Merge pull request #375 from forwardemail/feat/admin-tools-1

feat: add kyc, max quota and smtp limit to user admin page

Author: titanism

app/controllers/web/admin/users.js

@@ -4,6 +4,8 @@
  */
 
 const Boom = require('@hapi/boom');
+const RE2 = require('re2');
+const bytes = require('@forwardemail/bytes');
 const isSANB = require('is-string-and-not-blank');
 const paginate = require('koa-ctx-paginate');
 const parser = require('mongodb-query-parser');
@@ -13,6 +15,8 @@ const _ = require('#helpers/lodash');
 const { Users } = require('#models');
 const config = require('#config');
 
+const REGEX_BYTES = new RE2(/^((-|\+)?(\d+(?:\.\d+)?)) *(kb|mb|gb|tb|pb)$/i);
+
 const USER_SEARCH_PATHS = [
   'email',
   config.passport.fields.givenName,
@@ -91,18 +95,57 @@ async function update(ctx) {
   if (!user) throw Boom.notFound(ctx.translateError('INVALID_USER'));
   const { body } = ctx.request;
 
-  user[config.passport.fields.givenName] =
-    body[config.passport.fields.givenName];
-  user[config.passport.fields.familyName] =
-    body[config.passport.fields.familyName];
-  user[config.passport.fields.otpEnabled] =
-    body[config.passport.fields.otpEnabled];
-  user.email = body.email;
-  user.group = body.group;
+  if (body[config.passport.fields.givenName])
+    user[config.passport.fields.givenName] =
+      body[config.passport.fields.givenName];
+
+  if (body[config.passport.fields.familyName])
+    user[config.passport.fields.familyName] =
+      body[config.passport.fields.familyName];
 
-  if (boolean(!body[config.passport.fields.otpEnabled]))
+  if (body[config.passport.fields.otpEnabled])
+    user[config.passport.fields.otpEnabled] =
+      body[config.passport.fields.otpEnabled];
+
+  if (
+    body[config.passport.fields.otpEnabled] &&
+    boolean(!body[config.passport.fields.otpEnabled])
+  )
     user[config.userFields.pendingRecovery] = false;
 
+  if (body.email) user.email = body.email;
+
+  if (body.group) user.group = body.group;
+
+  if (isSANB(body.has_passed_kyc))
+    user.has_passed_kyc = boolean(body.has_passed_kyc);
+
+  if (body.max_quota_per_alias) {
+    // validate `body.max_quota_per_alias_per_alias` if a value was passed
+    if (
+      typeof body.max_quota_per_alias !== 'undefined' &&
+      typeof body.max_quota_per_alias !== 'string'
+    )
+      throw Boom.badRequest(ctx.translateError('INVALID_BYTES'));
+
+    // indicates reset of the value
+    if (body.max_quota_per_alias === '') {
+      user.max_quota_per_alias = Number.isFinite(
+        ctx.state.domain.max_quota_per_alias
+      )
+        ? ctx.state.domain.max_quota_per_alias
+        : config.maxQuotaPerAlias;
+    } else if (typeof body.max_quota_per_alias === 'string') {
+      // test against bytes regex
+      if (!REGEX_BYTES.test(body.max_quota_per_alias))
+        throw Boom.badRequest(ctx.translateError('INVALID_BYTES'));
+      // otherwise convert the value
+      user.max_quota_per_alias = bytes(body.max_quota_per_alias);
+    }
+  }
+
+  if (body.smtp_limit) user.smtp_limit = body.smtp_limit;
+
   await user.save();
 
   if (user.id === ctx.state.user.id) await ctx.login(user);

app/views/admin/users/_table.pug

@@ -19,6 +19,12 @@ include ../../_pagination
           +sortHeader('plan', null, '#table-users')
         th(scope="col")
           +sortHeader('group', null, '#table-users')
+        th(scope="col")
+          +sortHeader('has_passed_kyc', 'Passed KYC', '#table-users')
+        th(scope="col")
+          +sortHeader('max_quota_per_alias', 'Max Qouta', '#table-users')
+        th(scope="col")
+          +sortHeader('smtp_limit', 'SMTP Limit', '#table-users')
         th(scope="col")
           +sortHeader('created_at', 'Created', '#table-users')
         th(scope="col")
@@ -51,6 +57,63 @@ include ../../_pagination
             td.align-middle= user.alias_count
             td.align-middle= titleize(humanize(user.plan))
             td.align-middle= titleize(humanize(user.group))
+            td.align-middle.text-center
+              form.ajax-form.confirm-prompt.d-inline-block(
+                action=l(`/admin/users/${user.id}`),
+                method="POST"
+              )
+                input(type="hidden", name="_method", value="PUT")
+                input(
+                  type="hidden",
+                  name="has_passed_kyc",
+                  value=(!user.has_passed_kyc).toString()
+                )
+                button.btn.btn-sm(
+                  type="submit",
+                  class=user.has_passed_kyc ? "btn-danger" : "btn-success"
+                )
+                  if user.has_passed_kyc
+                    = "Missing KYC"
+                  else
+                    = "Passed KYC"
+            td.align-middle.text-center
+              form.ajax-form.confirm-prompt.d-inline-block(
+                action=l(`/admin/users/${user.id}`),
+                method="PUT"
+              )
+                input(type="hidden", name="_method", value="PUT")
+                .input-group
+                  input.form-control(
+                    type="string",
+                    name="max_quota_per_alias",
+                    value=Number.isFinite(user.max_quota_per_alias) ? bytes(user.max_quota_per_alias) : ""
+                  )
+                  .input-group-append
+                    button.btn.btn-sm.btn-dark(
+                      type="submit",
+                      data-toggle="tooltip",
+                      data-title=t("Update")
+                    ): i.fa.fa-fw.fa-save
+            td.align-middle.text-center
+              form.ajax-form.confirm-prompt.d-inline-block(
+                action=l(`/admin/users/${user.id}`),
+                method="PUT"
+              )
+                input(type="hidden", name="_method", value="PUT")
+                .input-group
+                  input.form-control(
+                    type="number",
+                    min=300,
+                    step=100,
+                    name="smtp_limit",
+                    value=user.smtp_limit
+                  )
+                  .input-group-append
+                    button.btn.btn-sm.btn-dark(
+                      type="submit",
+                      data-toggle="tooltip",
+                      data-title=t("Update")
+                    ): i.fa.fa-fw.fa-save
             td.align-middle.dayjs(
               data-time=new Date(user.created_at).getTime()
             )= dayjs(user.created_at).tz(user.timezone === 'Etc/Unknown' ? 'UTC' : user.timezone).format("M/D/YY h:mm A z")