From 0ea87d1c1c02def78c917b56dc86187e41b2d806 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Tue, 22 Aug 2017 15:27:29 -0400 Subject: [PATCH] user premium validation job --- src/Billing/Controllers/JobsController.cs | 38 --------- .../Repositories/IOrganizationRepository.cs | 2 +- src/Core/Repositories/IUserRepository.cs | 2 + .../SqlServer/OrganizationRepository.cs | 4 +- .../Repositories/SqlServer/UserRepository.cs | 14 ++++ src/Core/Services/ILicensingService.cs | 1 + ...icensingService.cs => LicensingService.cs} | 77 ++++++++++++++++--- .../NoopLicensingService.cs | 5 ++ .../Utilities/ServiceCollectionExtensions.cs | 2 +- src/Jobs/Program.cs | 4 +- src/Jobs/crontab | 1 + src/Sql/Sql.sqlproj | 3 +- ...ead.sql => Organization_ReadByEnabled.sql} | 5 +- .../Stored Procedures/User_ReadByPremium.sql | 13 ++++ .../2017-08-22_00_LicenseCheckScripts.sql | 46 +++++++++++ util/Setup/Setup.csproj | 1 + 16 files changed, 162 insertions(+), 56 deletions(-) delete mode 100644 src/Billing/Controllers/JobsController.cs rename src/Core/Services/Implementations/{RsaLicensingService.cs => LicensingService.cs} (65%) rename src/Sql/dbo/Stored Procedures/{Organization_Read.sql => Organization_ReadByEnabled.sql} (52%) create mode 100644 src/Sql/dbo/Stored Procedures/User_ReadByPremium.sql create mode 100644 util/Setup/DbScripts/2017-08-22_00_LicenseCheckScripts.sql diff --git a/src/Billing/Controllers/JobsController.cs b/src/Billing/Controllers/JobsController.cs deleted file mode 100644 index 100dfbf3f0..0000000000 --- a/src/Billing/Controllers/JobsController.cs +++ /dev/null @@ -1,38 +0,0 @@ -using Bit.Core.Services; -using Microsoft.AspNetCore.Mvc; -using Microsoft.Extensions.Options; -using System.Threading.Tasks; - -namespace Bit.Billing.Controllers -{ - [Route("jobs")] - public class JobsController : Controller - { - private readonly BillingSettings _billingSettings; - private readonly IOrganizationService _organizationService; - private readonly IUserService _userService; - - public JobsController( - IOptions billingSettings, - IOrganizationService organizationService, - IUserService userService) - { - _billingSettings = billingSettings?.Value; - _organizationService = organizationService; - _userService = userService; - } - - [HttpPost("expirations")] - public async Task PostExpirations([FromQuery] string key) - { - if(key != _billingSettings.JobsKey) - { - return new BadRequestResult(); - } - - // TODO check for all users/orgs that are expired and disable them - - return new OkResult(); - } - } -} diff --git a/src/Core/Repositories/IOrganizationRepository.cs b/src/Core/Repositories/IOrganizationRepository.cs index 8b344bc9a0..6364bb4b65 100644 --- a/src/Core/Repositories/IOrganizationRepository.cs +++ b/src/Core/Repositories/IOrganizationRepository.cs @@ -7,7 +7,7 @@ namespace Bit.Core.Repositories { public interface IOrganizationRepository : IRepository { - Task> GetManyAsync(); + Task> GetManyByEnabledAsync(); Task> GetManyByUserIdAsync(Guid userId); Task UpdateStorageAsync(Guid id); } diff --git a/src/Core/Repositories/IUserRepository.cs b/src/Core/Repositories/IUserRepository.cs index 1dc773b22d..56e68692e7 100644 --- a/src/Core/Repositories/IUserRepository.cs +++ b/src/Core/Repositories/IUserRepository.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using System.Threading.Tasks; using Bit.Core.Models.Table; @@ -7,6 +8,7 @@ namespace Bit.Core.Repositories public interface IUserRepository : IRepository { Task GetByEmailAsync(string email); + Task> GetManyByPremiumAsync(bool premium); Task GetPublicKeyAsync(Guid id); Task GetAccountRevisionDateAsync(Guid id); Task UpdateStorageAsync(Guid id); diff --git a/src/Core/Repositories/SqlServer/OrganizationRepository.cs b/src/Core/Repositories/SqlServer/OrganizationRepository.cs index c36c733662..014e41996a 100644 --- a/src/Core/Repositories/SqlServer/OrganizationRepository.cs +++ b/src/Core/Repositories/SqlServer/OrganizationRepository.cs @@ -19,12 +19,12 @@ namespace Bit.Core.Repositories.SqlServer : base(connectionString) { } - public async Task> GetManyAsync() + public async Task> GetManyByEnabledAsync() { using(var connection = new SqlConnection(ConnectionString)) { var results = await connection.QueryAsync( - "[dbo].[Organization_Read]", + "[dbo].[Organization_ReadByEnabled]", commandType: CommandType.StoredProcedure); return results.ToList(); diff --git a/src/Core/Repositories/SqlServer/UserRepository.cs b/src/Core/Repositories/SqlServer/UserRepository.cs index ed3d92a271..821b3f51d7 100644 --- a/src/Core/Repositories/SqlServer/UserRepository.cs +++ b/src/Core/Repositories/SqlServer/UserRepository.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Linq; @@ -36,6 +37,19 @@ namespace Bit.Core.Repositories.SqlServer } } + public async Task> GetManyByPremiumAsync(bool premium) + { + using(var connection = new SqlConnection(ConnectionString)) + { + var results = await connection.QueryAsync( + "[dbo].[User_ReadByPremium]", + new { Premium = premium }, + commandType: CommandType.StoredProcedure); + + return results.ToList(); + } + } + public async Task GetPublicKeyAsync(Guid id) { using(var connection = new SqlConnection(ConnectionString)) diff --git a/src/Core/Services/ILicensingService.cs b/src/Core/Services/ILicensingService.cs index 5c978a9eb8..384b9cd154 100644 --- a/src/Core/Services/ILicensingService.cs +++ b/src/Core/Services/ILicensingService.cs @@ -7,6 +7,7 @@ namespace Bit.Core.Services public interface ILicensingService { Task ValidateOrganizationsAsync(); + Task ValidateUsersAsync(); Task ValidateUserPremiumAsync(User user); bool VerifyLicense(ILicense license); byte[] SignLicense(ILicense license); diff --git a/src/Core/Services/Implementations/RsaLicensingService.cs b/src/Core/Services/Implementations/LicensingService.cs similarity index 65% rename from src/Core/Services/Implementations/RsaLicensingService.cs rename to src/Core/Services/Implementations/LicensingService.cs index f6ebe6efc0..13b31852ad 100644 --- a/src/Core/Services/Implementations/RsaLicensingService.cs +++ b/src/Core/Services/Implementations/LicensingService.cs @@ -15,25 +15,28 @@ using System.Threading.Tasks; namespace Bit.Core.Services { - public class RsaLicensingService : ILicensingService + public class LicensingService : ILicensingService { private readonly X509Certificate2 _certificate; private readonly GlobalSettings _globalSettings; private readonly IUserRepository _userRepository; private readonly IOrganizationRepository _organizationRepository; - private readonly ILogger _logger; + private readonly IOrganizationUserRepository _organizationUserRepository; + private readonly ILogger _logger; private IDictionary _userCheckCache = new Dictionary(); - public RsaLicensingService( + public LicensingService( IUserRepository userRepository, IOrganizationRepository organizationRepository, + IOrganizationUserRepository organizationUserRepository, IHostingEnvironment environment, - ILogger logger, + ILogger logger, GlobalSettings globalSettings) { _userRepository = userRepository; _organizationRepository = organizationRepository; + _organizationUserRepository = organizationUserRepository; _logger = logger; var certThumbprint = "‎207e64a231e8aa32aaf68a61037c075ebebd553f"; @@ -59,10 +62,10 @@ namespace Bit.Core.Services return; } - var orgs = await _organizationRepository.GetManyAsync(); + var orgs = await _organizationRepository.GetManyByEnabledAsync(); _logger.LogInformation("Validating licenses for {0} organizations.", orgs.Count); - foreach(var org in orgs.Where(o => o.Enabled)) + foreach(var org in orgs) { var license = ReadOrganiztionLicense(org); if(license == null || !license.VerifyData(org, _globalSettings) || !license.VerifySignature(_certificate)) @@ -78,6 +81,42 @@ namespace Bit.Core.Services } } + public async Task ValidateUsersAsync() + { + if(!_globalSettings.SelfHosted) + { + return; + } + + var premiumUsers = await _userRepository.GetManyByPremiumAsync(true); + _logger.LogInformation("Validating premium for {0} users.", premiumUsers.Count); + + foreach(var user in premiumUsers) + { + await ProcessUserValidationAsync(user); + } + + var nonPremiumUsers = await _userRepository.GetManyByPremiumAsync(false); + _logger.LogInformation("Checking to restore premium for {0} users.", nonPremiumUsers.Count); + + foreach(var user in nonPremiumUsers) + { + var details = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id); + if(details.Any(d => d.Enabled)) + { + _logger.LogInformation("Granting premium to user {0}({1}) because they are in an active organization.", + user.Id, user.Email); + + user.Premium = true; + user.MaxStorageGb = 10240; // 10 TB + user.RevisionDate = DateTime.UtcNow; + user.PremiumExpirationDate = null; + user.LicenseKey = null; + await _userRepository.ReplaceAsync(user); + } + } + } + public async Task ValidateUserPremiumAsync(User user) { if(!_globalSettings.SelfHosted) @@ -110,10 +149,30 @@ namespace Bit.Core.Services } _logger.LogInformation("Validating premium license for user {0}({1}).", user.Id, user.Email); + return await ProcessUserValidationAsync(user); + } + private async Task ProcessUserValidationAsync(User user) + { var license = ReadUserLicense(user); - var licensedForPremium = license != null && license.VerifyData(user) && license.VerifySignature(_certificate); - if(!licensedForPremium) + var valid = license != null && license.VerifyData(user) && license.VerifySignature(_certificate); + + if(!valid) + { + var details = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id); + valid = details.Any(d => d.Enabled); + + if(valid && (!string.IsNullOrWhiteSpace(user.LicenseKey) || user.PremiumExpirationDate.HasValue)) + { + // user used to be on a license but is now part of a organization that gives them premium. + // update the record. + user.PremiumExpirationDate = null; + user.LicenseKey = null; + await _userRepository.ReplaceAsync(user); + } + } + + if(!valid) { _logger.LogInformation("User {0}({1}) has an invalid license and premium is being disabled.", user.Id, user.Email); @@ -124,7 +183,7 @@ namespace Bit.Core.Services await _userRepository.ReplaceAsync(user); } - return licensedForPremium; + return valid; } public bool VerifyLicense(ILicense license) diff --git a/src/Core/Services/NoopImplementations/NoopLicensingService.cs b/src/Core/Services/NoopImplementations/NoopLicensingService.cs index a9d5222e5f..37e48c0f1b 100644 --- a/src/Core/Services/NoopImplementations/NoopLicensingService.cs +++ b/src/Core/Services/NoopImplementations/NoopLicensingService.cs @@ -23,6 +23,11 @@ namespace Bit.Core.Services return Task.FromResult(0); } + public Task ValidateUsersAsync() + { + return Task.FromResult(0); + } + public Task ValidateUserPremiumAsync(User user) { return Task.FromResult(user.Premium); diff --git a/src/Core/Utilities/ServiceCollectionExtensions.cs b/src/Core/Utilities/ServiceCollectionExtensions.cs index c55224f14f..20cc0af949 100644 --- a/src/Core/Utilities/ServiceCollectionExtensions.cs +++ b/src/Core/Utilities/ServiceCollectionExtensions.cs @@ -63,7 +63,7 @@ namespace Bit.Core.Utilities services.AddSingleton(); } - services.AddSingleton(); + services.AddSingleton(); if(CoreHelpers.SettingHasValue(globalSettings.Mail.SendGridApiKey)) { diff --git a/src/Jobs/Program.cs b/src/Jobs/Program.cs index 9f6910b2b1..e44e959650 100644 --- a/src/Jobs/Program.cs +++ b/src/Jobs/Program.cs @@ -56,8 +56,8 @@ namespace Bit.Jobs case "validate-organizations": await _licensingService.ValidateOrganizationsAsync(); break; - case "validate-users": - // TODO + case "validate-users-premium": + await _licensingService.ValidateUsersAsync(); break; case "refresh-licenses": // TODO diff --git a/src/Jobs/crontab b/src/Jobs/crontab index bad2ffeac1..cdf57842b8 100644 --- a/src/Jobs/crontab +++ b/src/Jobs/crontab @@ -1,4 +1,5 @@ 0 * * * * root dotnet /jobs/Jobs.dll -d /jobs -j alive >> /var/log/cron.log 2>&1 0 */6 * * * root dotnet /jobs/Jobs.dll -d /jobs -j validate-organizations >> /var/log/cron.log 2>&1 +30 */12 * * * root dotnet /jobs/Jobs.dll -d /jobs -j validate-users-premium >> /var/log/cron.log 2>&1 # An empty line is required at the end of this file for a valid cron file. \ No newline at end of file diff --git a/src/Sql/Sql.sqlproj b/src/Sql/Sql.sqlproj index f23ca4b3a8..fb88a734b4 100644 --- a/src/Sql/Sql.sqlproj +++ b/src/Sql/Sql.sqlproj @@ -210,6 +210,7 @@ - + + \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Organization_Read.sql b/src/Sql/dbo/Stored Procedures/Organization_ReadByEnabled.sql similarity index 52% rename from src/Sql/dbo/Stored Procedures/Organization_Read.sql rename to src/Sql/dbo/Stored Procedures/Organization_ReadByEnabled.sql index 7fcfe97439..cb4623a4f9 100644 --- a/src/Sql/dbo/Stored Procedures/Organization_Read.sql +++ b/src/Sql/dbo/Stored Procedures/Organization_ReadByEnabled.sql @@ -1,5 +1,4 @@ -CREATE PROCEDURE [dbo].[Organization_Read] - @Id UNIQUEIDENTIFIER +CREATE PROCEDURE [dbo].[Organization_ReadByEnabled] AS BEGIN SET NOCOUNT ON @@ -8,4 +7,6 @@ BEGIN * FROM [dbo].[OrganizationView] + WHERE + [Enabled] = 1 END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/User_ReadByPremium.sql b/src/Sql/dbo/Stored Procedures/User_ReadByPremium.sql new file mode 100644 index 0000000000..37ff0935b4 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/User_ReadByPremium.sql @@ -0,0 +1,13 @@ +CREATE PROCEDURE [dbo].[User_ReadByPremium] + @Premium BIT +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[UserView] + WHERE + [Premium] = @Premium +END \ No newline at end of file diff --git a/util/Setup/DbScripts/2017-08-22_00_LicenseCheckScripts.sql b/util/Setup/DbScripts/2017-08-22_00_LicenseCheckScripts.sql new file mode 100644 index 0000000000..86cea5a2e8 --- /dev/null +++ b/util/Setup/DbScripts/2017-08-22_00_LicenseCheckScripts.sql @@ -0,0 +1,46 @@ +IF OBJECT_ID('[dbo].[Organization_Read]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Organization_Read] +END +GO + +IF OBJECT_ID('[dbo].[Organization_ReadByEnabled]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Organization_ReadByEnabled] +END +GO + +CREATE PROCEDURE [dbo].[Organization_ReadByEnabled] +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[OrganizationView] + WHERE + [Enabled] = 1 +END +GO + +IF OBJECT_ID('[dbo].[User_ReadByPremium]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[User_ReadByPremium] +END +GO + +CREATE PROCEDURE [dbo].[User_ReadByPremium] + @Premium BIT +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[UserView] + WHERE + [Premium] = @Premium +END +GO diff --git a/util/Setup/Setup.csproj b/util/Setup/Setup.csproj index 1cb9aa1efb..65a7c9970a 100644 --- a/util/Setup/Setup.csproj +++ b/util/Setup/Setup.csproj @@ -7,6 +7,7 @@ +