2016-09-29 02:44:05 +00:00
|
|
|
package service
|
|
|
|
|
|
|
|
|
|
import (
|
2017-03-15 15:55:30 +00:00
|
|
|
"context"
|
2016-12-07 15:42:58 +00:00
|
|
|
"encoding/base64"
|
2016-12-28 16:55:03 +00:00
|
|
|
"html/template"
|
2016-09-29 02:44:05 +00:00
|
|
|
|
2021-04-05 20:28:43 +00:00
|
|
|
"github.com/fleetdm/fleet/server/contexts/viewer"
|
2020-11-11 17:59:12 +00:00
|
|
|
"github.com/fleetdm/fleet/server/kolide"
|
|
|
|
|
"github.com/fleetdm/fleet/server/mail"
|
2021-04-05 20:28:43 +00:00
|
|
|
"github.com/pkg/errors"
|
2016-09-29 02:44:05 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func (svc service) InviteNewUser(ctx context.Context, payload kolide.InvitePayload) (*kolide.Invite, error) {
|
|
|
|
|
// verify that the user with the given email does not already exist
|
|
|
|
|
_, err := svc.ds.UserByEmail(*payload.Email)
|
|
|
|
|
if err == nil {
|
|
|
|
|
return nil, newInvalidArgumentError("email", "a user with this account already exists")
|
|
|
|
|
}
|
2016-12-20 18:35:22 +00:00
|
|
|
if _, ok := err.(kolide.NotFoundError); !ok {
|
2016-09-29 02:44:05 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// find the user who created the invite
|
2021-04-05 20:28:43 +00:00
|
|
|
v, ok := viewer.FromContext(ctx)
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, errors.New("missing viewer context for create invite")
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
2021-04-05 20:28:43 +00:00
|
|
|
inviter := v.User
|
2016-09-29 02:44:05 +00:00
|
|
|
|
2016-12-07 15:42:58 +00:00
|
|
|
random, err := kolide.RandomText(svc.config.App.TokenKeySize)
|
2016-09-29 02:44:05 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-12-07 15:42:58 +00:00
|
|
|
token := base64.URLEncoding.EncodeToString([]byte(random))
|
2016-09-29 02:44:05 +00:00
|
|
|
|
|
|
|
|
invite := &kolide.Invite{
|
2021-04-07 01:27:10 +00:00
|
|
|
Email: *payload.Email,
|
|
|
|
|
InvitedBy: inviter.ID,
|
|
|
|
|
Token: token,
|
|
|
|
|
GlobalRole: payload.GlobalRole,
|
2021-04-12 16:51:05 +00:00
|
|
|
Teams: payload.Teams,
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
|
|
|
|
if payload.Position != nil {
|
|
|
|
|
invite.Position = *payload.Position
|
|
|
|
|
}
|
|
|
|
|
if payload.Name != nil {
|
|
|
|
|
invite.Name = *payload.Name
|
|
|
|
|
}
|
2017-05-10 16:26:05 +00:00
|
|
|
if payload.SSOEnabled != nil {
|
|
|
|
|
invite.SSOEnabled = *payload.SSOEnabled
|
|
|
|
|
}
|
2016-09-29 02:44:05 +00:00
|
|
|
|
|
|
|
|
invite, err = svc.ds.NewInvite(invite)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2016-12-20 21:54:30 +00:00
|
|
|
config, err := svc.AppConfig(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-17 21:37:00 +00:00
|
|
|
invitedBy := inviter.Name
|
|
|
|
|
if invitedBy == "" {
|
|
|
|
|
invitedBy = inviter.Username
|
|
|
|
|
}
|
2016-09-29 02:44:05 +00:00
|
|
|
inviteEmail := kolide.Email{
|
2019-04-04 22:56:15 +00:00
|
|
|
Subject: "You are Invited to Fleet",
|
2016-12-20 21:54:30 +00:00
|
|
|
To: []string{invite.Email},
|
|
|
|
|
Config: config,
|
2020-03-30 02:22:04 +00:00
|
|
|
Mailer: &mail.InviteMailer{
|
2016-12-28 16:55:03 +00:00
|
|
|
Invite: invite,
|
2019-10-16 23:40:45 +00:00
|
|
|
BaseURL: template.URL(config.KolideServerURL + svc.config.Server.URLPrefix),
|
2019-08-02 21:08:42 +00:00
|
|
|
AssetURL: getAssetURL(),
|
2017-01-17 21:37:00 +00:00
|
|
|
OrgName: config.OrgName,
|
|
|
|
|
InvitedByUsername: invitedBy,
|
2016-12-28 16:55:03 +00:00
|
|
|
},
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
2016-12-20 21:54:30 +00:00
|
|
|
|
2016-09-29 02:44:05 +00:00
|
|
|
err = svc.mailService.SendEmail(inviteEmail)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return invite, nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-13 18:21:47 +00:00
|
|
|
func (svc service) ListInvites(ctx context.Context, opt kolide.ListOptions) ([]*kolide.Invite, error) {
|
2016-10-14 15:59:27 +00:00
|
|
|
return svc.ds.ListInvites(opt)
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
|
|
|
|
|
2016-12-30 01:58:12 +00:00
|
|
|
func (svc service) VerifyInvite(ctx context.Context, token string) (*kolide.Invite, error) {
|
|
|
|
|
invite, err := svc.ds.InviteByToken(token)
|
2016-09-29 02:44:05 +00:00
|
|
|
if err != nil {
|
2016-12-30 01:58:12 +00:00
|
|
|
return nil, err
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if invite.Token != token {
|
2016-12-30 01:58:12 +00:00
|
|
|
return nil, newInvalidArgumentError("invite_token", "Invite Token does not match Email Address.")
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
expiresAt := invite.CreatedAt.Add(svc.config.App.InviteTokenValidityPeriod)
|
|
|
|
|
if svc.clock.Now().After(expiresAt) {
|
2016-12-30 01:58:12 +00:00
|
|
|
return nil, newInvalidArgumentError("invite_token", "Invite token has expired.")
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
|
|
|
|
|
2016-12-30 01:58:12 +00:00
|
|
|
return invite, nil
|
2016-09-29 02:44:05 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (svc service) DeleteInvite(ctx context.Context, id uint) error {
|
2017-01-04 18:18:21 +00:00
|
|
|
return svc.ds.DeleteInvite(id)
|
2016-09-29 02:44:05 +00:00
|
|
|
}
|
