mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-25 12:15:18 +01:00
[AC-1492] Split export service (#7462)
* Split export service into vault and org export service * Changed CLI logic to use split export logic * correct unit tests * Created individual export service, export service making the calls for org and ind vault * Improved code readability * Merged PasswordProtectedExport with Export methods to simplify calls * Some small refactor * [AC-1492] Managed collections export (#7556) * Added managed collections export method Added logic to show orgs on export that the user can export from * Merge branch 'tools/AC-1492/split-export-services' into tools/AC-1492/export-flexible-collections # Conflicts: # apps/web/src/app/admin-console/organizations/tools/vault-export/org-vault-export.component.ts # apps/web/src/app/tools/vault-export/export.component.ts * Change export to use new organization.flexiblecollection flag * Little refactor changing parameter names and reduzing the size of export.component.ts ngOnInit * Removed unused service from export constructor and removed unnecessary default value from org export service parameter * Simplified organizations selection for vault export to only verify if it has flexiblecollections * removed unecessary services from ExportComponent constructor on popup * Fixed possible race condition on managed export
This commit is contained in:
aj-rosado
GitHub
parent
053053624f
commit
d5de9cbeb2
@ -123,6 +123,10 @@ import { SyncNotifierService } from "@bitwarden/common/vault/services/sync/sync-
|
||||
import { SyncService } from "@bitwarden/common/vault/services/sync/sync.service";
|
||||
import { TotpService } from "@bitwarden/common/vault/services/totp.service";
|
||||
import {
|
||||
IndividualVaultExportService,
|
||||
IndividualVaultExportServiceAbstraction,
|
||||
OrganizationVaultExportService,
|
||||
OrganizationVaultExportServiceAbstraction,
|
||||
VaultExportService,
|
||||
VaultExportServiceAbstraction,
|
||||
} from "@bitwarden/exporter/vault-export";
|
||||
@ -253,6 +257,8 @@ export default class MainBackground {
|
||||
derivedStateProvider: DerivedStateProvider;
|
||||
stateProvider: StateProvider;
|
||||
fido2Service: Fido2ServiceAbstraction;
|
||||
individualVaultExportService: IndividualVaultExportServiceAbstraction;
|
||||
organizationVaultExportService: OrganizationVaultExportServiceAbstraction;
|
||||
|
||||
// Passed to the popup for Safari to workaround issues with theming, downloading, etc.
|
||||
backgroundWindow = window;
|
||||
@ -635,14 +641,28 @@ export default class MainBackground {
|
||||
this.cryptoService,
|
||||
);
|
||||
|
||||
this.exportService = new VaultExportService(
|
||||
this.individualVaultExportService = new IndividualVaultExportService(
|
||||
this.folderService,
|
||||
this.cipherService,
|
||||
this.cryptoService,
|
||||
this.cryptoFunctionService,
|
||||
this.stateService,
|
||||
);
|
||||
|
||||
this.organizationVaultExportService = new OrganizationVaultExportService(
|
||||
this.cipherService,
|
||||
this.apiService,
|
||||
this.cryptoService,
|
||||
this.cryptoFunctionService,
|
||||
this.stateService,
|
||||
this.collectionService,
|
||||
);
|
||||
|
||||
this.exportService = new VaultExportService(
|
||||
this.individualVaultExportService,
|
||||
this.organizationVaultExportService,
|
||||
);
|
||||
|
||||
this.notificationsService = new NotificationsService(
|
||||
this.logService,
|
||||
this.syncService,
|
||||
|
||||
@ -88,6 +88,10 @@ import { SyncNotifierService } from "@bitwarden/common/vault/services/sync/sync-
|
||||
import { SyncService } from "@bitwarden/common/vault/services/sync/sync.service";
|
||||
import { TotpService } from "@bitwarden/common/vault/services/totp.service";
|
||||
import {
|
||||
IndividualVaultExportService,
|
||||
IndividualVaultExportServiceAbstraction,
|
||||
OrganizationVaultExportService,
|
||||
OrganizationVaultExportServiceAbstraction,
|
||||
VaultExportService,
|
||||
VaultExportServiceAbstraction,
|
||||
} from "@bitwarden/exporter/vault-export";
|
||||
@ -146,6 +150,8 @@ export class Main {
|
||||
importService: ImportServiceAbstraction;
|
||||
importApiService: ImportApiServiceAbstraction;
|
||||
exportService: VaultExportServiceAbstraction;
|
||||
individualExportService: IndividualVaultExportServiceAbstraction;
|
||||
organizationExportService: OrganizationVaultExportServiceAbstraction;
|
||||
searchService: SearchService;
|
||||
cryptoFunctionService: NodeCryptoFunctionService;
|
||||
encryptService: EncryptServiceImplementation;
|
||||
@ -509,13 +515,27 @@ export class Main {
|
||||
this.collectionService,
|
||||
this.cryptoService,
|
||||
);
|
||||
this.exportService = new VaultExportService(
|
||||
|
||||
this.individualExportService = new IndividualVaultExportService(
|
||||
this.folderService,
|
||||
this.cipherService,
|
||||
this.cryptoService,
|
||||
this.cryptoFunctionService,
|
||||
this.stateService,
|
||||
);
|
||||
|
||||
this.organizationExportService = new OrganizationVaultExportService(
|
||||
this.cipherService,
|
||||
this.apiService,
|
||||
this.cryptoService,
|
||||
this.cryptoFunctionService,
|
||||
this.stateService,
|
||||
this.collectionService,
|
||||
);
|
||||
|
||||
this.exportService = new VaultExportService(
|
||||
this.individualExportService,
|
||||
this.organizationExportService,
|
||||
);
|
||||
|
||||
this.auditService = new AuditService(this.cryptoFunctionService, this.apiService);
|
||||
|
||||
@ -32,7 +32,14 @@ export class ExportCommand {
|
||||
);
|
||||
}
|
||||
|
||||
const format = options.format ?? "csv";
|
||||
let password = options.password;
|
||||
|
||||
// has password and format is 'json' => should have the same behaviour as 'encrypted_json'
|
||||
// format is 'undefined' => Defaults to 'csv'
|
||||
// Any other case => returns the options.format
|
||||
const format =
|
||||
password && options.format == "json" ? "encrypted_json" : options.format ?? "csv";
|
||||
|
||||
if (!this.isSupportedExportFormat(format)) {
|
||||
return Response.badRequest(
|
||||
`'${format}' is not a supported export format. Supported formats: ${EXPORT_FORMATS.join(
|
||||
@ -47,10 +54,18 @@ export class ExportCommand {
|
||||
|
||||
let exportContent: string = null;
|
||||
try {
|
||||
if (format === "encrypted_json") {
|
||||
password = await this.promptPassword(password);
|
||||
}
|
||||
|
||||
exportContent =
|
||||
format === "encrypted_json"
|
||||
? await this.getProtectedExport(options.password, options.organizationid)
|
||||
: await this.getUnprotectedExport(format, options.organizationid);
|
||||
options.organizationid == null
|
||||
? await this.exportService.getExport(format, password)
|
||||
: await this.exportService.getOrganizationExport(
|
||||
options.organizationid,
|
||||
format,
|
||||
password,
|
||||
);
|
||||
|
||||
const eventType = options.organizationid
|
||||
? EventType.Organization_ClientExportedVault
|
||||
@ -62,17 +77,6 @@ export class ExportCommand {
|
||||
return await this.saveFile(exportContent, options, format);
|
||||
}
|
||||
|
||||
private async getProtectedExport(passwordOption: string | boolean, organizationId?: string) {
|
||||
const password = await this.promptPassword(passwordOption);
|
||||
return password == null
|
||||
? await this.exportService.getExport("encrypted_json", organizationId)
|
||||
: await this.exportService.getPasswordProtectedExport(password, organizationId);
|
||||
}
|
||||
|
||||
private async getUnprotectedExport(format: ExportFormat, organizationId?: string) {
|
||||
return this.exportService.getExport(format, organizationId);
|
||||
}
|
||||
|
||||
private async saveFile(
|
||||
exportContent: string,
|
||||
options: program.OptionValues,
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
import { Component } from "@angular/core";
|
||||
import { UntypedFormBuilder } from "@angular/forms";
|
||||
import { ActivatedRoute } from "@angular/router";
|
||||
import { map, switchMap } from "rxjs";
|
||||
|
||||
import { EventCollectionService } from "@bitwarden/common/abstractions/event/event-collection.service";
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
@ -62,20 +61,15 @@ export class OrganizationVaultExportComponent extends ExportComponent {
|
||||
this.organizationId = params.organizationId;
|
||||
});
|
||||
|
||||
this.flexibleCollectionsEnabled$ = this.route.parent.parent.params.pipe(
|
||||
switchMap((params) => this.organizationService.get$(params.organizationId)),
|
||||
map((organization) => organization.flexibleCollections),
|
||||
);
|
||||
|
||||
await super.ngOnInit();
|
||||
}
|
||||
|
||||
getExportData() {
|
||||
if (this.isFileEncryptedExport) {
|
||||
return this.exportService.getPasswordProtectedExport(this.filePassword, this.organizationId);
|
||||
} else {
|
||||
return this.exportService.getOrganizationExport(this.organizationId, this.format);
|
||||
}
|
||||
return this.exportService.getOrganizationExport(
|
||||
this.organizationId,
|
||||
this.format,
|
||||
this.filePassword,
|
||||
);
|
||||
}
|
||||
|
||||
getFileName() {
|
||||
|
||||
@ -15,7 +15,8 @@
|
||||
*ngIf="!disabledByPolicy"
|
||||
></app-export-scope-callout>
|
||||
|
||||
<bit-form-field *ngIf="flexibleCollectionsEnabled$ | async">
|
||||
<ng-container *ngIf="organizations$ | async as organizations">
|
||||
<bit-form-field *ngIf="organizations.length > 0">
|
||||
<bit-label>{{ "exportFrom" | i18n }}</bit-label>
|
||||
<bit-select formControlName="vaultSelector">
|
||||
<bit-option [label]="'myVault' | i18n" value="myVault" icon="bwi-user" />
|
||||
@ -27,6 +28,7 @@
|
||||
/>
|
||||
</bit-select>
|
||||
</bit-form-field>
|
||||
</ng-container>
|
||||
|
||||
<bit-form-field>
|
||||
<bit-label>{{ "fileFormat" | i18n }}</bit-label>
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
import { Component } from "@angular/core";
|
||||
import { UntypedFormBuilder } from "@angular/forms";
|
||||
import { Observable, firstValueFrom } from "rxjs";
|
||||
import { firstValueFrom } from "rxjs";
|
||||
|
||||
import { ExportComponent as BaseExportComponent } from "@bitwarden/angular/tools/export/components/export.component";
|
||||
import { EventCollectionService } from "@bitwarden/common/abstractions/event/event-collection.service";
|
||||
@ -25,9 +25,6 @@ export class ExportComponent extends BaseExportComponent {
|
||||
encryptedExportType = EncryptedExportType;
|
||||
protected showFilePassword: boolean;
|
||||
|
||||
// Used in the OrganizationVaultExport subclass
|
||||
protected flexibleCollectionsEnabled$ = new Observable<boolean>();
|
||||
|
||||
constructor(
|
||||
i18nService: I18nService,
|
||||
platformUtilsService: PlatformUtilsService,
|
||||
|
||||
@ -172,6 +172,10 @@ import { TotpService } from "@bitwarden/common/vault/services/totp.service";
|
||||
import {
|
||||
VaultExportService,
|
||||
VaultExportServiceAbstraction,
|
||||
OrganizationVaultExportService,
|
||||
OrganizationVaultExportServiceAbstraction,
|
||||
IndividualVaultExportService,
|
||||
IndividualVaultExportServiceAbstraction,
|
||||
} from "@bitwarden/exporter/vault-export";
|
||||
import {
|
||||
ImportApiService,
|
||||
@ -537,17 +541,33 @@ import { ModalService } from "./modal.service";
|
||||
],
|
||||
},
|
||||
{
|
||||
provide: VaultExportServiceAbstraction,
|
||||
useClass: VaultExportService,
|
||||
provide: IndividualVaultExportServiceAbstraction,
|
||||
useClass: IndividualVaultExportService,
|
||||
deps: [
|
||||
FolderServiceAbstraction,
|
||||
CipherServiceAbstraction,
|
||||
CryptoServiceAbstraction,
|
||||
CryptoFunctionServiceAbstraction,
|
||||
StateServiceAbstraction,
|
||||
],
|
||||
},
|
||||
{
|
||||
provide: OrganizationVaultExportServiceAbstraction,
|
||||
useClass: OrganizationVaultExportService,
|
||||
deps: [
|
||||
CipherServiceAbstraction,
|
||||
ApiServiceAbstraction,
|
||||
CryptoServiceAbstraction,
|
||||
CryptoFunctionServiceAbstraction,
|
||||
StateServiceAbstraction,
|
||||
CollectionServiceAbstraction,
|
||||
],
|
||||
},
|
||||
{
|
||||
provide: VaultExportServiceAbstraction,
|
||||
useClass: VaultExportService,
|
||||
deps: [IndividualVaultExportServiceAbstraction, OrganizationVaultExportServiceAbstraction],
|
||||
},
|
||||
{
|
||||
provide: SearchServiceAbstraction,
|
||||
useClass: SearchService,
|
||||
|
||||
@ -1,12 +1,9 @@
|
||||
import { Directive, EventEmitter, OnDestroy, OnInit, Output, ViewChild } from "@angular/core";
|
||||
import { UntypedFormBuilder, Validators } from "@angular/forms";
|
||||
import { concat, map, merge, Observable, startWith, Subject, takeUntil } from "rxjs";
|
||||
import { map, merge, Observable, startWith, Subject, takeUntil } from "rxjs";
|
||||
|
||||
import { EventCollectionService } from "@bitwarden/common/abstractions/event/event-collection.service";
|
||||
import {
|
||||
OrganizationService,
|
||||
canAccessImportExport,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
import { PolicyType } from "@bitwarden/common/admin-console/enums";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
@ -31,6 +28,7 @@ export class ExportComponent implements OnInit, OnDestroy {
|
||||
filePasswordValue: string = null;
|
||||
formPromise: Promise<string>;
|
||||
private _disabledByPolicy = false;
|
||||
|
||||
protected organizationId: string = null;
|
||||
organizations$: Observable<Organization[]>;
|
||||
|
||||
@ -76,13 +74,6 @@ export class ExportComponent implements OnInit, OnDestroy {
|
||||
) {}
|
||||
|
||||
async ngOnInit() {
|
||||
this.organizations$ = concat(
|
||||
this.organizationService.memberOrganizations$.pipe(
|
||||
canAccessImportExport(this.i18nService),
|
||||
map((orgs) => orgs.sort(Utils.getSortFunction(this.i18nService, "name"))),
|
||||
),
|
||||
);
|
||||
|
||||
this.policyService
|
||||
.policyAppliesToActiveUser$(PolicyType.DisablePersonalVaultExport)
|
||||
.pipe(takeUntil(this.destroy$))
|
||||
@ -93,19 +84,6 @@ export class ExportComponent implements OnInit, OnDestroy {
|
||||
}
|
||||
});
|
||||
|
||||
if (this.organizationId) {
|
||||
this.exportForm.controls.vaultSelector.patchValue(this.organizationId);
|
||||
this.exportForm.controls.vaultSelector.disable();
|
||||
} else {
|
||||
this.exportForm.controls.vaultSelector.valueChanges
|
||||
.pipe(takeUntil(this.destroy$))
|
||||
.subscribe((value) => {
|
||||
this.organizationId = value != "myVault" ? value : undefined;
|
||||
});
|
||||
|
||||
this.exportForm.controls.vaultSelector.setValue("myVault");
|
||||
}
|
||||
|
||||
merge(
|
||||
this.exportForm.get("format").valueChanges,
|
||||
this.exportForm.get("fileEncryptionType").valueChanges,
|
||||
@ -113,6 +91,31 @@ export class ExportComponent implements OnInit, OnDestroy {
|
||||
.pipe(takeUntil(this.destroy$))
|
||||
.pipe(startWith(0))
|
||||
.subscribe(() => this.adjustValidators());
|
||||
|
||||
if (this.organizationId) {
|
||||
this.organizations$ = this.organizationService.memberOrganizations$.pipe(
|
||||
map((orgs) => orgs.filter((org) => org.id == this.organizationId)),
|
||||
);
|
||||
this.exportForm.controls.vaultSelector.patchValue(this.organizationId);
|
||||
this.exportForm.controls.vaultSelector.disable();
|
||||
return;
|
||||
}
|
||||
|
||||
this.organizations$ = this.organizationService.memberOrganizations$.pipe(
|
||||
map((orgs) =>
|
||||
orgs
|
||||
.filter((org) => org.flexibleCollections)
|
||||
.sort(Utils.getSortFunction(this.i18nService, "name")),
|
||||
),
|
||||
);
|
||||
|
||||
this.exportForm.controls.vaultSelector.valueChanges
|
||||
.pipe(takeUntil(this.destroy$))
|
||||
.subscribe((value) => {
|
||||
this.organizationId = value != "myVault" ? value : undefined;
|
||||
});
|
||||
|
||||
this.exportForm.controls.vaultSelector.setValue("myVault");
|
||||
}
|
||||
|
||||
ngOnDestroy(): void {
|
||||
@ -188,15 +191,15 @@ export class ExportComponent implements OnInit, OnDestroy {
|
||||
this.onSaved.emit();
|
||||
}
|
||||
|
||||
protected getExportData() {
|
||||
if (
|
||||
this.format === "encrypted_json" &&
|
||||
this.fileEncryptionType === EncryptedExportType.FileEncrypted
|
||||
) {
|
||||
return this.exportService.getPasswordProtectedExport(this.filePassword);
|
||||
} else {
|
||||
return this.exportService.getExport(this.format, null);
|
||||
}
|
||||
protected async getExportData(): Promise<string> {
|
||||
return Utils.isNullOrWhitespace(this.organizationId)
|
||||
? this.exportService.getExport(this.format, this.filePassword)
|
||||
: this.exportService.getOrganizationExport(
|
||||
this.organizationId,
|
||||
this.format,
|
||||
this.filePassword,
|
||||
true,
|
||||
);
|
||||
}
|
||||
|
||||
protected getFileName(prefix?: string) {
|
||||
|
||||
@ -1,2 +1,6 @@
|
||||
export * from "./services/vault-export.service.abstraction";
|
||||
export * from "./services/vault-export.service";
|
||||
export * from "./services/org-vault-export.service.abstraction";
|
||||
export * from "./services/org-vault-export.service";
|
||||
export * from "./services/individual-vault-export.service.abstraction";
|
||||
export * from "./services/individual-vault-export.service";
|
||||
|
||||
@ -0,0 +1,95 @@
|
||||
import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
||||
import { KdfType } from "@bitwarden/common/platform/enums";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||
|
||||
import { BitwardenCsvExportType } from "../bitwarden-csv-export-type";
|
||||
import { BitwardenPasswordProtectedFileFormat } from "../bitwarden-json-export-types";
|
||||
|
||||
export class BaseVaultExportService {
|
||||
constructor(
|
||||
protected cryptoService: CryptoService,
|
||||
private cryptoFunctionService: CryptoFunctionService,
|
||||
private stateService: StateService,
|
||||
) {}
|
||||
|
||||
protected async buildPasswordExport(clearText: string, password: string): Promise<string> {
|
||||
const kdfType: KdfType = await this.stateService.getKdfType();
|
||||
const kdfConfig: KdfConfig = await this.stateService.getKdfConfig();
|
||||
|
||||
const salt = Utils.fromBufferToB64(await this.cryptoFunctionService.randomBytes(16));
|
||||
const key = await this.cryptoService.makePinKey(password, salt, kdfType, kdfConfig);
|
||||
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid(), key);
|
||||
const encText = await this.cryptoService.encrypt(clearText, key);
|
||||
|
||||
const jsonDoc: BitwardenPasswordProtectedFileFormat = {
|
||||
encrypted: true,
|
||||
passwordProtected: true,
|
||||
salt: salt,
|
||||
kdfType: kdfType,
|
||||
kdfIterations: kdfConfig.iterations,
|
||||
kdfMemory: kdfConfig.memory,
|
||||
kdfParallelism: kdfConfig.parallelism,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
data: encText.encryptedString,
|
||||
};
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
|
||||
protected buildCommonCipher(
|
||||
cipher: BitwardenCsvExportType,
|
||||
c: CipherView,
|
||||
): BitwardenCsvExportType {
|
||||
cipher.type = null;
|
||||
cipher.name = c.name;
|
||||
cipher.notes = c.notes;
|
||||
cipher.fields = null;
|
||||
cipher.reprompt = c.reprompt;
|
||||
// Login props
|
||||
cipher.login_uri = null;
|
||||
cipher.login_username = null;
|
||||
cipher.login_password = null;
|
||||
cipher.login_totp = null;
|
||||
|
||||
if (c.fields) {
|
||||
c.fields.forEach((f) => {
|
||||
if (!cipher.fields) {
|
||||
cipher.fields = "";
|
||||
} else {
|
||||
cipher.fields += "\n";
|
||||
}
|
||||
|
||||
cipher.fields += (f.name || "") + ": " + f.value;
|
||||
});
|
||||
}
|
||||
|
||||
switch (c.type) {
|
||||
case CipherType.Login:
|
||||
cipher.type = "login";
|
||||
cipher.login_username = c.login.username;
|
||||
cipher.login_password = c.login.password;
|
||||
cipher.login_totp = c.login.totp;
|
||||
|
||||
if (c.login.uris) {
|
||||
cipher.login_uri = [];
|
||||
c.login.uris.forEach((u) => {
|
||||
cipher.login_uri.push(u.uri);
|
||||
});
|
||||
}
|
||||
break;
|
||||
case CipherType.SecureNote:
|
||||
cipher.type = "note";
|
||||
break;
|
||||
default:
|
||||
return;
|
||||
}
|
||||
|
||||
return cipher;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,6 @@
|
||||
import { ExportFormat } from "./vault-export.service.abstraction";
|
||||
|
||||
export abstract class IndividualVaultExportServiceAbstraction {
|
||||
getExport: (format: ExportFormat) => Promise<string>;
|
||||
getPasswordProtectedExport: (password: string) => Promise<string>;
|
||||
}
|
||||
@ -1,6 +1,5 @@
|
||||
import { mock, MockProxy } from "jest-mock-extended";
|
||||
|
||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||
import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import { CipherWithIdExport } from "@bitwarden/common/models/export/cipher-with-ids.export";
|
||||
import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
|
||||
@ -21,7 +20,7 @@ import { LoginView } from "@bitwarden/common/vault/models/view/login.view";
|
||||
|
||||
import { BuildTestObject, GetUniqueString } from "../../../../common/spec";
|
||||
|
||||
import { VaultExportService } from "./vault-export.service";
|
||||
import { IndividualVaultExportService } from "./individual-vault-export.service";
|
||||
|
||||
const UserCipherViews = [
|
||||
generateCipherView(false),
|
||||
@ -140,8 +139,7 @@ function expectEqualFolders(folders: Folder[], jsonResult: string) {
|
||||
}
|
||||
|
||||
describe("VaultExportService", () => {
|
||||
let exportService: VaultExportService;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let exportService: IndividualVaultExportService;
|
||||
let cryptoFunctionService: MockProxy<CryptoFunctionService>;
|
||||
let cipherService: MockProxy<CipherService>;
|
||||
let folderService: MockProxy<FolderService>;
|
||||
@ -149,7 +147,6 @@ describe("VaultExportService", () => {
|
||||
let stateService: MockProxy<StateService>;
|
||||
|
||||
beforeEach(() => {
|
||||
apiService = mock<ApiService>();
|
||||
cryptoFunctionService = mock<CryptoFunctionService>();
|
||||
cipherService = mock<CipherService>();
|
||||
folderService = mock<FolderService>();
|
||||
@ -162,10 +159,9 @@ describe("VaultExportService", () => {
|
||||
stateService.getKdfConfig.mockResolvedValue(new KdfConfig(PBKDF2_ITERATIONS.defaultValue));
|
||||
cryptoService.encrypt.mockResolvedValue(new EncString("encrypted"));
|
||||
|
||||
exportService = new VaultExportService(
|
||||
exportService = new IndividualVaultExportService(
|
||||
folderService,
|
||||
cipherService,
|
||||
apiService,
|
||||
cryptoService,
|
||||
cryptoFunctionService,
|
||||
stateService,
|
||||
@ -0,0 +1,185 @@
|
||||
import * as papa from "papaparse";
|
||||
|
||||
import { CipherWithIdExport, FolderWithIdExport } from "@bitwarden/common/models/export";
|
||||
import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||
import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||
import { Folder } from "@bitwarden/common/vault/models/domain/folder";
|
||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||
import { FolderView } from "@bitwarden/common/vault/models/view/folder.view";
|
||||
|
||||
import { BitwardenCsvIndividualExportType } from "../bitwarden-csv-export-type";
|
||||
import {
|
||||
BitwardenEncryptedIndividualJsonExport,
|
||||
BitwardenUnEncryptedIndividualJsonExport,
|
||||
} from "../bitwarden-json-export-types";
|
||||
|
||||
import { BaseVaultExportService } from "./base-vault-export.service";
|
||||
import { IndividualVaultExportServiceAbstraction } from "./individual-vault-export.service.abstraction";
|
||||
import { ExportFormat } from "./vault-export.service.abstraction";
|
||||
|
||||
export class IndividualVaultExportService
|
||||
extends BaseVaultExportService
|
||||
implements IndividualVaultExportServiceAbstraction
|
||||
{
|
||||
constructor(
|
||||
private folderService: FolderService,
|
||||
private cipherService: CipherService,
|
||||
cryptoService: CryptoService,
|
||||
cryptoFunctionService: CryptoFunctionService,
|
||||
stateService: StateService,
|
||||
) {
|
||||
super(cryptoService, cryptoFunctionService, stateService);
|
||||
}
|
||||
|
||||
async getExport(format: ExportFormat = "csv"): Promise<string> {
|
||||
if (format === "encrypted_json") {
|
||||
return this.getEncryptedExport();
|
||||
}
|
||||
return this.getDecryptedExport(format);
|
||||
}
|
||||
|
||||
async getPasswordProtectedExport(password: string): Promise<string> {
|
||||
const clearText = await this.getExport("json");
|
||||
return this.buildPasswordExport(clearText, password);
|
||||
}
|
||||
|
||||
private async getDecryptedExport(format: "json" | "csv"): Promise<string> {
|
||||
let decFolders: FolderView[] = [];
|
||||
let decCiphers: CipherView[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.folderService.getAllDecryptedFromState().then((folders) => {
|
||||
decFolders = folders;
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAllDecrypted().then((ciphers) => {
|
||||
decCiphers = ciphers.filter((f) => f.deletedDate == null);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
if (format === "csv") {
|
||||
return this.buildCsvExport(decFolders, decCiphers);
|
||||
}
|
||||
|
||||
return this.buildJsonExport(decFolders, decCiphers);
|
||||
}
|
||||
|
||||
private async getEncryptedExport(): Promise<string> {
|
||||
let folders: Folder[] = [];
|
||||
let ciphers: Cipher[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.folderService.getAllFromState().then((f) => {
|
||||
folders = f;
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAll().then((c) => {
|
||||
ciphers = c.filter((f) => f.deletedDate == null);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid());
|
||||
|
||||
const jsonDoc: BitwardenEncryptedIndividualJsonExport = {
|
||||
encrypted: true,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
folders: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
folders.forEach((f) => {
|
||||
if (f.id == null) {
|
||||
return;
|
||||
}
|
||||
const folder = new FolderWithIdExport();
|
||||
folder.build(f);
|
||||
jsonDoc.folders.push(folder);
|
||||
});
|
||||
|
||||
ciphers.forEach((c) => {
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
cipher.collectionIds = null;
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
|
||||
private buildCsvExport(decFolders: FolderView[], decCiphers: CipherView[]): string {
|
||||
const foldersMap = new Map<string, FolderView>();
|
||||
decFolders.forEach((f) => {
|
||||
if (f.id != null) {
|
||||
foldersMap.set(f.id, f);
|
||||
}
|
||||
});
|
||||
|
||||
const exportCiphers: BitwardenCsvIndividualExportType[] = [];
|
||||
decCiphers.forEach((c) => {
|
||||
// only export logins and secure notes
|
||||
if (c.type !== CipherType.Login && c.type !== CipherType.SecureNote) {
|
||||
return;
|
||||
}
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
|
||||
const cipher = {} as BitwardenCsvIndividualExportType;
|
||||
cipher.folder =
|
||||
c.folderId != null && foldersMap.has(c.folderId) ? foldersMap.get(c.folderId).name : null;
|
||||
cipher.favorite = c.favorite ? 1 : null;
|
||||
this.buildCommonCipher(cipher, c);
|
||||
exportCiphers.push(cipher);
|
||||
});
|
||||
|
||||
return papa.unparse(exportCiphers);
|
||||
}
|
||||
|
||||
private buildJsonExport(decFolders: FolderView[], decCiphers: CipherView[]): string {
|
||||
const jsonDoc: BitwardenUnEncryptedIndividualJsonExport = {
|
||||
encrypted: false,
|
||||
folders: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
decFolders.forEach((f) => {
|
||||
if (f.id == null) {
|
||||
return;
|
||||
}
|
||||
const folder = new FolderWithIdExport();
|
||||
folder.build(f);
|
||||
jsonDoc.folders.push(folder);
|
||||
});
|
||||
|
||||
decCiphers.forEach((c) => {
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
cipher.collectionIds = null;
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,14 @@
|
||||
import { ExportFormat } from "./vault-export.service.abstraction";
|
||||
|
||||
export abstract class OrganizationVaultExportServiceAbstraction {
|
||||
getPasswordProtectedExport: (
|
||||
organizationId: string,
|
||||
password: string,
|
||||
onlyManagedCollections: boolean,
|
||||
) => Promise<string>;
|
||||
getOrganizationExport: (
|
||||
organizationId: string,
|
||||
format: ExportFormat,
|
||||
onlyManagedCollections: boolean,
|
||||
) => Promise<string>;
|
||||
}
|
||||
@ -0,0 +1,304 @@
|
||||
import * as papa from "papaparse";
|
||||
|
||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||
import { CipherWithIdExport, CollectionWithIdExport } from "@bitwarden/common/models/export";
|
||||
import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||
import { CollectionService } from "@bitwarden/common/vault/abstractions/collection.service";
|
||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||
import { CipherData } from "@bitwarden/common/vault/models/data/cipher.data";
|
||||
import { CollectionData } from "@bitwarden/common/vault/models/data/collection.data";
|
||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||
import { Collection } from "@bitwarden/common/vault/models/domain/collection";
|
||||
import { CollectionDetailsResponse } from "@bitwarden/common/vault/models/response/collection.response";
|
||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
|
||||
|
||||
import { BitwardenCsvOrgExportType } from "../bitwarden-csv-export-type";
|
||||
import {
|
||||
BitwardenEncryptedOrgJsonExport,
|
||||
BitwardenUnEncryptedOrgJsonExport,
|
||||
} from "../bitwarden-json-export-types";
|
||||
|
||||
import { BaseVaultExportService } from "./base-vault-export.service";
|
||||
import { OrganizationVaultExportServiceAbstraction } from "./org-vault-export.service.abstraction";
|
||||
import { ExportFormat } from "./vault-export.service.abstraction";
|
||||
|
||||
export class OrganizationVaultExportService
|
||||
extends BaseVaultExportService
|
||||
implements OrganizationVaultExportServiceAbstraction
|
||||
{
|
||||
constructor(
|
||||
private cipherService: CipherService,
|
||||
private apiService: ApiService,
|
||||
cryptoService: CryptoService,
|
||||
cryptoFunctionService: CryptoFunctionService,
|
||||
stateService: StateService,
|
||||
private collectionService: CollectionService,
|
||||
) {
|
||||
super(cryptoService, cryptoFunctionService, stateService);
|
||||
}
|
||||
|
||||
async getPasswordProtectedExport(
|
||||
organizationId: string,
|
||||
password: string,
|
||||
onlyManagedCollections: boolean,
|
||||
): Promise<string> {
|
||||
const clearText = await this.getOrganizationExport(
|
||||
organizationId,
|
||||
"json",
|
||||
onlyManagedCollections,
|
||||
);
|
||||
|
||||
return this.buildPasswordExport(clearText, password);
|
||||
}
|
||||
|
||||
async getOrganizationExport(
|
||||
organizationId: string,
|
||||
format: ExportFormat = "csv",
|
||||
onlyManagedCollections: boolean,
|
||||
): Promise<string> {
|
||||
if (Utils.isNullOrWhitespace(organizationId)) {
|
||||
throw new Error("OrganizationId must be set");
|
||||
}
|
||||
|
||||
if (format === "encrypted_json") {
|
||||
return onlyManagedCollections
|
||||
? this.getEncryptedManagedExport(organizationId)
|
||||
: this.getOrganizationEncryptedExport(organizationId);
|
||||
}
|
||||
|
||||
return onlyManagedCollections
|
||||
? this.getDecryptedManagedExport(organizationId, format)
|
||||
: this.getOrganizationDecryptedExport(organizationId, format);
|
||||
}
|
||||
|
||||
private async getOrganizationDecryptedExport(
|
||||
organizationId: string,
|
||||
format: "json" | "csv",
|
||||
): Promise<string> {
|
||||
const decCollections: CollectionView[] = [];
|
||||
const decCiphers: CipherView[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.apiService.getOrganizationExport(organizationId).then((exportData) => {
|
||||
const exportPromises: any = [];
|
||||
if (exportData != null) {
|
||||
if (exportData.collections != null && exportData.collections.length > 0) {
|
||||
exportData.collections.forEach((c) => {
|
||||
const collection = new Collection(new CollectionData(c as CollectionDetailsResponse));
|
||||
exportPromises.push(
|
||||
collection.decrypt().then((decCol) => {
|
||||
decCollections.push(decCol);
|
||||
}),
|
||||
);
|
||||
});
|
||||
}
|
||||
if (exportData.ciphers != null && exportData.ciphers.length > 0) {
|
||||
exportData.ciphers
|
||||
.filter((c) => c.deletedDate === null)
|
||||
.forEach(async (c) => {
|
||||
const cipher = new Cipher(new CipherData(c));
|
||||
exportPromises.push(
|
||||
this.cipherService
|
||||
.getKeyForCipherKeyDecryption(cipher)
|
||||
.then((key) => cipher.decrypt(key))
|
||||
.then((decCipher) => {
|
||||
decCiphers.push(decCipher);
|
||||
}),
|
||||
);
|
||||
});
|
||||
}
|
||||
}
|
||||
return Promise.all(exportPromises);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
if (format === "csv") {
|
||||
return this.buildCsvExport(decCollections, decCiphers);
|
||||
}
|
||||
return this.buildJsonExport(decCollections, decCiphers);
|
||||
}
|
||||
|
||||
private async getOrganizationEncryptedExport(organizationId: string): Promise<string> {
|
||||
const collections: Collection[] = [];
|
||||
const ciphers: Cipher[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.apiService.getCollections(organizationId).then((c) => {
|
||||
if (c != null && c.data != null && c.data.length > 0) {
|
||||
c.data.forEach((r) => {
|
||||
const collection = new Collection(new CollectionData(r as CollectionDetailsResponse));
|
||||
collections.push(collection);
|
||||
});
|
||||
}
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.apiService.getCiphersOrganization(organizationId).then((c) => {
|
||||
if (c != null && c.data != null && c.data.length > 0) {
|
||||
c.data
|
||||
.filter((item) => item.deletedDate === null)
|
||||
.forEach((item) => {
|
||||
const cipher = new Cipher(new CipherData(item));
|
||||
ciphers.push(cipher);
|
||||
});
|
||||
}
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
return this.BuildEncryptedExport(organizationId, collections, ciphers);
|
||||
}
|
||||
|
||||
private async getDecryptedManagedExport(
|
||||
organizationId: string,
|
||||
format: "json" | "csv",
|
||||
): Promise<string> {
|
||||
let decCiphers: CipherView[] = [];
|
||||
let allDecCiphers: CipherView[] = [];
|
||||
let decCollections: CollectionView[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.collectionService.getAllDecrypted().then(async (collections) => {
|
||||
decCollections = collections.filter((c) => c.organizationId == organizationId && c.manage);
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAllDecrypted().then((ciphers) => {
|
||||
allDecCiphers = ciphers;
|
||||
}),
|
||||
);
|
||||
await Promise.all(promises);
|
||||
|
||||
decCiphers = allDecCiphers.filter(
|
||||
(f) =>
|
||||
f.deletedDate == null &&
|
||||
f.organizationId == organizationId &&
|
||||
decCollections.some((dC) => f.collectionIds.some((cId) => dC.id === cId)),
|
||||
);
|
||||
|
||||
if (format === "csv") {
|
||||
return this.buildCsvExport(decCollections, decCiphers);
|
||||
}
|
||||
return this.buildJsonExport(decCollections, decCiphers);
|
||||
}
|
||||
|
||||
private async getEncryptedManagedExport(organizationId: string): Promise<string> {
|
||||
let encCiphers: Cipher[] = [];
|
||||
let allCiphers: Cipher[] = [];
|
||||
let encCollections: Collection[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.collectionService.getAll().then((collections) => {
|
||||
encCollections = collections.filter((c) => c.organizationId == organizationId && c.manage);
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAll().then((ciphers) => {
|
||||
allCiphers = ciphers;
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
encCiphers = allCiphers.filter(
|
||||
(f) =>
|
||||
f.deletedDate == null &&
|
||||
f.organizationId == organizationId &&
|
||||
encCollections.some((eC) => f.collectionIds.some((cId) => eC.id === cId)),
|
||||
);
|
||||
|
||||
return this.BuildEncryptedExport(organizationId, encCollections, encCiphers);
|
||||
}
|
||||
|
||||
private async BuildEncryptedExport(
|
||||
organizationId: string,
|
||||
collections: Collection[],
|
||||
ciphers: Cipher[],
|
||||
): Promise<string> {
|
||||
const orgKey = await this.cryptoService.getOrgKey(organizationId);
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid(), orgKey);
|
||||
|
||||
const jsonDoc: BitwardenEncryptedOrgJsonExport = {
|
||||
encrypted: true,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
collections: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
collections.forEach((c) => {
|
||||
const collection = new CollectionWithIdExport();
|
||||
collection.build(c);
|
||||
jsonDoc.collections.push(collection);
|
||||
});
|
||||
|
||||
ciphers.forEach((c) => {
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
|
||||
private buildCsvExport(decCollections: CollectionView[], decCiphers: CipherView[]): string {
|
||||
const collectionsMap = new Map<string, CollectionView>();
|
||||
decCollections.forEach((c) => {
|
||||
collectionsMap.set(c.id, c);
|
||||
});
|
||||
|
||||
const exportCiphers: BitwardenCsvOrgExportType[] = [];
|
||||
decCiphers.forEach((c) => {
|
||||
// only export logins and secure notes
|
||||
if (c.type !== CipherType.Login && c.type !== CipherType.SecureNote) {
|
||||
return;
|
||||
}
|
||||
|
||||
const cipher = {} as BitwardenCsvOrgExportType;
|
||||
cipher.collections = [];
|
||||
if (c.collectionIds != null) {
|
||||
cipher.collections = c.collectionIds
|
||||
.filter((id) => collectionsMap.has(id))
|
||||
.map((id) => collectionsMap.get(id).name);
|
||||
}
|
||||
this.buildCommonCipher(cipher, c);
|
||||
exportCiphers.push(cipher);
|
||||
});
|
||||
|
||||
return papa.unparse(exportCiphers);
|
||||
}
|
||||
|
||||
private buildJsonExport(decCollections: CollectionView[], decCiphers: CipherView[]): string {
|
||||
const jsonDoc: BitwardenUnEncryptedOrgJsonExport = {
|
||||
encrypted: false,
|
||||
collections: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
decCollections.forEach((c) => {
|
||||
const collection = new CollectionWithIdExport();
|
||||
collection.build(c);
|
||||
jsonDoc.collections.push(collection);
|
||||
});
|
||||
|
||||
decCiphers.forEach((c) => {
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
}
|
||||
@ -2,8 +2,12 @@ export const EXPORT_FORMATS = ["csv", "json", "encrypted_json"] as const;
|
||||
export type ExportFormat = (typeof EXPORT_FORMATS)[number];
|
||||
|
||||
export abstract class VaultExportServiceAbstraction {
|
||||
getExport: (format?: ExportFormat, organizationId?: string) => Promise<string>;
|
||||
getPasswordProtectedExport: (password: string, organizationId?: string) => Promise<string>;
|
||||
getOrganizationExport: (organizationId: string, format?: ExportFormat) => Promise<string>;
|
||||
getExport: (format: ExportFormat, password: string) => Promise<string>;
|
||||
getOrganizationExport: (
|
||||
organizationId: string,
|
||||
format: ExportFormat,
|
||||
password: string,
|
||||
onlyManagedCollections?: boolean,
|
||||
) => Promise<string>;
|
||||
getFileName: (prefix?: string, extension?: string) => string;
|
||||
}
|
||||
|
||||
@ -1,429 +1,54 @@
|
||||
import * as papa from "papaparse";
|
||||
|
||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||
import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
|
||||
import {
|
||||
CipherWithIdExport,
|
||||
CollectionWithIdExport,
|
||||
FolderWithIdExport,
|
||||
} from "@bitwarden/common/models/export";
|
||||
import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
|
||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
||||
import { KdfType } from "@bitwarden/common/platform/enums";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||
import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||
import { CipherData } from "@bitwarden/common/vault/models/data/cipher.data";
|
||||
import { CollectionData } from "@bitwarden/common/vault/models/data/collection.data";
|
||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||
import { Collection } from "@bitwarden/common/vault/models/domain/collection";
|
||||
import { Folder } from "@bitwarden/common/vault/models/domain/folder";
|
||||
import { CollectionDetailsResponse } from "@bitwarden/common/vault/models/response/collection.response";
|
||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
|
||||
import { FolderView } from "@bitwarden/common/vault/models/view/folder.view";
|
||||
|
||||
import { ExportHelper } from "../../export-helper";
|
||||
import {
|
||||
BitwardenCsvExportType,
|
||||
BitwardenCsvIndividualExportType,
|
||||
BitwardenCsvOrgExportType,
|
||||
} from "../bitwarden-csv-export-type";
|
||||
import {
|
||||
BitwardenEncryptedIndividualJsonExport,
|
||||
BitwardenEncryptedOrgJsonExport,
|
||||
BitwardenUnEncryptedIndividualJsonExport,
|
||||
BitwardenUnEncryptedOrgJsonExport,
|
||||
BitwardenPasswordProtectedFileFormat,
|
||||
} from "../bitwarden-json-export-types";
|
||||
|
||||
import { IndividualVaultExportServiceAbstraction } from "./individual-vault-export.service.abstraction";
|
||||
import { OrganizationVaultExportServiceAbstraction } from "./org-vault-export.service.abstraction";
|
||||
import { ExportFormat, VaultExportServiceAbstraction } from "./vault-export.service.abstraction";
|
||||
|
||||
export class VaultExportService implements VaultExportServiceAbstraction {
|
||||
constructor(
|
||||
private folderService: FolderService,
|
||||
private cipherService: CipherService,
|
||||
private apiService: ApiService,
|
||||
private cryptoService: CryptoService,
|
||||
private cryptoFunctionService: CryptoFunctionService,
|
||||
private stateService: StateService,
|
||||
private individualVaultExportService: IndividualVaultExportServiceAbstraction,
|
||||
private organizationVaultExportService: OrganizationVaultExportServiceAbstraction,
|
||||
) {}
|
||||
|
||||
async getExport(format: ExportFormat = "csv", organizationId?: string): Promise<string> {
|
||||
if (organizationId) {
|
||||
return await this.getOrganizationExport(organizationId, format);
|
||||
async getExport(format: ExportFormat = "csv", password: string): Promise<string> {
|
||||
if (!Utils.isNullOrWhitespace(password)) {
|
||||
if (format == "csv") {
|
||||
throw new Error("CSV does not support password protected export");
|
||||
}
|
||||
|
||||
if (format === "encrypted_json") {
|
||||
return this.getEncryptedExport();
|
||||
} else {
|
||||
return this.getDecryptedExport(format);
|
||||
return this.individualVaultExportService.getPasswordProtectedExport(password);
|
||||
}
|
||||
}
|
||||
|
||||
async getPasswordProtectedExport(password: string, organizationId?: string): Promise<string> {
|
||||
const clearText = organizationId
|
||||
? await this.getOrganizationExport(organizationId, "json")
|
||||
: await this.getExport("json");
|
||||
|
||||
const kdfType: KdfType = await this.stateService.getKdfType();
|
||||
const kdfConfig: KdfConfig = await this.stateService.getKdfConfig();
|
||||
|
||||
const salt = Utils.fromBufferToB64(await this.cryptoFunctionService.randomBytes(16));
|
||||
const key = await this.cryptoService.makePinKey(password, salt, kdfType, kdfConfig);
|
||||
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid(), key);
|
||||
const encText = await this.cryptoService.encrypt(clearText, key);
|
||||
|
||||
const jsonDoc: BitwardenPasswordProtectedFileFormat = {
|
||||
encrypted: true,
|
||||
passwordProtected: true,
|
||||
salt: salt,
|
||||
kdfType: kdfType,
|
||||
kdfIterations: kdfConfig.iterations,
|
||||
kdfMemory: kdfConfig.memory,
|
||||
kdfParallelism: kdfConfig.parallelism,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
data: encText.encryptedString,
|
||||
};
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
return this.individualVaultExportService.getExport(format);
|
||||
}
|
||||
|
||||
async getOrganizationExport(
|
||||
organizationId: string,
|
||||
format: ExportFormat = "csv",
|
||||
format: ExportFormat,
|
||||
password: string,
|
||||
onlyManagedCollections = false,
|
||||
): Promise<string> {
|
||||
if (format === "encrypted_json") {
|
||||
return this.getOrganizationEncryptedExport(organizationId);
|
||||
} else {
|
||||
return this.getOrganizationDecryptedExport(organizationId, format);
|
||||
if (!Utils.isNullOrWhitespace(password)) {
|
||||
if (format == "csv") {
|
||||
throw new Error("CSV does not support password protected export");
|
||||
}
|
||||
|
||||
return this.organizationVaultExportService.getPasswordProtectedExport(
|
||||
organizationId,
|
||||
password,
|
||||
onlyManagedCollections,
|
||||
);
|
||||
}
|
||||
|
||||
return this.organizationVaultExportService.getOrganizationExport(
|
||||
organizationId,
|
||||
format,
|
||||
onlyManagedCollections,
|
||||
);
|
||||
}
|
||||
|
||||
getFileName(prefix: string = null, extension = "csv"): string {
|
||||
return ExportHelper.getFileName(prefix, extension);
|
||||
}
|
||||
|
||||
private async getDecryptedExport(format: "json" | "csv"): Promise<string> {
|
||||
let decFolders: FolderView[] = [];
|
||||
let decCiphers: CipherView[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.folderService.getAllDecryptedFromState().then((folders) => {
|
||||
decFolders = folders;
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAllDecrypted().then((ciphers) => {
|
||||
decCiphers = ciphers.filter((f) => f.deletedDate == null);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
if (format === "csv") {
|
||||
const foldersMap = new Map<string, FolderView>();
|
||||
decFolders.forEach((f) => {
|
||||
if (f.id != null) {
|
||||
foldersMap.set(f.id, f);
|
||||
}
|
||||
});
|
||||
|
||||
const exportCiphers: BitwardenCsvIndividualExportType[] = [];
|
||||
decCiphers.forEach((c) => {
|
||||
// only export logins and secure notes
|
||||
if (c.type !== CipherType.Login && c.type !== CipherType.SecureNote) {
|
||||
return;
|
||||
}
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
|
||||
const cipher = {} as BitwardenCsvIndividualExportType;
|
||||
cipher.folder =
|
||||
c.folderId != null && foldersMap.has(c.folderId) ? foldersMap.get(c.folderId).name : null;
|
||||
cipher.favorite = c.favorite ? 1 : null;
|
||||
this.buildCommonCipher(cipher, c);
|
||||
exportCiphers.push(cipher);
|
||||
});
|
||||
|
||||
return papa.unparse(exportCiphers);
|
||||
} else {
|
||||
const jsonDoc: BitwardenUnEncryptedIndividualJsonExport = {
|
||||
encrypted: false,
|
||||
folders: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
decFolders.forEach((f) => {
|
||||
if (f.id == null) {
|
||||
return;
|
||||
}
|
||||
const folder = new FolderWithIdExport();
|
||||
folder.build(f);
|
||||
jsonDoc.folders.push(folder);
|
||||
});
|
||||
|
||||
decCiphers.forEach((c) => {
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
cipher.collectionIds = null;
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
}
|
||||
|
||||
private async getEncryptedExport(): Promise<string> {
|
||||
let folders: Folder[] = [];
|
||||
let ciphers: Cipher[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.folderService.getAllFromState().then((f) => {
|
||||
folders = f;
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.cipherService.getAll().then((c) => {
|
||||
ciphers = c.filter((f) => f.deletedDate == null);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid());
|
||||
|
||||
const jsonDoc: BitwardenEncryptedIndividualJsonExport = {
|
||||
encrypted: true,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
folders: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
folders.forEach((f) => {
|
||||
if (f.id == null) {
|
||||
return;
|
||||
}
|
||||
const folder = new FolderWithIdExport();
|
||||
folder.build(f);
|
||||
jsonDoc.folders.push(folder);
|
||||
});
|
||||
|
||||
ciphers.forEach((c) => {
|
||||
if (c.organizationId != null) {
|
||||
return;
|
||||
}
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
cipher.collectionIds = null;
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
|
||||
private async getOrganizationDecryptedExport(
|
||||
organizationId: string,
|
||||
format: "json" | "csv",
|
||||
): Promise<string> {
|
||||
const decCollections: CollectionView[] = [];
|
||||
const decCiphers: CipherView[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.apiService.getOrganizationExport(organizationId).then((exportData) => {
|
||||
const exportPromises: any = [];
|
||||
if (exportData != null) {
|
||||
if (exportData.collections != null && exportData.collections.length > 0) {
|
||||
exportData.collections.forEach((c) => {
|
||||
const collection = new Collection(new CollectionData(c as CollectionDetailsResponse));
|
||||
exportPromises.push(
|
||||
collection.decrypt().then((decCol) => {
|
||||
decCollections.push(decCol);
|
||||
}),
|
||||
);
|
||||
});
|
||||
}
|
||||
if (exportData.ciphers != null && exportData.ciphers.length > 0) {
|
||||
exportData.ciphers
|
||||
.filter((c) => c.deletedDate === null)
|
||||
.forEach(async (c) => {
|
||||
const cipher = new Cipher(new CipherData(c));
|
||||
exportPromises.push(
|
||||
this.cipherService
|
||||
.getKeyForCipherKeyDecryption(cipher)
|
||||
.then((key) => cipher.decrypt(key))
|
||||
.then((decCipher) => {
|
||||
decCiphers.push(decCipher);
|
||||
}),
|
||||
);
|
||||
});
|
||||
}
|
||||
}
|
||||
return Promise.all(exportPromises);
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
if (format === "csv") {
|
||||
const collectionsMap = new Map<string, CollectionView>();
|
||||
decCollections.forEach((c) => {
|
||||
collectionsMap.set(c.id, c);
|
||||
});
|
||||
|
||||
const exportCiphers: BitwardenCsvOrgExportType[] = [];
|
||||
decCiphers.forEach((c) => {
|
||||
// only export logins and secure notes
|
||||
if (c.type !== CipherType.Login && c.type !== CipherType.SecureNote) {
|
||||
return;
|
||||
}
|
||||
|
||||
const cipher = {} as BitwardenCsvOrgExportType;
|
||||
cipher.collections = [];
|
||||
if (c.collectionIds != null) {
|
||||
cipher.collections = c.collectionIds
|
||||
.filter((id) => collectionsMap.has(id))
|
||||
.map((id) => collectionsMap.get(id).name);
|
||||
}
|
||||
this.buildCommonCipher(cipher, c);
|
||||
exportCiphers.push(cipher);
|
||||
});
|
||||
|
||||
return papa.unparse(exportCiphers);
|
||||
} else {
|
||||
const jsonDoc: BitwardenUnEncryptedOrgJsonExport = {
|
||||
encrypted: false,
|
||||
collections: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
decCollections.forEach((c) => {
|
||||
const collection = new CollectionWithIdExport();
|
||||
collection.build(c);
|
||||
jsonDoc.collections.push(collection);
|
||||
});
|
||||
|
||||
decCiphers.forEach((c) => {
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
}
|
||||
|
||||
private async getOrganizationEncryptedExport(organizationId: string): Promise<string> {
|
||||
const collections: Collection[] = [];
|
||||
const ciphers: Cipher[] = [];
|
||||
const promises = [];
|
||||
|
||||
promises.push(
|
||||
this.apiService.getCollections(organizationId).then((c) => {
|
||||
if (c != null && c.data != null && c.data.length > 0) {
|
||||
c.data.forEach((r) => {
|
||||
const collection = new Collection(new CollectionData(r as CollectionDetailsResponse));
|
||||
collections.push(collection);
|
||||
});
|
||||
}
|
||||
}),
|
||||
);
|
||||
|
||||
promises.push(
|
||||
this.apiService.getCiphersOrganization(organizationId).then((c) => {
|
||||
if (c != null && c.data != null && c.data.length > 0) {
|
||||
c.data
|
||||
.filter((item) => item.deletedDate === null)
|
||||
.forEach((item) => {
|
||||
const cipher = new Cipher(new CipherData(item));
|
||||
ciphers.push(cipher);
|
||||
});
|
||||
}
|
||||
}),
|
||||
);
|
||||
|
||||
await Promise.all(promises);
|
||||
|
||||
const orgKey = await this.cryptoService.getOrgKey(organizationId);
|
||||
const encKeyValidation = await this.cryptoService.encrypt(Utils.newGuid(), orgKey);
|
||||
|
||||
const jsonDoc: BitwardenEncryptedOrgJsonExport = {
|
||||
encrypted: true,
|
||||
encKeyValidation_DO_NOT_EDIT: encKeyValidation.encryptedString,
|
||||
collections: [],
|
||||
items: [],
|
||||
};
|
||||
|
||||
collections.forEach((c) => {
|
||||
const collection = new CollectionWithIdExport();
|
||||
collection.build(c);
|
||||
jsonDoc.collections.push(collection);
|
||||
});
|
||||
|
||||
ciphers.forEach((c) => {
|
||||
const cipher = new CipherWithIdExport();
|
||||
cipher.build(c);
|
||||
jsonDoc.items.push(cipher);
|
||||
});
|
||||
return JSON.stringify(jsonDoc, null, " ");
|
||||
}
|
||||
|
||||
private buildCommonCipher(cipher: BitwardenCsvExportType, c: CipherView): BitwardenCsvExportType {
|
||||
cipher.type = null;
|
||||
cipher.name = c.name;
|
||||
cipher.notes = c.notes;
|
||||
cipher.fields = null;
|
||||
cipher.reprompt = c.reprompt;
|
||||
// Login props
|
||||
cipher.login_uri = null;
|
||||
cipher.login_username = null;
|
||||
cipher.login_password = null;
|
||||
cipher.login_totp = null;
|
||||
|
||||
if (c.fields) {
|
||||
c.fields.forEach((f) => {
|
||||
if (!cipher.fields) {
|
||||
cipher.fields = "";
|
||||
} else {
|
||||
cipher.fields += "\n";
|
||||
}
|
||||
|
||||
cipher.fields += (f.name || "") + ": " + f.value;
|
||||
});
|
||||
}
|
||||
|
||||
switch (c.type) {
|
||||
case CipherType.Login:
|
||||
cipher.type = "login";
|
||||
cipher.login_username = c.login.username;
|
||||
cipher.login_password = c.login.password;
|
||||
cipher.login_totp = c.login.totp;
|
||||
|
||||
if (c.login.uris) {
|
||||
cipher.login_uri = [];
|
||||
c.login.uris.forEach((u) => {
|
||||
cipher.login_uri.push(u.uri);
|
||||
});
|
||||
}
|
||||
break;
|
||||
case CipherType.SecureNote:
|
||||
cipher.type = "note";
|
||||
break;
|
||||
default:
|
||||
return;
|
||||
}
|
||||
|
||||
return cipher;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user