Refactor users management (#6)

* Improve second factor removal by admin
2022-11-26 15:08:36 +01:00 · 2022-11-26 15:08:36 +01:00 · a2d731bfff
commit a2d731bfff
parent 0d8af58e16
3 changed files with 32 additions and 8 deletions
--- a/src/controllers/admin_controller.rs
+++ b/src/controllers/admin_controller.rs
@ -94,15 +94,26 @@ pub async fn users_route(
            .is_some();
        user.admin = update.0.admin.is_some();

-        let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
-        user.two_factor
-            .retain(|f| factors_to_keep.contains(&f.id.0.as_str()));
-
        let res = users
            .send(users_actor::UpdateUserRequest(user.clone()))
            .await
            .unwrap();

+        // Update the list of factors
+        let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
+        for factor in &user.two_factor {
+            if !factors_to_keep.contains(&factor.id.0.as_str()) {
+                logger.log(Action::AdminRemoveUserFactor(&user, factor));
+                users
+                    .send(users_actor::Remove2FAFactor(
+                        user.uid.clone(),
+                        factor.id.clone(),
+                    ))
+                    .await
+                    .unwrap();
+            }
+        }
+
        // Update list of granted clients
        let granted_clients = match update.0.grant_type.as_str() {
            "all_clients" => GrantedClients::AllClients,
--- a/src/data/action_logger.rs
+++ b/src/data/action_logger.rs
@ -19,6 +19,7 @@ pub enum Action<'a> {
    AdminUpdateUser(&'a User),
    AdminDeleteUser(&'a User),
    AdminResetUserPassword(&'a User),
+    AdminRemoveUserFactor(&'a User, &'a TwoFactor),
    AdminSetNewGrantedClientsList(&'a User, &'a GrantedClients),
    AdminClear2FAHistory(&'a User),
    LoginWebauthnAttempt { success: bool, user_id: UserID },
@ -55,6 +56,11 @@ impl<'a> Action<'a> {
                    user.quick_identity()
                )
            }
+            Action::AdminRemoveUserFactor(user, factor) => format!(
+                "removed 2 factor ({}) of user ({})",
+                factor.quick_description(),
+                user.quick_identity()
+            ),
            Action::AdminClear2FAHistory(user) => {
                format!("cleared 2FA history of {}", user.quick_identity())
            }
@ -111,10 +117,8 @@ impl<'a> Action<'a> {
            Action::ChangedHisPassword => "changed his password".to_string(),
            Action::ClearedHisLoginHistory => "cleared his login history".to_string(),
            Action::AddNewFactor(factor) => format!(
-                "added a new {} factor with name {} and id {:?} to his account",
-                factor.type_str(),
-                factor.name,
-                factor.id,
+                "added a new factor to his account : {}",
+                factor.quick_description(),
            ),
            Action::Removed2FAFactor { factor_id } => format!("Removed his factor {:?}", factor_id),
        }
--- a/src/data/user.rs
+++ b/src/data/user.rs
@ -45,6 +45,15 @@ pub struct TwoFactor {
 }

 impl TwoFactor {
+    pub fn quick_description(&self) -> String {
+        format!(
+            "#{} of type {} and name '{}'",
+            self.id.0,
+            self.type_str(),
+            self.name
+        )
+    }
+
    pub fn type_str(&self) -> &'static str {
        match self.kind {
            TwoFactorType::TOTP(_) => "Authenticator app",