Merge pull request #173 from mprasil/poormans_invites

Implement poor man's invitation via Organization invitation
2025-06-12 13:17:43 +02:00 · 2018-09-11 16:48:56 +02:00
parent b63693aefb c1cd4d9a6b
commit 1b20a25514
10 changed files with 154 additions and 38 deletions
--- a/src/api/core/accounts.rs
+++ b/src/api/core/accounts.rs
@ -32,15 +32,34 @@ struct KeysData {
 fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
    let data: RegisterData = data.into_inner().data;

-    if !CONFIG.signups_allowed {
-        err!("Signups not allowed")
-    }

-    if User::find_by_mail(&data.Email, &conn).is_some() {
-        err!("Email already exists")
-    }
+    let mut user = match User::find_by_mail(&data.Email, &conn) {
+        Some(mut user) => {
+            if Invitation::take(&data.Email, &conn) {
+                for mut user_org in UserOrganization::find_invited_by_user(&user.uuid, &conn).iter_mut() {
+                    user_org.status = UserOrgStatus::Accepted as i32;
+                    user_org.save(&conn);
+                };
+                user
+            } else {
+                if CONFIG.signups_allowed {
+                    err!("Account with this email already exists")
+                } else {
+                    err!("Registration not allowed")
+                }
+            }
+        },
+        None => {
+            if CONFIG.signups_allowed || Invitation::take(&data.Email, &conn) {
+                User::new(data.Email)
+            } else {
+                err!("Registration not allowed")
+            }
+        }
+    };

-    let mut user = User::new(data.Email, data.Key, data.MasterPasswordHash);
+    user.set_password(&data.MasterPasswordHash);
+    user.key = data.Key;

    // Add extra fields if present
    if let Some(name) = data.Name {
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@ -1,7 +1,7 @@
 #![allow(unused_imports)]

 use rocket_contrib::{Json, Value};
-
+use CONFIG;
 use db::DbConn;
 use db::models::*;

@ -373,36 +373,56 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
        err!("Only Owners can invite Admins or Owners")
    }

-    for user_opt in data.Emails.iter().map(|email| User::find_by_mail(email, &conn)) {
-        match user_opt {
-            None => err!("User email does not exist"),
-            Some(user) => {
-                if UserOrganization::find_by_user_and_org(&user.uuid, &org_id, &conn).is_some() {
-                    err!("User already in organization")
+    for email in data.Emails.iter() {
+        let mut user_org_status = UserOrgStatus::Accepted as i32;
+        let user = match User::find_by_mail(&email, &conn) {
+            None => if CONFIG.invitations_allowed { // Invite user if that's enabled
+                let mut invitation = Invitation::new(email.clone());
+                match invitation.save(&conn) {
+                    Ok(()) => {
+                        let mut user = User::new(email.clone());
+                        if user.save(&conn) {
+                            user_org_status = UserOrgStatus::Invited as i32;
+                            user
+                        } else {
+                            err!("Failed to create placeholder for invited user")
+                        }
+                    }
+                    Err(_) => err!(format!("Failed to invite: {}", email))
                }
+                
+            } else {
+                err!(format!("User email does not exist: {}", email))
+            },
+            Some(user) => if UserOrganization::find_by_user_and_org(&user.uuid, &org_id, &conn).is_some() {
+                err!(format!("User already in organization: {}", email))
+            } else {
+                user
+            }

-                let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone());
-                let access_all = data.AccessAll.unwrap_or(false);
-                new_user.access_all = access_all;
-                new_user.type_ = new_type;
+        };

-                // If no accessAll, add the collections received
-                if !access_all {
-                    for col in &data.Collections {
-                        match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) {
-                            None => err!("Collection not found in Organization"),
-                            Some(collection) => {
-                                if CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn).is_err() {
-                                    err!("Failed saving collection access for user")
-                                }
-                            }
+        let mut new_user = UserOrganization::new(user.uuid.clone(), org_id.clone());
+        let access_all = data.AccessAll.unwrap_or(false);
+        new_user.access_all = access_all;
+        new_user.type_ = new_type;
+        new_user.status = user_org_status;
+
+        // If no accessAll, add the collections received
+        if !access_all {
+            for col in &data.Collections {
+                match Collection::find_by_uuid_and_org(&col.Id, &org_id, &conn) {
+                    None => err!("Collection not found in Organization"),
+                    Some(collection) => {
+                        if CollectionUser::save(&user.uuid, &collection.uuid, col.ReadOnly, &conn).is_err() {
+                            err!("Failed saving collection access for user")
                        }
                    }
                }
-
-                new_user.save(&conn);
            }
        }
+
+        new_user.save(&conn);
    }

    Ok(())