continuwuity/src/service/emergency/mod.rs

use std::sync::Arc;

use async_trait::async_trait;
use conduwuit::{Result, error, warn};
use ruma::{
	events::{
		GlobalAccountDataEvent, GlobalAccountDataEventType, push_rules::PushRulesEventContent,
	},
	push::Ruleset,
};

use crate::{Dep, account_data, config, globals, users};

pub struct Service {
	services: Services,
}

struct Services {
	account_data: Dep<account_data::Service>,
	config: Dep<config::Service>,
	globals: Dep<globals::Service>,
	users: Dep<users::Service>,
}

#[async_trait]
impl crate::Service for Service {
	fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
		Ok(Arc::new(Self {
			services: Services {
				account_data: args.depend::<account_data::Service>("account_data"),
				config: args.depend::<config::Service>("config"),

				globals: args.depend::<globals::Service>("globals"),
				users: args.depend::<users::Service>("users"),
			},
		}))
	}

	async fn worker(self: Arc<Self>) -> Result {
		if self.services.globals.is_read_only() {
			return Ok(());
		}

		self.set_emergency_access().await.inspect_err(|e| {
			error!("Could not set the configured emergency password for the server user: {e}");
		})
	}

	fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }
}

impl Service {
	/// Sets the emergency password and push rules for the server user account
	/// in case emergency password is set
	async fn set_emergency_access(&self) -> Result {
		let server_user = &self.services.globals.server_user;

		self.services
			.users
			.set_password(server_user, self.services.config.emergency_password.as_deref())?;

		let (ruleset, pwd_set) = match self.services.config.emergency_password {
			| Some(_) => (Ruleset::server_default(server_user), true),
			| None => (Ruleset::new(), false),
		};

		self.services
			.account_data
			.update(
				None,
				server_user,
				GlobalAccountDataEventType::PushRules.to_string().into(),
				&serde_json::to_value(&GlobalAccountDataEvent {
					content: PushRulesEventContent { global: ruleset },
				})
				.expect("to json value always works"),
			)
			.await?;

		if pwd_set {
			warn!(
				"The server account emergency password is set! Please unset it as soon as you \
				 finish admin account recovery! You will be logged out of the server service \
				 account when you finish."
			);
			Ok(())
		} else {
			// logs out any users still in the server service account and removes sessions
			self.services.users.deactivate_account(server_user).await
		}
	}
}
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`use std::sync::Arc;`

			`use async_trait::async_trait;`
run cargo fix for rust 2024 changes and rustfmt Signed-off-by: June Clementine Strawberry <strawberry@puppygock.gay> 2025-02-23 01:17:45 -05:00			`use conduwuit::{Result, error, warn};`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`use ruma::{`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`events::{`
run cargo fix for rust 2024 changes and rustfmt Signed-off-by: June Clementine Strawberry <strawberry@puppygock.gay> 2025-02-23 01:17:45 -05:00			`GlobalAccountDataEvent, GlobalAccountDataEventType, push_rules::PushRulesEventContent,`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`},`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`push::Ruleset,`
			`};`

refactor+fix various issues with regs/logins and admin user commands Signed-off-by: June Clementine Strawberry <june@3.dog> 2025-03-02 23:16:30 -05:00			`use crate::{Dep, account_data, config, globals, users};`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00
			`pub struct Service {`
			`services: Services,`
			`}`

			`struct Services {`
			`account_data: Dep<account_data::Service>,`
refactor+fix various issues with regs/logins and admin user commands Signed-off-by: June Clementine Strawberry <june@3.dog> 2025-03-02 23:16:30 -05:00			`config: Dep<config::Service>,`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`globals: Dep<globals::Service>,`
			`users: Dep<users::Service>,`
			`}`

			`#[async_trait]`
			`impl crate::Service for Service {`
			`fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {`
			`Ok(Arc::new(Self {`
			`services: Services {`
			`account_data: args.depend::<account_data::Service>("account_data"),`
refactor+fix various issues with regs/logins and admin user commands Signed-off-by: June Clementine Strawberry <june@3.dog> 2025-03-02 23:16:30 -05:00			`config: args.depend::<config::Service>("config"),`

de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`globals: args.depend::<globals::Service>("globals"),`
			`users: args.depend::<users::Service>("users"),`
			`},`
			`}))`
			`}`

apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`async fn worker(self: Arc<Self>) -> Result {`
add rocksdb secondary; fix read_only mode. Signed-off-by: Jason Volk <jason@zemos.net> 2024-10-01 04:20:31 +00:00			`if self.services.globals.is_read_only() {`
			`return Ok(());`
			`}`

apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`self.set_emergency_access().await.inspect_err(\|e\| {`
			`error!("Could not set the configured emergency password for the server user: {e}");`
			`})`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`}`

			`fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }`
			`}`

			`impl Service {`
rename conduit to conduwuit finally Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-14 21:58:01 -05:00			`/// Sets the emergency password and push rules for the server user account`
			`/// in case emergency password is set`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`async fn set_emergency_access(&self) -> Result {`
rename conduit to conduwuit finally Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-14 21:58:01 -05:00			`let server_user = &self.services.globals.server_user;`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00
			`self.services`
			`.users`
refactor+fix various issues with regs/logins and admin user commands Signed-off-by: June Clementine Strawberry <june@3.dog> 2025-03-02 23:16:30 -05:00			`.set_password(server_user, self.services.config.emergency_password.as_deref())?;`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00
refactor+fix various issues with regs/logins and admin user commands Signed-off-by: June Clementine Strawberry <june@3.dog> 2025-03-02 23:16:30 -05:00			`let (ruleset, pwd_set) = match self.services.config.emergency_password {`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`\| Some(_) => (Ruleset::server_default(server_user), true),`
			`\| None => (Ruleset::new(), false),`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`};`

Database Refactor combine service/users data w/ mod unit split sliding sync related out of service/users instrument database entry points remove increment crap from database interface de-wrap all database get() calls de-wrap all database insert() calls de-wrap all database remove() calls refactor database interface for async streaming add query key serializer for database implement Debug for result handle add query deserializer for database add deserialization trait for option handle start a stream utils suite de-wrap/asyncify/type-query count_one_time_keys() de-wrap/asyncify users count add admin query users command suite de-wrap/asyncify users exists de-wrap/partially asyncify user filter related asyncify/de-wrap users device/keys related asyncify/de-wrap user auth/misc related asyncify/de-wrap users blurhash asyncify/de-wrap account_data get; merge Data into Service partial asyncify/de-wrap uiaa; merge Data into Service partially asyncify/de-wrap transaction_ids get; merge Data into Service partially asyncify/de-wrap key_backups; merge Data into Service asyncify/de-wrap pusher service getters; merge Data into Service asyncify/de-wrap rooms alias getters/some iterators asyncify/de-wrap rooms directory getters/iterator partially asyncify/de-wrap rooms lazy-loading partially asyncify/de-wrap rooms metadata asyncify/dewrap rooms outlier asyncify/dewrap rooms pdu_metadata dewrap/partially asyncify rooms read receipt de-wrap rooms search service de-wrap/partially asyncify rooms user service partial de-wrap rooms state_compressor de-wrap rooms state_cache de-wrap room state et al de-wrap rooms timeline service additional users device/keys related de-wrap/asyncify sender asyncify services refactor database to TryFuture/TryStream refactor services for TryFuture/TryStream asyncify api handlers additional asyncification for admin module abstract stream related; support reverse streams additional stream conversions asyncify state-res related Signed-off-by: Jason Volk <jason@zemos.net> 2024-08-08 17:18:30 +00:00			`self.services`
			`.account_data`
			`.update(`
			`None,`
rename conduit to conduwuit finally Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-14 21:58:01 -05:00			`server_user,`
Database Refactor combine service/users data w/ mod unit split sliding sync related out of service/users instrument database entry points remove increment crap from database interface de-wrap all database get() calls de-wrap all database insert() calls de-wrap all database remove() calls refactor database interface for async streaming add query key serializer for database implement Debug for result handle add query deserializer for database add deserialization trait for option handle start a stream utils suite de-wrap/asyncify/type-query count_one_time_keys() de-wrap/asyncify users count add admin query users command suite de-wrap/asyncify users exists de-wrap/partially asyncify user filter related asyncify/de-wrap users device/keys related asyncify/de-wrap user auth/misc related asyncify/de-wrap users blurhash asyncify/de-wrap account_data get; merge Data into Service partial asyncify/de-wrap uiaa; merge Data into Service partially asyncify/de-wrap transaction_ids get; merge Data into Service partially asyncify/de-wrap key_backups; merge Data into Service asyncify/de-wrap pusher service getters; merge Data into Service asyncify/de-wrap rooms alias getters/some iterators asyncify/de-wrap rooms directory getters/iterator partially asyncify/de-wrap rooms lazy-loading partially asyncify/de-wrap rooms metadata asyncify/dewrap rooms outlier asyncify/dewrap rooms pdu_metadata dewrap/partially asyncify rooms read receipt de-wrap rooms search service de-wrap/partially asyncify rooms user service partial de-wrap rooms state_compressor de-wrap rooms state_cache de-wrap room state et al de-wrap rooms timeline service additional users device/keys related de-wrap/asyncify sender asyncify services refactor database to TryFuture/TryStream refactor services for TryFuture/TryStream asyncify api handlers additional asyncification for admin module abstract stream related; support reverse streams additional stream conversions asyncify state-res related Signed-off-by: Jason Volk <jason@zemos.net> 2024-08-08 17:18:30 +00:00			`GlobalAccountDataEventType::PushRules.to_string().into(),`
			`&serde_json::to_value(&GlobalAccountDataEvent {`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`content: PushRulesEventContent { global: ruleset },`
Database Refactor combine service/users data w/ mod unit split sliding sync related out of service/users instrument database entry points remove increment crap from database interface de-wrap all database get() calls de-wrap all database insert() calls de-wrap all database remove() calls refactor database interface for async streaming add query key serializer for database implement Debug for result handle add query deserializer for database add deserialization trait for option handle start a stream utils suite de-wrap/asyncify/type-query count_one_time_keys() de-wrap/asyncify users count add admin query users command suite de-wrap/asyncify users exists de-wrap/partially asyncify user filter related asyncify/de-wrap users device/keys related asyncify/de-wrap user auth/misc related asyncify/de-wrap users blurhash asyncify/de-wrap account_data get; merge Data into Service partial asyncify/de-wrap uiaa; merge Data into Service partially asyncify/de-wrap transaction_ids get; merge Data into Service partially asyncify/de-wrap key_backups; merge Data into Service asyncify/de-wrap pusher service getters; merge Data into Service asyncify/de-wrap rooms alias getters/some iterators asyncify/de-wrap rooms directory getters/iterator partially asyncify/de-wrap rooms lazy-loading partially asyncify/de-wrap rooms metadata asyncify/dewrap rooms outlier asyncify/dewrap rooms pdu_metadata dewrap/partially asyncify rooms read receipt de-wrap rooms search service de-wrap/partially asyncify rooms user service partial de-wrap rooms state_compressor de-wrap rooms state_cache de-wrap room state et al de-wrap rooms timeline service additional users device/keys related de-wrap/asyncify sender asyncify services refactor database to TryFuture/TryStream refactor services for TryFuture/TryStream asyncify api handlers additional asyncification for admin module abstract stream related; support reverse streams additional stream conversions asyncify state-res related Signed-off-by: Jason Volk <jason@zemos.net> 2024-08-08 17:18:30 +00:00			`})`
			`.expect("to json value always works"),`
			`)`
			`.await?;`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00
			`if pwd_set {`
			`warn!(`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`"The server account emergency password is set! Please unset it as soon as you \`
			`finish admin account recovery! You will be logged out of the server service \`
			`account when you finish."`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`);`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`Ok(())`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`} else {`
			`// logs out any users still in the server service account and removes sessions`
apply new rustfmt.toml changes, fix some clippy lints Signed-off-by: strawberry <strawberry@puppygock.gay> 2024-12-15 00:05:47 -05:00			`self.services.users.deactivate_account(server_user).await`
de-global services for services Signed-off-by: Jason Volk <jason@zemos.net> 2024-07-18 06:37:47 +00:00			`}`
			`}`
			`}`