feat: add enrollment service (#276)

* make stats filtering consistent * add enrollment service to grpc router * add enrollment table * add enrollment struct * implement adding enrollment session * validate enrollment session * implement remaining endpoints * make password optional * make password optional when creating user * add manual enrollment trigger endpoint skeleton * trigger enrollment when creating a user without password * add toggle for sending notification * handle LDAP sync during enrollment * add enrollment timeout settings to main config * return token when starting enrollment * implement manual enrollment start * add enrollment service url to config * update protos * send enrollment start email * send welcome email * add enrollment settings columns * update settings struct * add initial enrollment settings page * pass configured message in email * convert welcome message to html * allow creating user without password * add enrollment test * initial polish translation --------- Co-authored-by: Maciej Wójcik <[email protected]>
DefGuard · Aug 3, 2023 · 6b10923 · 6b10923
1 parent 878f75e
commit 6b10923
Show file tree

Hide file tree

Showing 40 changed files with 2,122 additions and 428 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -6,7 +6,7 @@ repos:
       - id: end-of-file-fixer
       - id: check-added-large-files
   - repo: https://github.com/doublify/pre-commit-rust
-    rev: master
+    rev: v1.0
     hooks:
       - id: fmt
       - id: clippy
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -72,6 +72,7 @@ lettre = { version = "0.10.4", features = ["tokio1", "tokio1-native-tls"] }
 serde_json = "1.0.104"
 humantime = "2.1"
 tera = "1.19"
+pulldown-cmark = "0.9"
 
 [dev-dependencies]
 matches = "0.1"

diff --git a/build.rs b/build.rs
@@ -8,8 +8,14 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
             "proto/core/vpn.proto",
             "proto/worker/worker.proto",
             "proto/wireguard/gateway.proto",
+            "proto/enrollment/enrollment.proto",
+        ],
+        &[
+            "proto/core",
+            "proto/worker",
+            "proto/wireguard",
+            "proto/enrollment",
         ],
-        &["proto/core", "proto/worker", "proto/wireguard"],
     )?;
     println!("cargo:rerun-if-changed=proto");
     println!("cargo:rerun-if-changed=migrations");

diff --git a/migrations/20230728091355_enrollment.down.sql b/migrations/20230728091355_enrollment.down.sql
@@ -0,0 +1,8 @@
+DROP TABLE enrollment;
+
+ALTER TABLE "user" ALTER COLUMN password_hash SET NOT NULL;
+
+ALTER TABLE settings DROP COLUMN enrollment_vpn_step_optional;
+ALTER TABLE settings DROP COLUMN enrollment_welcome_message;
+ALTER TABLE settings DROP COLUMN enrollment_welcome_email;
+ALTER TABLE settings DROP COLUMN enrollment_use_welcome_message_as_email;
diff --git a/migrations/20230728091355_enrollment.up.sql b/migrations/20230728091355_enrollment.up.sql
@@ -0,0 +1,17 @@
+CREATE TABLE enrollment (
+    id text PRIMARY KEY NOT NULL,
+    user_id bigint NOT NULL,
+    admin_id bigint NOT NULL,
+    created_at timestamp without time zone NOT NULL,
+    expires_at timestamp without time zone NOT NULL,
+    used_at timestamp without time zone,
+    FOREIGN KEY(user_id) REFERENCES "user"(id) ON DELETE CASCADE,
+    FOREIGN KEY(admin_id) REFERENCES "user"(id)
+);
+
+ALTER TABLE "user" ALTER COLUMN password_hash DROP NOT NULL;
+
+ALTER TABLE settings ADD COLUMN enrollment_vpn_step_optional boolean NOT NULL default true;
+ALTER TABLE settings ADD COLUMN enrollment_welcome_message text NULL;
+ALTER TABLE settings ADD COLUMN enrollment_welcome_email text NULL;
+ALTER TABLE settings ADD COLUMN enrollment_use_welcome_message_as_email boolean NOT NULL default true;
diff --git a/proto b/proto