2018-05-17 21:33:36 +02:00
|
|
|
import * as fs from "fs";
|
|
|
|
import * as path from "path";
|
2018-05-15 03:19:49 +02:00
|
|
|
|
2022-06-14 17:10:53 +02:00
|
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
|
|
import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
|
|
|
|
import { StateService } from "@bitwarden/common/abstractions/state.service";
|
|
|
|
import { Utils } from "@bitwarden/common/misc/utils";
|
2022-10-14 18:25:50 +02:00
|
|
|
import { CipherExport } from "@bitwarden/common/models/export/cipher.export";
|
|
|
|
import { CollectionExport } from "@bitwarden/common/models/export/collection.export";
|
|
|
|
import { FolderExport } from "@bitwarden/common/models/export/folder.export";
|
2022-10-18 19:01:42 +02:00
|
|
|
import { CollectionRequest } from "@bitwarden/common/models/request/collection.request";
|
|
|
|
import { SelectionReadOnlyRequest } from "@bitwarden/common/models/request/selection-read-only.request";
|
2023-01-31 22:08:37 +01:00
|
|
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
|
|
|
import { FolderApiServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder-api.service.abstraction";
|
|
|
|
import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
2019-03-16 03:34:59 +01:00
|
|
|
|
2022-11-18 13:20:19 +01:00
|
|
|
import { OrganizationCollectionRequest } from "../models/request/organization-collection.request";
|
|
|
|
import { Response } from "../models/response";
|
|
|
|
import { OrganizationCollectionResponse } from "../models/response/organization-collection.response";
|
2018-05-17 04:40:48 +02:00
|
|
|
import { CliUtils } from "../utils";
|
|
|
|
|
2023-01-31 22:08:37 +01:00
|
|
|
import { CipherResponse } from "./models/cipher.response";
|
|
|
|
import { FolderResponse } from "./models/folder.response";
|
|
|
|
|
2018-05-15 03:19:49 +02:00
|
|
|
export class CreateCommand {
|
2018-05-18 16:55:50 +02:00
|
|
|
constructor(
|
|
|
|
private cipherService: CipherService,
|
|
|
|
private folderService: FolderService,
|
2021-12-28 21:38:51 +01:00
|
|
|
private stateService: StateService,
|
2019-09-25 22:08:56 +02:00
|
|
|
private cryptoService: CryptoService,
|
2022-07-08 15:40:31 +02:00
|
|
|
private apiService: ApiService,
|
|
|
|
private folderApiService: FolderApiServiceAbstraction
|
2019-09-25 22:08:56 +02:00
|
|
|
) {}
|
2021-12-20 18:04:00 +01:00
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
async run(
|
|
|
|
object: string,
|
|
|
|
requestJson: string,
|
|
|
|
cmdOptions: Record<string, any>,
|
|
|
|
additionalData: any = null
|
|
|
|
): Promise<Response> {
|
2018-05-17 21:33:36 +02:00
|
|
|
let req: any = null;
|
|
|
|
if (object !== "attachment") {
|
2022-01-19 16:45:14 +01:00
|
|
|
if (process.env.BW_SERVE !== "true" && (requestJson == null || requestJson === "")) {
|
2018-05-17 21:33:36 +02:00
|
|
|
requestJson = await CliUtils.readStdin();
|
|
|
|
}
|
2021-12-20 18:04:00 +01:00
|
|
|
|
2018-05-17 21:33:36 +02:00
|
|
|
if (requestJson == null || requestJson === "") {
|
|
|
|
return Response.badRequest("`requestJson` was not provided.");
|
2018-05-15 16:50:06 +02:00
|
|
|
}
|
2021-12-20 18:04:00 +01:00
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
if (typeof requestJson !== "string") {
|
|
|
|
req = requestJson;
|
|
|
|
} else {
|
|
|
|
try {
|
|
|
|
const reqJson = Buffer.from(requestJson, "base64").toString();
|
|
|
|
req = JSON.parse(reqJson);
|
|
|
|
} catch (e) {
|
|
|
|
return Response.badRequest("Error parsing the encoded request data.");
|
|
|
|
}
|
2018-05-15 03:19:49 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
const normalizedOptions = new Options(cmdOptions);
|
2018-05-15 03:19:49 +02:00
|
|
|
switch (object.toLowerCase()) {
|
2021-12-20 18:04:00 +01:00
|
|
|
case "item":
|
2018-05-15 03:19:49 +02:00
|
|
|
return await this.createCipher(req);
|
2018-05-17 21:33:36 +02:00
|
|
|
case "attachment":
|
2022-01-19 16:45:14 +01:00
|
|
|
return await this.createAttachment(normalizedOptions, additionalData);
|
2018-05-15 03:19:49 +02:00
|
|
|
case "folder":
|
|
|
|
return await this.createFolder(req);
|
2019-09-25 22:08:56 +02:00
|
|
|
case "org-collection":
|
2022-01-19 16:45:14 +01:00
|
|
|
return await this.createOrganizationCollection(req, normalizedOptions);
|
2021-12-20 18:04:00 +01:00
|
|
|
default:
|
2019-10-01 17:16:24 +02:00
|
|
|
return Response.badRequest("Unknown object.");
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-05-16 03:58:36 +02:00
|
|
|
private async createCipher(req: CipherExport) {
|
|
|
|
const cipher = await this.cipherService.encrypt(CipherExport.toView(req));
|
2018-05-15 03:19:49 +02:00
|
|
|
try {
|
2022-10-25 21:24:21 +02:00
|
|
|
await this.cipherService.createWithServer(cipher);
|
2018-05-19 20:53:28 +02:00
|
|
|
const newCipher = await this.cipherService.get(cipher.id);
|
|
|
|
const decCipher = await newCipher.decrypt();
|
|
|
|
const res = new CipherResponse(decCipher);
|
|
|
|
return Response.success(res);
|
2018-05-15 03:19:49 +02:00
|
|
|
} catch (e) {
|
2018-05-15 17:08:55 +02:00
|
|
|
return Response.error(e);
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
private async createAttachment(options: Options, additionalData: any) {
|
|
|
|
if (options.itemId == null || options.itemId === "") {
|
|
|
|
return Response.badRequest("`itemid` option is required.");
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
2022-01-19 16:45:14 +01:00
|
|
|
let fileBuf: Buffer = null;
|
|
|
|
let fileName: string = null;
|
|
|
|
if (process.env.BW_SERVE === "true") {
|
|
|
|
fileBuf = additionalData.fileBuffer;
|
|
|
|
fileName = additionalData.fileName;
|
|
|
|
} else {
|
|
|
|
if (options.file == null || options.file === "") {
|
|
|
|
return Response.badRequest("`file` option is required.");
|
|
|
|
}
|
|
|
|
const filePath = path.resolve(options.file);
|
|
|
|
if (!fs.existsSync(options.file)) {
|
|
|
|
return Response.badRequest("Cannot find file at " + filePath);
|
|
|
|
}
|
|
|
|
fileBuf = fs.readFileSync(filePath);
|
|
|
|
fileName = path.basename(filePath);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (fileBuf == null) {
|
|
|
|
return Response.badRequest("File not provided.");
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
2022-01-19 16:45:14 +01:00
|
|
|
if (fileName == null || fileName.trim() === "") {
|
|
|
|
return Response.badRequest("File name not provided.");
|
2018-05-15 03:19:49 +02:00
|
|
|
}
|
2021-12-20 18:04:00 +01:00
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
const itemId = options.itemId.toLowerCase();
|
2018-05-17 21:55:44 +02:00
|
|
|
const cipher = await this.cipherService.get(itemId);
|
2018-05-17 21:33:36 +02:00
|
|
|
if (cipher == null) {
|
|
|
|
return Response.notFound();
|
2018-05-15 03:19:49 +02:00
|
|
|
}
|
|
|
|
|
2021-12-28 21:38:51 +01:00
|
|
|
if (cipher.organizationId == null && !(await this.stateService.getCanAccessPremium())) {
|
2018-08-29 15:22:24 +02:00
|
|
|
return Response.error("Premium status is required to use this feature.");
|
2018-05-17 21:33:36 +02:00
|
|
|
}
|
|
|
|
|
2018-05-15 18:18:47 +02:00
|
|
|
const encKey = await this.cryptoService.getEncKey();
|
2018-05-15 03:19:49 +02:00
|
|
|
if (encKey == null) {
|
2018-05-15 17:08:55 +02:00
|
|
|
return Response.error(
|
2018-05-18 16:55:50 +02:00
|
|
|
"You must update your encryption key before you can use this feature. " +
|
|
|
|
"See https://help.bitwarden.com/article/update-encryption-key/"
|
2018-05-15 17:08:55 +02:00
|
|
|
);
|
2018-05-15 03:19:49 +02:00
|
|
|
}
|
2019-09-25 22:08:56 +02:00
|
|
|
|
2021-12-20 18:04:00 +01:00
|
|
|
try {
|
2021-02-03 18:44:33 +01:00
|
|
|
await this.cipherService.saveAttachmentRawWithServer(
|
2021-12-20 18:04:00 +01:00
|
|
|
cipher,
|
2022-01-19 16:45:14 +01:00
|
|
|
fileName,
|
2018-05-17 21:33:36 +02:00
|
|
|
new Uint8Array(fileBuf).buffer
|
2021-12-20 18:04:00 +01:00
|
|
|
);
|
2021-02-03 18:44:33 +01:00
|
|
|
const updatedCipher = await this.cipherService.get(cipher.id);
|
|
|
|
const decCipher = await updatedCipher.decrypt();
|
2022-02-09 17:58:53 +01:00
|
|
|
return Response.success(new CipherResponse(decCipher));
|
2018-05-17 21:33:36 +02:00
|
|
|
} catch (e) {
|
2021-02-03 18:44:33 +01:00
|
|
|
return Response.error(e);
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-05-16 03:58:36 +02:00
|
|
|
private async createFolder(req: FolderExport) {
|
|
|
|
const folder = await this.folderService.encrypt(FolderExport.toView(req));
|
2021-02-03 18:44:33 +01:00
|
|
|
try {
|
2022-07-08 15:40:31 +02:00
|
|
|
await this.folderApiService.save(folder);
|
2021-02-03 18:44:33 +01:00
|
|
|
const newFolder = await this.folderService.get(folder.id);
|
|
|
|
const decFolder = await newFolder.decrypt();
|
2019-10-01 17:16:24 +02:00
|
|
|
const res = new FolderResponse(decFolder);
|
|
|
|
return Response.success(res);
|
2021-02-03 18:44:33 +01:00
|
|
|
} catch (e) {
|
|
|
|
return Response.error(e);
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-19 16:45:14 +01:00
|
|
|
private async createOrganizationCollection(req: OrganizationCollectionRequest, options: Options) {
|
|
|
|
if (options.organizationId == null || options.organizationId === "") {
|
|
|
|
return Response.badRequest("`organizationid` option is required.");
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
2022-01-19 16:45:14 +01:00
|
|
|
if (!Utils.isGuid(options.organizationId)) {
|
|
|
|
return Response.badRequest("`" + options.organizationId + "` is not a GUID.");
|
2019-10-01 17:16:24 +02:00
|
|
|
}
|
2022-01-19 16:45:14 +01:00
|
|
|
if (options.organizationId !== req.organizationId) {
|
|
|
|
return Response.badRequest("`organizationid` option does not match request object.");
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
2019-09-25 22:08:56 +02:00
|
|
|
try {
|
|
|
|
const orgKey = await this.cryptoService.getOrgKey(req.organizationId);
|
|
|
|
if (orgKey == null) {
|
|
|
|
throw new Error("No encryption key for this organization.");
|
|
|
|
}
|
2021-12-20 18:04:00 +01:00
|
|
|
|
2019-09-25 22:08:56 +02:00
|
|
|
const groups =
|
|
|
|
req.groups == null
|
|
|
|
? null
|
2021-02-04 05:51:59 +01:00
|
|
|
: req.groups.map((g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords));
|
2019-09-25 22:08:56 +02:00
|
|
|
const request = new CollectionRequest();
|
|
|
|
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
|
|
|
request.externalId = req.externalId;
|
|
|
|
request.groups = groups;
|
2020-10-20 15:38:11 +02:00
|
|
|
const response = await this.apiService.postCollection(req.organizationId, request);
|
2022-05-16 03:58:36 +02:00
|
|
|
const view = CollectionExport.toView(req);
|
2020-10-20 15:38:11 +02:00
|
|
|
view.id = response.id;
|
|
|
|
const res = new OrganizationCollectionResponse(view, groups);
|
2019-09-25 22:08:56 +02:00
|
|
|
return Response.success(res);
|
|
|
|
} catch (e) {
|
|
|
|
return Response.error(e);
|
|
|
|
}
|
2021-12-20 18:04:00 +01:00
|
|
|
}
|
2018-05-15 03:19:49 +02:00
|
|
|
}
|
2022-01-19 16:45:14 +01:00
|
|
|
|
|
|
|
class Options {
|
|
|
|
itemId: string;
|
|
|
|
organizationId: string;
|
|
|
|
file: string;
|
|
|
|
|
|
|
|
constructor(passedOptions: Record<string, any>) {
|
2022-01-26 17:28:56 +01:00
|
|
|
this.organizationId = passedOptions?.organizationid || passedOptions?.organizationId;
|
|
|
|
this.itemId = passedOptions?.itemid || passedOptions?.itemId;
|
|
|
|
this.file = passedOptions?.file;
|
2022-01-19 16:45:14 +01:00
|
|
|
}
|
|
|
|
}
|