pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-08 01:09:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

🚧 wip: email whitelist

Browse Source
This commit is contained in:
Fred KISSIE
2026-03-03 20:26:17 +01:00
parent 20b65f549e
commit be2b1fd1ce
8 changed files with 220 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docker-compose.mail.yml Normal file
View File

@@ -0,0 +1,13 @@
services:
mailer:
image: axllent/mailpit
ports:
- 8025:8025
- 1025:1025
volumes:
- mailpit-storage:/data
environment:
- MP_DATABASE=/data/mailpit.db
volumes:
mailpit-storage:

22
server/db/pg/schema/schema.ts
View File

@@ -469,6 +469,16 @@ export const userPolicies = pgTable("userPolicies", {
})
});
export const resourcePolicyWhiteList = pgTable("resourcePolicyWhitelist", {
whitelistId: serial("id").primaryKey(),
email: varchar("email").notNull(),
resourcePolicyId: integer("resourcePolicyId")
.notNull()
.references(() => resourcePolicies.resourcePolicyId, {
onDelete: "cascade"
})
});
export const userInvites = pgTable("userInvites", {
inviteId: varchar("inviteId").primaryKey(),
orgId: varchar("orgId")
@@ -621,12 +631,7 @@ export const resourceWhitelist = pgTable("resourceWhitelist", {
email: varchar("email").notNull(),
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
.notNull()
.references(() => resourcePolicies.resourcePolicyId, {
onDelete: "cascade"
})
.references(() => resources.resourceId, { onDelete: "cascade" })
});
export const resourceOtp = pgTable("resourceOtp", {
@@ -634,11 +639,6 @@ export const resourceOtp = pgTable("resourceOtp", {
resourceId: integer("resourceId")
.notNull()
.references(() => resources.resourceId, { onDelete: "cascade" }),
resourcePolicyId: integer("resourcePolicyId")
.notNull()
.references(() => resourcePolicies.resourcePolicyId, {
onDelete: "cascade"
}),
email: varchar("email").notNull(),
otpHash: varchar("otpHash").notNull(),
expiresAt: bigint("expiresAt", { mode: "number" }).notNull()

15
server/routers/policy/getResourcePolicy.ts
View File

@@ -5,6 +5,7 @@ import {
resourcePolicyHeaderAuth,
resourcePolicyPassword,
resourcePolicyPincode,
resourcePolicyWhiteList,
rolePolicies,
roles,
userPolicies,
@@ -116,7 +117,19 @@ async function query(params: z.infer<typeof getResourcePolicySchema>) {
)
.where(eq(rolePolicies.resourcePolicyId, res.resourcePolicyId));
return { ...res, roles: policyRoles, users: policyUsers };
const policyEmailWhiteList = await db
.select()
.from(resourcePolicyWhiteList)
.where(
eq(resourcePolicyWhiteList.resourcePolicyId, res.resourcePolicyId)
);
return {
...res,
roles: policyRoles,
users: policyUsers,
emailWhiteList: policyEmailWhiteList
};
}
export type GetResourcePolicyResponse = NonNullable<

6
src/components/resource-policy/EditPolicyAuthMethodsSectionForm.tsx
View File

@@ -4,6 +4,7 @@ import {
SettingsSection,
SettingsSectionBody,
SettingsSectionDescription,
SettingsSectionFooter,
SettingsSectionForm,
SettingsSectionHeader,
SettingsSectionTitle
@@ -136,7 +137,6 @@ export function EditPolicyAuthMethodsSectionForm() {
if (!isValid) return;
const payload = form.getValues();
console.log({ payload, policy });
const responseArray: Array<Promise<AxiosResponse<{}> | void>> = [];
@@ -640,7 +640,7 @@ export function EditPolicyAuthMethodsSectionForm() {
</SettingsSectionForm>
</SettingsSectionBody>
<div className="flex py-6 justify-end">
<SettingsSectionFooter>
<Button
type="submit"
loading={isSubmitting}
@@ -648,7 +648,7 @@ export function EditPolicyAuthMethodsSectionForm() {
>
{t("saveSettings")}
</Button>
</div>
</SettingsSectionFooter>
</SettingsSection>
</form>
</Form>

9
src/components/resource-policy/EditPolicyForm.tsx
View File

@@ -21,6 +21,7 @@ import { useMemo } from "react";
import { EditPolicyAuthMethodsSectionForm } from "./EditPolicyAuthMethodsSectionForm";
import { EditPolicyNameSectionForm } from "./EditPolicyNameSectionForm";
import { EditPolicyUsersRolesSectionForm } from "./EditPolicyUserRolesSectionForm";
import { EditPolicyOtpEmailSectionForm } from "./EditPolicyOtpEmailSectionForm";
// ─── EditPolicyForm ─────────────────────────────────────────────────────────
@@ -107,11 +108,11 @@ export function EditPolicyForm({ hidePolicyNameForm }: EditPolicyFormProps) {
/>
<EditPolicyAuthMethodsSectionForm />
<EditPolicyOtpEmailSectionForm
emailEnabled={env.email.emailEnabled}
/>
{/*
<PolicyOtpEmailSection
form={form}
emailEnabled={env.email.emailEnabled}
/>
<PolicyRulesSection
form={form}
isMaxmindAvailable={isMaxmindAvailable}

5
src/components/resource-policy/EditPolicyNameSectionForm.tsx
View File

@@ -4,6 +4,7 @@ import {
SettingsSection,
SettingsSectionBody,
SettingsSectionDescription,
SettingsSectionFooter,
SettingsSectionForm,
SettingsSectionHeader,
SettingsSectionTitle
@@ -136,7 +137,7 @@ export function EditPolicyNameSectionForm() {
</SettingsSectionForm>
</SettingsSectionBody>
<div className="flex py-6 justify-end">
<SettingsSectionFooter>
<Button
type="submit"
loading={isSubmitting}
@@ -144,7 +145,7 @@ export function EditPolicyNameSectionForm() {
>
{t("saveSettings")}
</Button>
</div>
</SettingsSectionFooter>
</SettingsSection>
</form>
</Form>

270
src/components/resource-policy/EditPolicyOtpEmailSectionForm.tsx
View File

@@ -4,6 +4,7 @@ import {
SettingsSection,
SettingsSectionBody,
SettingsSectionDescription,
SettingsSectionFooter,
SettingsSectionForm,
SettingsSectionHeader,
SettingsSectionTitle
@@ -13,13 +14,14 @@ import { useTranslations } from "next-intl";
import z from "zod";
import { type PolicyFormValues } from ".";
import { createPolicySchema, type PolicyFormValues } from ".";
import { SwitchInput } from "@app/components/SwitchInput";
import { Tag, TagInput } from "@app/components/tags/tag-input";
import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert";
import { Button } from "@app/components/ui/button";
import {
Form,
FormControl,
FormDescription,
FormField,
@@ -30,27 +32,64 @@ import { InfoPopup } from "@app/components/ui/info-popup";
import { InfoIcon, Plus } from "lucide-react";
import { useState } from "react";
import { UseFormReturn } from "react-hook-form";
import { useActionState, useState } from "react";
import { useForm, UseFormReturn, useWatch } from "react-hook-form";
import { zodResolver } from "@hookform/resolvers/zod";
import { useRouter } from "next/navigation";
import { useResourcePolicyContext } from "@app/providers/ResourcePolicyProvider";
// ─── PolicyOtpEmailSection ────────────────────────────────────────────────────
type PolicyOtpEmailSectionProps = {
form: UseFormReturn<PolicyFormValues, any, any>;
emailEnabled: boolean;
};
export function PolicyOtpEmailSection({
form,
export function EditPolicyOtpEmailSectionForm({
emailEnabled
}: PolicyOtpEmailSectionProps) {
const t = useTranslations();
const [isExpanded, setIsExpanded] = useState(false);
const [whitelistEnabled, setWhitelistEnabled] = useState(false);
const { policy } = useResourcePolicyContext();
const router = useRouter();
const form = useForm({
resolver: zodResolver(
createPolicySchema.pick({
emailWhitelistEnabled: true,
emails: true
})
),
defaultValues: {
emailWhitelistEnabled: policy.emailWhitelistEnabled,
emails: policy.emailWhiteList.map((email) => ({
id: email.whitelistId.toString(),
text: email.email
}))
}
});
const whitelistEnabled = useWatch({
control: form.control,
name: "emailWhitelistEnabled"
});
const [isExpanded, setIsExpanded] = useState(whitelistEnabled);
const [activeEmailTagIndex, setActiveEmailTagIndex] = useState<
number | null
>(null);
const [, formAction, isSubmitting] = useActionState(onSubmit, null);
async function onSubmit() {
const isValid = await form.trigger();
if (!isValid) return;
const payload = form.getValues();
console.log({ payload, policy });
}
if (!isExpanded) {
return (
<SettingsSection>
@@ -77,100 +116,127 @@ export function PolicyOtpEmailSection({
}
return (
<SettingsSection>
<SettingsSectionHeader>
<SettingsSectionTitle>
{t("otpEmailTitle")}
</SettingsSectionTitle>
<SettingsSectionDescription>
{t("otpEmailTitleDescription")}
</SettingsSectionDescription>
</SettingsSectionHeader>
<SettingsSectionBody>
<SettingsSectionForm>
{!emailEnabled && (
<Alert variant="neutral" className="mb-4">
<InfoIcon className="h-4 w-4" />
<AlertTitle className="font-semibold">
{t("otpEmailSmtpRequired")}
</AlertTitle>
<AlertDescription>
{t("otpEmailSmtpRequiredDescription")}
</AlertDescription>
</Alert>
)}
<SwitchInput
id="whitelist-toggle"
label={t("otpEmailWhitelist")}
defaultChecked={false}
onCheckedChange={(val) => {
setWhitelistEnabled(val);
form.setValue("emailWhitelistEnabled", val);
}}
disabled={!emailEnabled}
/>
{whitelistEnabled && emailEnabled && (
<FormField
control={form.control}
name="emails"
render={({ field }) => (
<FormItem>
<FormLabel>
<InfoPopup
text={t("otpEmailWhitelistList")}
info={t(
"otpEmailWhitelistListDescription"
)}
/>
</FormLabel>
<FormControl>
{/* @ts-ignore */}
<TagInput
{...field}
activeTagIndex={activeEmailTagIndex}
size="sm"
validateTag={(tag) => {
return z
.email()
.or(
z
.string()
.regex(
/^\*@[\w.-]+\.[a-zA-Z]{2,}$/,
{
message: t(
"otpEmailErrorInvalid"
)
}
)
)
.safeParse(tag).success;
}}
setActiveTagIndex={
setActiveEmailTagIndex
}
placeholder={t("otpEmailEnter")}
tags={form.getValues().emails}
setTags={(newEmails) => {
form.setValue(
"emails",
newEmails as [Tag, ...Tag[]]
);
}}
allowDuplicates={false}
sortTags={true}
/>
</FormControl>
<FormDescription>
{t("otpEmailEnterDescription")}
</FormDescription>
</FormItem>
<Form {...form}>
<form action={formAction}>
<SettingsSection>
<SettingsSectionHeader>
<SettingsSectionTitle>
{t("otpEmailTitle")}
</SettingsSectionTitle>
<SettingsSectionDescription>
{t("otpEmailTitleDescription")}
</SettingsSectionDescription>
</SettingsSectionHeader>
<SettingsSectionBody>
<SettingsSectionForm>
{!emailEnabled && (
<Alert variant="neutral" className="mb-4">
<InfoIcon className="h-4 w-4" />
<AlertTitle className="font-semibold">
{t("otpEmailSmtpRequired")}
</AlertTitle>
<AlertDescription>
{t("otpEmailSmtpRequiredDescription")}
</AlertDescription>
</Alert>
)}
/>
)}
</SettingsSectionForm>
</SettingsSectionBody>
</SettingsSection>
<SwitchInput
id="whitelist-toggle"
label={t("otpEmailWhitelist")}
defaultChecked={false}
onCheckedChange={(val) => {
form.setValue("emailWhitelistEnabled", val);
}}
disabled={!emailEnabled}
/>
{whitelistEnabled && emailEnabled && (
<FormField
control={form.control}
name="emails"
render={({ field }) => (
<FormItem>
<FormLabel>
<InfoPopup
text={t(
"otpEmailWhitelistList"
)}
info={t(
"otpEmailWhitelistListDescription"
)}
/>
</FormLabel>
<FormControl>
{/* @ts-ignore */}
<TagInput
{...field}
activeTagIndex={
activeEmailTagIndex
}
size="sm"
validateTag={(tag) => {
return z
.email()
.or(
z
.string()
.regex(
/^\*@[\w.-]+\.[a-zA-Z]{2,}$/,
{
message:
t(
"otpEmailErrorInvalid"
)
}
)
)
.safeParse(tag)
.success;
}}
setActiveTagIndex={
setActiveEmailTagIndex
}
placeholder={t(
"otpEmailEnter"
)}
tags={
form.getValues()
.emails ?? []
}
setTags={(newEmails) => {
form.setValue(
"emails",
newEmails as [
Tag,
...Tag[]
]
);
}}
allowDuplicates={false}
sortTags={true}
/>
</FormControl>
<FormDescription>
{t("otpEmailEnterDescription")}
</FormDescription>
</FormItem>
)}
/>
)}
</SettingsSectionForm>
<SettingsSectionFooter>
<Button
type="submit"
loading={isSubmitting}
disabled={isSubmitting || !emailEnabled}
>
{t("otpEmailWhitelistSave")}
</Button>
</SettingsSectionFooter>
</SettingsSectionBody>
</SettingsSection>
</form>
</Form>
);
}

5
src/components/resource-policy/EditPolicyUserRolesSectionForm.tsx
View File

@@ -4,6 +4,7 @@ import {
SettingsSection,
SettingsSectionBody,
SettingsSectionDescription,
SettingsSectionFooter,
SettingsSectionForm,
SettingsSectionHeader,
SettingsSectionTitle
@@ -342,7 +343,7 @@ export function EditPolicyUsersRolesSectionForm({
</SettingsSectionForm>
</SettingsSectionBody>
<div className="flex py-6 justify-end">
<SettingsSectionFooter>
<Button
type="submit"
loading={isSubmitting}
@@ -350,7 +351,7 @@ export function EditPolicyUsersRolesSectionForm({
>
{t("resourceUsersRolesSubmit")}
</Button>
</div>
</SettingsSectionFooter>
</SettingsSection>
</form>
</Form>