fix issues on cipher admin endpoints

2025-01-22 21:51:22 +01:00 · 2019-05-01 09:38:13 -04:00 · 2019-05-01 09:38:13 -04:00 · b4148d3532
commit b4148d3532
parent 044f21df29
8 changed files with 56 additions and 18 deletions
--- a/src/Api/Controllers/CiphersController.cs
+++ b/src/Api/Controllers/CiphersController.cs
@ -56,16 +56,16 @@ namespace Bit.Api.Controllers
        }

        [HttpGet("{id}/admin")]
-        public async Task<CipherResponseModel> GetAdmin(string id)
+        public async Task<CipherMiniResponseModel> GetAdmin(string id)
        {
-            var cipher = await _cipherRepository.GetDetailsByIdAsync(new Guid(id));
+            var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(new Guid(id));
            if(cipher == null || !cipher.OrganizationId.HasValue ||
                !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value))
            {
                throw new NotFoundException();
            }

-            return new CipherResponseModel(cipher, _globalSettings);
+            return new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp);
        }

        [HttpGet("{id}/full-details")]
@ -179,7 +179,7 @@ namespace Bit.Api.Controllers
        public async Task<CipherMiniResponseModel> PutAdmin(string id, [FromBody]CipherRequestModel model)
        {
            var userId = _userService.GetProperUserId(User).Value;
-            var cipher = await _cipherRepository.GetDetailsByIdAsync(new Guid(id));
+            var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(new Guid(id));
            if(cipher == null || !cipher.OrganizationId.HasValue ||
                !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value))
            {
@ -461,13 +461,13 @@ namespace Bit.Api.Controllers
        [HttpPost("{id}/attachment-admin")]
        [RequestSizeLimit(105_906_176)]
        [DisableFormValueModelBinding]
-        public async Task<CipherResponseModel> PostAttachmentAdmin(string id)
+        public async Task<CipherMiniResponseModel> PostAttachmentAdmin(string id)
        {
            ValidateAttachment();

            var idGuid = new Guid(id);
            var userId = _userService.GetProperUserId(User).Value;
-            var cipher = await _cipherRepository.GetDetailsByIdAsync(idGuid);
+            var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(idGuid);
            if(cipher == null || !cipher.OrganizationId.HasValue ||
                !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value))
            {
@ -480,7 +480,7 @@ namespace Bit.Api.Controllers
                        Request.ContentLength.GetValueOrDefault(0), userId, true);
            });

-            return new CipherResponseModel(cipher, _globalSettings);
+            return new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp);
        }

        [HttpPost("{id}/attachment/{attachmentId}/share")]
--- a/src/Core/Models/Data/CipherDetails.cs
+++ b/src/Core/Models/Data/CipherDetails.cs
@ -1,13 +1,11 @@
-using Bit.Core.Models.Table;
-using System;
+using System;

 namespace Core.Models.Data
 {
-    public class CipherDetails : Cipher
+    public class CipherDetails : CipherOrganizationDetails
    {
        public Guid? FolderId { get; set; }
        public bool Favorite { get; set; }
        public bool Edit { get; set; }
-        public bool OrganizationUseTotp { get; set; }
    }
 }
--- a/src/Core/Models/Data/CipherOrganizationDetails.cs
+++ b/src/Core/Models/Data/CipherOrganizationDetails.cs
@ -0,0 +1,9 @@
+using Bit.Core.Models.Table;
+
+namespace Core.Models.Data
+{
+    public class CipherOrganizationDetails : Cipher
+    {
+        public bool OrganizationUseTotp { get; set; }
+    }
+}
--- a/src/Core/Repositories/ICipherRepository.cs
+++ b/src/Core/Repositories/ICipherRepository.cs
@ -10,7 +10,7 @@ namespace Bit.Core.Repositories
    public interface ICipherRepository : IRepository<Cipher, Guid>
    {
        Task<CipherDetails> GetByIdAsync(Guid id, Guid userId);
-        Task<CipherDetails> GetDetailsByIdAsync(Guid id);
+        Task<CipherOrganizationDetails> GetOrganizationDetailsByIdAsync(Guid id);
        Task<bool> GetCanEditByIdAsync(Guid userId, Guid cipherId);
        Task<ICollection<CipherDetails>> GetManyByUserIdAsync(Guid userId, bool withOrganizations = true);
        Task<ICollection<Cipher>> GetManyByOrganizationIdAsync(Guid organizationId);
--- a/src/Core/Repositories/SqlServer/CipherRepository.cs
+++ b/src/Core/Repositories/SqlServer/CipherRepository.cs
@ -36,12 +36,12 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }

-        public async Task<CipherDetails> GetDetailsByIdAsync(Guid id)
+        public async Task<CipherOrganizationDetails> GetOrganizationDetailsByIdAsync(Guid id)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
                var results = await connection.QueryAsync<CipherDetails>(
-                    $"[{Schema}].[CipherDetails_ReadById]",
+                    $"[{Schema}].[CipherOrganizationDetails_ReadById]",
                    new { Id = id },
                    commandType: CommandType.StoredProcedure);

--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -209,7 +209,7 @@
    <Build Include="dbo\Views\InstallationView.sql" />
    <Build Include="dbo\Stored Procedures\Organization_ReadByEnabled.sql" />
    <Build Include="dbo\Stored Procedures\User_ReadByPremium.sql" />
-    <Build Include="dbo\Stored Procedures\CipherDetails_ReadById.sql" />
+    <Build Include="dbo\Stored Procedures\CipherOrganizationDetails_ReadById.sql" />
    <Build Include="dbo\Stored Procedures\Cipher_DeleteByUserId.sql" />
    <Build Include="dbo\Stored Procedures\User_BumpAccountRevisionDateByCollectionId.sql" />
    <Build Include="dbo\Stored Procedures\User_BumpAccountRevisionDateByCipherId.sql" />
--- a/Procedures/CipherOrganizationDetails_ReadById.sql
+++ b/Procedures/CipherOrganizationDetails_ReadById.sql
@ -1,4 +1,4 @@
-CREATE PROCEDURE [dbo].[CipherDetails_ReadById]
+CREATE PROCEDURE [dbo].[CipherOrganizationDetails_ReadById]
    @Id UNIQUEIDENTIFIER
 AS
 BEGIN
@ -6,13 +6,12 @@ BEGIN

    SELECT
        C.*,
-        1 [Edit],
        CASE 
            WHEN O.[UseTotp] = 1 THEN 1
            ELSE 0
        END [OrganizationUseTotp]
    FROM
-        [dbo].[CipherDetails](NULL) C
+        [dbo].[CipherView] C
    LEFT JOIN
        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
    WHERE
--- a/util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql
+++ b/util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql
@ -0,0 +1,32 @@
+IF OBJECT_ID('[dbo].[CipherDetails_ReadById]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[CipherDetails_ReadById]
+END
+GO
+
+IF OBJECT_ID('[dbo].[CipherOrganizationDetails_ReadById]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[CipherOrganizationDetails_ReadById]
+END
+GO
+
+CREATE PROCEDURE [dbo].[CipherOrganizationDetails_ReadById]
+    @Id UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        C.*,
+        CASE 
+            WHEN O.[UseTotp] = 1 THEN 1
+            ELSE 0
+        END [OrganizationUseTotp]
+    FROM
+        [dbo].[CipherView] C
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
+    WHERE
+        C.[Id] = @Id
+END
+GO