Refactor users management (#6)
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
* Improve second factor removal by admin
This commit is contained in:
parent
0d8af58e16
commit
a2d731bfff
@ -94,15 +94,26 @@ pub async fn users_route(
|
|||||||
.is_some();
|
.is_some();
|
||||||
user.admin = update.0.admin.is_some();
|
user.admin = update.0.admin.is_some();
|
||||||
|
|
||||||
let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
|
|
||||||
user.two_factor
|
|
||||||
.retain(|f| factors_to_keep.contains(&f.id.0.as_str()));
|
|
||||||
|
|
||||||
let res = users
|
let res = users
|
||||||
.send(users_actor::UpdateUserRequest(user.clone()))
|
.send(users_actor::UpdateUserRequest(user.clone()))
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
|
// Update the list of factors
|
||||||
|
let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
|
||||||
|
for factor in &user.two_factor {
|
||||||
|
if !factors_to_keep.contains(&factor.id.0.as_str()) {
|
||||||
|
logger.log(Action::AdminRemoveUserFactor(&user, factor));
|
||||||
|
users
|
||||||
|
.send(users_actor::Remove2FAFactor(
|
||||||
|
user.uid.clone(),
|
||||||
|
factor.id.clone(),
|
||||||
|
))
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Update list of granted clients
|
// Update list of granted clients
|
||||||
let granted_clients = match update.0.grant_type.as_str() {
|
let granted_clients = match update.0.grant_type.as_str() {
|
||||||
"all_clients" => GrantedClients::AllClients,
|
"all_clients" => GrantedClients::AllClients,
|
||||||
|
@ -19,6 +19,7 @@ pub enum Action<'a> {
|
|||||||
AdminUpdateUser(&'a User),
|
AdminUpdateUser(&'a User),
|
||||||
AdminDeleteUser(&'a User),
|
AdminDeleteUser(&'a User),
|
||||||
AdminResetUserPassword(&'a User),
|
AdminResetUserPassword(&'a User),
|
||||||
|
AdminRemoveUserFactor(&'a User, &'a TwoFactor),
|
||||||
AdminSetNewGrantedClientsList(&'a User, &'a GrantedClients),
|
AdminSetNewGrantedClientsList(&'a User, &'a GrantedClients),
|
||||||
AdminClear2FAHistory(&'a User),
|
AdminClear2FAHistory(&'a User),
|
||||||
LoginWebauthnAttempt { success: bool, user_id: UserID },
|
LoginWebauthnAttempt { success: bool, user_id: UserID },
|
||||||
@ -55,6 +56,11 @@ impl<'a> Action<'a> {
|
|||||||
user.quick_identity()
|
user.quick_identity()
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
Action::AdminRemoveUserFactor(user, factor) => format!(
|
||||||
|
"removed 2 factor ({}) of user ({})",
|
||||||
|
factor.quick_description(),
|
||||||
|
user.quick_identity()
|
||||||
|
),
|
||||||
Action::AdminClear2FAHistory(user) => {
|
Action::AdminClear2FAHistory(user) => {
|
||||||
format!("cleared 2FA history of {}", user.quick_identity())
|
format!("cleared 2FA history of {}", user.quick_identity())
|
||||||
}
|
}
|
||||||
@ -111,10 +117,8 @@ impl<'a> Action<'a> {
|
|||||||
Action::ChangedHisPassword => "changed his password".to_string(),
|
Action::ChangedHisPassword => "changed his password".to_string(),
|
||||||
Action::ClearedHisLoginHistory => "cleared his login history".to_string(),
|
Action::ClearedHisLoginHistory => "cleared his login history".to_string(),
|
||||||
Action::AddNewFactor(factor) => format!(
|
Action::AddNewFactor(factor) => format!(
|
||||||
"added a new {} factor with name {} and id {:?} to his account",
|
"added a new factor to his account : {}",
|
||||||
factor.type_str(),
|
factor.quick_description(),
|
||||||
factor.name,
|
|
||||||
factor.id,
|
|
||||||
),
|
),
|
||||||
Action::Removed2FAFactor { factor_id } => format!("Removed his factor {:?}", factor_id),
|
Action::Removed2FAFactor { factor_id } => format!("Removed his factor {:?}", factor_id),
|
||||||
}
|
}
|
||||||
|
@ -45,6 +45,15 @@ pub struct TwoFactor {
|
|||||||
}
|
}
|
||||||
|
|
||||||
impl TwoFactor {
|
impl TwoFactor {
|
||||||
|
pub fn quick_description(&self) -> String {
|
||||||
|
format!(
|
||||||
|
"#{} of type {} and name '{}'",
|
||||||
|
self.id.0,
|
||||||
|
self.type_str(),
|
||||||
|
self.name
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
pub fn type_str(&self) -> &'static str {
|
pub fn type_str(&self) -> &'static str {
|
||||||
match self.kind {
|
match self.kind {
|
||||||
TwoFactorType::TOTP(_) => "Authenticator app",
|
TwoFactorType::TOTP(_) => "Authenticator app",
|
||||||
|
Loading…
Reference in New Issue
Block a user