From b4148d35329316eab1b2cfc9591534ad68fe0376 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Wed, 1 May 2019 09:38:13 -0400 Subject: [PATCH] fix issues on cipher admin endpoints --- src/Api/Controllers/CiphersController.cs | 14 ++++---- src/Core/Models/Data/CipherDetails.cs | 6 ++-- .../Models/Data/CipherOrganizationDetails.cs | 9 ++++++ src/Core/Repositories/ICipherRepository.cs | 2 +- .../SqlServer/CipherRepository.cs | 4 +-- src/Sql/Sql.sqlproj | 2 +- ...=> CipherOrganizationDetails_ReadById.sql} | 5 ++- .../2019-05-01_00_CipherOrgDetailsFix.sql | 32 +++++++++++++++++++ 8 files changed, 56 insertions(+), 18 deletions(-) create mode 100644 src/Core/Models/Data/CipherOrganizationDetails.cs rename src/Sql/dbo/Stored Procedures/{CipherDetails_ReadById.sql => CipherOrganizationDetails_ReadById.sql} (73%) create mode 100644 util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql diff --git a/src/Api/Controllers/CiphersController.cs b/src/Api/Controllers/CiphersController.cs index a72a2da5df..778fb57696 100644 --- a/src/Api/Controllers/CiphersController.cs +++ b/src/Api/Controllers/CiphersController.cs @@ -56,16 +56,16 @@ namespace Bit.Api.Controllers } [HttpGet("{id}/admin")] - public async Task GetAdmin(string id) + public async Task GetAdmin(string id) { - var cipher = await _cipherRepository.GetDetailsByIdAsync(new Guid(id)); + var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(new Guid(id)); if(cipher == null || !cipher.OrganizationId.HasValue || !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value)) { throw new NotFoundException(); } - return new CipherResponseModel(cipher, _globalSettings); + return new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp); } [HttpGet("{id}/full-details")] @@ -179,7 +179,7 @@ namespace Bit.Api.Controllers public async Task PutAdmin(string id, [FromBody]CipherRequestModel model) { var userId = _userService.GetProperUserId(User).Value; - var cipher = await _cipherRepository.GetDetailsByIdAsync(new Guid(id)); + var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(new Guid(id)); if(cipher == null || !cipher.OrganizationId.HasValue || !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value)) { @@ -461,13 +461,13 @@ namespace Bit.Api.Controllers [HttpPost("{id}/attachment-admin")] [RequestSizeLimit(105_906_176)] [DisableFormValueModelBinding] - public async Task PostAttachmentAdmin(string id) + public async Task PostAttachmentAdmin(string id) { ValidateAttachment(); var idGuid = new Guid(id); var userId = _userService.GetProperUserId(User).Value; - var cipher = await _cipherRepository.GetDetailsByIdAsync(idGuid); + var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(idGuid); if(cipher == null || !cipher.OrganizationId.HasValue || !_currentContext.OrganizationAdmin(cipher.OrganizationId.Value)) { @@ -480,7 +480,7 @@ namespace Bit.Api.Controllers Request.ContentLength.GetValueOrDefault(0), userId, true); }); - return new CipherResponseModel(cipher, _globalSettings); + return new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp); } [HttpPost("{id}/attachment/{attachmentId}/share")] diff --git a/src/Core/Models/Data/CipherDetails.cs b/src/Core/Models/Data/CipherDetails.cs index acf55ba49d..d40567287b 100644 --- a/src/Core/Models/Data/CipherDetails.cs +++ b/src/Core/Models/Data/CipherDetails.cs @@ -1,13 +1,11 @@ -using Bit.Core.Models.Table; -using System; +using System; namespace Core.Models.Data { - public class CipherDetails : Cipher + public class CipherDetails : CipherOrganizationDetails { public Guid? FolderId { get; set; } public bool Favorite { get; set; } public bool Edit { get; set; } - public bool OrganizationUseTotp { get; set; } } } diff --git a/src/Core/Models/Data/CipherOrganizationDetails.cs b/src/Core/Models/Data/CipherOrganizationDetails.cs new file mode 100644 index 0000000000..e1a32a5329 --- /dev/null +++ b/src/Core/Models/Data/CipherOrganizationDetails.cs @@ -0,0 +1,9 @@ +using Bit.Core.Models.Table; + +namespace Core.Models.Data +{ + public class CipherOrganizationDetails : Cipher + { + public bool OrganizationUseTotp { get; set; } + } +} diff --git a/src/Core/Repositories/ICipherRepository.cs b/src/Core/Repositories/ICipherRepository.cs index 3e529f32cf..ce4eed8349 100644 --- a/src/Core/Repositories/ICipherRepository.cs +++ b/src/Core/Repositories/ICipherRepository.cs @@ -10,7 +10,7 @@ namespace Bit.Core.Repositories public interface ICipherRepository : IRepository { Task GetByIdAsync(Guid id, Guid userId); - Task GetDetailsByIdAsync(Guid id); + Task GetOrganizationDetailsByIdAsync(Guid id); Task GetCanEditByIdAsync(Guid userId, Guid cipherId); Task> GetManyByUserIdAsync(Guid userId, bool withOrganizations = true); Task> GetManyByOrganizationIdAsync(Guid organizationId); diff --git a/src/Core/Repositories/SqlServer/CipherRepository.cs b/src/Core/Repositories/SqlServer/CipherRepository.cs index d116488ce6..55e2a3163c 100644 --- a/src/Core/Repositories/SqlServer/CipherRepository.cs +++ b/src/Core/Repositories/SqlServer/CipherRepository.cs @@ -36,12 +36,12 @@ namespace Bit.Core.Repositories.SqlServer } } - public async Task GetDetailsByIdAsync(Guid id) + public async Task GetOrganizationDetailsByIdAsync(Guid id) { using(var connection = new SqlConnection(ConnectionString)) { var results = await connection.QueryAsync( - $"[{Schema}].[CipherDetails_ReadById]", + $"[{Schema}].[CipherOrganizationDetails_ReadById]", new { Id = id }, commandType: CommandType.StoredProcedure); diff --git a/src/Sql/Sql.sqlproj b/src/Sql/Sql.sqlproj index 3a2dea751f..4795099919 100644 --- a/src/Sql/Sql.sqlproj +++ b/src/Sql/Sql.sqlproj @@ -209,7 +209,7 @@ - + diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql b/src/Sql/dbo/Stored Procedures/CipherOrganizationDetails_ReadById.sql similarity index 73% rename from src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql rename to src/Sql/dbo/Stored Procedures/CipherOrganizationDetails_ReadById.sql index bd14e89a52..1f76fc783a 100644 --- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql +++ b/src/Sql/dbo/Stored Procedures/CipherOrganizationDetails_ReadById.sql @@ -1,4 +1,4 @@ -CREATE PROCEDURE [dbo].[CipherDetails_ReadById] +CREATE PROCEDURE [dbo].[CipherOrganizationDetails_ReadById] @Id UNIQUEIDENTIFIER AS BEGIN @@ -6,13 +6,12 @@ BEGIN SELECT C.*, - 1 [Edit], CASE WHEN O.[UseTotp] = 1 THEN 1 ELSE 0 END [OrganizationUseTotp] FROM - [dbo].[CipherDetails](NULL) C + [dbo].[CipherView] C LEFT JOIN [dbo].[Organization] O ON O.[Id] = C.[OrganizationId] WHERE diff --git a/util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql b/util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql new file mode 100644 index 0000000000..36b99aa073 --- /dev/null +++ b/util/Migrator/DbScripts/2019-05-01_00_CipherOrgDetailsFix.sql @@ -0,0 +1,32 @@ +IF OBJECT_ID('[dbo].[CipherDetails_ReadById]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[CipherDetails_ReadById] +END +GO + +IF OBJECT_ID('[dbo].[CipherOrganizationDetails_ReadById]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[CipherOrganizationDetails_ReadById] +END +GO + +CREATE PROCEDURE [dbo].[CipherOrganizationDetails_ReadById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + C.*, + CASE + WHEN O.[UseTotp] = 1 THEN 1 + ELSE 0 + END [OrganizationUseTotp] + FROM + [dbo].[CipherView] C + LEFT JOIN + [dbo].[Organization] O ON O.[Id] = C.[OrganizationId] + WHERE + C.[Id] = @Id +END +GO