Fixes for SSO accounts and server peering.

This commit is contained in:
Ylian Saint-Hilaire 2020-11-28 18:03:09 -08:00
parent b3f0a0b77c
commit 67b748d1e6
2 changed files with 23 additions and 10 deletions

3
db.js
View File

@ -1615,6 +1615,7 @@ module.exports.CreateDB = function (parent, func) {
// Called when a user account has changed // Called when a user account has changed
function dbUserChange(userChange, added) { function dbUserChange(userChange, added) {
if (parent.webserver == null) return; if (parent.webserver == null) return;
common.unEscapeLinksFieldName(userChange.fullDocument);
const user = performTypedRecordDecrypt([userChange.fullDocument])[0]; const user = performTypedRecordDecrypt([userChange.fullDocument])[0];
// Update the user object in memory // Update the user object in memory
@ -1635,7 +1636,7 @@ module.exports.CreateDB = function (parent, func) {
const usergroup = ugrpChange.fullDocument; const usergroup = ugrpChange.fullDocument;
// Update the user group object in memory // Update the user group object in memory
const uusergroup = parent.webserver.usergroups[usergroup._id]; const uusergroup = parent.webserver.userGroups[usergroup._id];
for (var i in usergroup) { uusergroup[i] = usergroup[i]; } for (var i in usergroup) { uusergroup[i] = usergroup[i]; }
for (var i in uusergroup) { if (usergroup[i] == null) { delete uusergroup[i]; } } for (var i in uusergroup) { if (usergroup[i] == null) { delete uusergroup[i]; } }

View File

@ -1380,7 +1380,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// User filtered events // User filtered events
if ((command.user != null) && ((user.siteadmin & 2) != 0)) { // SITERIGHT_MANAGEUSERS if ((command.user != null) && ((user.siteadmin & 2) != 0)) { // SITERIGHT_MANAGEUSERS
// TODO: Add the meshes command.user has access to (???) // TODO: Add the meshes command.user has access to (???)
var filter = ['user/' + domain.id + '/' + command.user.toLowerCase()]; var filter = ['user/' + domain.id + '/' + command.user];
if ((command.limit == null) || (typeof command.limit != 'number')) { if ((command.limit == null) || (typeof command.limit != 'number')) {
// Send the list of all events for this session // Send the list of all events for this session
db.GetUserEvents(filter, domain.id, command.user, function (err, docs) { db.GetUserEvents(filter, domain.id, command.user, function (err, docs) {
@ -1501,10 +1501,10 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (common.validateString(command.lang, 1, 6) == false) return; if (common.validateString(command.lang, 1, 6) == false) return;
// Always lowercase the email address // Always lowercase the language
command.lang = command.lang.toLowerCase(); command.lang = command.lang.toLowerCase();
// Update the user's email // Update the user's language
var oldlang = user.lang; var oldlang = user.lang;
if (command.lang == '*') { delete user.lang; } else { user.lang = command.lang; } if (command.lang == '*') { delete user.lang; } else { user.lang = command.lang; }
parent.db.SetUser(user); parent.db.SetUser(user);
@ -1824,7 +1824,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
} else { } else {
for (var i in command.users) { for (var i in command.users) {
// Check if this is an existing user // Check if this is an existing user
var newuserid = 'user/' + domain.id + '/' + command.users[i].user.toLowerCase(); var newuserid = 'user/' + domain.id + '/' + command.users[i].user;
var newuser = { type: 'user', _id: newuserid, name: command.users[i].user, creation: Math.floor(Date.now() / 1000), domain: domain.id }; var newuser = { type: 'user', _id: newuserid, name: command.users[i].user, creation: Math.floor(Date.now() / 1000), domain: domain.id };
if (domain.newaccountsrights) { newuser.siteadmin = domain.newaccountsrights; } if (domain.newaccountsrights) { newuser.siteadmin = domain.newaccountsrights; }
if (command.users[i].email != null) { newuser.email = command.users[i].email.toLowerCase(); if (command.users[i].emailVerified === true) { newuser.emailVerified = true; } } // Email, always lowercase if (command.users[i].email != null) { newuser.email = command.users[i].email.toLowerCase(); if (command.users[i].emailVerified === true) { newuser.emailVerified = true; } } // Email, always lowercase
@ -2347,7 +2347,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var unknownUsers = [], addedCount = 0, failCount = 0; var unknownUsers = [], addedCount = 0, failCount = 0;
for (var i in command.usernames) { for (var i in command.usernames) {
// Check if the user exists // Check if the user exists
var chguserid = 'user/' + addUserDomain.id + '/' + command.usernames[i].toLowerCase(), chguser = parent.users[chguserid]; var chguserid = 'user/' + addUserDomain.id + '/' + command.usernames[i].toLowerCase();
var chguser = parent.users[chguserid];
if (chguser == null) { chguserid = 'user/' + addUserDomain.id + '/' + command.usernames[i]; chguser = parent.users[chguserid]; }
if (chguser != null) { if (chguser != null) {
// Add mesh to user // Add mesh to user
if (chguser.links == null) { chguser.links = {}; } if (chguser.links == null) { chguser.links = {}; }
@ -2362,7 +2364,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
parent.parent.DispatchEvent(targets, obj, event); parent.parent.DispatchEvent(targets, obj, event);
// Add a user to the user group // Add a user to the user group
group.links[chguserid] = { userid: chguser.id, name: chguser.name, rights: 1 }; group.links[chguserid] = { userid: chguser._id, name: chguser.name, rights: 1 };
addedCount++; addedCount++;
} else { } else {
unknownUsers.push(command.usernames[i]); unknownUsers.push(command.usernames[i]);
@ -2415,7 +2417,11 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
} }
// Check if the user exists // Check if the user exists
if (command.userid.startsWith('user/') == false) { command.userid = 'user/' + removeUserDomain.id + '/' + command.userid.toLowerCase(); } if (command.userid.startsWith('user/') == false) {
if (parent.users['user/' + removeUserDomain.id + '/' + command.userid.toLowerCase()] != null) { command.userid = 'user/' + removeUserDomain.id + '/' + command.userid.toLowerCase(); }
else if (parent.users['user/' + removeUserDomain.id + '/' + command.userid] != null) { command.userid = 'user/' + removeUserDomain.id + '/' + command.userid; }
}
var chguser = parent.users[command.userid]; var chguser = parent.users[command.userid];
if (chguser != null) { if (chguser != null) {
var change = false; var change = false;
@ -2993,7 +2999,10 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Convert user names to userid's // Convert user names to userid's
if (command.userids == null) { if (command.userids == null) {
command.userids = []; command.userids = [];
for (var i in command.usernames) { command.userids.push('user/' + domain.id + '/' + command.usernames[i].toLowerCase()); } for (var i in command.usernames) {
if (parent.users['user/' + domain.id + '/' + command.usernames[i].toLowerCase()] != null) { command.userids.push('user/' + domain.id + '/' + command.usernames[i].toLowerCase()); }
else if (parent.users['user/' + domain.id + '/' + command.usernames[i]] != null) { command.userids.push('user/' + domain.id + '/' + command.usernames[i]); }
}
} }
var unknownUsers = [], successCount = 0, failCount = 0, msgs = []; var unknownUsers = [], successCount = 0, failCount = 0, msgs = [];
for (var i in command.userids) { for (var i in command.userids) {
@ -3108,7 +3117,10 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (command.userids == null) { if (command.userids == null) {
command.userids = []; command.userids = [];
for (var i in command.usernames) { for (var i in command.usernames) {
if (command.usernames[i] != null) { command.userids.push('user/' + domain.id + '/' + command.usernames[i].toLowerCase()); } if (command.usernames[i] != null) {
if (parent.users['user/' + domain.id + '/' + command.usernames[i].toLowerCase()] != null) { command.userids.push('user/' + domain.id + '/' + command.usernames[i].toLowerCase()); }
else if (parent.users['user/' + domain.id + '/' + command.usernames[i]] != null) { command.userids.push('user/' + domain.id + '/' + command.usernames[i]); }
}
} }
} }