mirror of
https://forgejo.ellis.link/continuwuation/continuwuity.git
synced 2025-09-11 08:53:02 +02:00
91 lines
2.3 KiB
Rust
91 lines
2.3 KiB
Rust
use std::sync::Arc;
|
|
|
|
use async_trait::async_trait;
|
|
use conduwuit::{error, warn, Result};
|
|
use ruma::{
|
|
events::{push_rules::PushRulesEventContent, GlobalAccountDataEvent, GlobalAccountDataEventType},
|
|
push::Ruleset,
|
|
};
|
|
|
|
use crate::{account_data, globals, users, Dep};
|
|
|
|
pub struct Service {
|
|
services: Services,
|
|
}
|
|
|
|
struct Services {
|
|
account_data: Dep<account_data::Service>,
|
|
globals: Dep<globals::Service>,
|
|
users: Dep<users::Service>,
|
|
}
|
|
|
|
#[async_trait]
|
|
impl crate::Service for Service {
|
|
fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
|
|
Ok(Arc::new(Self {
|
|
services: Services {
|
|
account_data: args.depend::<account_data::Service>("account_data"),
|
|
globals: args.depend::<globals::Service>("globals"),
|
|
users: args.depend::<users::Service>("users"),
|
|
},
|
|
}))
|
|
}
|
|
|
|
async fn worker(self: Arc<Self>) -> Result<()> {
|
|
if self.services.globals.is_read_only() {
|
|
return Ok(());
|
|
}
|
|
|
|
self.set_emergency_access()
|
|
.await
|
|
.inspect_err(|e| error!("Could not set the configured emergency password for the server user: {e}"))?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }
|
|
}
|
|
|
|
impl Service {
|
|
/// Sets the emergency password and push rules for the server user account
|
|
/// in case emergency password is set
|
|
async fn set_emergency_access(&self) -> Result<bool> {
|
|
let server_user = &self.services.globals.server_user;
|
|
|
|
self.services
|
|
.users
|
|
.set_password(server_user, self.services.globals.emergency_password().as_deref())?;
|
|
|
|
let (ruleset, pwd_set) = match self.services.globals.emergency_password() {
|
|
Some(_) => (Ruleset::server_default(server_user), true),
|
|
None => (Ruleset::new(), false),
|
|
};
|
|
|
|
self.services
|
|
.account_data
|
|
.update(
|
|
None,
|
|
server_user,
|
|
GlobalAccountDataEventType::PushRules.to_string().into(),
|
|
&serde_json::to_value(&GlobalAccountDataEvent {
|
|
content: PushRulesEventContent {
|
|
global: ruleset,
|
|
},
|
|
})
|
|
.expect("to json value always works"),
|
|
)
|
|
.await?;
|
|
|
|
if pwd_set {
|
|
warn!(
|
|
"The server account emergency password is set! Please unset it as soon as you finish admin account \
|
|
recovery! You will be logged out of the server service account when you finish."
|
|
);
|
|
} else {
|
|
// logs out any users still in the server service account and removes sessions
|
|
self.services.users.deactivate_account(server_user).await?;
|
|
}
|
|
|
|
Ok(pwd_set)
|
|
}
|
|
}
|