SM-281: Secrets Manager Trash (#2688)

2025-06-30 23:52:50 -05:00 · 2023-02-20 13:01:49 -05:00
parent 34544f2292
commit 16bdd67cad
12 changed files with 525 additions and 2 deletions
--- a/src/Api/SecretsManager/Controllers/SecretsController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsController.cs
@ -70,6 +70,7 @@ public class SecretsController : Controller
    public async Task<SecretResponseModel> GetAsync([FromRoute] Guid id)
    {
        var secret = await _secretRepository.GetByIdAsync(id);
+
        if (secret == null || !_currentContext.AccessSecretsManager(secret.OrganizationId))
        {
            throw new NotFoundException();
--- a/src/Api/SecretsManager/Controllers/SecretsTrashController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsTrashController.cs
@ -0,0 +1,80 @@
+using Bit.Api.SecretsManager.Models.Response;
+using Bit.Core.Context;
+using Bit.Core.Exceptions;
+using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
+using Bit.Core.SecretsManager.Repositories;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Bit.Api.SecretsManager.Controllers;
+
+[SecretsManager]
+[Authorize("secrets")]
+public class TrashController : Controller
+{
+    private readonly ICurrentContext _currentContext;
+    private readonly ISecretRepository _secretRepository;
+    private readonly IEmptyTrashCommand _emptyTrashCommand;
+    private readonly IRestoreTrashCommand _restoreTrashCommand;
+
+    public TrashController(
+        ICurrentContext currentContext,
+        ISecretRepository secretRepository,
+        IEmptyTrashCommand emptyTrashCommand,
+        IRestoreTrashCommand restoreTrashCommand)
+    {
+        _currentContext = currentContext;
+        _secretRepository = secretRepository;
+        _emptyTrashCommand = emptyTrashCommand;
+        _restoreTrashCommand = restoreTrashCommand;
+    }
+
+    [HttpGet("secrets/{organizationId}/trash")]
+    public async Task<SecretWithProjectsListResponseModel> ListByOrganizationAsync(Guid organizationId)
+    {
+        if (!_currentContext.AccessSecretsManager(organizationId))
+        {
+            throw new NotFoundException();
+        }
+
+        if (!await _currentContext.OrganizationAdmin(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        var secrets = await _secretRepository.GetManyByOrganizationIdInTrashAsync(organizationId);
+        return new SecretWithProjectsListResponseModel(secrets);
+    }
+
+    [HttpPost("secrets/{organizationId}/trash/empty")]
+    public async Task EmptyTrashAsync(Guid organizationId, [FromBody] List<Guid> ids)
+    {
+        if (!_currentContext.AccessSecretsManager(organizationId))
+        {
+            throw new NotFoundException();
+        }
+
+        if (!await _currentContext.OrganizationAdmin(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        await _emptyTrashCommand.EmptyTrash(organizationId, ids);
+    }
+
+    [HttpPost("secrets/{organizationId}/trash/restore")]
+    public async Task RestoreTrashAsync(Guid organizationId, [FromBody] List<Guid> ids)
+    {
+        if (!_currentContext.AccessSecretsManager(organizationId))
+        {
+            throw new NotFoundException();
+        }
+
+        if (!await _currentContext.OrganizationAdmin(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        await _restoreTrashCommand.RestoreTrash(organizationId, ids);
+    }
+}