fLotte-meets-HWR-DB
/
flotte-user-management
mirror of https://github.com/fLotte-meets-HWR-DB/flotte-user-management.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add attribute column to store custom data

Browse Source 
Signed-off-by: trivernis <trivernis@protonmail.com>
pull/17/head
trivernis 4 years ago
parent 2764a0b8cf
commit d32eeee33d
Signed by: Trivernis
GPG Key ID: DFFFCC2C7A02DB45
7 changed files with 67 additions and 35 deletions
Show Stats Download Patch File Download Diff File

2
Cargo.lock generated
Unescape Escape View File

@ -1151,6 +1151,8 @@ dependencies = [
"bytes",
"fallible-iterator",
"postgres-protocol",
"serde",
"serde_json",
]
[[package]]

2
Cargo.toml
Unescape Escape View File

@ -9,7 +9,7 @@ license = "GPL-3.0"
[dependencies]
msgrpc = "0.1.0"
postgres = "0.17.5"
postgres = {version = "0.17.5", features = ["with-serde_json-1"]}
serde_postgres = "0.2.0"
dotenv = "0.15.0"
serde = { version = "1.0.115", features = ["serde_derive"] }

4
src/database/mod.rs
Unescape Escape View File

@ -14,6 +14,7 @@ use crate::database::roles::Roles;
use crate::database::user_roles::UserRoles;
use crate::database::users::Users;
use crate::utils::error::DatabaseResult;
use serde_json::Value;
pub mod models;
pub mod permissions;
@ -80,8 +81,9 @@ impl Database {
"ADMIN".to_string(),
dotenv::var(ENV_ADMIN_EMAIL).unwrap_or(DEFAULT_ADMIN_EMAIL.to_string()),
dotenv::var(ENV_ADMIN_PASSWORD).unwrap_or(DEFAULT_ADMIN_PASSWORD.to_string()),
Value::Null,
) {
log::debug!("Failed to create admin user {}", e);
log::debug!("Failed to create admin user: {}", e);
} else {
log::debug!("Admin user created successfully!");
}

39
src/database/models.rs
Unescape Escape View File

@ -4,27 +4,28 @@
use postgres::Row;
use serde::{Deserialize, Serialize};
use zeroize::Zeroize;
use serde_json::Value;
/// Record to store data in when retrieving rows from the users table
#[derive(Clone, Debug, Zeroize, Serialize)]
#[zeroize(drop)]
#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct UserRecord {
pub id: i32,
pub name: String,
pub email: String,
pub password_hash: Vec<u8>,
pub salt: Vec<u8>,
pub attributes: serde_json::Value,
}
impl UserRecord {
pub fn from_ordered_row(row: &Row) -> Self {
pub fn from_row(row: Row) -> Self {
Self {
id: row.get(0),
name: row.get(1),
email: row.get(2),
password_hash: row.get(3),
salt: row.get(4),
id: row.get("id"),
name: row.get("name"),
email: row.get("email"),
password_hash: row.get("password_hash"),
salt: row.get("salt"),
attributes: row.get("attributes"),
}
}
}
@ -62,6 +63,18 @@ pub struct UserInformation {
pub id: i32,
pub name: String,
pub email: String,
pub attributes: Value,
}
impl UserInformation {
pub fn from_row(row: Row) -> Self {
Self {
id: row.get("id"),
name: row.get("name"),
email: row.get("email"),
attributes: row.get("attributes"),
}
}
}
#[derive(Serialize, Deserialize, JsonSchema)]
@ -69,15 +82,17 @@ pub struct UserFullInformation {
pub id: i32,
pub name: String,
pub email: String,
pub attributes: Value,
pub roles: Vec<Role>,
}
impl From<UserRecord> for UserInformation {
fn from(record: UserRecord) -> Self {
Self {
id: record.id.clone(),
name: record.name.clone(),
email: record.email.clone(),
id: record.id,
name: record.name,
email: record.email,
attributes: record.attributes,
}
}
}

42
src/database/users.rs
Unescape Escape View File

@ -13,6 +13,7 @@ use crate::database::user_roles::UserRoles;
use crate::database::{DatabaseResult, PostgresPool, Table};
use crate::utils::error::DBError;
use crate::utils::{create_salt, hash_password};
use serde_json::Value;
/// Table that stores users with their email addresses and hashed passwords
#[derive(Clone)]
@ -38,7 +39,8 @@ impl Table for Users {
name VARCHAR(255) NOT NULL,
email VARCHAR(255) UNIQUE NOT NULL,
password_hash BYTEA NOT NULL,
salt BYTEA NOT NULL
salt BYTEA NOT NULL,
attributes JSON NOT NULL DEFAULT '{}'
);",
)?;
@ -55,6 +57,7 @@ impl Users {
name: String,
email: String,
password: String,
attributes: Value,
) -> DatabaseResult<UserRecord> {
let mut connection = self.pool.get()?;
let mut password = Zeroizing::new(password);
@ -72,10 +75,10 @@ impl Users {
hash_password(password.as_bytes(), &*salt).map_err(|e| DBError::GenericError(e))?;
password.zeroize();
let row = connection.query_one("
INSERT INTO users (name, email, password_hash, salt) VALUES ($1, $2, $3, $4) RETURNING *;
", &[&name, &email, &pw_hash.to_vec(), &salt.to_vec()])?;
INSERT INTO users (name, email, password_hash, salt, attributes) VALUES ($1, $2, $3, $4, $5) RETURNING *;
", &[&name, &email, &pw_hash.to_vec(), &salt.to_vec(), &attributes])?;
Ok(UserRecord::from_ordered_row(&row))
Ok(UserRecord::from_row(row))
}
pub fn update_user(
@ -83,13 +86,15 @@ impl Users {
old_email: &String,
name: &String,
email: &String,
attributes: &Value,
password: &Option<String>,
) -> DatabaseResult<UserInformation> {
log::trace!(
"Updating user {} with new entries name: {}, email: {}",
"Updating user {} with new entries name: {}, email: {}, attributes: {:?}",
old_email,
name,
email
email,
attributes,
);
let mut connection = self.pool.get()?;
if connection
@ -115,17 +120,17 @@ impl Users {
let pw_hash =
hash_password(password.as_bytes(), &*salt).map_err(|e| DBError::GenericError(e))?;
connection.query_one(
"UPDATE users SET name = $1, email = $2, password_hash = $3, salt = $4 WHERE email = $5 RETURNING *",
&[&name, &email, &pw_hash.to_vec(), &salt.to_vec(), &old_email],
"UPDATE users SET name = $1, email = $2, password_hash = $3, salt = $4, attributes = $5 WHERE email = $6 RETURNING *",
&[&name, &email, &pw_hash.to_vec(), &salt.to_vec(), &attributes, &old_email],
)?
} else {
connection.query_one(
"UPDATE users SET name = $1, email = $2 WHERE email = $3 RETURNING *",
&[&name, &email, &old_email],
"UPDATE users SET name = $1, email = $2, attributes = $3 WHERE email = $4 RETURNING *",
&[&name, &email, &attributes, &old_email],
)?
};
Ok(serde_postgres::from_row::<UserInformation>(&new_record)?)
Ok(UserInformation::from_row(new_record))
}
/// Returns information about a user by Id
@ -133,10 +138,13 @@ impl Users {
log::trace!("Looking up entry for user with id {}", id);
let mut connection = self.pool.get()?;
let result = connection
.query_opt("SELECT id, name, email FROM users WHERE id = $1", &[&id])?
.query_opt(
"SELECT id, name, email, attributes FROM users WHERE id = $1",
&[&id],
)?
.ok_or(DBError::RecordDoesNotExist)?;
Ok(serde_postgres::from_row::<UserInformation>(&result)?)
Ok(UserInformation::from_row(result))
}
pub fn get_user_by_email(&self, email: &String) -> DatabaseResult<UserInformation> {
@ -144,22 +152,22 @@ impl Users {
let mut connection = self.pool.get()?;
let result = connection
.query_opt(
"SELECT id, name, email FROM users WHERE email = $1",
"SELECT id, name, email, attributes FROM users WHERE email = $1",
&[email],
)?
.ok_or(DBError::RecordDoesNotExist)?;
Ok(serde_postgres::from_row::<UserInformation>(&result)?)
Ok(UserInformation::from_row(result))
}
pub fn get_users(&self) -> DatabaseResult<Vec<UserInformation>> {
log::trace!("Returning a list of all users...");
let mut connection = self.pool.get()?;
let results = connection.query("SELECT id, name, email FROM users", &[])?;
let results = connection.query("SELECT id, name, email, attributes FROM users", &[])?;
let mut users = Vec::new();
for result in results {
users.push(serde_postgres::from_row::<UserInformation>(&result)?);
users.push(UserInformation::from_row(result));
}
Ok(users)

4
src/server/http_server.rs
Unescape Escape View File

@ -391,6 +391,7 @@ impl UserHttpServer {
id: user.id,
name: user.name,
email: user.email,
attributes: user.attributes,
roles,
}))
}
@ -411,6 +412,7 @@ impl UserHttpServer {
message.name.clone(),
message.email.clone(),
message.password.clone(),
message.attributes.clone(),
)?;
Ok(Response::json(&UserInformation::from(result)).with_status_code(201))
@ -437,6 +439,7 @@ impl UserHttpServer {
&email,
&message.name.clone().unwrap_or(user_record.name),
&message.email.clone().unwrap_or(user_record.email),
&message.attributes.clone().unwrap_or(user_record.attributes),
&message.password,
)?;
let roles = if let Some(roles) = &message.roles {
@ -450,6 +453,7 @@ impl UserHttpServer {
id: record.id,
email: record.email,
name: record.name,
attributes: record.attributes,
roles,
}))
}

9
src/server/messages.rs
Unescape Escape View File

@ -12,6 +12,7 @@ use zeroize::Zeroize;
use crate::database::models::{CreatePermissionsEntry, Permission};
use crate::utils::error::DBError;
use serde_json::Value;
#[derive(Deserialize)]
pub struct TokenRequest {
@ -120,22 +121,22 @@ pub struct DeleteRoleResponse {
pub role: String,
}
#[derive(Deserialize, JsonSchema, Zeroize)]
#[zeroize(drop)]
#[derive(Deserialize, JsonSchema)]
pub struct UpdateUserRequest {
pub name: Option<String>,
pub email: Option<String>,
pub password: Option<String>,
pub roles: Option<Vec<String>>,
pub attributes: Option<Value>,
pub own_password: String,
}
#[derive(Deserialize, JsonSchema, Zeroize)]
#[zeroize(drop)]
#[derive(Deserialize, JsonSchema)]
pub struct CreateUserRequest {
pub name: String,
pub email: String,
pub password: String,
pub attributes: Value,
}
#[derive(Deserialize, JsonSchema, Zeroize)]

Write Preview
Loading…
Cancel
Save