diff --git a/src/api/admin.rs b/src/api/admin.rs
index ba7be5f961f47f8b30cbaa31e2077dc413027818..7a46bce5cdd80c604db094ca797141d15a3dbe6c 100644
--- a/src/api/admin.rs
+++ b/src/api/admin.rs
@@ -40,11 +40,10 @@ fn invite_user(data: JsonUpcase<InviteData>, _token: AdminToken, conn: DbConn) -
err!("Invitations are not allowed")
}
- let mut invitation = Invitation::new(data.Email.clone());
- let mut user = User::new(data.Email);
-
+ let mut invitation = Invitation::new(data.Email);
invitation.save(&conn)?;
- user.save(&conn)?;
+
+ // TODO: Might want to send an email?
Ok(Json(json!({})))
}
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
index 5d326dc062bfa273e50ddeda863cab2bf4c9e0ee..9dc30b70cae008bd64e719481b63bc475c6e0ed2 100644
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@@ -426,45 +426,42 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
};
- // Don't create UserOrganization in virtual organization
- let mut org_user_id = None;
- if org_id != Organization::VIRTUAL_ID {
- let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone());
- let access_all = data.AccessAll.unwrap_or(false);
- new_user.access_all = access_all;
- new_user.type_ = new_type;
- new_user.status = user_org_status;
-
- // If no accessAll, add the collections received
- if !access_all {
- for col in &data.Collections {
- match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) {
- None => err!("Collection not found in Organization"),
- Some(collection) => {
- CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn)?;
- }
+ let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone());
+ let access_all = data.AccessAll.unwrap_or(false);
+ new_user.access_all = access_all;
+ new_user.type_ = new_type;
+ new_user.status = user_org_status;
+
+ // If no accessAll, add the collections received
+ if !access_all {
+ for col in &data.Collections {
+ match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) {
+ None => err!("Collection not found in Organization"),
+ Some(collection) => {
+ CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn)?;
}
}
}
-
- new_user.save(&conn)?;
- org_user_id = Some(new_user.uuid.clone());
}
+ new_user.save(&conn)?;
+
if CONFIG.mail.is_some() {
let org_name = match Organization::find_by_uuid(&org_id, &conn) {
Some(org) => org.name,
None => err!("Error looking up organization")
};
- let claims = generate_invite_claims(user.uuid.to_string(), user.email.clone(), org_id.clone(), org_user_id.clone());
+ let claims = generate_invite_claims(user.uuid.to_string(), user.email.clone(), org_id.clone(), Some(new_user.uuid.clone()));
let invite_token = encode_jwt(&claims);
if let Some(ref mail_config) = CONFIG.mail {
- if let Err(e) = mail::send_invite(&email, &org_id, &org_user_id.unwrap_or(Organization::VIRTUAL_ID.to_string()),
+ if let Err(e) = mail::send_invite(&email, &org_id, &new_user.uuid,
&invite_token, &org_name, mail_config) {
err!(format!("There has been a problem sending the email: {}", e))
}
}
}
+
+ new_user.save(&conn)?;
}
Ok(())
@@ -480,10 +477,6 @@ fn reinvite_user(org_id: String, user_org: String, _headers: AdminHeaders, conn:
err!("SMTP is not configured.")
}
- if org_id == Organization::VIRTUAL_ID {
- err!("This functionality is incompatible with the bitwarden_rs virtual organization. Please delete the user and send a new invitation.")
- }
-
let user_org = match UserOrganization::find_by_uuid(&user_org, &conn) {
Some(user_org) => user_org,
None => err!("UserOrg not found."),
@@ -682,20 +675,6 @@ fn edit_user(org_id: String, org_user_id: String, data: JsonUpcase<EditUserData>
#[delete("/organizations/<org_id>/users/<org_user_id>")]
fn delete_user(org_id: String, org_user_id: String, headers: AdminHeaders, conn: DbConn) -> EmptyResult {
- // We're deleting user in virtual Organization. Delete User, not UserOrganization
- if org_id == Organization::VIRTUAL_ID {
- match User::find_by_uuid(&org_user_id, &conn) {
- Some(user_to_delete) => {
- if user_to_delete.uuid == headers.user.uuid {
- err!("Delete your account in the account settings")
- } else {
- user_to_delete.delete(&conn)?;
- }
- },
- None => err!("User not found")
- }
- }
-
let user_to_delete = match UserOrganization::find_by_uuid_and_org(&org_user_id, &org_id, &conn) {
Some(user) => user,
None => err!("User to delete isn't member of the organization")
diff --git a/src/auth.rs b/src/auth.rs
index bc67a23b08d467ccb4b27ae107424c4a2c8341b4..03490f9441d3a6f68c55a16ee8e8c2232b57651e 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -131,7 +131,7 @@ use rocket::Outcome;
use rocket::request::{self, Request, FromRequest};
use crate::db::DbConn;
-use crate::db::models::{User, Organization, UserOrganization, UserOrgType, UserOrgStatus, Device};
+use crate::db::models::{User, UserOrganization, UserOrgType, UserOrgStatus, Device};
pub struct Headers {
pub host: String,
@@ -245,13 +245,7 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
err_handler!("The current user isn't confirmed member of the organization")
}
}
- None => {
- if headers.user.is_server_admin() && org_id == Organization::VIRTUAL_ID {
- UserOrganization::new_virtual(headers.user.uuid.clone(), UserOrgType::Owner, UserOrgStatus::Confirmed)
- } else {
- err_handler!("The current user isn't member of the organization")
- }
- }
+ None => err_handler!("The current user isn't member of the organization")
};
Outcome::Success(Self{
diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs
index 808e16ecdab25a211de0b20b2e1a34d45b256d0d..de2196e4c76b6b75c031c52e471f233a0fe3c89b 100644
--- a/src/db/models/organization.rs
+++ b/src/db/models/organization.rs
@@ -1,7 +1,7 @@
use std::cmp::Ordering;
use serde_json::Value;
-use super::{User, CollectionUser, Invitation};
+use super::{User, CollectionUser};
#[derive(Debug, Identifiable, Queryable, Insertable)]
#[table_name = "organizations"]
@@ -154,8 +154,6 @@ impl UserOrgType {
/// Local methods
impl Organization {
- pub const VIRTUAL_ID: &'static str = "00000000-0000-0000-0000-000000000000";
-
pub fn new(name: String, billing_email: String) -> Self {
Self {
uuid: crate::util::get_uuid(),
@@ -165,14 +163,6 @@ impl Organization {
}
}
- pub fn new_virtual() -> Self {
- Self {
- uuid: String::from(Organization::VIRTUAL_ID),
- name: String::from("bitwarden_rs"),
- billing_email: String::from("none@none.none")
- }
- }
-
pub fn to_json(&self) -> Value {
json!({
"Id": self.uuid,
@@ -216,20 +206,6 @@ impl UserOrganization {
type_: UserOrgType::User as i32,
}
}
-
- pub fn new_virtual(user_uuid: String, type_: UserOrgType, status: UserOrgStatus) -> Self {
- Self {
- uuid: user_uuid.clone(),
-
- user_uuid,
- org_uuid: String::from(Organization::VIRTUAL_ID),
-
- access_all: true,
- key: String::new(),
- status: status as i32,
- type_: type_ as i32,
- }
- }
}
@@ -244,10 +220,6 @@ use crate::error::MapResult;
/// Database methods
impl Organization {
pub fn save(&mut self, conn: &DbConn) -> EmptyResult {
- if self.uuid == Organization::VIRTUAL_ID {
- err!("diesel::result::Error::NotFound")
- }
-
UserOrganization::find_by_org(&self.uuid, conn)
.iter()
.for_each(|user_org| {
@@ -262,10 +234,6 @@ impl Organization {
pub fn delete(self, conn: &DbConn) -> EmptyResult {
use super::{Cipher, Collection};
- if self.uuid == Organization::VIRTUAL_ID {
- err!("diesel::result::Error::NotFound")
- }
-
Cipher::delete_all_by_organization(&self.uuid, &conn)?;
Collection::delete_all_by_organization(&self.uuid, &conn)?;
UserOrganization::delete_all_by_organization(&self.uuid, &conn)?;
@@ -279,9 +247,6 @@ impl Organization {
}
pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {
- if uuid == Organization::VIRTUAL_ID {
- return Some(Self::new_virtual())
- };
organizations::table
.filter(organizations::uuid.eq(uuid))
.first::<Self>(&**conn).ok()
@@ -371,9 +336,6 @@ impl UserOrganization {
}
pub fn save(&mut self, conn: &DbConn) -> EmptyResult {
- if self.org_uuid == Organization::VIRTUAL_ID {
- err!("diesel::result::Error::NotFound")
- }
User::update_uuid_revision(&self.user_uuid, conn);
diesel::replace_into(users_organizations::table)
@@ -382,9 +344,6 @@ impl UserOrganization {
}
pub fn delete(self, conn: &DbConn) -> EmptyResult {
- if self.org_uuid == Organization::VIRTUAL_ID {
- err!("diesel::result::Error::NotFound")
- }
User::update_uuid_revision(&self.user_uuid, conn);
CollectionUser::delete_all_by_user(&self.user_uuid, &conn)?;
@@ -449,22 +408,9 @@ impl UserOrganization {
}
pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {
- if org_uuid == Organization::VIRTUAL_ID {
- User::get_all(&*conn).iter().map(|user| {
- Self::new_virtual(
- user.uuid.clone(),
- UserOrgType::User,
- if Invitation::find_by_mail(&user.email, &conn).is_some() {
- UserOrgStatus::Invited
- } else {
- UserOrgStatus::Confirmed
- })
- }).collect()
- } else {
- users_organizations::table
- .filter(users_organizations::org_uuid.eq(org_uuid))
- .load::<Self>(&**conn).expect("Error loading user organizations")
- }
+ users_organizations::table
+ .filter(users_organizations::org_uuid.eq(org_uuid))
+ .load::<Self>(&**conn).expect("Error loading user organizations")
}
pub fn find_by_org_and_type(org_uuid: &str, type_: i32, conn: &DbConn) -> Vec<Self> {
diff --git a/src/db/models/user.rs b/src/db/models/user.rs
index b1cd74fb42128908bd204a23431f5bea7d7cb8f6..b0e3d933ae58cca2f6b2d227dd7ce4d59eba101f 100644
--- a/src/db/models/user.rs
+++ b/src/db/models/user.rs
@@ -100,13 +100,6 @@ impl User {
pub fn reset_security_stamp(&mut self) {
self.security_stamp = crate::util::get_uuid();
}
-
- pub fn is_server_admin(&self) -> bool {
- match CONFIG.server_admin_email {
- Some(ref server_admin_email) => &self.email == server_admin_email,
- None => false
- }
- }
}
use diesel;
@@ -121,12 +114,9 @@ use crate::error::MapResult;
/// Database methods
impl User {
pub fn to_json(&self, conn: &DbConn) -> Value {
- use super::{UserOrganization, UserOrgType, UserOrgStatus, TwoFactor};
+ use super::{UserOrganization, TwoFactor};
- let mut orgs = UserOrganization::find_by_user(&self.uuid, conn);
- if self.is_server_admin() {
- orgs.push(UserOrganization::new_virtual(self.uuid.clone(), UserOrgType::Owner, UserOrgStatus::Confirmed));
- }
+ let orgs = UserOrganization::find_by_user(&self.uuid, conn);
let orgs_json: Vec<Value> = orgs.iter().map(|c| c.to_json(&conn)).collect();
let twofactor_enabled = !TwoFactor::find_by_user(&self.uuid, conn).is_empty();
@@ -172,7 +162,7 @@ impl User {
Cipher::delete_all_by_user(&self.uuid, &*conn)?;
Folder::delete_all_by_user(&self.uuid, &*conn)?;
Device::delete_all_by_user(&self.uuid, &*conn)?;
- //TwoFactor::delete_all_by_user(&self.uuid, &*conn)?;
+ TwoFactor::delete_all_by_user(&self.uuid, &*conn)?;
Invitation::take(&self.email, &*conn); // Delete invitation if any
diesel::delete(users::table.filter(
diff --git a/src/static/admin.html b/src/static/admin.html
index d76b14382b384c10bf93047abb2103f64f0b41f7..0753da9e45f18f3bb8c8c764cd06089da4e40f62 100644
--- a/src/static/admin.html
+++ b/src/static/admin.html
@@ -27,10 +27,8 @@
function identicon(email) {
const data = new Identicon(md5(email), {
- size: 48,
- format: 'svg'
+ size: 48, format: 'svg'
}).toString();
-
return "data:image/svg+xml;base64," + data;
}
@@ -84,22 +82,19 @@
function loadUsers() {
$("#users-list").empty();
$.get({ url: "/admin/users", headers: _headers() })
- .done(fillRow)
- .fail(resetKey);
+ .done(fillRow).fail(resetKey);
return false;
}
function _post(url, successMsg, errMsg, resetOnErr, data) {
$.post({ url: url, headers: _headers(), data: data })
- .done(() => {
+ .done(function () {
alert(successMsg);
loadUsers();
- })
- .fail((e) => {
- const msg = e.responseJSON ?
- e.responseJSON.ErrorModel.Message
- : "Unknown error";
+ }).fail(function (e) {
+ const r = e.responseJSON;
+ const msg = r ? r.ErrorModel.Message : "Unknown error";
alert(errMsg + ": " + msg);
if (resetOnErr) { resetKey(); }
});
@@ -112,18 +107,19 @@
}
function inviteUser() {
- data = JSON.stringify({ "Email": $("#email-invite").val() });
-
- _post("/admin/invite/",
- "User invited correctly",
+ inv = $("#email-invite");
+ data = JSON.stringify({ "Email": inv.val() });
+ inv.val("");
+ _post("/admin/invite/", "User invited correctly",
"Error inviting user", false, data);
+ return false;
}
$(window).on('load', function () {
setKey();
$("#key-form").submit(setKey);
- $("#reload-btn").on("click", loadUsers);
+ $("#reload-btn").click(loadUsers);
$("#invite-form").submit(inviteUser);
});
</script>