Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-16 01:51:21 +01:00
Code Issues Projects Releases Wiki Activity

user premium validation job

Browse Source
This commit is contained in:
Kyle Spearrin 2017-08-22 15:27:29 -04:00
parent 8e5d541be6
commit 0ea87d1c1c
16 changed files with 162 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/Billing/Controllers/JobsController.cs
View File

@ -1,38 +0,0 @@
using Bit.Core.Services;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using System.Threading.Tasks;
namespace Bit.Billing.Controllers
{
[Route("jobs")]
public class JobsController : Controller
{
private readonly BillingSettings _billingSettings;
private readonly IOrganizationService _organizationService;
private readonly IUserService _userService;
public JobsController(
IOptions<BillingSettings> billingSettings,
IOrganizationService organizationService,
IUserService userService)
{
_billingSettings = billingSettings?.Value;
_organizationService = organizationService;
_userService = userService;
}
[HttpPost("expirations")]
public async Task<IActionResult> PostExpirations([FromQuery] string key)
{
if(key != _billingSettings.JobsKey)
{
return new BadRequestResult();
}
// TODO check for all users/orgs that are expired and disable them
return new OkResult();
}
}
}

2
src/Core/Repositories/IOrganizationRepository.cs
View File

@ -7,7 +7,7 @@ namespace Bit.Core.Repositories
{
public interface IOrganizationRepository : IRepository<Organization, Guid>
{
Task<ICollection<Organization>> GetManyAsync();
Task<ICollection<Organization>> GetManyByEnabledAsync();
Task<ICollection<Organization>> GetManyByUserIdAsync(Guid userId);
Task UpdateStorageAsync(Guid id);
}

2
src/Core/Repositories/IUserRepository.cs
View File

@ -1,4 +1,5 @@
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
@ -7,6 +8,7 @@ namespace Bit.Core.Repositories
public interface IUserRepository : IRepository<User, Guid>
{
Task<User> GetByEmailAsync(string email);
Task<ICollection<User>> GetManyByPremiumAsync(bool premium);
Task<string> GetPublicKeyAsync(Guid id);
Task<DateTime> GetAccountRevisionDateAsync(Guid id);
Task UpdateStorageAsync(Guid id);

4
src/Core/Repositories/SqlServer/OrganizationRepository.cs
View File

@ -19,12 +19,12 @@ namespace Bit.Core.Repositories.SqlServer
: base(connectionString)
{ }
public async Task<ICollection<Organization>> GetManyAsync()
public async Task<ICollection<Organization>> GetManyByEnabledAsync()
{
using(var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<Organization>(
"[dbo].[Organization_Read]",
"[dbo].[Organization_ReadByEnabled]",
commandType: CommandType.StoredProcedure);
return results.ToList();

14
src/Core/Repositories/SqlServer/UserRepository.cs
View File

@ -1,4 +1,5 @@
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
@ -36,6 +37,19 @@ namespace Bit.Core.Repositories.SqlServer
}
}
public async Task<ICollection<User>> GetManyByPremiumAsync(bool premium)
{
using(var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<User>(
"[dbo].[User_ReadByPremium]",
new { Premium = premium },
commandType: CommandType.StoredProcedure);
return results.ToList();
}
}
public async Task<string> GetPublicKeyAsync(Guid id)
{
using(var connection = new SqlConnection(ConnectionString))

1
src/Core/Services/ILicensingService.cs
View File

@ -7,6 +7,7 @@ namespace Bit.Core.Services
public interface ILicensingService
{
Task ValidateOrganizationsAsync();
Task ValidateUsersAsync();
Task<bool> ValidateUserPremiumAsync(User user);
bool VerifyLicense(ILicense license);
byte[] SignLicense(ILicense license);

77
src/Core/Services/Implementations/RsaLicensingService.cs → src/Core/Services/Implementations/LicensingService.cs
View File

@ -15,25 +15,28 @@ using System.Threading.Tasks;
namespace Bit.Core.Services
{
public class RsaLicensingService : ILicensingService
public class LicensingService : ILicensingService
{
private readonly X509Certificate2 _certificate;
private readonly GlobalSettings _globalSettings;
private readonly IUserRepository _userRepository;
private readonly IOrganizationRepository _organizationRepository;
private readonly ILogger<RsaLicensingService> _logger;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly ILogger<LicensingService> _logger;
private IDictionary<Guid, DateTime> _userCheckCache = new Dictionary<Guid, DateTime>();
public RsaLicensingService(
public LicensingService(
IUserRepository userRepository,
IOrganizationRepository organizationRepository,
IOrganizationUserRepository organizationUserRepository,
IHostingEnvironment environment,
ILogger<RsaLicensingService> logger,
ILogger<LicensingService> logger,
GlobalSettings globalSettings)
{
_userRepository = userRepository;
_organizationRepository = organizationRepository;
_organizationUserRepository = organizationUserRepository;
_logger = logger;
var certThumbprint = "207e64a231e8aa32aaf68a61037c075ebebd553f";
@ -59,10 +62,10 @@ namespace Bit.Core.Services
return;
}
var orgs = await _organizationRepository.GetManyAsync();
var orgs = await _organizationRepository.GetManyByEnabledAsync();
_logger.LogInformation("Validating licenses for {0} organizations.", orgs.Count);
foreach(var org in orgs.Where(o => o.Enabled))
foreach(var org in orgs)
{
var license = ReadOrganiztionLicense(org);
if(license == null || !license.VerifyData(org, _globalSettings) || !license.VerifySignature(_certificate))
@ -78,6 +81,42 @@ namespace Bit.Core.Services
}
}
public async Task ValidateUsersAsync()
{
if(!_globalSettings.SelfHosted)
{
return;
}
var premiumUsers = await _userRepository.GetManyByPremiumAsync(true);
_logger.LogInformation("Validating premium for {0} users.", premiumUsers.Count);
foreach(var user in premiumUsers)
{
await ProcessUserValidationAsync(user);
}
var nonPremiumUsers = await _userRepository.GetManyByPremiumAsync(false);
_logger.LogInformation("Checking to restore premium for {0} users.", nonPremiumUsers.Count);
foreach(var user in nonPremiumUsers)
{
var details = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id);
if(details.Any(d => d.Enabled))
{
_logger.LogInformation("Granting premium to user {0}({1}) because they are in an active organization.",
user.Id, user.Email);
user.Premium = true;
user.MaxStorageGb = 10240; // 10 TB
user.RevisionDate = DateTime.UtcNow;
user.PremiumExpirationDate = null;
user.LicenseKey = null;
await _userRepository.ReplaceAsync(user);
}
}
}
public async Task<bool> ValidateUserPremiumAsync(User user)
{
if(!_globalSettings.SelfHosted)
@ -110,10 +149,30 @@ namespace Bit.Core.Services
}
_logger.LogInformation("Validating premium license for user {0}({1}).", user.Id, user.Email);
return await ProcessUserValidationAsync(user);
}
private async Task<bool> ProcessUserValidationAsync(User user)
{
var license = ReadUserLicense(user);
var licensedForPremium = license != null && license.VerifyData(user) && license.VerifySignature(_certificate);
if(!licensedForPremium)
var valid = license != null && license.VerifyData(user) && license.VerifySignature(_certificate);
if(!valid)
{
var details = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id);
valid = details.Any(d => d.Enabled);
if(valid && (!string.IsNullOrWhiteSpace(user.LicenseKey) || user.PremiumExpirationDate.HasValue))
{
// user used to be on a license but is now part of a organization that gives them premium.
// update the record.
user.PremiumExpirationDate = null;
user.LicenseKey = null;
await _userRepository.ReplaceAsync(user);
}
}
if(!valid)
{
_logger.LogInformation("User {0}({1}) has an invalid license and premium is being disabled.",
user.Id, user.Email);
@ -124,7 +183,7 @@ namespace Bit.Core.Services
await _userRepository.ReplaceAsync(user);
}
return licensedForPremium;
return valid;
}
public bool VerifyLicense(ILicense license)

5
src/Core/Services/NoopImplementations/NoopLicensingService.cs
View File

@ -23,6 +23,11 @@ namespace Bit.Core.Services
return Task.FromResult(0);
}
public Task ValidateUsersAsync()
{
return Task.FromResult(0);
}
public Task<bool> ValidateUserPremiumAsync(User user)
{
return Task.FromResult(user.Premium);

2
src/Core/Utilities/ServiceCollectionExtensions.cs
View File

@ -63,7 +63,7 @@ namespace Bit.Core.Utilities
services.AddSingleton<IMailService, RazorMailService>();
}
services.AddSingleton<ILicensingService, RsaLicensingService>();
services.AddSingleton<ILicensingService, LicensingService>();
if(CoreHelpers.SettingHasValue(globalSettings.Mail.SendGridApiKey))
{

4
src/Jobs/Program.cs
View File

@ -56,8 +56,8 @@ namespace Bit.Jobs
case "validate-organizations":
await _licensingService.ValidateOrganizationsAsync();
break;
case "validate-users":
// TODO
case "validate-users-premium":
await _licensingService.ValidateUsersAsync();
break;
case "refresh-licenses":
// TODO

1
src/Jobs/crontab
View File

@ -1,4 +1,5 @@
0 * * * * root dotnet /jobs/Jobs.dll -d /jobs -j alive >> /var/log/cron.log 2>&1
0 */6 * * * root dotnet /jobs/Jobs.dll -d /jobs -j validate-organizations >> /var/log/cron.log 2>&1
30 */12 * * * root dotnet /jobs/Jobs.dll -d /jobs -j validate-users-premium >> /var/log/cron.log 2>&1
# An empty line is required at the end of this file for a valid cron file.

3
src/Sql/Sql.sqlproj
View File

@ -210,6 +210,7 @@
<Build Include="dbo\Stored Procedures\Installation_ReadById.sql" />
<Build Include="dbo\Stored Procedures\Installation_Update.sql" />
<Build Include="dbo\Views\InstallationView.sql" />
<Build Include="dbo\Stored Procedures\Organization_Read.sql" />
<Build Include="dbo\Stored Procedures\Organization_ReadByEnabled.sql" />
<Build Include="dbo\Stored Procedures\User_ReadByPremium.sql" />
</ItemGroup>
</Project>

5
src/Sql/dbo/Stored Procedures/Organization_Read.sql → src/Sql/dbo/Stored Procedures/Organization_ReadByEnabled.sql
View File

@ -1,5 +1,4 @@
CREATE PROCEDURE [dbo].[Organization_Read]
@Id UNIQUEIDENTIFIER
CREATE PROCEDURE [dbo].[Organization_ReadByEnabled]
AS
BEGIN
SET NOCOUNT ON
@ -8,4 +7,6 @@ BEGIN
*
FROM
[dbo].[OrganizationView]
WHERE
[Enabled] = 1
END

13
src/Sql/dbo/Stored Procedures/User_ReadByPremium.sql Normal file
View File

@ -0,0 +1,13 @@
CREATE PROCEDURE [dbo].[User_ReadByPremium]
@Premium BIT
AS
BEGIN
SET NOCOUNT ON
SELECT
*
FROM
[dbo].[UserView]
WHERE
[Premium] = @Premium
END

46
util/Setup/DbScripts/2017-08-22_00_LicenseCheckScripts.sql Normal file
View File

@ -0,0 +1,46 @@
IF OBJECT_ID('[dbo].[Organization_Read]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[Organization_Read]
END
GO
IF OBJECT_ID('[dbo].[Organization_ReadByEnabled]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[Organization_ReadByEnabled]
END
GO
CREATE PROCEDURE [dbo].[Organization_ReadByEnabled]
AS
BEGIN
SET NOCOUNT ON
SELECT
*
FROM
[dbo].[OrganizationView]
WHERE
[Enabled] = 1
END
GO
IF OBJECT_ID('[dbo].[User_ReadByPremium]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[User_ReadByPremium]
END
GO
CREATE PROCEDURE [dbo].[User_ReadByPremium]
@Premium BIT
AS
BEGIN
SET NOCOUNT ON
SELECT
*
FROM
[dbo].[UserView]
WHERE
[Premium] = @Premium
END
GO

1
util/Setup/Setup.csproj
View File

@ -7,6 +7,7 @@
</PropertyGroup>
<ItemGroup>
<EmbeddedResource Include="DbScripts\2017-08-22_00_LicenseCheckScripts.sql" />
<EmbeddedResource Include="DbScripts\2017-08-19_00_InitialSetup.sql" />
</ItemGroup>