Exemple #1
0
func (et *EmailTracker) Send(
	ctx scope.Context, js jobs.JobService, templater *templates.Templater, deliverer emails.Deliverer,
	account proto.Account, to, templateName string, data interface{}) (
	*emails.EmailRef, error) {

	if to == "" {
		to, _ = account.Email()
	}

	sf, err := snowflake.New()
	if err != nil {
		return nil, err
	}
	msgID := fmt.Sprintf("<%s@%s>", sf, deliverer.LocalName())

	ref, err := emails.NewEmail(templater, msgID, to, templateName, data)
	if err != nil {
		return nil, err
	}
	ref.AccountID = account.ID()

	jq, err := js.GetQueue(ctx, jobs.EmailQueue)
	if err != nil {
		return nil, err
	}

	payload := &jobs.EmailJob{
		AccountID: account.ID(),
		EmailID:   ref.ID,
	}
	job, err := jq.AddAndClaim(ctx, jobs.EmailJobType, payload, "immediate", jobs.EmailJobOptions...)
	if err != nil {
		return nil, err
	}

	ref.JobID = job.ID

	et.m.Lock()
	if et.emailsByAccount == nil {
		et.emailsByAccount = map[snowflake.Snowflake][]*emails.EmailRef{}
	}
	et.emailsByAccount[account.ID()] = append(et.emailsByAccount[account.ID()], ref)
	et.m.Unlock()

	child := ctx.Fork()
	child.WaitGroup().Add(1)

	go job.Exec(child, func(ctx scope.Context) error {
		defer ctx.WaitGroup().Done()

		logging.Logger(ctx).Printf("delivering to %s\n", to)
		if err := deliverer.Deliver(ctx, ref); err != nil {
			return err
		}
		return nil
	})

	return ref, nil
}
Exemple #2
0
func (rb *RoomBinding) ManagerCapability(ctx scope.Context, manager proto.Account) (
	security.Capability, error) {

	var c Capability
	err := rb.SelectOne(
		&c,
		"SELECT c.id, c.nonce, c.encrypted_private_data, c.public_data"+
			" FROM capability c, room_manager_capability rm"+
			" WHERE rm.room = $1 AND c.id = rm.capability_id AND c.account_id = $2"+
			" AND rm.revoked < rm.granted",
		rb.Name, manager.ID().String())
	if err != nil {
		if err == sql.ErrNoRows {
			return nil, proto.ErrManagerNotFound
		}
	}
	return &c, nil
}
Exemple #3
0
func (rmc *RoomManagerCapabilities) Save(
	ctx scope.Context, account proto.Account, c security.Capability) error {

	capRow := &Capability{
		ID:                   c.CapabilityID(),
		NonceBytes:           c.Nonce(),
		EncryptedPrivateData: c.EncryptedPayload(),
		PublicData:           c.PublicPayload(),
	}
	rmCapRow := &RoomManagerCapability{
		Room:         rmc.Room.Name,
		CapabilityID: c.CapabilityID(),
		Granted:      time.Now(),
	}
	if account != nil {
		capRow.AccountID = account.ID().String()
		rmCapRow.AccountID = account.ID().String()
	}
	return rmc.Executor.Insert(capRow, rmCapRow)
}
Exemple #4
0
func (r *memRoom) verifyManager(ctx scope.Context, actor proto.Account, actorKey *security.ManagedKey) (
	*security.PublicKeyCapability, error) {

	// Verify that actorKey unlocks actor's keypair. In a real implementation,
	// we would take an additional step of verifying against a capability.
	kp := actor.KeyPair()
	if err := kp.Decrypt(actorKey); err != nil {
		return nil, err
	}

	// Verify actor is a manager.
	c, err := r.ManagerCapability(ctx, actor)
	if err != nil {
		if err == proto.ErrManagerNotFound {
			return nil, proto.ErrAccessDenied
		}
		return nil, err
	}

	return c.(*security.PublicKeyCapability), nil
}
Exemple #5
0
func (m *accountManager) GenerateOTP(ctx scope.Context, heim *proto.Heim, kms security.KMS, account proto.Account) (*proto.OTP, error) {
	m.b.Lock()
	defer m.b.Unlock()

	if m.b.otps == nil {
		m.b.otps = map[snowflake.Snowflake]*proto.OTP{}
	}

	old, ok := m.b.otps[account.ID()]
	if ok && old.Validated {
		return nil, proto.ErrOTPAlreadyEnrolled
	}

	otp, err := heim.NewOTP(account)
	if err != nil {
		return nil, err
	}

	m.b.otps[account.ID()] = otp
	return otp, nil
}
Exemple #6
0
func (rb *ManagedRoomBinding) ManagerCapability(ctx scope.Context, manager proto.Account) (
	security.Capability, error) {

	var c Capability
	cols, err := allColumns(rb.DbMap, c, "c")
	if err != nil {
		return nil, err
	}
	err = rb.SelectOne(
		&c,
		fmt.Sprintf("SELECT %s FROM capability c, room_manager_capability rm"+
			" WHERE rm.room = $1 AND c.id = rm.capability_id AND c.account_id = $2"+
			" AND rm.revoked < rm.granted",
			cols),
		rb.Name, manager.ID().String())
	if err != nil {
		if err == sql.ErrNoRows {
			return nil, proto.ErrManagerNotFound
		}
	}
	return &c, nil
}
Exemple #7
0
func (et *EmailTracker) Send(
	ctx scope.Context, js jobs.JobService, templater *templates.Templater, deliverer emails.Deliverer,
	account proto.Account, templateName string, data interface{}) (
	*emails.EmailRef, error) {

	// choose a Message-ID
	sf, err := snowflake.New()
	if err != nil {
		return nil, err
	}
	domain := "heim"
	if deliverer != nil {
		domain = deliverer.LocalName()
	}
	msgID := fmt.Sprintf("<%s@%s>", sf, domain)

	// choose an address to send to
	to := ""
	/*
	   requireVerifiedAddress := true
	   switch templateName {
	   case proto.WelcomeEmail, proto.RoomInvitationWelcomeEmail, proto.PasswordResetEmail:
	       requireVerifiedAddress = false
	   }
	*/
	for _, pid := range account.PersonalIdentities() {
		if pid.Namespace() == "email" {
			/*
			   if !pid.Verified() && requireVerifiedAddress {
			       continue
			   }
			*/
			to = pid.ID()
			break
		}
	}
	if to == "" {
		fmt.Printf("no email address to deliver to\n")
		return nil, fmt.Errorf("account has no email address to deliver %s to", templateName)
	}

	// construct the email
	ref, err := emails.NewEmail(templater, msgID, to, templateName, data)
	if err != nil {
		return nil, err
	}
	ref.AccountID = account.ID()

	// get underlying JobQueue so we can add-and-claim in the same transaction as the email insert
	abstractQueue, err := js.GetQueue(ctx, jobs.EmailQueue)
	if err != nil {
		return nil, err
	}
	jq := abstractQueue.(*JobQueueBinding)

	t, err := et.Backend.DbMap.Begin()
	if err != nil {
		return nil, err
	}

	// insert job first, so we know what JobID to associate with the email when we insert it
	payload := &jobs.EmailJob{
		AccountID: account.ID(),
		EmailID:   ref.ID,
	}
	job, err := jq.addAndClaim(ctx, t, jobs.EmailJobType, payload, "immediate", jobs.EmailJobOptions...)
	if err != nil {
		rollback(ctx, t)
		return nil, err
	}
	ref.JobID = job.ID

	// insert the email
	var email Email
	email.FromBackend(ref)
	if err := t.Insert(&email); err != nil {
		rollback(ctx, t)
		return nil, err
	}

	// finalize and spin off first delivery attempt
	if err := t.Commit(); err != nil {
		return nil, err
	}

	child := ctx.Fork()
	child.WaitGroup().Add(1)
	go job.Exec(child, func(ctx scope.Context) error {
		defer ctx.WaitGroup().Done()

		logging.Logger(ctx).Printf("delivering to %s\n", to)
		if deliverer == nil {
			return fmt.Errorf("deliverer not configured")
		}
		if err := deliverer.Deliver(ctx, ref); err != nil {
			return err
		}
		if _, err := et.Backend.DbMap.Exec("UPDATE email SET delivered = $2 WHERE id = $1", ref.ID, ref.Delivered); err != nil {
			// Even if we fail to mark the email as delivered, don't return an
			// error so the job still gets completed. We wouldn't want to spam
			// someone just because of a DB issue.
			logging.Logger(ctx).Printf("error marking email %s/%s as delivered: %s", account.ID(), ref.ID, err)
		}
		return nil
	})

	return ref, nil
}
Exemple #8
0
func (b *AccountManagerBinding) GenerateOTP(ctx scope.Context, heim *proto.Heim, kms security.KMS, account proto.Account) (*proto.OTP, error) {
	encryptedKey, err := kms.GenerateEncryptedKey(OTPKeyType, "account", account.ID().String())
	if err != nil {
		return nil, err
	}

	key := encryptedKey.Clone()
	if err := kms.DecryptKey(&key); err != nil {
		return nil, err
	}

	iv, err := kms.GenerateNonce(OTPKeyType.BlockSize())
	if err != nil {
		return nil, err
	}

	t, err := b.DbMap.Begin()
	if err != nil {
		return nil, err
	}

	rawOTP, err := b.getRawOTP(t, account.ID())
	if err != nil && err != proto.ErrOTPNotEnrolled {
		rollback(ctx, t)
		return nil, err
	}
	if err == nil {
		if rawOTP.Validated {
			rollback(ctx, t)
			return nil, proto.ErrOTPAlreadyEnrolled
		}
		row := &OTP{AccountID: account.ID().String()}
		if _, err := t.Delete(row); err != nil {
			rollback(ctx, t)
			return nil, err
		}
	}

	otp, err := heim.NewOTP(account)
	if err != nil {
		rollback(ctx, t)
		return nil, err
	}

	digest, encryptedURI, err := security.EncryptGCM(&key, iv, []byte(otp.URI), nil)
	if err != nil {
		rollback(ctx, t)
		return nil, err
	}

	row := &OTP{
		AccountID:    account.ID().String(),
		IV:           iv,
		EncryptedKey: encryptedKey.Ciphertext,
		Digest:       digest,
		EncryptedURI: encryptedURI,
	}
	if err := t.Insert(row); err != nil {
		// TODO: this could fail in the case of a race condition
		// by the time that matters we should be on postgres 9.5 and using a proper upsert
		rollback(ctx, t)
		return nil, err
	}

	if err := t.Commit(); err != nil {
		return nil, err
	}

	return otp, nil
}
Exemple #9
0
func (et *EmailTracker) Send(
	ctx scope.Context, js jobs.JobService, templater *templates.Templater, deliverer emails.Deliverer,
	account proto.Account, templateName string, data interface{}) (
	*emails.EmailRef, error) {

	sf, err := snowflake.New()
	if err != nil {
		return nil, err
	}
	msgID := fmt.Sprintf("<%s@%s>", sf, deliverer.LocalName())

	to := ""
	/*
		requireVerifiedAddress := true
		switch templateName {
		case proto.WelcomeEmail, proto.RoomInvitationWelcomeEmail, proto.PasswordResetEmail:
			requireVerifiedAddress = false
		}
	*/
	for _, pid := range account.PersonalIdentities() {
		if pid.Namespace() == "email" {
			/*
				if !pid.Verified() && requireVerifiedAddress {
					continue
				}
			*/
			to = pid.ID()
			break
		}
	}
	if to == "" {
		fmt.Printf("no email address to deliver to\n")
		return nil, fmt.Errorf("account has no email address to deliver %s to", templateName)
	}

	ref, err := emails.NewEmail(templater, msgID, to, templateName, data)
	if err != nil {
		return nil, err
	}
	ref.AccountID = account.ID()

	jq, err := js.GetQueue(ctx, jobs.EmailQueue)
	if err != nil {
		return nil, err
	}

	payload := &jobs.EmailJob{
		AccountID: account.ID(),
		EmailID:   ref.ID,
	}
	job, err := jq.AddAndClaim(ctx, jobs.EmailJobType, payload, "immediate", jobs.EmailJobOptions...)
	if err != nil {
		return nil, err
	}

	ref.JobID = job.ID

	et.m.Lock()
	if et.emailsByAccount == nil {
		et.emailsByAccount = map[snowflake.Snowflake][]*emails.EmailRef{}
	}
	et.emailsByAccount[account.ID()] = append(et.emailsByAccount[account.ID()], ref)
	et.m.Unlock()

	child := ctx.Fork()
	child.WaitGroup().Add(1)

	go job.Exec(child, func(ctx scope.Context) error {
		defer ctx.WaitGroup().Done()

		logging.Logger(ctx).Printf("delivering to %s\n", to)
		if err := deliverer.Deliver(ctx, ref); err != nil {
			return err
		}
		return nil
	})

	return ref, nil
}