler!("The current user isn't member of the organization") | ||||
|                         }; | ||||
|  | ||||
|                         Outcome::Success(Self{ | ||||
|   | ||||
| @@ -1,7 +1,7 @@ | ||||
| use std::cmp::Ordering; | ||||
| use serde_json::Value; | ||||
|  | ||||
| use super::{User, CollectionUser, Invitation}; | ||||
| use super::{User, CollectionUser}; | ||||
|  | ||||
| #[derive(Debug, Identifiable, Queryable, Insertable)] | ||||
| #[table_name = "organizations"] | ||||
| @@ -154,8 +154,6 @@ impl UserOrgType { | ||||
|  | ||||
| /// Local methods | ||||
| impl Organization { | ||||
|     pub const VIRTUAL_ID: &'static str = "00000000-0000-0000-0000-000000000000"; | ||||
|  | ||||
|     pub fn new(name: String, billing_email: String) -> Self { | ||||
|         Self { | ||||
|             uuid: crate::util::get_uuid(), | ||||
| @@ -165,14 +163,6 @@ impl Organization { | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn new_virtual() -> Self { | ||||
|         Self { | ||||
|             uuid: String::from(Organization::VIRTUAL_ID), | ||||
|             name: String::from("bitwarden_rs"), | ||||
|             billing_email: String::from("none@none.none") | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn to_json(&self) -> Value { | ||||
|         json!({ | ||||
|             "Id": self.uuid, | ||||
| @@ -216,20 +206,6 @@ impl UserOrganization { | ||||
|             type_: UserOrgType::User as i32, | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     pub fn new_virtual(user_uuid: String, type_: UserOrgType, status: UserOrgStatus) -> Self { | ||||
|         Self { | ||||
|             uuid: user_uuid.clone(), | ||||
|  | ||||
|             user_uuid, | ||||
|             org_uuid: String::from(Organization::VIRTUAL_ID), | ||||
|  | ||||
|             access_all: true, | ||||
|             key: String::new(), | ||||
|             status: status as i32, | ||||
|             type_: type_ as i32, | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
|  | ||||
| @@ -244,10 +220,6 @@ use crate::error::MapResult; | ||||
| /// Database methods | ||||
| impl Organization { | ||||
|     pub fn save(&mut self, conn: &DbConn) -> EmptyResult { | ||||
|         if self.uuid == Organization::VIRTUAL_ID { | ||||
|             err!("diesel::result::Error::NotFound") | ||||
|         } | ||||
|  | ||||
|         UserOrganization::find_by_org(&self.uuid, conn) | ||||
|         .iter() | ||||
|         .for_each(|user_org| { | ||||
| @@ -262,10 +234,6 @@ impl Organization { | ||||
|     pub fn delete(self, conn: &DbConn) -> EmptyResult { | ||||
|         use super::{Cipher, Collection}; | ||||
|  | ||||
|         if self.uuid == Organization::VIRTUAL_ID { | ||||
|             err!("diesel::result::Error::NotFound") | ||||
|         } | ||||
|  | ||||
|         Cipher::delete_all_by_organization(&self.uuid, &conn)?; | ||||
|         Collection::delete_all_by_organization(&self.uuid, &conn)?; | ||||
|         UserOrganization::delete_all_by_organization(&self.uuid, &conn)?; | ||||
| @@ -279,9 +247,6 @@ impl Organization { | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> { | ||||
|         if uuid == Organization::VIRTUAL_ID {  | ||||
|             return Some(Self::new_virtual())  | ||||
|         }; | ||||
|         organizations::table | ||||
|             .filter(organizations::uuid.eq(uuid)) | ||||
|             .first::<Self>(&**conn).ok() | ||||
| @@ -371,9 +336,6 @@ impl UserOrganization { | ||||
|     } | ||||
|  | ||||
|     pub fn save(&mut self, conn: &DbConn) -> EmptyResult { | ||||
|         if self.org_uuid == Organization::VIRTUAL_ID { | ||||
|             err!("diesel::result::Error::NotFound") | ||||
|         } | ||||
|         User::update_uuid_revision(&self.user_uuid, conn); | ||||
|  | ||||
|         diesel::replace_into(users_organizations::table) | ||||
| @@ -382,9 +344,6 @@ impl UserOrganization { | ||||
|     } | ||||
|  | ||||
|     pub fn delete(self, conn: &DbConn) -> EmptyResult { | ||||
|         if self.org_uuid == Organization::VIRTUAL_ID { | ||||
|             err!("diesel::result::Error::NotFound") | ||||
|         } | ||||
|         User::update_uuid_revision(&self.user_uuid, conn); | ||||
|  | ||||
|         CollectionUser::delete_all_by_user(&self.user_uuid, &conn)?; | ||||
| @@ -449,22 +408,9 @@ impl UserOrganization { | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> { | ||||
|         if org_uuid == Organization::VIRTUAL_ID { | ||||
|             User::get_all(&*conn).iter().map(|user| { | ||||
|                 Self::new_virtual( | ||||
|                     user.uuid.clone(), | ||||
|                     UserOrgType::User, | ||||
|                     if Invitation::find_by_mail(&user.email, &conn).is_some() { | ||||
|                         UserOrgStatus::Invited | ||||
|                     } else { | ||||
|                         UserOrgStatus::Confirmed | ||||
|                     }) | ||||
|             }).collect() | ||||
|         } else { | ||||
|             users_organizations::table | ||||
|                 .filter(users_organizations::org_uuid.eq(org_uuid)) | ||||
|                 .load::<Self>(&**conn).expect("Error loading user organizations") | ||||
|         } | ||||
|         users_organizations::table | ||||
|             .filter(users_organizations::org_uuid.eq(org_uuid)) | ||||
|             .load::<Self>(&**conn).expect("Error loading user organizations") | ||||
|     } | ||||
|  | ||||
|     pub fn find_by_org_and_type(org_uuid: &str, type_: i32, conn: &DbConn) -> Vec<Self> { | ||||
|   | ||||
| @@ -100,13 +100,6 @@ impl User { | ||||
|     pub fn reset_security_stamp(&mut self) { | ||||
|         self.security_stamp = crate::util::get_uuid(); | ||||
|     } | ||||
|  | ||||
|     pub fn is_server_admin(&self) -> bool { | ||||
|         match CONFIG.server_admin_email { | ||||
|             Some(ref server_admin_email) => &self.email == server_admin_email, | ||||
|             None => false | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
| use diesel; | ||||
| @@ -121,12 +114,9 @@ use crate::error::MapResult; | ||||
| /// Database methods | ||||
| impl User { | ||||
|     pub fn to_json(&self, conn: &DbConn) -> Value { | ||||
|         use super::{UserOrganization, UserOrgType, UserOrgStatus, TwoFactor}; | ||||
|         use super::{UserOrganization, TwoFactor}; | ||||
|  | ||||
|         let mut orgs = UserOrganization::find_by_user(&self.uuid, conn); | ||||
|         if self.is_server_admin() { | ||||
|             orgs.push(UserOrganization::new_virtual(self.uuid.clone(), UserOrgType::Owner, UserOrgStatus::Confirmed)); | ||||
|         } | ||||
|         let orgs = UserOrganization::find_by_user(&self.uuid, conn); | ||||
|         let orgs_json: Vec<Value> = orgs.iter().map(|c| c.to_json(&conn)).collect(); | ||||
|         let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty(); | ||||
|  | ||||
| @@ -172,7 +162,7 @@ impl User { | ||||
|         Cipher::delete_all_by_user(&self.uuid, &*conn)?; | ||||
|         Folder::delete_all_by_user(&self.uuid, &*conn)?; | ||||
|         Device::delete_all_by_user(&self.uuid, &*conn)?; | ||||
|         //TwoFactor::delete_all_by_user(&self.uuid, &*conn)?; | ||||
|         TwoFactor::delete_all_by_user(&self.uuid, &*conn)?; | ||||
|         Invitation::take(&self.email, &*conn); // Delete invitation if any | ||||
|  | ||||
|         diesel::delete(users::table.filter( | ||||
|   | ||||
| @@ -27,10 +27,8 @@ | ||||
|  | ||||
|         function identicon(email) { | ||||
|             const data = new Identicon(md5(email), { | ||||
|                 size: 48, | ||||
|                 format: 'svg' | ||||
|                 size: 48, format: 'svg' | ||||
|             }).toString(); | ||||
|  | ||||
|             return "data:image/svg+xml;base64," + data; | ||||
|         } | ||||
|  | ||||
| @@ -84,22 +82,19 @@ | ||||
|         function loadUsers() { | ||||
|             $("#users-list").empty(); | ||||
|             $.get({ url: "/admin/users", headers: _headers() }) | ||||
|                 .done(fillRow) | ||||
|                 .fail(resetKey); | ||||
|                 .done(fillRow).fail(resetKey); | ||||
|  | ||||
|             return false; | ||||
|         } | ||||
|  | ||||
|         function _post(url, successMsg, errMsg, resetOnErr, data) { | ||||
|             $.post({ url: url, headers: _headers(), data: data }) | ||||
|                 .done(() => { | ||||
|                 .done(function () { | ||||
|                     alert(successMsg); | ||||
|                     loadUsers(); | ||||
|                 }) | ||||
|                 .fail((e) => { | ||||
|                     const msg = e.responseJSON ? | ||||
|                         e.responseJSON.ErrorModel.Message | ||||
|                         : "Unknown error"; | ||||
|                 }).fail(function (e) { | ||||
|                     const r = e.responseJSON; | ||||
|                     const msg = r ? r.ErrorModel.Message : "Unknown error"; | ||||
|                     alert(errMsg + ": " + msg); | ||||
|                     if (resetOnErr) { resetKey(); } | ||||
|                 }); | ||||
| @@ -112,18 +107,19 @@ | ||||
|         } | ||||
|  | ||||
|         function inviteUser() { | ||||
|             data = JSON.stringify({ "Email": $("#email-invite").val() }); | ||||
|  | ||||
|             _post("/admin/invite/", | ||||
|                 "User invited correctly", | ||||
|             inv = $("#email-invite"); | ||||
|             data = JSON.stringify({ "Email": inv.val() }); | ||||
|             inv.val(""); | ||||
|             _post("/admin/invite/", "User invited correctly", | ||||
|                 "Error inviting user", false, data); | ||||
|             return false; | ||||
|         } | ||||
|  | ||||
|         $(window).on('load', function () { | ||||
|             setKey(); | ||||
|  | ||||
|             $("#key-form").submit(setKey); | ||||
|             $("#reload-btn").on("click", loadUsers); | ||||
|             $("#reload-btn").click(loadUsers); | ||||
|             $("#invite-form").submit(inviteUser); | ||||
|         }); | ||||
|     </script> | ||||
|   | ||||
		Reference in New Issue
	
	Block a user