2020-12-11 05:40:38 -05:00
|
|
|
const { callbackify } = require('util')
|
2020-10-06 06:31:34 -04:00
|
|
|
const { db } = require('../../infrastructure/mongodb')
|
2020-10-30 04:10:50 -04:00
|
|
|
const metrics = require('@overleaf/metrics')
|
2021-11-10 08:40:18 -05:00
|
|
|
const logger = require('@overleaf/logger')
|
2021-01-19 10:51:48 -05:00
|
|
|
const moment = require('moment')
|
2021-07-07 05:38:56 -04:00
|
|
|
const settings = require('@overleaf/settings')
|
2019-09-09 07:52:25 -04:00
|
|
|
const { promisifyAll } = require('../../util/promises')
|
2020-12-11 05:40:38 -05:00
|
|
|
const {
|
2021-04-27 03:52:58 -04:00
|
|
|
promises: InstitutionsAPIPromises,
|
2020-12-11 05:40:38 -05:00
|
|
|
} = require('../Institutions/InstitutionsAPI')
|
2020-05-22 07:16:52 -04:00
|
|
|
const InstitutionsHelper = require('../Institutions/InstitutionsHelper')
|
2019-05-29 05:21:06 -04:00
|
|
|
const Errors = require('../Errors/Errors')
|
2019-08-19 11:06:36 -04:00
|
|
|
const Features = require('../../infrastructure/Features')
|
2021-07-27 09:23:22 -04:00
|
|
|
const { User } = require('../../models/User')
|
2020-10-06 06:31:34 -04:00
|
|
|
const { normalizeQuery, normalizeMultiQuery } = require('../Helpers/Mongo')
|
2019-05-29 05:21:06 -04:00
|
|
|
|
2021-02-02 09:26:31 -05:00
|
|
|
function _lastDayToReconfirm(emailData, institutionData) {
|
2021-01-19 10:51:48 -05:00
|
|
|
const globalReconfirmPeriod = settings.reconfirmNotificationDays
|
2021-02-02 09:26:31 -05:00
|
|
|
if (!globalReconfirmPeriod) return undefined
|
2021-01-19 10:51:48 -05:00
|
|
|
|
|
|
|
// only show notification for institutions with reconfirmation enabled
|
2021-02-02 09:26:31 -05:00
|
|
|
if (!institutionData || !institutionData.maxConfirmationMonths)
|
|
|
|
return undefined
|
2021-01-19 10:51:48 -05:00
|
|
|
|
2021-02-02 09:26:31 -05:00
|
|
|
if (!emailData.confirmedAt) return undefined
|
2021-01-19 10:51:48 -05:00
|
|
|
|
|
|
|
if (institutionData.ssoEnabled && !emailData.samlProviderId) {
|
|
|
|
// For SSO, only show notification for linked email
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
// reconfirmedAt will not always be set, use confirmedAt as fallback
|
|
|
|
const lastConfirmed = emailData.reconfirmedAt || emailData.confirmedAt
|
|
|
|
|
2021-02-02 09:26:31 -05:00
|
|
|
return moment(lastConfirmed)
|
|
|
|
.add(institutionData.maxConfirmationMonths, 'months')
|
|
|
|
.toDate()
|
|
|
|
}
|
|
|
|
|
|
|
|
function _pastReconfirmDate(lastDayToReconfirm) {
|
|
|
|
if (!lastDayToReconfirm) return false
|
|
|
|
return moment(lastDayToReconfirm).isBefore()
|
|
|
|
}
|
|
|
|
|
|
|
|
function _emailInReconfirmNotificationPeriod(lastDayToReconfirm) {
|
|
|
|
const globalReconfirmPeriod = settings.reconfirmNotificationDays
|
|
|
|
|
|
|
|
if (!globalReconfirmPeriod || !lastDayToReconfirm) return false
|
|
|
|
|
2021-01-19 10:51:48 -05:00
|
|
|
const notificationStarts = moment(lastDayToReconfirm).subtract(
|
|
|
|
globalReconfirmPeriod,
|
|
|
|
'days'
|
|
|
|
)
|
|
|
|
|
|
|
|
return moment().isAfter(notificationStarts)
|
|
|
|
}
|
|
|
|
|
2020-12-11 05:40:38 -05:00
|
|
|
async function getUserFullEmails(userId) {
|
|
|
|
const user = await UserGetter.promises.getUser(userId, {
|
|
|
|
email: 1,
|
|
|
|
emails: 1,
|
2021-04-27 03:52:58 -04:00
|
|
|
samlIdentifiers: 1,
|
2020-12-11 05:40:38 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
if (!user) {
|
|
|
|
throw new Error('User not Found')
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!Features.hasFeature('affiliations')) {
|
|
|
|
return decorateFullEmails(user.email, user.emails, [], [])
|
|
|
|
}
|
|
|
|
|
|
|
|
const affiliationsData = await InstitutionsAPIPromises.getUserAffiliations(
|
|
|
|
userId
|
|
|
|
)
|
|
|
|
|
|
|
|
return decorateFullEmails(
|
|
|
|
user.email,
|
|
|
|
user.emails || [],
|
|
|
|
affiliationsData,
|
|
|
|
user.samlIdentifiers || []
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
2021-07-27 09:23:22 -04:00
|
|
|
async function getSsoUsersAtInstitution(institutionId, projection) {
|
|
|
|
if (!projection) {
|
|
|
|
throw new Error('missing projection')
|
|
|
|
}
|
|
|
|
|
|
|
|
return await User.find(
|
|
|
|
{
|
|
|
|
'samlIdentifiers.providerId': institutionId.toString(),
|
|
|
|
},
|
|
|
|
projection
|
|
|
|
).exec()
|
|
|
|
}
|
|
|
|
|
2019-09-09 07:52:25 -04:00
|
|
|
const UserGetter = {
|
2021-07-27 09:23:22 -04:00
|
|
|
getSsoUsersAtInstitution: callbackify(getSsoUsersAtInstitution),
|
|
|
|
|
2019-05-29 05:21:06 -04:00
|
|
|
getUser(query, projection, callback) {
|
|
|
|
if (arguments.length === 2) {
|
|
|
|
callback = projection
|
|
|
|
projection = {}
|
|
|
|
}
|
2020-06-11 09:55:52 -04:00
|
|
|
try {
|
|
|
|
query = normalizeQuery(query)
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.findOne(query, { projection }, callback)
|
2020-06-11 09:55:52 -04:00
|
|
|
} catch (err) {
|
|
|
|
callback(err)
|
|
|
|
}
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
getUserEmail(userId, callback) {
|
2019-09-24 04:43:43 -04:00
|
|
|
this.getUser(userId, { email: 1 }, (error, user) =>
|
|
|
|
callback(error, user && user.email)
|
2019-05-29 05:21:06 -04:00
|
|
|
)
|
|
|
|
},
|
|
|
|
|
2020-12-11 05:40:38 -05:00
|
|
|
getUserFullEmails: callbackify(getUserFullEmails),
|
2019-05-29 05:21:06 -04:00
|
|
|
|
|
|
|
getUserByMainEmail(email, projection, callback) {
|
|
|
|
email = email.trim()
|
|
|
|
if (arguments.length === 2) {
|
|
|
|
callback = projection
|
|
|
|
projection = {}
|
|
|
|
}
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.findOne({ email }, { projection }, callback)
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
getUserByAnyEmail(email, projection, callback) {
|
|
|
|
email = email.trim()
|
|
|
|
if (arguments.length === 2) {
|
|
|
|
callback = projection
|
|
|
|
projection = {}
|
|
|
|
}
|
|
|
|
// $exists: true MUST be set to use the partial index
|
|
|
|
const query = { emails: { $exists: true }, 'emails.email': email }
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.findOne(query, { projection }, (error, user) => {
|
2019-09-24 04:43:43 -04:00
|
|
|
if (error || user) {
|
2019-05-29 05:21:06 -04:00
|
|
|
return callback(error, user)
|
|
|
|
}
|
|
|
|
|
|
|
|
// While multiple emails are being rolled out, check for the main email as
|
|
|
|
// well
|
2019-09-24 04:43:43 -04:00
|
|
|
this.getUserByMainEmail(email, projection, callback)
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
|
|
|
},
|
|
|
|
|
|
|
|
getUsersByAnyConfirmedEmail(emails, projection, callback) {
|
|
|
|
if (arguments.length === 2) {
|
|
|
|
callback = projection
|
|
|
|
projection = {}
|
|
|
|
}
|
2020-10-12 06:25:33 -04:00
|
|
|
|
2019-05-29 05:21:06 -04:00
|
|
|
const query = {
|
2020-10-12 06:25:33 -04:00
|
|
|
'emails.email': { $in: emails }, // use the index on emails.email
|
2019-05-29 05:21:06 -04:00
|
|
|
emails: {
|
|
|
|
$exists: true,
|
2020-10-12 06:25:33 -04:00
|
|
|
$elemMatch: {
|
|
|
|
email: { $in: emails },
|
2021-04-27 03:52:58 -04:00
|
|
|
confirmedAt: { $exists: true },
|
|
|
|
},
|
|
|
|
},
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
2020-10-12 06:25:33 -04:00
|
|
|
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.find(query, { projection }).toArray(callback)
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
2019-07-29 05:47:44 -04:00
|
|
|
getUsersByV1Ids(v1Ids, projection, callback) {
|
|
|
|
if (arguments.length === 2) {
|
|
|
|
callback = projection
|
|
|
|
projection = {}
|
|
|
|
}
|
|
|
|
const query = { 'overleaf.id': { $in: v1Ids } }
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.find(query, { projection }).toArray(callback)
|
2019-07-29 05:47:44 -04:00
|
|
|
},
|
|
|
|
|
2019-05-29 05:21:06 -04:00
|
|
|
getUsersByHostname(hostname, projection, callback) {
|
2021-04-14 09:17:21 -04:00
|
|
|
const reversedHostname = hostname.trim().split('').reverse().join('')
|
2019-05-29 05:21:06 -04:00
|
|
|
const query = {
|
|
|
|
emails: { $exists: true },
|
2021-04-27 03:52:58 -04:00
|
|
|
'emails.reversedHostname': reversedHostname,
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.find(query, { projection }).toArray(callback)
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
2020-06-02 10:02:06 -04:00
|
|
|
getUsers(query, projection, callback) {
|
2020-06-11 09:55:52 -04:00
|
|
|
try {
|
2020-10-06 06:31:34 -04:00
|
|
|
query = normalizeMultiQuery(query)
|
2020-10-05 04:46:34 -04:00
|
|
|
db.users.find(query, { projection }).toArray(callback)
|
2020-06-11 09:55:52 -04:00
|
|
|
} catch (err) {
|
|
|
|
callback(err)
|
|
|
|
}
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
// check for duplicate email address. This is also enforced at the DB level
|
|
|
|
ensureUniqueEmailAddress(newEmail, callback) {
|
2021-04-14 09:17:21 -04:00
|
|
|
this.getUserByAnyEmail(newEmail, function (error, user) {
|
2019-09-24 04:43:43 -04:00
|
|
|
if (user) {
|
2019-07-31 04:22:31 -04:00
|
|
|
return callback(new Errors.EmailExistsError())
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
2019-09-24 04:43:43 -04:00
|
|
|
callback(error)
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
2021-04-27 03:52:58 -04:00
|
|
|
},
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
2021-10-26 04:08:56 -04:00
|
|
|
const decorateFullEmails = (
|
2020-05-22 07:16:52 -04:00
|
|
|
defaultEmail,
|
|
|
|
emailsData,
|
|
|
|
affiliationsData,
|
|
|
|
samlIdentifiers
|
2021-01-19 10:51:48 -05:00
|
|
|
) => {
|
2021-04-14 09:17:21 -04:00
|
|
|
emailsData.forEach(function (emailData) {
|
2019-05-29 05:21:06 -04:00
|
|
|
emailData.default = emailData.email === defaultEmail
|
|
|
|
|
|
|
|
const affiliation = affiliationsData.find(
|
|
|
|
aff => aff.email === emailData.email
|
|
|
|
)
|
2019-09-24 04:43:43 -04:00
|
|
|
if (affiliation) {
|
2021-02-02 09:26:10 -05:00
|
|
|
const {
|
|
|
|
institution,
|
|
|
|
inferred,
|
|
|
|
role,
|
|
|
|
department,
|
|
|
|
licence,
|
2021-04-27 03:52:58 -04:00
|
|
|
portal,
|
2021-02-02 09:26:10 -05:00
|
|
|
} = affiliation
|
2021-02-02 09:26:31 -05:00
|
|
|
const lastDayToReconfirm = _lastDayToReconfirm(emailData, institution)
|
|
|
|
const pastReconfirmDate = _pastReconfirmDate(lastDayToReconfirm)
|
2021-01-19 10:51:48 -05:00
|
|
|
const inReconfirmNotificationPeriod = _emailInReconfirmNotificationPeriod(
|
2021-02-02 09:26:31 -05:00
|
|
|
lastDayToReconfirm
|
2021-01-19 10:51:48 -05:00
|
|
|
)
|
2020-02-18 06:36:53 -05:00
|
|
|
emailData.affiliation = {
|
|
|
|
institution,
|
|
|
|
inferred,
|
2021-01-19 10:51:48 -05:00
|
|
|
inReconfirmNotificationPeriod,
|
2021-02-02 09:26:31 -05:00
|
|
|
lastDayToReconfirm,
|
|
|
|
pastReconfirmDate,
|
2020-02-18 06:36:53 -05:00
|
|
|
role,
|
|
|
|
department,
|
2021-02-02 09:26:10 -05:00
|
|
|
licence,
|
2021-04-27 03:52:58 -04:00
|
|
|
portal,
|
2020-02-18 06:36:53 -05:00
|
|
|
}
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
2020-05-22 07:16:52 -04:00
|
|
|
if (emailData.samlProviderId) {
|
|
|
|
emailData.samlIdentifier = samlIdentifiers.find(
|
|
|
|
samlIdentifier => samlIdentifier.providerId === emailData.samlProviderId
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
emailData.emailHasInstitutionLicence = InstitutionsHelper.emailHasLicence(
|
|
|
|
emailData
|
|
|
|
)
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
2021-01-19 10:51:48 -05:00
|
|
|
|
|
|
|
return emailsData
|
|
|
|
}
|
2019-05-29 05:21:06 -04:00
|
|
|
;[
|
|
|
|
'getUser',
|
|
|
|
'getUserEmail',
|
|
|
|
'getUserByMainEmail',
|
|
|
|
'getUserByAnyEmail',
|
|
|
|
'getUsers',
|
2021-04-27 03:52:58 -04:00
|
|
|
'ensureUniqueEmailAddress',
|
2019-05-29 05:21:06 -04:00
|
|
|
].map(method =>
|
|
|
|
metrics.timeAsyncMethod(UserGetter, method, 'mongo.UserGetter', logger)
|
|
|
|
)
|
2019-09-09 07:52:25 -04:00
|
|
|
|
2020-12-11 05:40:38 -05:00
|
|
|
UserGetter.promises = promisifyAll(UserGetter, {
|
2021-07-27 09:23:22 -04:00
|
|
|
without: ['getSsoUsersAtInstitution', 'getUserFullEmails'],
|
2020-12-11 05:40:38 -05:00
|
|
|
})
|
|
|
|
UserGetter.promises.getUserFullEmails = getUserFullEmails
|
2021-07-27 09:23:22 -04:00
|
|
|
UserGetter.promises.getSsoUsersAtInstitution = getSsoUsersAtInstitution
|
2020-12-11 05:40:38 -05:00
|
|
|
|
2019-09-09 07:52:25 -04:00
|
|
|
module.exports = UserGetter
|