diff --git a/migrations/mysql/2021-02-10-174254_create_emergency_access/down.sql b/migrations/mysql/2021-02-10-174254_create_emergency_access/down.sql deleted file mode 100644 index 0a5f4d12..00000000 --- a/migrations/mysql/2021-02-10-174254_create_emergency_access/down.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE emergency_access; \ No newline at end of file diff --git a/migrations/mysql/2021-08-30-193501_create_emergency_access/down.sql b/migrations/mysql/2021-08-30-193501_create_emergency_access/down.sql new file mode 100644 index 00000000..f9d18f1e --- /dev/null +++ b/migrations/mysql/2021-08-30-193501_create_emergency_access/down.sql @@ -0,0 +1 @@ +DROP TABLE emergency_access; diff --git a/migrations/mysql/2021-02-10-174254_create_emergency_access/up.sql b/migrations/mysql/2021-08-30-193501_create_emergency_access/up.sql similarity index 99% rename from migrations/mysql/2021-02-10-174254_create_emergency_access/up.sql rename to migrations/mysql/2021-08-30-193501_create_emergency_access/up.sql index 6ee6ee95..111409d4 100644 --- a/migrations/mysql/2021-02-10-174254_create_emergency_access/up.sql +++ b/migrations/mysql/2021-08-30-193501_create_emergency_access/up.sql @@ -11,4 +11,4 @@ CREATE TABLE emergency_access ( last_notification_at DATETIME, updated_at DATETIME NOT NULL, created_at DATETIME NOT NULL -); \ No newline at end of file +); diff --git a/migrations/postgresql/2021-02-10-174254_create_emergency_access/down.sql b/migrations/postgresql/2021-02-10-174254_create_emergency_access/down.sql deleted file mode 100644 index 0a5f4d12..00000000 --- a/migrations/postgresql/2021-02-10-174254_create_emergency_access/down.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE emergency_access; \ No newline at end of file diff --git a/migrations/postgresql/2021-08-30-193501_create_emergency_access/down.sql b/migrations/postgresql/2021-08-30-193501_create_emergency_access/down.sql new file mode 100644 index 00000000..f9d18f1e --- /dev/null +++ b/migrations/postgresql/2021-08-30-193501_create_emergency_access/down.sql @@ -0,0 +1 @@ +DROP TABLE emergency_access; diff --git a/migrations/postgresql/2021-02-10-174254_create_emergency_access/up.sql b/migrations/postgresql/2021-08-30-193501_create_emergency_access/up.sql similarity index 99% rename from migrations/postgresql/2021-02-10-174254_create_emergency_access/up.sql rename to migrations/postgresql/2021-08-30-193501_create_emergency_access/up.sql index f5d4e548..5d84b151 100644 --- a/migrations/postgresql/2021-02-10-174254_create_emergency_access/up.sql +++ b/migrations/postgresql/2021-08-30-193501_create_emergency_access/up.sql @@ -11,4 +11,4 @@ CREATE TABLE emergency_access ( last_notification_at TIMESTAMP, updated_at TIMESTAMP NOT NULL, created_at TIMESTAMP NOT NULL -); \ No newline at end of file +); diff --git a/migrations/sqlite/2021-02-10-174254_create_emergency_access/down.sql b/migrations/sqlite/2021-02-10-174254_create_emergency_access/down.sql deleted file mode 100644 index 0a5f4d12..00000000 --- a/migrations/sqlite/2021-02-10-174254_create_emergency_access/down.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE emergency_access; \ No newline at end of file diff --git a/migrations/sqlite/2021-08-30-193501_create_emergency_access/down.sql b/migrations/sqlite/2021-08-30-193501_create_emergency_access/down.sql new file mode 100644 index 00000000..f9d18f1e --- /dev/null +++ b/migrations/sqlite/2021-08-30-193501_create_emergency_access/down.sql @@ -0,0 +1 @@ +DROP TABLE emergency_access; diff --git a/migrations/sqlite/2021-02-10-174254_create_emergency_access/up.sql b/migrations/sqlite/2021-08-30-193501_create_emergency_access/up.sql similarity index 99% rename from migrations/sqlite/2021-02-10-174254_create_emergency_access/up.sql rename to migrations/sqlite/2021-08-30-193501_create_emergency_access/up.sql index 07e50f3d..8d0d8bad 100644 --- a/migrations/sqlite/2021-02-10-174254_create_emergency_access/up.sql +++ b/migrations/sqlite/2021-08-30-193501_create_emergency_access/up.sql @@ -11,4 +11,4 @@ CREATE TABLE emergency_access ( last_notification_at DATETIME, updated_at DATETIME NOT NULL, created_at DATETIME NOT NULL -); \ No newline at end of file +); diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index 4c49d665..435a2cd1 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -239,7 +239,7 @@ fn post_password(data: JsonUpcase, headers: Headers, conn: DbCon user.set_password( &data.NewMasterPasswordHash, - Some(vec![String::from("post_rotatekey"), String::from("get_contacts")]), + Some(vec![String::from("post_rotatekey"), String::from("get_contacts"), String::from("get_public_keys")]), ); user.akey = data.Key; user.save(&conn) diff --git a/src/api/core/emergency_access.rs b/src/api/core/emergency_access.rs index 6ae0a96a..0b87a84b 100644 --- a/src/api/core/emergency_access.rs +++ b/src/api/core/emergency_access.rs @@ -268,13 +268,9 @@ fn resend_invite(emer_id: String, headers: Headers, conn: DbConn) -> EmptyResult None => err!("Email not valid."), }; - if !CONFIG.is_email_domain_allowed(&email) { - err!("Email domain not eligible for invitations.") - } - let grantee_user = match User::find_by_mail(&email, &conn) { - None => err!("Grantee user not found."), Some(user) => user, + None => err!("Grantee user not found."), }; let grantor_user = headers.user; @@ -346,10 +342,6 @@ fn accept_invite(emer_id: String, data: JsonUpcase, conn: DbConn) -> } if CONFIG.mail_enabled() { - if !CONFIG.is_email_domain_allowed(&grantor_user.email) { - err!("Email domain not valid.") - } - mail::send_emergency_access_invite_accepted(&grantor_user.email, &grantee_user.email)?; } @@ -428,10 +420,6 @@ fn confirm_emergency_access( emergency_access.save(&conn)?; if CONFIG.mail_enabled() { - if !CONFIG.is_email_domain_allowed(&grantee_user.email) { - err!("Email domain not valid.") - } - mail::send_emergency_access_invite_confirmed(&grantee_user.email, &grantor_user.name)?; } Ok(Json(emergency_access.to_json())) @@ -473,10 +461,6 @@ fn initiate_emergency_access(emer_id: String, headers: Headers, conn: DbConn) -> emergency_access.save(&conn)?; if CONFIG.mail_enabled() { - if !CONFIG.is_email_domain_allowed(&grantor_user.email) { - err!("Email domain not valid.") - } - mail::send_emergency_access_recovery_initiated( &grantor_user.email, &initiating_user.name, @@ -518,10 +502,6 @@ fn approve_emergency_access(emer_id: String, headers: Headers, conn: DbConn) -> emergency_access.save(&conn)?; if CONFIG.mail_enabled() { - if !CONFIG.is_email_domain_allowed(&grantee_user.email) { - err!("Email domain not valid.") - } - mail::send_emergency_access_recovery_approved(&grantee_user.email, &grantor_user.name)?; } Ok(Json(emergency_access.to_json())) @@ -563,10 +543,6 @@ fn reject_emergency_access(emer_id: String, headers: Headers, conn: DbConn) -> J emergency_access.save(&conn)?; if CONFIG.mail_enabled() { - if !CONFIG.is_email_domain_allowed(&grantee_user.email) { - err!("Email domain not valid.") - } - mail::send_emergency_access_recovery_rejected(&grantee_user.email, &grantor_user.name)?; } Ok(Json(emergency_access.to_json())) @@ -764,10 +740,6 @@ pub fn emergency_request_timeout_job(pool: DbPool) { User::find_by_uuid(&emer.grantee_uuid.clone().expect("Grantee user invalid."), &conn) .expect("Grantee user not found."); - if !CONFIG.is_email_domain_allowed(&grantor_user.email) { - error!("Email domain not valid.") - } - mail::send_emergency_access_recovery_timed_out( &grantor_user.email, &grantee_user.name.clone(), @@ -775,10 +747,6 @@ pub fn emergency_request_timeout_job(pool: DbPool) { ) .expect("Error on sending email"); - if !CONFIG.is_email_domain_allowed(&grantee_user.email) { - error!("Email not valid.") - } - mail::send_emergency_access_recovery_approved(&grantee_user.email, &grantor_user.name.clone()) .expect("Error on sending email"); } @@ -816,10 +784,6 @@ pub fn emergency_notification_reminder_job(pool: DbPool) { // get grantor user to send Accepted email let grantor_user = User::find_by_uuid(&emer.grantor_uuid, &conn).expect("Grantor user not found."); - if !CONFIG.is_email_domain_allowed(&grantor_user.email) { - error!("Email not valid.") - } - // get grantee user to send Accepted email let grantee_user = User::find_by_uuid(&emer.grantee_uuid.clone().expect("Grantee user invalid."), &conn) diff --git a/src/db/models/emergency_access.rs b/src/db/models/emergency_access.rs index 6e32db4e..94822108 100644 --- a/src/db/models/emergency_access.rs +++ b/src/db/models/emergency_access.rs @@ -29,6 +29,8 @@ db_object! { impl EmergencyAccess { pub fn new(grantor_uuid: String, email: Option, status: i32, atype: i32, wait_time_days: i32) -> Self { + let now = Utc::now().naive_utc(); + Self { uuid: crate::util::get_uuid(), grantor_uuid, @@ -38,8 +40,8 @@ impl EmergencyAccess { atype, wait_time_days, recovery_initiated_at: None, - created_at: Utc::now().naive_utc(), - updated_at: Utc::now().naive_utc(), + created_at: now, + updated_at: now, key_encrypted: None, last_notification_at: None, }