2021-03-14 23:35:55 +01:00
|
|
|
use chrono::{NaiveDateTime, Utc};
|
|
|
|
|
use serde_json::Value;
|
|
|
|
|
|
2022-05-04 21:13:05 +02:00
|
|
|
use super::User;
|
2021-03-14 23:35:55 +01:00
|
|
|
|
|
|
|
|
db_object! {
|
2022-05-04 21:13:05 +02:00
|
|
|
#[derive(Identifiable, Queryable, Insertable, AsChangeset)]
|
2022-05-20 23:39:47 +02:00
|
|
|
#[diesel(table_name = sends)]
|
|
|
|
|
#[diesel(treat_none_as_null = true)]
|
|
|
|
|
#[diesel(primary_key(uuid))]
|
2021-03-14 23:35:55 +01:00
|
|
|
pub struct Send {
|
|
|
|
|
pub uuid: String,
|
|
|
|
|
|
|
|
|
|
pub user_uuid: Option<String>,
|
|
|
|
|
pub organization_uuid: Option<String>,
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pub name: String,
|
|
|
|
|
pub notes: Option<String>,
|
|
|
|
|
|
|
|
|
|
pub atype: i32,
|
|
|
|
|
pub data: String,
|
2021-03-15 16:42:20 +01:00
|
|
|
pub akey: String,
|
2021-03-14 23:35:55 +01:00
|
|
|
pub password_hash: Option<Vec<u8>>,
|
|
|
|
|
password_salt: Option<Vec<u8>>,
|
|
|
|
|
password_iter: Option<i32>,
|
|
|
|
|
|
|
|
|
|
pub max_access_count: Option<i32>,
|
|
|
|
|
pub access_count: i32,
|
|
|
|
|
|
|
|
|
|
pub creation_date: NaiveDateTime,
|
|
|
|
|
pub revision_date: NaiveDateTime,
|
|
|
|
|
pub expiration_date: Option<NaiveDateTime>,
|
|
|
|
|
pub deletion_date: NaiveDateTime,
|
|
|
|
|
|
|
|
|
|
pub disabled: bool,
|
2021-05-12 07:51:12 +02:00
|
|
|
pub hide_email: Option<bool>,
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[derive(Copy, Clone, PartialEq, Eq, num_derive::FromPrimitive)]
|
|
|
|
|
pub enum SendType {
|
|
|
|
|
Text = 0,
|
|
|
|
|
File = 1,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl Send {
|
2022-07-10 16:39:38 +02:00
|
|
|
pub fn new(atype: i32, name: String, data: String, akey: String, deletion_date: NaiveDateTime) -> Self {
|
2021-03-14 23:35:55 +01:00
|
|
|
let now = Utc::now().naive_utc();
|
|
|
|
|
|
|
|
|
|
Self {
|
|
|
|
|
uuid: crate::util::get_uuid(),
|
|
|
|
|
user_uuid: None,
|
|
|
|
|
organization_uuid: None,
|
|
|
|
|
|
|
|
|
|
name,
|
|
|
|
|
notes: None,
|
|
|
|
|
|
|
|
|
|
atype,
|
|
|
|
|
data,
|
2021-03-15 16:42:20 +01:00
|
|
|
akey,
|
2021-03-14 23:35:55 +01:00
|
|
|
password_hash: None,
|
|
|
|
|
password_salt: None,
|
|
|
|
|
password_iter: None,
|
|
|
|
|
|
|
|
|
|
max_access_count: None,
|
|
|
|
|
access_count: 0,
|
|
|
|
|
|
|
|
|
|
creation_date: now,
|
|
|
|
|
revision_date: now,
|
|
|
|
|
expiration_date: None,
|
|
|
|
|
deletion_date,
|
|
|
|
|
|
|
|
|
|
disabled: false,
|
2021-05-12 07:51:12 +02:00
|
|
|
hide_email: None,
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
|
|
|
|
}
|
2021-03-22 19:05:15 +01:00
|
|
|
|
2021-03-14 23:35:55 +01:00
|
|
|
pub fn set_password(&mut self, password: Option<&str>) {
|
|
|
|
|
const PASSWORD_ITER: i32 = 100_000;
|
|
|
|
|
|
|
|
|
|
if let Some(password) = password {
|
|
|
|
|
self.password_iter = Some(PASSWORD_ITER);
|
2022-11-13 10:03:04 +01:00
|
|
|
let salt = crate::crypto::get_random_bytes::<64>().to_vec();
|
2021-03-14 23:35:55 +01:00
|
|
|
let hash = crate::crypto::hash_password(password.as_bytes(), &salt, PASSWORD_ITER as u32);
|
|
|
|
|
self.password_salt = Some(salt);
|
|
|
|
|
self.password_hash = Some(hash);
|
|
|
|
|
} else {
|
|
|
|
|
self.password_iter = None;
|
|
|
|
|
self.password_salt = None;
|
|
|
|
|
self.password_hash = None;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub fn check_password(&self, password: &str) -> bool {
|
|
|
|
|
match (&self.password_hash, &self.password_salt, self.password_iter) {
|
|
|
|
|
(Some(hash), Some(salt), Some(iter)) => {
|
|
|
|
|
crate::crypto::verify_password_hash(password.as_bytes(), salt, hash, iter as u32)
|
|
|
|
|
}
|
|
|
|
|
_ => false,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn creator_identifier(&self, conn: &mut DbConn) -> Option<String> {
|
2021-05-12 07:51:12 +02:00
|
|
|
if let Some(hide_email) = self.hide_email {
|
|
|
|
|
if hide_email {
|
|
|
|
|
return None;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if let Some(user_uuid) = &self.user_uuid {
|
2021-11-16 17:07:55 +01:00
|
|
|
if let Some(user) = User::find_by_uuid(user_uuid, conn).await {
|
2021-05-12 07:51:12 +02:00
|
|
|
return Some(user.email);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-14 23:35:55 +01:00
|
|
|
pub fn to_json(&self) -> Value {
|
|
|
|
|
use crate::util::format_date;
|
|
|
|
|
use data_encoding::BASE64URL_NOPAD;
|
|
|
|
|
use uuid::Uuid;
|
|
|
|
|
|
|
|
|
|
let data: Value = serde_json::from_str(&self.data).unwrap_or_default();
|
|
|
|
|
|
|
|
|
|
json!({
|
|
|
|
|
"Id": self.uuid,
|
|
|
|
|
"AccessId": BASE64URL_NOPAD.encode(Uuid::parse_str(&self.uuid).unwrap_or_default().as_bytes()),
|
|
|
|
|
"Type": self.atype,
|
|
|
|
|
|
|
|
|
|
"Name": self.name,
|
|
|
|
|
"Notes": self.notes,
|
|
|
|
|
"Text": if self.atype == SendType::Text as i32 { Some(&data) } else { None },
|
|
|
|
|
"File": if self.atype == SendType::File as i32 { Some(&data) } else { None },
|
|
|
|
|
|
2021-03-15 16:42:20 +01:00
|
|
|
"Key": self.akey,
|
2021-03-14 23:35:55 +01:00
|
|
|
"MaxAccessCount": self.max_access_count,
|
|
|
|
|
"AccessCount": self.access_count,
|
|
|
|
|
"Password": self.password_hash.as_deref().map(|h| BASE64URL_NOPAD.encode(h)),
|
|
|
|
|
"Disabled": self.disabled,
|
2021-05-12 07:51:12 +02:00
|
|
|
"HideEmail": self.hide_email,
|
2021-03-14 23:35:55 +01:00
|
|
|
|
|
|
|
|
"RevisionDate": format_date(&self.revision_date),
|
|
|
|
|
"ExpirationDate": self.expiration_date.as_ref().map(format_date),
|
|
|
|
|
"DeletionDate": format_date(&self.deletion_date),
|
|
|
|
|
"Object": "send",
|
|
|
|
|
})
|
|
|
|
|
}
|
2021-03-16 18:10:23 +01:00
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn to_json_access(&self, conn: &mut DbConn) -> Value {
|
2021-03-16 18:10:23 +01:00
|
|
|
use crate::util::format_date;
|
|
|
|
|
|
|
|
|
|
let data: Value = serde_json::from_str(&self.data).unwrap_or_default();
|
|
|
|
|
|
|
|
|
|
json!({
|
|
|
|
|
"Id": self.uuid,
|
|
|
|
|
"Type": self.atype,
|
|
|
|
|
|
|
|
|
|
"Name": self.name,
|
|
|
|
|
"Text": if self.atype == SendType::Text as i32 { Some(&data) } else { None },
|
|
|
|
|
"File": if self.atype == SendType::File as i32 { Some(&data) } else { None },
|
|
|
|
|
|
|
|
|
|
"ExpirationDate": self.expiration_date.as_ref().map(format_date),
|
2021-11-16 17:07:55 +01:00
|
|
|
"CreatorIdentifier": self.creator_identifier(conn).await,
|
2021-03-16 18:10:23 +01:00
|
|
|
"Object": "send-access",
|
|
|
|
|
})
|
|
|
|
|
}
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
use crate::db::DbConn;
|
|
|
|
|
|
|
|
|
|
use crate::api::EmptyResult;
|
|
|
|
|
use crate::error::MapResult;
|
|
|
|
|
|
|
|
|
|
impl Send {
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn save(&mut self, conn: &mut DbConn) -> EmptyResult {
|
2021-11-16 17:07:55 +01:00
|
|
|
self.update_users_revision(conn).await;
|
2021-03-14 23:35:55 +01:00
|
|
|
self.revision_date = Utc::now().naive_utc();
|
|
|
|
|
|
|
|
|
|
db_run! { conn:
|
|
|
|
|
sqlite, mysql {
|
|
|
|
|
match diesel::replace_into(sends::table)
|
|
|
|
|
.values(SendDb::to_db(self))
|
|
|
|
|
.execute(conn)
|
|
|
|
|
{
|
|
|
|
|
Ok(_) => Ok(()),
|
|
|
|
|
// Record already exists and causes a Foreign Key Violation because replace_into() wants to delete the record first.
|
|
|
|
|
Err(diesel::result::Error::DatabaseError(diesel::result::DatabaseErrorKind::ForeignKeyViolation, _)) => {
|
|
|
|
|
diesel::update(sends::table)
|
|
|
|
|
.filter(sends::uuid.eq(&self.uuid))
|
|
|
|
|
.set(SendDb::to_db(self))
|
|
|
|
|
.execute(conn)
|
|
|
|
|
.map_res("Error saving send")
|
|
|
|
|
}
|
|
|
|
|
Err(e) => Err(e.into()),
|
|
|
|
|
}.map_res("Error saving send")
|
|
|
|
|
}
|
|
|
|
|
postgresql {
|
|
|
|
|
let value = SendDb::to_db(self);
|
|
|
|
|
diesel::insert_into(sends::table)
|
|
|
|
|
.values(&value)
|
|
|
|
|
.on_conflict(sends::uuid)
|
|
|
|
|
.do_update()
|
|
|
|
|
.set(&value)
|
|
|
|
|
.execute(conn)
|
|
|
|
|
.map_res("Error saving send")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn delete(&self, conn: &mut DbConn) -> EmptyResult {
|
2021-11-16 17:07:55 +01:00
|
|
|
self.update_users_revision(conn).await;
|
2021-03-14 23:35:55 +01:00
|
|
|
|
2021-03-22 19:57:35 +01:00
|
|
|
if self.atype == SendType::File as i32 {
|
|
|
|
|
std::fs::remove_dir_all(std::path::Path::new(&crate::CONFIG.sends_folder()).join(&self.uuid)).ok();
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-14 23:35:55 +01:00
|
|
|
db_run! { conn: {
|
|
|
|
|
diesel::delete(sends::table.filter(sends::uuid.eq(&self.uuid)))
|
|
|
|
|
.execute(conn)
|
|
|
|
|
.map_res("Error deleting send")
|
|
|
|
|
}}
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-03 05:16:49 +02:00
|
|
|
/// Purge all sends that are past their deletion date.
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn purge(conn: &mut DbConn) {
|
2021-11-16 17:07:55 +01:00
|
|
|
for send in Self::find_by_past_deletion_date(conn).await {
|
|
|
|
|
send.delete(conn).await.ok();
|
2021-04-03 05:16:49 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn update_users_revision(&self, conn: &mut DbConn) -> Vec<String> {
|
2021-08-03 17:33:59 +02:00
|
|
|
let mut user_uuids = Vec::new();
|
2021-08-04 13:25:41 +02:00
|
|
|
match &self.user_uuid {
|
|
|
|
|
Some(user_uuid) => {
|
2021-11-16 17:07:55 +01:00
|
|
|
User::update_uuid_revision(user_uuid, conn).await;
|
2021-08-03 17:33:59 +02:00
|
|
|
user_uuids.push(user_uuid.clone())
|
2021-03-22 19:05:15 +01:00
|
|
|
}
|
|
|
|
|
None => {
|
|
|
|
|
// Belongs to Organization, not implemented
|
|
|
|
|
}
|
2021-08-03 17:33:59 +02:00
|
|
|
};
|
|
|
|
|
user_uuids
|
2021-03-22 19:05:15 +01:00
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn delete_all_by_user(user_uuid: &str, conn: &mut DbConn) -> EmptyResult {
|
2021-11-16 17:07:55 +01:00
|
|
|
for send in Self::find_by_user(user_uuid, conn).await {
|
|
|
|
|
send.delete(conn).await?;
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn find_by_access_id(access_id: &str, conn: &mut DbConn) -> Option<Self> {
|
2021-03-14 23:35:55 +01:00
|
|
|
use data_encoding::BASE64URL_NOPAD;
|
|
|
|
|
use uuid::Uuid;
|
|
|
|
|
|
|
|
|
|
let uuid_vec = match BASE64URL_NOPAD.decode(access_id.as_bytes()) {
|
|
|
|
|
Ok(v) => v,
|
|
|
|
|
Err(_) => return None,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let uuid = match Uuid::from_slice(&uuid_vec) {
|
|
|
|
|
Ok(u) => u.to_string(),
|
|
|
|
|
Err(_) => return None,
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-16 17:07:55 +01:00
|
|
|
Self::find_by_uuid(&uuid, conn).await
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn find_by_uuid(uuid: &str, conn: &mut DbConn) -> Option<Self> {
|
2021-03-14 23:35:55 +01:00
|
|
|
db_run! {conn: {
|
|
|
|
|
sends::table
|
|
|
|
|
.filter(sends::uuid.eq(uuid))
|
|
|
|
|
.first::<SendDb>(conn)
|
|
|
|
|
.ok()
|
|
|
|
|
.from_db()
|
|
|
|
|
}}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn find_by_user(user_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
|
2021-03-14 23:35:55 +01:00
|
|
|
db_run! {conn: {
|
|
|
|
|
sends::table
|
|
|
|
|
.filter(sends::user_uuid.eq(user_uuid))
|
|
|
|
|
.load::<SendDb>(conn).expect("Error loading sends").from_db()
|
|
|
|
|
}}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn find_by_org(org_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
|
2021-03-14 23:35:55 +01:00
|
|
|
db_run! {conn: {
|
|
|
|
|
sends::table
|
|
|
|
|
.filter(sends::organization_uuid.eq(org_uuid))
|
|
|
|
|
.load::<SendDb>(conn).expect("Error loading sends").from_db()
|
|
|
|
|
}}
|
|
|
|
|
}
|
2021-04-03 05:16:49 +02:00
|
|
|
|
2022-05-20 23:39:47 +02:00
|
|
|
pub async fn find_by_past_deletion_date(conn: &mut DbConn) -> Vec<Self> {
|
2021-04-03 05:16:49 +02:00
|
|
|
let now = Utc::now().naive_utc();
|
|
|
|
|
db_run! {conn: {
|
|
|
|
|
sends::table
|
|
|
|
|
.filter(sends::deletion_date.lt(now))
|
|
|
|
|
.load::<SendDb>(conn).expect("Error loading sends").from_db()
|
|
|
|
|
}}
|
|
|
|
|
}
|
2021-03-14 23:35:55 +01:00
|
|
|
}
|
