1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-23 17:07:42 +01:00

update cipher subvaults

This commit is contained in:
Kyle Spearrin 2017-04-12 12:42:00 -04:00
parent b7ac04955a
commit c6ef3dc283
9 changed files with 144 additions and 14 deletions

View File

@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
namespace Bit.Api.Controllers
{
@ -18,17 +19,20 @@ namespace Bit.Api.Controllers
private readonly ISubvaultCipherRepository _subvaultCipherRepository;
private readonly ICipherService _cipherService;
private readonly IUserService _userService;
private readonly CurrentContext _currentContext;
public CiphersController(
ICipherRepository cipherRepository,
ISubvaultCipherRepository subvaultCipherRepository,
ICipherService cipherService,
IUserService userService)
IUserService userService,
CurrentContext currentContext)
{
_cipherRepository = cipherRepository;
_subvaultCipherRepository = subvaultCipherRepository;
_cipherService = cipherService;
_userService = userService;
_currentContext = currentContext;
}
[HttpGet("{id}")]
@ -128,21 +132,37 @@ namespace Bit.Api.Controllers
await _cipherService.UpdatePartialAsync(new Guid(id), userId, folderId, model.Favorite);
}
[HttpPut("{id}/move")]
[HttpPost("{id}/move")]
public async Task PostMove(string id, [FromBody]CipherMoveRequestModel model)
[HttpPut("{id}/share")]
[HttpPost("{id}/share")]
public async Task PutShare(string id, [FromBody]CipherShareRequestModel model)
{
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
if(cipher == null || cipher.UserId != userId)
if(cipher == null || cipher.UserId != userId ||
!_currentContext.OrganizationUser(new Guid(model.Cipher.OrganizationId)))
{
throw new NotFoundException();
}
await _cipherService.MoveSubvaultAsync(model.Cipher.ToCipher(cipher), new Guid(model.Cipher.OrganizationId),
await _cipherService.ShareAsync(model.Cipher.ToCipher(cipher), new Guid(model.Cipher.OrganizationId),
model.SubvaultIds.Select(s => new Guid(s)), userId);
}
[HttpPut("{id}/subvaults")]
[HttpPost("{id}/subvaults")]
public async Task PutSubvaults(string id, [FromBody]CipherSubvaultsRequestModel model)
{
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
if(cipher == null || !cipher.OrganizationId.HasValue ||
!_currentContext.OrganizationUser(cipher.OrganizationId.Value))
{
throw new NotFoundException();
}
await _cipherService.SaveSubvaultsAsync(cipher, model.SubvaultIds.Select(s => new Guid(s)), userId);
}
[HttpDelete("{id}")]
[HttpPost("{id}/delete")]
public async Task Delete(string id)

View File

@ -63,13 +63,34 @@ namespace Bit.Core.Models.Api
}
}
public class CipherMoveRequestModel : IValidatableObject
public class CipherShareRequestModel : IValidatableObject
{
[Required]
public IEnumerable<string> SubvaultIds { get; set; }
[Required]
public CipherRequestModel Cipher { get; set; }
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
if(string.IsNullOrWhiteSpace(Cipher.OrganizationId))
{
yield return new ValidationResult("Cipher OrganizationId is required.",
new string[] { nameof(Cipher.OrganizationId) });
}
if(!SubvaultIds?.Any() ?? false)
{
yield return new ValidationResult("You must select at least one subvault.",
new string[] { nameof(SubvaultIds) });
}
}
}
public class CipherSubvaultsRequestModel : IValidatableObject
{
[Required]
public IEnumerable<string> SubvaultIds { get; set; }
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
if(!SubvaultIds?.Any() ?? false)

View File

@ -9,5 +9,6 @@ namespace Bit.Core.Repositories
{
Task<ICollection<SubvaultCipher>> GetManyByUserIdAsync(Guid userId);
Task<ICollection<SubvaultCipher>> GetManyByUserIdCipherIdAsync(Guid userId, Guid cipherId);
Task UpdateSubvaultsAsync(Guid cipherId, Guid userId, IEnumerable<Guid> subvaultIds);
}
}

View File

@ -6,6 +6,7 @@ using System.Data.SqlClient;
using System.Data;
using Dapper;
using System.Linq;
using Bit.Core.Utilities;
namespace Bit.Core.Repositories.SqlServer
{
@ -24,7 +25,7 @@ namespace Bit.Core.Repositories.SqlServer
using(var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<SubvaultCipher>(
$"[dbo].[SubvaultCipher_ReadByUserId]",
"[dbo].[SubvaultCipher_ReadByUserId]",
new { UserId = userId },
commandType: CommandType.StoredProcedure);
@ -37,12 +38,23 @@ namespace Bit.Core.Repositories.SqlServer
using(var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<SubvaultCipher>(
$"[dbo].[SubvaultCipher_ReadByUserIdCipherId]",
"[dbo].[SubvaultCipher_ReadByUserIdCipherId]",
new { UserId = userId, CipherId = cipherId },
commandType: CommandType.StoredProcedure);
return results.ToList();
}
}
public async Task UpdateSubvaultsAsync(Guid cipherId, Guid userId, IEnumerable<Guid> subvaultIds)
{
using(var connection = new SqlConnection(ConnectionString))
{
var results = await connection.ExecuteAsync(
"[dbo].[SubvaultCipher_UpdateSubvaults]",
new { CipherId = cipherId, UserId = userId, SubvaultIds = subvaultIds.ToGuidIdArrayTVP() },
commandType: CommandType.StoredProcedure);
}
}
}
}

View File

@ -13,7 +13,8 @@ namespace Bit.Core.Services
Task DeleteAsync(CipherDetails cipher, Guid deletingUserId);
Task SaveFolderAsync(Folder folder);
Task DeleteFolderAsync(Folder folder);
Task MoveSubvaultAsync(Cipher cipher, Guid organizationId, IEnumerable<Guid> subvaultIds, Guid userId);
Task ShareAsync(Cipher cipher, Guid organizationId, IEnumerable<Guid> subvaultIds, Guid userId);
Task SaveSubvaultsAsync(Cipher cipher, IEnumerable<Guid> subvaultIds, Guid savingUserId);
Task ImportCiphersAsync(List<Folder> folders, List<CipherDetails> ciphers,
IEnumerable<KeyValuePair<int, int>> folderRelationships);
}

View File

@ -17,6 +17,7 @@ namespace Bit.Core.Services
private readonly IOrganizationRepository _organizationRepository;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly ISubvaultUserRepository _subvaultUserRepository;
private readonly ISubvaultCipherRepository _subvaultCipherRepository;
private readonly IPushService _pushService;
public CipherService(
@ -26,6 +27,7 @@ namespace Bit.Core.Services
IOrganizationRepository organizationRepository,
IOrganizationUserRepository organizationUserRepository,
ISubvaultUserRepository subvaultUserRepository,
ISubvaultCipherRepository subvaultCipherRepository,
IPushService pushService)
{
_cipherRepository = cipherRepository;
@ -34,6 +36,7 @@ namespace Bit.Core.Services
_organizationRepository = organizationRepository;
_organizationUserRepository = organizationUserRepository;
_subvaultUserRepository = subvaultUserRepository;
_subvaultCipherRepository = subvaultCipherRepository;
_pushService = pushService;
}
@ -112,7 +115,7 @@ namespace Bit.Core.Services
//await _pushService.PushSyncCipherDeleteAsync(cipher);
}
public async Task MoveSubvaultAsync(Cipher cipher, Guid organizationId, IEnumerable<Guid> subvaultIds, Guid movingUserId)
public async Task ShareAsync(Cipher cipher, Guid organizationId, IEnumerable<Guid> subvaultIds, Guid sharingUserId)
{
if(cipher.Id == default(Guid))
{
@ -124,14 +127,14 @@ namespace Bit.Core.Services
throw new BadRequestException("Already belongs to an organization.");
}
if(!cipher.UserId.HasValue || cipher.UserId.Value != movingUserId)
if(!cipher.UserId.HasValue || cipher.UserId.Value != sharingUserId)
{
throw new NotFoundException();
}
// We do not need to check if the user belongs to this organization since this call will return no subvaults
// and therefore be caught by the .Any() check below.
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(movingUserId, subvaultIds,
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(sharingUserId, subvaultIds,
organizationId);
var writeableSubvaults = subvaultUserDetails.Where(s => !s.ReadOnly).Select(s => s.SubvaultId);
@ -149,6 +152,35 @@ namespace Bit.Core.Services
//await _pushService.PushSyncCipherUpdateAsync(cipher);
}
public async Task SaveSubvaultsAsync(Cipher cipher, IEnumerable<Guid> subvaultIds, Guid savingUserId)
{
if(cipher.Id == default(Guid))
{
throw new BadRequestException(nameof(cipher.Id));
}
if(!cipher.OrganizationId.HasValue)
{
throw new BadRequestException("Cipher must belong to an organization.");
}
// We do not need to check if the user belongs to this organization since this call will return no subvaults
// and therefore be caught by the .Any() check below.
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(savingUserId, subvaultIds,
cipher.OrganizationId.Value);
var writeableSubvaults = subvaultUserDetails.Where(s => !s.ReadOnly).Select(s => s.SubvaultId);
if(!writeableSubvaults.Any())
{
throw new BadRequestException("No subvaults.");
}
await _subvaultCipherRepository.UpdateSubvaultsAsync(cipher.Id, savingUserId, writeableSubvaults);
// push
//await _pushService.PushSyncCipherUpdateAsync(cipher);
}
public async Task ImportCiphersAsync(
List<Folder> folders,
List<CipherDetails> ciphers,

View File

@ -184,5 +184,6 @@
<Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByOrganizationId.sql" />
<Build Include="dbo\Stored Procedures\Subvault_ReadCountByOrganizationId.sql" />
<Build Include="dbo\Stored Procedures\OrganizationUser_ReadByOrganizationIdUserId.sql" />
<Build Include="dbo\Stored Procedures\SubvaultCipher_UpdateSubvaults.sql" />
</ItemGroup>
</Project>

View File

@ -14,7 +14,7 @@ BEGIN
UPDATE
[dbo].[Cipher]
SET
[UserId] = @UserId,
[UserId] = NULL,
[OrganizationId] = @OrganizationId,
[Type] = @Type,
[Data] = @Data,

View File

@ -0,0 +1,42 @@
CREATE PROCEDURE [dbo].[SubvaultCipher_UpdateSubvaults]
@CipherId UNIQUEIDENTIFIER,
@UserId UNIQUEIDENTIFIER,
@SubvaultIds AS [dbo].[GuidIdArray] READONLY
AS
BEGIN
SET NOCOUNT ON
;WITH [AvailableSubvaultsCTE] AS(
SELECT
SU.SubvaultId
FROM
[dbo].[SubvaultUser] SU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
INNER JOIN
[dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
WHERE
OU.[UserId] = @UserId
AND SU.[ReadOnly] = 0
AND OU.[Status] = 2 -- Confirmed
AND O.[Enabled] = 1
)
MERGE
[dbo].[SubvaultCipher] AS [Target]
USING
@SubvaultIds AS [Source]
ON
[Target].[SubvaultId] = [Source].[Id]
AND [Target].[CipherId] = @CipherId
WHEN NOT MATCHED BY TARGET THEN
INSERT VALUES
(
[Source].[Id],
@CipherId
)
WHEN NOT MATCHED BY SOURCE
AND [Target].[CipherId] = @CipherId
AND [Target].[SubvaultId] IN (SELECT [SubvaultId] FROM [AvailableSubvaultsCTE]) THEN
DELETE
;
END