Skip to content

Commit

Permalink
[cli] Add admin cmd to disable passkey (ente-io#2250)
Browse files Browse the repository at this point in the history
## Description

## Tests
  • Loading branch information
ua741 authored Jun 23, 2024
2 parents f108ee2 + 169e70c commit 279bdc1
Show file tree
Hide file tree
Showing 22 changed files with 109 additions and 20 deletions.
25 changes: 24 additions & 1 deletion cli/cmd/admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,27 @@ var _disable2faCmd = &cobra.Command{
},
}

var _disablePasskeyCmd = &cobra.Command{
Use: "disable-passkey",
Short: "Disable passkey for a user",
RunE: func(cmd *cobra.Command, args []string) error {
recoverWithLog()
var flags = &model.AdminActionForUser{}
cmd.Flags().VisitAll(func(f *pflag.Flag) {
if f.Name == "admin-user" {
flags.AdminEmail = f.Value.String()
}
if f.Name == "user" {
flags.UserEmail = f.Value.String()
}
})
if flags.UserEmail == "" {
return fmt.Errorf("user email is required")
}
return ctrl.DisablePasskeys(context.Background(), *flags)
},
}

var _deleteUser = &cobra.Command{
Use: "delete-user",
Short: "Delete a user",
Expand Down Expand Up @@ -130,11 +151,13 @@ func init() {
_listUsers.Flags().StringP("admin-user", "a", "", "The email of the admin user. ")
_disable2faCmd.Flags().StringP("admin-user", "a", "", "The email of the admin user. ")
_disable2faCmd.Flags().StringP("user", "u", "", "The email of the user to disable 2FA for. (required)")
_disablePasskeyCmd.Flags().StringP("admin-user", "a", "", "The email of the admin user. ")
_disablePasskeyCmd.Flags().StringP("user", "u", "", "The email of the user to disable passkey for. (required)")
_deleteUser.Flags().StringP("admin-user", "a", "", "The email of the admin user. ")
_deleteUser.Flags().StringP("user", "u", "", "The email of the user to delete. (required)")
_updateFreeUserStorage.Flags().StringP("admin-user", "a", "", "The email of the admin user.")
_updateFreeUserStorage.Flags().StringP("user", "u", "", "The email of the user to update subscription for. (required)")
// add a flag with no value --no-limit
_updateFreeUserStorage.Flags().String("no-limit", "True", "When true, sets 100TB as storage limit, and expiry to current date + 100 years")
_adminCmd.AddCommand(_userDetailsCmd, _disable2faCmd, _updateFreeUserStorage, _listUsers, _deleteUser)
_adminCmd.AddCommand(_userDetailsCmd, _disable2faCmd, _disablePasskeyCmd, _updateFreeUserStorage, _listUsers, _deleteUser)
}
2 changes: 1 addition & 1 deletion cli/docs/generated/ente.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_account.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_account_add.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_account_get-token.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_account_list.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_account_update.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion cli/docs/generated/ente_admin.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_admin_delete-user.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_admin_disable-2fa.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 21 additions & 0 deletions cli/docs/generated/ente_admin_disable-passkey.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_admin_get-user-id.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_admin_list-users.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_admin_update-subscription.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_auth.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_auth_decrypt.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_export.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion cli/docs/generated/ente_version.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

23 changes: 23 additions & 0 deletions cli/internal/api/admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,29 @@ func (c *Client) Disable2Fa(ctx context.Context, userID int64) error {
return nil
}

func (c *Client) DisablePassKeyMFA(ctx context.Context, userID int64) error {
var res interface{}

payload := map[string]interface{}{
"userID": userID,
}
r, err := c.restClient.R().
SetContext(ctx).
SetResult(&res).
SetBody(payload).
Post("/admin/user/disable-passkeys")
if err != nil {
return err
}
if r.IsError() {
return &ApiError{
StatusCode: r.StatusCode(),
Message: r.String(),
}
}
return nil
}

func (c *Client) UpdateFreePlanSub(ctx context.Context, userDetails *models.UserDetails, storageInBytes int64, expiryTimeInMicro int64) error {
var res interface{}
if userDetails.Subscription.ProductID != "free" {
Expand Down
2 changes: 1 addition & 1 deletion cli/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import (
"strings"
)

var AppVersion = "0.1.16"
var AppVersion = "0.1.17"

func main() {
cliDBPath, err := GetCLIConfigPath()
Expand Down
21 changes: 21 additions & 0 deletions cli/pkg/admin_actions.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,27 @@ func (c *ClICtrl) Disable2FA(ctx context.Context, params model.AdminActionForUse
return nil
}

func (c *ClICtrl) DisablePasskeys(ctx context.Context, params model.AdminActionForUser) error {
accountCtx, err := c.buildAdminContext(ctx, params.AdminEmail)
if err != nil {
return err
}
userDetails, err := c.Client.GetUserIdFromEmail(accountCtx, params.UserEmail)
if err != nil {
return err
}
err = c.Client.DisablePassKeyMFA(accountCtx, userDetails.User.ID)
if err != nil {
if apiErr, ok := err.(*api.ApiError); ok && apiErr.StatusCode == 400 && strings.Contains(apiErr.Message, "Token is too old") {
fmt.Printf("Error: Old admin token, please re-authenticate using `ente account add` \n")
return nil
}
return err
}
fmt.Println("Successfully disabled passkey for user")
return nil
}

func (c *ClICtrl) UpdateFreeStorage(ctx context.Context, params model.AdminActionForUser, noLimit bool) error {
accountCtx, err := c.buildAdminContext(ctx, params.AdminEmail)
if err != nil {
Expand Down
4 changes: 2 additions & 2 deletions cli/pkg/store.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ import (
)

func GetDB(path string) (*bolt.DB, error) {
db, err := bolt.Open(path, 0600, &bolt.Options{Timeout: 1 * time.Second})
db, err := bolt.Open(path, 0600, &bolt.Options{Timeout: 5 * time.Second})
if err != nil {
log.Fatal(err)
log.Fatal(fmt.Sprintf("Failed to open db %s ", path), err)
}
return db, err
}
Expand Down

0 comments on commit 279bdc1

Please sign in to comment.