diff options
author | Daniel García <[email protected]> | 2021-09-09 20:30:29 +0200 |
---|---|---|
committer | Daniel García <[email protected]> | 2021-09-09 20:30:29 +0200 |
commit | a99c9715f641c4fe5e5603e36e1815f259326c97 (patch) | |
tree | 40db21fe581f879ad433dcb416894d50aab05789 | |
parent | 1a888b535564f30cab873f0725898db6f9bde792 (diff) | |
parent | 10d5c7738afad9f81958e24baa923530314a587f (diff) | |
download | vaultwarden-a99c9715f641c4fe5e5603e36e1815f259326c97.tar.gz vaultwarden-a99c9715f641c4fe5e5603e36e1815f259326c97.zip |
Merge branch 'issue-1963' of https://github.com/BlackDex/vaultwarden into BlackDex-issue-1963
-rw-r--r-- | src/api/admin.rs | 2 | ||||
-rw-r--r-- | src/api/core/accounts.rs | 17 | ||||
-rw-r--r-- | src/api/core/organizations.rs | 7 | ||||
-rw-r--r-- | src/db/models/user.rs | 7 |
4 files changed, 18 insertions, 15 deletions
diff --git a/src/api/admin.rs b/src/api/admin.rs index 46e39502..3fe4f947 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -269,7 +269,7 @@ fn invite_user(data: Json<InviteData>, _token: AdminToken, conn: DbConn) -> Json if CONFIG.mail_enabled() { mail::send_invite(&user.email, &user.uuid, None, None, &CONFIG.invitation_org_name(), None)?; } else { - let invitation = Invitation::new(data.email); + let invitation = Invitation::new(user.email.clone()); invitation.save(&conn)?; } diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index a38a496b..ee97e82f 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -62,11 +62,12 @@ struct KeysData { #[post("/accounts/register", data = "<data>")] fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { let data: RegisterData = data.into_inner().data; + let email = data.Email.to_lowercase(); - let mut user = match User::find_by_mail(&data.Email, &conn) { + let mut user = match User::find_by_mail(&email, &conn) { Some(user) => { if !user.password_hash.is_empty() { - if CONFIG.is_signup_allowed(&data.Email) { + if CONFIG.is_signup_allowed(&email) { err!("User already exists") } else { err!("Registration not allowed or user already exists") @@ -75,19 +76,19 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { if let Some(token) = data.Token { let claims = decode_invite(&token)?; - if claims.email == data.Email { + if claims.email == email { user } else { err!("Registration email does not match invite email") } - } else if Invitation::take(&data.Email, &conn) { + } else if Invitation::take(&email, &conn) { for mut user_org in UserOrganization::find_invited_by_user(&user.uuid, &conn).iter_mut() { user_org.status = UserOrgStatus::Accepted as i32; user_org.save(&conn)?; } user - } else if CONFIG.is_signup_allowed(&data.Email) { + } else if CONFIG.is_signup_allowed(&email) { err!("Account with this email already exists") } else { err!("Registration not allowed or user already exists") @@ -97,8 +98,8 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { // Order is important here; the invitation check must come first // because the vaultwarden admin can invite anyone, regardless // of other signup restrictions. - if Invitation::take(&data.Email, &conn) || CONFIG.is_signup_allowed(&data.Email) { - User::new(data.Email.clone()) + if Invitation::take(&email, &conn) || CONFIG.is_signup_allowed(&email) { + User::new(email.clone()) } else { err!("Registration not allowed or user already exists") } @@ -106,7 +107,7 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult { }; // Make sure we don't leave a lingering invitation. - Invitation::take(&data.Email, &conn); + Invitation::take(&email, &conn); if let Some(client_kdf_iter) = data.KdfIterations { user.client_kdf_iter = client_kdf_iter; diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index c1d2326c..fe8dab10 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -540,18 +540,19 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade } for email in data.Emails.iter() { + let email = email.to_lowercase(); let mut user_org_status = if CONFIG.mail_enabled() { UserOrgStatus::Invited as i32 } else { UserOrgStatus::Accepted as i32 // Automatically mark user as accepted if no email invites }; - let user = match User::find_by_mail(email, &conn) { + let user = match User::find_by_mail(&email, &conn) { None => { if !CONFIG.invitations_allowed() { err!(format!("User does not exist: {}", email)) } - if !CONFIG.is_email_domain_allowed(email) { + if !CONFIG.is_email_domain_allowed(&email) { err!("Email domain not eligible for invitations") } @@ -601,7 +602,7 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade }; mail::send_invite( - email, + &email, &user.uuid, Some(org_id.clone()), Some(new_user.uuid), diff --git a/src/db/models/user.rs b/src/db/models/user.rs index fb7d5fcd..3c2120e1 100644 --- a/src/db/models/user.rs +++ b/src/db/models/user.rs @@ -73,9 +73,9 @@ impl User { pub const CLIENT_KDF_TYPE_DEFAULT: i32 = 0; // PBKDF2: 0 pub const CLIENT_KDF_ITER_DEFAULT: i32 = 100_000; - pub fn new(mail: String) -> Self { + pub fn new(email: String) -> Self { let now = Utc::now().naive_utc(); - let email = mail.to_lowercase(); + let email = email.to_lowercase(); Self { uuid: crate::util::get_uuid(), @@ -349,7 +349,8 @@ impl User { } impl Invitation { - pub const fn new(email: String) -> Self { + pub fn new(email: String) -> Self { + let email = email.to_lowercase(); Self { email, } |