mirror of
https://github.com/bitwarden/server.git
synced 2025-01-22 21:51:22 +01:00
admin login apis
This commit is contained in:
Kyle Spearrin
parent
44883091f6
commit
8458022a58
@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Authorization;
|
||||
using Bit.Core.Models.Api;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core;
|
||||
|
||||
namespace Bit.Api.Controllers
|
||||
{
|
||||
@ -19,15 +20,18 @@ namespace Bit.Api.Controllers
|
||||
private readonly ICipherRepository _cipherRepository;
|
||||
private readonly ICipherService _cipherService;
|
||||
private readonly IUserService _userService;
|
||||
private readonly CurrentContext _currentContext;
|
||||
|
||||
public LoginsController(
|
||||
ICipherRepository cipherRepository,
|
||||
ICipherService cipherService,
|
||||
IUserService userService)
|
||||
IUserService userService,
|
||||
CurrentContext currentContext)
|
||||
{
|
||||
_cipherRepository = cipherRepository;
|
||||
_cipherService = cipherService;
|
||||
_userService = userService;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
@ -44,6 +48,20 @@ namespace Bit.Api.Controllers
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpGet("{id}/admin")]
|
||||
public async Task<LoginResponseModel> GetAdmin(string id)
|
||||
{
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id));
|
||||
if(login == null || !login.OrganizationId.HasValue ||
|
||||
!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpGet("")]
|
||||
public async Task<ListResponseModel<LoginResponseModel>> Get()
|
||||
{
|
||||
@ -59,7 +77,23 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var login = model.ToCipherDetails(userId);
|
||||
await _cipherService.SaveAsync(login, userId);
|
||||
await _cipherService.SaveDetailsAsync(login, userId);
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpPost("admin")]
|
||||
public async Task<LoginResponseModel> PostAdmin([FromBody]LoginRequestModel model)
|
||||
{
|
||||
var login = model.ToOrganizationCipher();
|
||||
if(!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
await _cipherService.SaveAsync(login, userId, true);
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
@ -76,7 +110,25 @@ namespace Bit.Api.Controllers
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _cipherService.SaveAsync(model.ToCipherDetails(login), userId);
|
||||
await _cipherService.SaveDetailsAsync(model.ToCipherDetails(login), userId);
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpPut("{id}/admin")]
|
||||
[HttpPost("{id}/admin")]
|
||||
public async Task<LoginResponseModel> PutAdmin(string id, [FromBody]LoginRequestModel model)
|
||||
{
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id));
|
||||
if(login == null || !login.OrganizationId.HasValue ||
|
||||
!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
await _cipherService.SaveAsync(model.ToCipher(login), userId, true);
|
||||
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
|
||||
@ -9,6 +9,8 @@ namespace Bit.Core.Models.Api
|
||||
{
|
||||
public class LoginRequestModel
|
||||
{
|
||||
[StringLength(36)]
|
||||
public string OrganizationId { get; set; }
|
||||
[StringLength(36)]
|
||||
public string FolderId { get; set; }
|
||||
public bool Favorite { get; set; }
|
||||
@ -33,7 +35,21 @@ namespace Bit.Core.Models.Api
|
||||
{
|
||||
return ToCipherDetails(new CipherDetails
|
||||
{
|
||||
UserId = userId
|
||||
UserId = string.IsNullOrWhiteSpace(OrganizationId) ? (Guid?)userId : null,
|
||||
OrganizationId = string.IsNullOrWhiteSpace(OrganizationId) ? (Guid?)null : new Guid(OrganizationId)
|
||||
});
|
||||
}
|
||||
|
||||
public Cipher ToOrganizationCipher()
|
||||
{
|
||||
if(string.IsNullOrWhiteSpace(OrganizationId))
|
||||
{
|
||||
throw new ArgumentNullException(nameof(OrganizationId));
|
||||
}
|
||||
|
||||
return ToCipher(new Cipher
|
||||
{
|
||||
OrganizationId = new Guid(OrganizationId)
|
||||
});
|
||||
}
|
||||
|
||||
@ -48,6 +64,15 @@ namespace Bit.Core.Models.Api
|
||||
|
||||
return existingLogin;
|
||||
}
|
||||
|
||||
public Cipher ToCipher(Cipher existingLogin)
|
||||
{
|
||||
existingLogin.Data = JsonConvert.SerializeObject(new LoginDataModel(this),
|
||||
new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
|
||||
existingLogin.Type = Enums.CipherType.Login;
|
||||
|
||||
return existingLogin;
|
||||
}
|
||||
}
|
||||
|
||||
public class LoginWithIdRequestModel : LoginRequestModel
|
||||
|
||||
@ -1,11 +1,12 @@
|
||||
using System;
|
||||
using Core.Models.Data;
|
||||
using Bit.Core.Models.Table;
|
||||
|
||||
namespace Bit.Core.Models.Api
|
||||
{
|
||||
public class LoginResponseModel : ResponseModel
|
||||
{
|
||||
public LoginResponseModel(CipherDetails cipher, string obj = "login")
|
||||
public LoginResponseModel(Cipher cipher, string obj = "login")
|
||||
: base(obj)
|
||||
{
|
||||
if(cipher == null)
|
||||
@ -22,8 +23,6 @@ namespace Bit.Core.Models.Api
|
||||
|
||||
Id = cipher.Id.ToString();
|
||||
OrganizationId = cipher.OrganizationId?.ToString();
|
||||
FolderId = cipher.FolderId?.ToString();
|
||||
Favorite = cipher.Favorite;
|
||||
Name = data.Name;
|
||||
Uri = data.Uri;
|
||||
Username = data.Username;
|
||||
@ -32,6 +31,13 @@ namespace Bit.Core.Models.Api
|
||||
RevisionDate = cipher.RevisionDate;
|
||||
}
|
||||
|
||||
public LoginResponseModel(CipherDetails cipher, string obj = "login")
|
||||
: this(cipher as Cipher, obj)
|
||||
{
|
||||
FolderId = cipher.FolderId?.ToString();
|
||||
Favorite = cipher.Favorite;
|
||||
}
|
||||
|
||||
public string Id { get; set; }
|
||||
public string OrganizationId { get; set; }
|
||||
public string FolderId { get; set; }
|
||||
|
||||
@ -8,7 +8,8 @@ namespace Bit.Core.Services
|
||||
{
|
||||
public interface ICipherService
|
||||
{
|
||||
Task SaveAsync(CipherDetails cipher, Guid savingUserId);
|
||||
Task SaveAsync(Cipher cipher, Guid savingUserId, bool orgAdmin = false);
|
||||
Task SaveDetailsAsync(CipherDetails cipher, Guid savingUserId);
|
||||
Task DeleteAsync(Cipher cipher, Guid deletingUserId, bool orgAdmin = false);
|
||||
Task SaveFolderAsync(Folder folder);
|
||||
Task DeleteFolderAsync(Folder folder);
|
||||
|
||||
@ -40,7 +40,31 @@ namespace Bit.Core.Services
|
||||
_pushService = pushService;
|
||||
}
|
||||
|
||||
public async Task SaveAsync(CipherDetails cipher, Guid savingUserId)
|
||||
public async Task SaveAsync(Cipher cipher, Guid savingUserId, bool orgAdmin = false)
|
||||
{
|
||||
if(!orgAdmin && !(await UserCanEditAsync(cipher, savingUserId)))
|
||||
{
|
||||
throw new BadRequestException("You do not have permissions to edit this.");
|
||||
}
|
||||
|
||||
if(cipher.Id == default(Guid))
|
||||
{
|
||||
await _cipherRepository.CreateAsync(cipher);
|
||||
|
||||
// push
|
||||
await _pushService.PushSyncCipherCreateAsync(cipher);
|
||||
}
|
||||
else
|
||||
{
|
||||
cipher.RevisionDate = DateTime.UtcNow;
|
||||
await _cipherRepository.ReplaceAsync(cipher);
|
||||
|
||||
// push
|
||||
await _pushService.PushSyncCipherUpdateAsync(cipher);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task SaveDetailsAsync(CipherDetails cipher, Guid savingUserId)
|
||||
{
|
||||
if(!(await UserCanEditAsync(cipher, savingUserId)))
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user