1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-22 11:45:59 +01:00

[PM-1803] Fail on unsupported export format (#5197)

* Fail on unsupported export format

Issue #5194: https://github.com/bitwarden/clients/issues/5194

The cli previously would take any value for the export format and
default to unencrypted json if it wasn't a supported format. This
behavior is a little dangerous because if for instance typed
"json_encrypted" instead of "encrypted_json" and naively saved the file
you might be surprised to learn the payload was not actually encrypted
even though the command completed successfully.

This change adds a guard clause when converting the string value passed
in via `--format` into the type `ExportFormat` to ensure that the format
provided is one of the supported types.

* Move isSupportedExportFormat to private method
This commit is contained in:
Andrew Jorgensen 2023-04-17 15:54:03 -04:00 committed by GitHub
parent d605187de8
commit d77f77cea9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 3 deletions

View File

@ -1,7 +1,11 @@
import * as program from "commander"; import * as program from "commander";
import * as inquirer from "inquirer"; import * as inquirer from "inquirer";
import { ExportFormat, ExportService } from "@bitwarden/common/abstractions/export.service"; import {
ExportFormat,
ExportService,
EXPORT_FORMATS,
} from "@bitwarden/common/abstractions/export.service";
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
import { PolicyType } from "@bitwarden/common/admin-console/enums"; import { PolicyType } from "@bitwarden/common/admin-console/enums";
import { Utils } from "@bitwarden/common/misc/utils"; import { Utils } from "@bitwarden/common/misc/utils";
@ -23,6 +27,13 @@ export class ExportCommand {
} }
const format = options.format ?? "csv"; const format = options.format ?? "csv";
if (!this.isSupportedExportFormat(format)) {
return Response.badRequest(
`'${format}' is not a supported export format. Supported formats: ${EXPORT_FORMATS.join(
", "
)}.`
);
}
if (options.organizationid != null && !Utils.isGuid(options.organizationid)) { if (options.organizationid != null && !Utils.isGuid(options.organizationid)) {
return Response.error("`" + options.organizationid + "` is not a GUID."); return Response.error("`" + options.organizationid + "` is not a GUID.");
@ -94,4 +105,8 @@ export class ExportCommand {
} }
return null; return null;
} }
private isSupportedExportFormat(format: string): format is ExportFormat {
return EXPORT_FORMATS.includes(format as ExportFormat);
}
} }

View File

@ -1,7 +1,7 @@
import { EventView } from "../models/view/event.view"; import { EventView } from "../models/view/event.view";
export type ExportFormat = "csv" | "json" | "encrypted_json"; export const EXPORT_FORMATS = ["csv", "json", "encrypted_json"] as const;
export type ExportFormat = (typeof EXPORT_FORMATS)[number];
export abstract class ExportService { export abstract class ExportService {
getExport: (format?: ExportFormat, organizationId?: string) => Promise<string>; getExport: (format?: ExportFormat, organizationId?: string) => Promise<string>;
getPasswordProtectedExport: (password: string, organizationId?: string) => Promise<string>; getPasswordProtectedExport: (password: string, organizationId?: string) => Promise<string>;