Refactor generate_invite_claims, make org_name and org_id optional

6 years ago · 0a74e79cea
4 changed files with 39 additions and 43 deletions
--- a/src/api/admin.rs
+++ b/src/api/admin.rs
@ -4,7 +4,6 @@ use serde_json::Value;
 use crate::api::{JsonResult, JsonUpcase};
 use crate::CONFIG;

-use crate::auth::{encode_jwt, generate_invite_claims};
 use crate::mail;
 use crate::db::models::*;
 use crate::db::DbConn;
@ -48,17 +47,8 @@ fn invite_user(data: JsonUpcase<InviteData>, _token: AdminToken, conn: DbConn) -
    if let Some(ref mail_config) = CONFIG.mail {
        let mut user = User::new(email);
        user.save(&conn)?;
-        let org_id = String::from("00000000-0000-0000-0000-000000000000");
-        let claims = generate_invite_claims(
-            user.uuid.to_string(),
-            user.email.clone(),
-            org_id.clone(),
-            None,
-            None,
-        );
        let org_name = "bitwarden_rs";
-        let invite_token = encode_jwt(&claims);
-        mail::send_invite(&user.email, &org_id, &user.uuid, &invite_token, &org_name, mail_config)?;
+        mail::send_invite(&user.email, &user.uuid, None, None, &org_name, None, mail_config)?;
    }

    Ok(Json(json!({})))
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@ -7,7 +7,7 @@ use crate::db::DbConn;
 use crate::CONFIG;

 use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType};
-use crate::auth::{decode_invite_jwt, generate_invite_claims, encode_jwt, AdminHeaders, Headers, InviteJWTClaims, OwnerHeaders};
+use crate::auth::{decode_invite_jwt, AdminHeaders, Headers, InviteJWTClaims, OwnerHeaders};

 use crate::mail;

@ -506,15 +506,16 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
                Some(org) => org.name,
                None => err!("Error looking up organization"),
            };
-            let claims = generate_invite_claims(
-                user.uuid.to_string(),
-                user.email.clone(),
-                org_id.clone(),
-                Some(new_user.uuid.clone()),
+            
+            mail::send_invite(
+                &email, 
+                &user.uuid, 
+                Some(org_id.clone()), 
+                Some(new_user.uuid), 
+                &org_name, 
                Some(headers.user.email.clone()), 
-            );
-            let invite_token = encode_jwt(&claims);
-            mail::send_invite(&email, &org_id, &new_user.uuid, &invite_token, &org_name, mail_config)?;
+                mail_config
+                )?;
        }
    }

@ -550,21 +551,14 @@ fn reinvite_user(org_id: String, user_org: String, headers: AdminHeaders, conn:
        None => err!("Error looking up organization."),
    };

-    let claims = generate_invite_claims(
-        user.uuid.to_string(),
-        user.email.clone(),
-        org_id.clone(),
-        Some(user_org.uuid.clone()),
-        Some(headers.user.email.clone()),
-    );
-    let invite_token = encode_jwt(&claims);
    if let Some(ref mail_config) = CONFIG.mail {
        mail::send_invite(
        &user.email,
-        &org_id,
-        &user_org.uuid,
-        &invite_token,
+        &user.uuid,
+        Some(org_id),
+        Some(user_org.uuid),
        &org_name,
+        Some(headers.user.email),
        mail_config,
        )?;
    }
@ -588,10 +582,10 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase<AcceptD
    match User::find_by_mail(&claims.email, &conn) {
        Some(_) => {
            Invitation::take(&claims.email, &conn);
-            if claims.user_org_id.is_some() {
+            if claims.user_org_id.is_some() && claims.org_id.is_some() {
                // If this isn't the virtual_org, mark userorg as accepted
                let mut user_org =
-                    match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id, &conn) {
+                    match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id.clone().unwrap(), &conn) {
                        Some(user_org) => user_org,
                        None => err!("Error accepting the invitation"),
                    };
@ -605,9 +599,12 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase<AcceptD
    }

    if let Some(ref mail_config) = CONFIG.mail {
-        let org_name = match Organization::find_by_uuid(&claims.org_id, &conn) {
+        let mut org_name = String::from("bitwarden_rs");
+        if let Some(org_id) = &claims.org_id {
+            org_name = match Organization::find_by_uuid(&org_id, &conn) {
                Some(org) => org.name,
-                None => String::from("bitwarden_rs"),
+                None => err!("Organization not found.")
+            };
        };
        if let Some(invited_by_email) = &claims.invited_by_email {
            // User was invited to an organization, so they must be confirmed manually after acceptance
--- a/src/auth.rs
+++ b/src/auth.rs
@ -116,14 +116,14 @@ pub struct InviteJWTClaims {
    pub sub: String,

    pub email: String,
-    pub org_id: String,
+    pub org_id: Option<String>,
    pub user_org_id: Option<String>,
    pub invited_by_email: Option<String>,
 }

 pub fn generate_invite_claims(uuid: String, 
                          email: String, 
-                          org_id: String, 
+                          org_id: Option<String>, 
                          org_user_id: Option<String>, 
                          invited_by_email: Option<String>,
 ) -> InviteJWTClaims {
--- a/src/mail.rs
+++ b/src/mail.rs
@ -6,7 +6,7 @@ use native_tls::{Protocol, TlsConnector};

 use crate::MailConfig;
 use crate::CONFIG;
-
+use crate::auth::{generate_invite_claims, encode_jwt};
 use crate::api::EmptyResult;
 use crate::error::Error;

@ -58,12 +58,21 @@ pub fn send_password_hint(address: &str, hint: Option<String>, config: &MailConf

 pub fn send_invite(
    address: &str,
-    org_id: &str,
-    org_user_id: &str,
-    token: &str,
+    uuid: &str,
+    org_id: Option<String>,
+    org_user_id: Option<String>,
    org_name: &str,
+    invited_by_email: Option<String>,
    config: &MailConfig,
 ) -> EmptyResult {
+    let claims = generate_invite_claims(
+                uuid.to_string(),
+                String::from(address),
+                org_id.clone(),
+                org_user_id.clone(),
+                invited_by_email.clone(),
+            );
+    let invite_token = encode_jwt(&claims);
    let (subject, body) = {
        (format!("Join {}", &org_name),
        format!(
@ -72,7 +81,7 @@ pub fn send_invite(
             <a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">Click here to join</a></p>
             <p>If you do not wish to join this organization, you can safely ignore this email.</p>
             </html>",
-            org_name, CONFIG.domain, org_id, org_user_id, address, org_name, token
+            org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token
        ))
    };