Merge branch '198-support-user-password-resets' into 'next'

feat: support user password resets Closes #198 See merge request famedly/conduit!339
2022-04-07 12:11:55 +00:00 · 2022-04-07 12:11:55 +00:00 · 9e29dc808f
commit 9e29dc808f
parent 2556e29984 ada07de204
5 changed files with 108 additions and 3 deletions
--- a/src/database/admin.rs
+++ b/src/database/admin.rs
@ -8,7 +8,7 @@ use std::{
 use crate::{
    error::{Error, Result},
    pdu::PduBuilder,
-    server_server,
+    server_server, utils,
    utils::HtmlEscape,
    Database, PduEvent,
 };
@ -262,6 +262,12 @@ enum AdminCommand {

    /// Show configuration values
    ShowConfig,
+
+    /// Reset user password
+    ResetPassword {
+        /// Username of the user for whom the password should be reset
+        username: String,
+    },
 }

 fn process_admin_command(
@ -435,6 +441,45 @@ fn process_admin_command(
            // Construct and send the response
            RoomMessageEventContent::text_plain(format!("{}", db.globals.config))
        }
+        AdminCommand::ResetPassword { username } => {
+            let user_id = match UserId::parse_with_server_name(
+                username.as_str().to_lowercase(),
+                db.globals.server_name(),
+            ) {
+                Ok(id) => id,
+                Err(e) => {
+                    return Ok(RoomMessageEventContent::text_plain(format!(
+                        "The supplied username is not a valid username: {}",
+                        e
+                    )))
+                }
+            };
+
+            // Check if the specified user is valid
+            if !db.users.exists(&user_id)?
+                || db.users.is_deactivated(&user_id)?
+                || user_id
+                    == UserId::parse_with_server_name("conduit", db.globals.server_name())
+                        .expect("conduit user exists")
+            {
+                return Ok(RoomMessageEventContent::text_plain(
+                    "The specified user does not exist or is deactivated!",
+                ));
+            }
+
+            let new_password = utils::random_string(20);
+
+            match db.users.set_password(&user_id, Some(new_password.as_str())) {
+                Ok(()) => RoomMessageEventContent::text_plain(format!(
+                    "Successfully reset the password for user {}: {}",
+                    user_id, new_password
+                )),
+                Err(e) => RoomMessageEventContent::text_plain(format!(
+                    "Couldn't reset the password for user {}: {}",
+                    user_id, e
+                )),
+            }
+        }
    };

    Ok(reply_message_content)
--- a/src/database/globals.rs
+++ b/src/database/globals.rs
@ -264,6 +264,10 @@ impl Globals {
        &self.config.turn_secret
    }

+    pub fn emergency_password(&self) -> &Option<String> {
+        &self.config.emergency_password
+    }
+
    /// TODO: the key valid until timestamp is only honored in room version > 4
    /// Remove the outdated keys and insert the new ones.
    ///
--- a/src/database/rooms.rs
+++ b/src/database/rooms.rs
@ -1496,7 +1496,11 @@ impl Rooms {
                    let server_user = format!("@conduit:{}", db.globals.server_name());

                    let to_conduit = body.starts_with(&format!("{}: ", server_user));
-                    let from_conduit = pdu.sender == server_user;
+
+                    // This will evaluate to false if the emergency password is set up so that
+                    // the administrator can execute commands as conduit
+                    let from_conduit =
+                        pdu.sender == server_user && db.globals.emergency_password().is_none();

                    if to_conduit && !from_conduit && admin_room.as_ref() == Some(&pdu.room_id) {
                        db.admin.process_message(body.to_string());