From 0a74e79ceaf809a8481afb9d97dbba0aef807745 Mon Sep 17 00:00:00 2001 From: Nick Fox Date: Sat, 5 Jan 2019 23:03:49 -0500 Subject: [PATCH] Refactor generate_invite_claims, make org_name and org_id optional --- src/api/admin.rs | 12 +-------- src/api/core/organizations.rs | 47 ++++++++++++++++------------------- src/auth.rs | 4 +-- src/mail.rs | 19 ++++++++++---- 4 files changed, 39 insertions(+), 43 deletions(-) diff --git a/src/api/admin.rs b/src/api/admin.rs index 72c9d584..b5e3ef8d 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -4,7 +4,6 @@ use serde_json::Value; use crate::api::{JsonResult, JsonUpcase}; use crate::CONFIG; -use crate::auth::{encode_jwt, generate_invite_claims}; use crate::mail; use crate::db::models::*; use crate::db::DbConn; @@ -48,17 +47,8 @@ fn invite_user(data: JsonUpcase, _token: AdminToken, conn: DbConn) - if let Some(ref mail_config) = CONFIG.mail { let mut user = User::new(email); user.save(&conn)?; - let org_id = String::from("00000000-0000-0000-0000-000000000000"); - let claims = generate_invite_claims( - user.uuid.to_string(), - user.email.clone(), - org_id.clone(), - None, - None, - ); let org_name = "bitwarden_rs"; - let invite_token = encode_jwt(&claims); - mail::send_invite(&user.email, &org_id, &user.uuid, &invite_token, &org_name, mail_config)?; + mail::send_invite(&user.email, &user.uuid, None, None, &org_name, None, mail_config)?; } Ok(Json(json!({}))) diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index d0a5f00b..cf39229a 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -7,7 +7,7 @@ use crate::db::DbConn; use crate::CONFIG; use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType}; -use crate::auth::{decode_invite_jwt, generate_invite_claims, encode_jwt, AdminHeaders, Headers, InviteJWTClaims, OwnerHeaders}; +use crate::auth::{decode_invite_jwt, AdminHeaders, Headers, InviteJWTClaims, OwnerHeaders}; use crate::mail; @@ -506,15 +506,16 @@ fn send_invite(org_id: String, data: JsonUpcase, headers: AdminHeade Some(org) => org.name, None => err!("Error looking up organization"), }; - let claims = generate_invite_claims( - user.uuid.to_string(), - user.email.clone(), - org_id.clone(), - Some(new_user.uuid.clone()), - Some(headers.user.email.clone()), - ); - let invite_token = encode_jwt(&claims); - mail::send_invite(&email, &org_id, &new_user.uuid, &invite_token, &org_name, mail_config)?; + + mail::send_invite( + &email, + &user.uuid, + Some(org_id.clone()), + Some(new_user.uuid), + &org_name, + Some(headers.user.email.clone()), + mail_config + )?; } } @@ -550,21 +551,14 @@ fn reinvite_user(org_id: String, user_org: String, headers: AdminHeaders, conn: None => err!("Error looking up organization."), }; - let claims = generate_invite_claims( - user.uuid.to_string(), - user.email.clone(), - org_id.clone(), - Some(user_org.uuid.clone()), - Some(headers.user.email.clone()), - ); - let invite_token = encode_jwt(&claims); if let Some(ref mail_config) = CONFIG.mail { mail::send_invite( &user.email, - &org_id, - &user_org.uuid, - &invite_token, + &user.uuid, + Some(org_id), + Some(user_org.uuid), &org_name, + Some(headers.user.email), mail_config, )?; } @@ -588,10 +582,10 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase { Invitation::take(&claims.email, &conn); - if claims.user_org_id.is_some() { + if claims.user_org_id.is_some() && claims.org_id.is_some() { // If this isn't the virtual_org, mark userorg as accepted let mut user_org = - match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id, &conn) { + match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id.clone().unwrap(), &conn) { Some(user_org) => user_org, None => err!("Error accepting the invitation"), }; @@ -605,9 +599,12 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase org.name, - None => String::from("bitwarden_rs"), + None => err!("Organization not found.") + }; }; if let Some(invited_by_email) = &claims.invited_by_email { // User was invited to an organization, so they must be confirmed manually after acceptance diff --git a/src/auth.rs b/src/auth.rs index 4c4253bd..8413fe47 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -116,14 +116,14 @@ pub struct InviteJWTClaims { pub sub: String, pub email: String, - pub org_id: String, + pub org_id: Option, pub user_org_id: Option, pub invited_by_email: Option, } pub fn generate_invite_claims(uuid: String, email: String, - org_id: String, + org_id: Option, org_user_id: Option, invited_by_email: Option, ) -> InviteJWTClaims { diff --git a/src/mail.rs b/src/mail.rs index 93de0320..5eeeec03 100644 --- a/src/mail.rs +++ b/src/mail.rs @@ -6,7 +6,7 @@ use native_tls::{Protocol, TlsConnector}; use crate::MailConfig; use crate::CONFIG; - +use crate::auth::{generate_invite_claims, encode_jwt}; use crate::api::EmptyResult; use crate::error::Error; @@ -58,12 +58,21 @@ pub fn send_password_hint(address: &str, hint: Option, config: &MailConf pub fn send_invite( address: &str, - org_id: &str, - org_user_id: &str, - token: &str, + uuid: &str, + org_id: Option, + org_user_id: Option, org_name: &str, + invited_by_email: Option, config: &MailConfig, ) -> EmptyResult { + let claims = generate_invite_claims( + uuid.to_string(), + String::from(address), + org_id.clone(), + org_user_id.clone(), + invited_by_email.clone(), + ); + let invite_token = encode_jwt(&claims); let (subject, body) = { (format!("Join {}", &org_name), format!( @@ -72,7 +81,7 @@ pub fn send_invite( Click here to join

If you do not wish to join this organization, you can safely ignore this email.

", - org_name, CONFIG.domain, org_id, org_user_id, address, org_name, token + org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token )) };