MerginMaps · MarcelGeo · Jan 20, 2025 · Dec 11, 2024 · Dec 12, 2024 · Dec 12, 2024
diff --git a/server/mergin/app.py b/server/mergin/app.py
@@ -252,7 +252,7 @@ def custom_protect():
     _get_csrf_token = csrf._get_csrf_token
 
     def get_csrf_token():
-        if request.path.startswith("/v1/"):
+        if request.path.startswith("/v1/") or request.path.startswith("/v2/"):
             for header_name in app.app.config["WTF_CSRF_HEADERS"]:
                 csrf_token = request.headers.get(header_name)
                 if csrf_token:

diff --git a/server/mergin/auth/api.yaml b/server/mergin/auth/api.yaml
@@ -924,7 +924,7 @@ components:
       type: object
       properties:
         active_monthly_contributors:
-          type: array
+          type: integer
           description: count of users who made a project change last months
           items:
             type: integer
@@ -934,9 +934,9 @@ components:
           description: total number of projects
           example: 12
         storage:
-          type: string
+          type: number
           description: projest files size in bytes
-          example: 1024 kB
+          example: 1024
         users:
           type: integer
           description: count of registered accounts

diff --git a/server/mergin/auth/controller.py b/server/mergin/auth/controller.py
@@ -510,7 +510,9 @@ def create_user():
     username = request.json.get(
         "username", User.generate_username(request.json["email"])
     )
-    form = UserRegistrationForm()
+
+    # in public endpoint we want to disable form csrf - for browser clients endpoint is protected anyway
+    form = UserRegistrationForm(meta={"csrf": False})
     form.confirm.data = form.password.data
     form.username.data = username
     if not form.validate():
@@ -545,15 +547,13 @@ def create_user():
 @auth_required(permissions=["admin"])
 def get_server_usage():
     data = {
-        "active_monthly_contributors": [
-            current_app.ws_handler.monthly_contributors_count(),
-            current_app.ws_handler.monthly_contributors_count(month_offset=1),
-            current_app.ws_handler.monthly_contributors_count(month_offset=2),
-            current_app.ws_handler.monthly_contributors_count(month_offset=3),
-        ],
-        "projects": Project.query.count(),
+        "active_monthly_contributors": current_app.ws_handler.monthly_contributors_count(),
+        "projects": Project.query.filter(Project.removed_at.is_(None)).count(),
         "storage": files_size(),
-        "users": User.query.count(),
+        "users": User.query.filter(
+            is_(User.username.ilike("deleted_%"), False),
+        ).count(),
         "workspaces": current_app.ws_handler.workspace_count(),
+        "editors": current_app.ws_handler.server_editors_count(),
     }
     return data, 200
diff --git a/server/mergin/auth/models.py b/server/mergin/auth/models.py
@@ -6,6 +6,7 @@
 import datetime
 from typing import List, Optional
 import bcrypt
+import re
 from flask import current_app, request
 from sqlalchemy import or_, func, text
 
@@ -196,6 +197,10 @@ def generate_username(cls, email: str) -> Optional[str]:
         if not "@" in email:
             return
         username = email.split("@")[0].strip().lower()
+        # remove forbidden chars
+        username = re.sub(
+            r"[\@\#\$\%\^\&\*\(\)\{\}\[\]\?\'\"`,;\:\+\=\~\\\/\|\<\>]", "", username
+        )
         # check if we already do not have existing usernames
         suffix = db.session.execute(
             text(

diff --git a/server/mergin/stats/tasks.py b/server/mergin/stats/tasks.py
@@ -7,6 +7,7 @@
 import json
 import logging
 from flask import current_app
+from sqlalchemy.sql.operators import is_
 
 from .models import MerginInfo
 from ..celery import celery
@@ -60,12 +61,15 @@ def send_statistics():
         "url": current_app.config["MERGIN_BASE_URL"],
         "contact_email": current_app.config["CONTACT_EMAIL"],
         "licence": current_app.config["SERVER_TYPE"],
-        "projects_count": Project.query.count(),
-        "users_count": User.query.count(),
+        "projects_count": Project.query.filter(Project.removed_at.is_(None)).count(),
+        "users_count": User.query.filter(
+            is_(User.username.ilike("deleted_%"), False)
+        ).count(),
         "workspaces_count": current_app.ws_handler.workspace_count(),
         "last_change": str(last_change_item.updated) + "Z" if last_change_item else "",
         "server_version": current_app.config["VERSION"],
         "monthly_contributors": current_app.ws_handler.monthly_contributors_count(),
+        "editors": current_app.ws_handler.server_editors_count(),
     }
 
     try:

diff --git a/server/mergin/sync/interfaces.py b/server/mergin/sync/interfaces.py
@@ -172,6 +172,13 @@ def monthly_contributors_count():
         """
         pass
 
+    @staticmethod
+    def server_editors_count():
+        """
+        Return number of workspace editors in current server instance
+        """
+        pass
+
 
 class AbstractProjectHandler(ABC):
     @abstractmethod

diff --git a/server/mergin/sync/models.py b/server/mergin/sync/models.py
@@ -283,6 +283,8 @@ def unset_role(self, user_id: int) -> None:
 
     def get_member(self, user_id: int) -> Optional[ProjectMember]:
         """Get project member"""
+        from .permissions import ProjectPermissions
+
         member = self._member(user_id)
         if member:
             return ProjectMember(
@@ -291,6 +293,7 @@ def get_member(self, user_id: int) -> Optional[ProjectMember]:
                 email=member.user.email,
                 project_role=ProjectRole(member.role),
                 workspace_role=self.workspace.get_user_role(member.user),
+                role=ProjectPermissions.get_user_project_role(self, member.user),
             )
 
     def members_by_role(self, role: ProjectRole) -> List[int]:
@@ -350,6 +353,7 @@ class ProjectMember:
     username: str
     workspace_role: WorkspaceRole
     project_role: Optional[ProjectRole]
+    role: ProjectRole
 
 
 @dataclass
@@ -359,7 +363,8 @@ class ProjectAccessDetail:
     role: str
     username: str
     name: Optional[str]
-    project_permission: str
+    workspace_role: str
+    project_role: Optional[ProjectRole]
     type: str
 
 

diff --git a/server/mergin/sync/private_api.yaml b/server/mergin/sync/private_api.yaml
@@ -329,6 +329,7 @@ paths:
         required: true
         schema:
           type: string
+    #  // Kept for EE (collaborators + invitation) access, TODO: remove when a separate invitation endpoint is implemented
     get:
       tags:
         - project
@@ -350,34 +351,29 @@ paths:
         "404":
           $ref: "#/components/responses/NotFoundResp"
       x-openapi-router-controller: mergin.sync.private_api_controller
+  /project/{id}/public:
+    parameters:
+      - name: id
+        in: path
+        description: Project uuid
+        required: true
+        schema:
+          type: string
     patch:
-      summary: Update direct project access (sharing)
-      operationId: update_project_access
+      summary: Update public project flag
+      operationId: update_project_public_flag
       requestBody:
-        description: Request data
         required: true
         content:
           application/json:
             schema:
               type: object
               properties:
-                user_id:
-                  type: integer
                 public:
                   type: boolean
-                  nullable: true
-                role:
-                  type: string
-                  enum:
-                    - owner
-                    - writer
-                    - editor
-                    - reader
-                    - none
-                  example: writer
       responses:
-        "200":
-          $ref: "#/components/schemas/ProjectAccessUpdated"
+        "204":
+          description: OK
         "400":
           $ref: "#/components/responses/BadStatusResp"
         "401":
@@ -551,8 +547,7 @@ components:
         - id
         - type
         - email
-        - project_permission
-        - role
+        - workspace_role
       properties:
         id:
           description: User/Invitation (uu)id
@@ -569,16 +564,9 @@ components:
           type: string
           format: email
           example: john.doe@example.com
-        role:
+        workspace_role:
           description: Workspace role
-          type: string
-          enum:
-            - owner
-            - admin
-            - writer
-            - editor
-            - reader
-            - guest
+          $ref: "#/components/schemas/WorkspaceRole"
         username:
           description: Present only for type `member`
           type: string
@@ -587,13 +575,13 @@ components:
           description: Present only for type `member`
           type: string
           example: John Doe
-        project_permission:
-          type: string
-          enum:
-            - owner
-            - writer
-            - editor
-            - reader
+        role:
+          description: Project role defined as combination of project and workspace roles
+          $ref: "#/components/schemas/ProjectRole"
+        project_role:
+          nullable: true
+          description: Project role defined in database, not calculated version
+          $ref: "#/components/schemas/ProjectRole"
         invitation:
           description: Present only for type `invitation`
           type: object
@@ -658,3 +646,19 @@ components:
           items:
             type: integer
             example: [1]
+    WorkspaceRole:
+      type: string
+      enum:
+        - owner
+        - admin
+        - writer
+        - editor
+        - reader
+        - guest
+    ProjectRole:
+      type: string
+      enum:
+        - owner
+        - writer
+        - editor
+        - reader
diff --git a/server/mergin/sync/private_api_controller.py b/server/mergin/sync/private_api_controller.py
@@ -26,7 +26,6 @@
     AdminProjectSchema,
     ProjectAccessSchema,
     ProjectAccessDetailSchema,
-    ProjectVersionListSchema,
 )
 from .permissions import (
     require_project_by_uuid,
@@ -304,28 +303,16 @@ def unsubscribe_project(id):  # pylint: disable=W0612
 
 
 @auth_required
-def update_project_access(id: str):
-    """Modify shared project access
+def update_project_public_flag(id: str):
+    """Modify the project's public flag
 
     :param id: Project uuid
     """
     project = require_project_by_uuid(id, ProjectPermissions.Update)
 
-    if "public" in request.json:
-        project.public = request.json["public"]
-
-    if "user_id" in request.json and "role" in request.json:
-        user = User.query.filter_by(
-            id=request.json["user_id"], active=True
-        ).first_or_404("User does not exist")
-
-        if request.json["role"] == "none":
-            project.unset_role(user.id)
-        else:
-            project.set_role(user.id, ProjectRole(request.json["role"]))
-            project_access_granted.send(project, user_id=user.id)
+    project.public = request.json.get("public", False)
     db.session.commit()
-    return ProjectAccessSchema().dump(project), 200
+    return NoContent, 204
 
 
 @auth_required

diff --git a/server/mergin/sync/public_api.yaml b/server/mergin/sync/public_api.yaml
@@ -1044,6 +1044,23 @@ components:
         detail: Maximum number of people in this workspace is reached. Please upgrade your subscription to add more people (UsersLimitHit)
         rejected_emails: [ rejected@example.com ]
         users_quota: 6
+    EditorsLimitHit:
+      allOf:
+        - $ref: '#/components/schemas/CustomError'
+      type: object
+      properties:
+        rejected_emails:
+          nullable: true
+          type: array
+          items:
+            type: string
+        editors_quota:
+          type: integer
+      example:
+        code: EditorsLimitHit
+        detail: Maximum number of editors in this workspace is reached. Please upgrade your subscription to add more (EditorsLimitHit)
+        rejected_emails: [ rejected@example.com ]
+        editors_quota: 6
     UpdateProjectAccessError:
       allOf:
         - $ref: '#/components/schemas/CustomError'

diff --git a/server/mergin/sync/public_api_controller.py b/server/mergin/sync/public_api_controller.py
@@ -680,11 +680,34 @@ def update_project(namespace, project_name):  # noqa: E501  # pylint: disable=W0
     """
     project = require_project(namespace, project_name, ProjectPermissions.Update)
     parsed_access = parse_project_access_update_request(request.json.get("access", {}))
+
+    # get current status for easier rollback
+    modified_user_ids = []
+    for role in list(ProjectRole.__reversed__()):
+        modified_user_ids.extend(parsed_access.get(role, []))
+    current_permissions_map = {
+        user_id: project.get_role(user_id) for user_id in modified_user_ids
+    }
+
     # get set of modified user_ids and possible (custom) errors
     id_diffs, error = current_app.ws_handler.update_project_members(
         project, parsed_access
     )
 
+    # revert back rejected changes
+    if error and hasattr(error, "rejected_emails"):
+        rejected_users = (
+            db.session.query(User.id)
+            .filter(User.email.in_(error.rejected_emails))
+            .all()
+        )
+        for user in rejected_users:
+            if current_permissions_map[user.id] is None:
+                project.unset_role(user.id)
+            else:
+                project.set_role(user.id, current_permissions_map[user.id])
+        db.session.commit()
+
     if not id_diffs and error:
         # nothing was done but there are errors
         return jsonify(error.to_dict()), 422