diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index 1f8391c..a92c629 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -84,9 +84,10 @@ fn register(data: JsonUpcase, conn: DbConn) -> EmptyResult { user.public_key = Some(keys.PublicKey); } - user.save(&conn); - - Ok(()) + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to save user") + } } #[get("/accounts/profile")] @@ -119,9 +120,10 @@ fn post_profile(data: JsonUpcase, headers: Headers, conn: DbConn) - Some(ref h) if h.is_empty() => None, _ => data.MasterPasswordHint, }; - user.save(&conn); - - Ok(Json(user.to_json(&conn))) + match user.save(&conn) { + Ok(()) => Ok(Json(user.to_json(&conn))), + Err(_) => err!("Failed to save user profile") + } } #[get("/users//public-key")] @@ -147,11 +149,14 @@ fn post_keys(data: JsonUpcase, headers: Headers, conn: DbConn) -> Json user.private_key = Some(data.EncryptedPrivateKey); user.public_key = Some(data.PublicKey); - user.save(&conn); - - Ok(Json(user.to_json(&conn))) + match user.save(&conn) { + Ok(()) => Ok(Json(user.to_json(&conn))), + Err(_) => err!("Failed to save the user's keys") + } } + + #[derive(Deserialize)] #[allow(non_snake_case)] struct ChangePassData { @@ -171,9 +176,10 @@ fn post_password(data: JsonUpcase, headers: Headers, conn: DbCon user.set_password(&data.NewMasterPasswordHash); user.key = data.Key; - user.save(&conn); - - Ok(()) + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to save password") + } } #[derive(Deserialize)] @@ -200,9 +206,10 @@ fn post_kdf(data: JsonUpcase, headers: Headers, conn: DbConn) -> user.client_kdf_type = data.Kdf; user.set_password(&data.NewMasterPasswordHash); user.key = data.Key; - user.save(&conn); - - Ok(()) + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to save password settings") + } } #[post("/accounts/security-stamp", data = "")] @@ -215,9 +222,10 @@ fn post_sstamp(data: JsonUpcase, headers: Headers, conn: DbConn) - } user.reset_security_stamp(); - user.save(&conn); - - Ok(()) + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to reset security stamp") + } } #[derive(Deserialize)] @@ -272,9 +280,10 @@ fn post_email(data: JsonUpcase, headers: Headers, conn: DbConn) user.set_password(&data.NewMasterPasswordHash); user.key = data.Key; - user.save(&conn); - - Ok(()) + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to save email address") + } } #[post("/accounts/delete", data = "")] diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index d5c235b..a59b19e 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -227,7 +227,9 @@ fn post_eq_domains(data: JsonUpcase, headers: Headers, conn: Db user.excluded_globals = to_string(&excluded_globals).unwrap_or("[]".to_string()); user.equivalent_domains = to_string(&equivalent_domains).unwrap_or("[]".to_string()); - user.save(&conn); + match user.save(&conn) { + Ok(()) => Ok(()), + Err(_) => err!("Failed to save user") + } - Ok(()) } diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index a2782fa..af8d928 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -391,11 +391,11 @@ fn send_invite(org_id: String, data: JsonUpcase, headers: AdminHeade match invitation.save(&conn) { Ok(()) => { let mut user = User::new(email.clone()); - if user.save(&conn) { + if user.save(&conn).is_err() { + err!("Failed to create placeholder for invited user") + } else { user_org_status = UserOrgStatus::Invited as i32; user - } else { - err!("Failed to create placeholder for invited user") } } Err(_) => err!(format!("Failed to invite: {}", email)) diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs index 010dbbf..7d412e5 100644 --- a/src/api/core/two_factor.rs +++ b/src/api/core/two_factor.rs @@ -75,9 +75,10 @@ fn recover(data: JsonUpcase, conn: DbConn) -> JsonResult { // Remove the recovery code, not needed without twofactors user.totp_recover = None; - user.save(&conn); - - Ok(Json(json!({}))) + match user.save(&conn) { + Ok(()) => Ok(Json(json!({}))), + Err(_) => err!("Failed to remove the user's two factor recovery code") + } } #[derive(Deserialize)] @@ -217,7 +218,9 @@ fn _generate_recover_code(user: &mut User, conn: &DbConn) { if user.totp_recover.is_none() { let totp_recover = BASE32.encode(&crypto::get_random(vec![0u8; 20])); user.totp_recover = Some(totp_recover); - user.save(conn); + if user.save(conn).is_err() { + println!("Error: Failed to save the user's two factor recovery code") + } } } diff --git a/src/db/models/user.rs b/src/db/models/user.rs index 02439e9..d39c035 100644 --- a/src/db/models/user.rs +++ b/src/db/models/user.rs @@ -148,15 +148,11 @@ impl User { } - pub fn save(&mut self, conn: &DbConn) -> bool { + pub fn save(&mut self, conn: &DbConn) -> QueryResult<()> { self.updated_at = Utc::now().naive_utc(); - match diesel::replace_into(users::table) // Insert or update - .values(&*self) - .execute(&**conn) { - Ok(1) => true, // One row inserted - _ => false, - } + diesel::replace_into(users::table) // Insert or update + .values(&*self).execute(&**conn).and(Ok(())) } pub fn delete(self, conn: &DbConn) -> QueryResult<()> {