nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

Use sas token for attachment downloads (#1153)

Browse Source 
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
This commit is contained in:
Matt Gibson
2021-02-22 15:35:16 -06:00
committed by GitHub
parent 78606d5f13
commit 5537470703
177 changed files with 694 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Admin/Controllers/HomeController.cs
View File

@ -3,7 +3,7 @@ using System.Diagnostics;
using Microsoft.AspNetCore.Mvc;
using Bit.Admin.Models;
using Microsoft.AspNetCore.Authorization;
using Bit.Core;
using Bit.Core.Settings;
using System.Net.Http;
using System.Threading.Tasks;
using Newtonsoft.Json.Linq;

2
src/Admin/Controllers/LogsController.cs
View File

@ -2,7 +2,7 @@
using System.Linq;
using System.Threading.Tasks;
using Bit.Admin.Models;
using Bit.Core;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

2
src/Admin/Controllers/OrganizationsController.cs
View File

@ -6,9 +6,9 @@ using System.Threading.Tasks;
using Bit.Admin.Models;
using System.Collections.Generic;
using Bit.Core.Models.Table;
using Bit.Core;
using Bit.Core.Utilities;
using Bit.Core.Services;
using Bit.Core.Settings;
namespace Bit.Admin.Controllers
{

1
src/Admin/Controllers/ToolsController.cs
View File

@ -9,6 +9,7 @@ using Bit.Core;
using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;

2
src/Admin/Controllers/UsersController.cs
View File

@ -6,9 +6,9 @@ using System.Threading.Tasks;
using Bit.Admin.Models;
using System.Collections.Generic;
using Bit.Core.Models.Table;
using Bit.Core;
using Bit.Core.Utilities;
using Bit.Core.Services;
using Bit.Core.Settings;
namespace Bit.Admin.Controllers
{

2
src/Admin/HostedServices/AmazonSqsBlockIpHostedService.cs
View File

@ -5,7 +5,7 @@ using System.Threading.Tasks;
using Amazon;
using Amazon.SQS;
using Amazon.SQS.Model;
using Bit.Core;
using Bit.Core.Settings;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

2
src/Admin/HostedServices/AzureQueueBlockIpHostedService.cs
View File

@ -2,7 +2,7 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Settings;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using Azure.Storage.Queues;

2
src/Admin/HostedServices/BlockIpHostedService.cs
View File

@ -4,7 +4,7 @@ using System.Net.Http;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Settings;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

2
src/Admin/HostedServices/DatabaseMigrationHostedService.cs
View File

@ -2,8 +2,8 @@
using System.Data.SqlClient;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Jobs;
using Bit.Core.Settings;
using Bit.Migrator;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;

1
src/Admin/Jobs/AliveJob.cs
View File

@ -2,6 +2,7 @@
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Jobs;
using Bit.Core.Settings;
using Microsoft.Extensions.Logging;
using Quartz;

2
src/Admin/Jobs/JobsHostedService.cs
View File

@ -3,8 +3,8 @@ using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Jobs;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Quartz;

2
src/Admin/Models/HomeModel.cs
View File

@ -1,5 +1,5 @@
using System;
using Bit.Core;
using Bit.Core.Settings;
namespace Bit.Admin.Models
{

2
src/Admin/Models/OrganizationEditModel.cs
View File

@ -1,12 +1,12 @@
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using Bit.Core;
using Bit.Core.Enums;
using Bit.Core.Models.Business;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Admin.Models
{

2
src/Admin/Models/UserEditModel.cs
View File

@ -1,10 +1,10 @@
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using Bit.Core;
using Bit.Core.Models.Business;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Admin.Models
{

2
src/Admin/Startup.cs
View File

@ -1,8 +1,8 @@
using System;
using System.Globalization;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Identity;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;

2
src/Admin/Views/Shared/_Layout.cshtml
View File

@ -1,5 +1,5 @@
@inject SignInManager<IdentityUser> SignInManager
@inject Bit.Core.GlobalSettings GlobalSettings
@inject Bit.Core.Settings.GlobalSettings GlobalSettings
<!DOCTYPE html>
<html>
<head>

1
src/Api/Controllers/AccountsController.cs
View File

@ -9,6 +9,7 @@ using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

28
src/Api/Controllers/CiphersController.cs
View File

@ -7,12 +7,12 @@ using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
using Bit.Core.Context;
using Bit.Api.Utilities;
using Bit.Core.Utilities;
using System.Collections.Generic;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{
@ -24,6 +24,7 @@ namespace Bit.Api.Controllers
private readonly ICollectionCipherRepository _collectionCipherRepository;
private readonly ICipherService _cipherService;
private readonly IUserService _userService;
private readonly IAttachmentStorageService _attachmentStorageService;
private readonly ICurrentContext _currentContext;
private readonly GlobalSettings _globalSettings;
@ -32,6 +33,7 @@ namespace Bit.Api.Controllers
ICollectionCipherRepository collectionCipherRepository,
ICipherService cipherService,
IUserService userService,
IAttachmentStorageService attachmentStorageService,
ICurrentContext currentContext,
GlobalSettings globalSettings)
{
@ -39,6 +41,7 @@ namespace Bit.Api.Controllers
_collectionCipherRepository = collectionCipherRepository;
_cipherService = cipherService;
_userService = userService;
_attachmentStorageService = attachmentStorageService;
_currentContext = currentContext;
_globalSettings = globalSettings;
}
@ -608,6 +611,27 @@ namespace Bit.Api.Controllers
return new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp);
}
[HttpGet("{id}/attachment/{attachmentId}")]
public async Task<AttachmentResponseModel> GetAttachmentData(string id, string attachmentId)
{
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
var attachments = cipher.GetAttachments();
if (!attachments.ContainsKey(attachmentId))
{
throw new NotFoundException();
}
var data = attachments[attachmentId];
var response = new AttachmentResponseModel(attachmentId, data, cipher, _globalSettings)
{
Url = await _attachmentStorageService.GetAttachmentDownloadUrlAsync(cipher, data)
};
return response;
}
[HttpPost("{id}/attachment/{attachmentId}/share")]
[RequestSizeLimit(105_906_176)]
[DisableFormValueModelBinding]

2
src/Api/Controllers/HibpController.cs
View File

@ -5,12 +5,12 @@ using Microsoft.AspNetCore.Authorization;
using System.Net.Http;
using System.Security.Cryptography;
using Bit.Core.Services;
using Bit.Core;
using Bit.Core.Context;
using System.Net;
using Bit.Core.Exceptions;
using System.Linq;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{

2
src/Api/Controllers/MiscController.cs
View File

@ -4,7 +4,7 @@ using Bit.Core.Models.Api;
using System.Threading.Tasks;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Bit.Core;
using Bit.Core.Settings;
using Stripe;
using System.Linq;
using System.Collections.Generic;

2
src/Api/Controllers/OrganizationsController.cs
View File

@ -8,11 +8,11 @@ using Bit.Core.Enums;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
using Bit.Core.Context;
using Bit.Api.Utilities;
using Bit.Core.Models.Business;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{

2
src/Api/Controllers/PoliciesController.cs
View File

@ -7,10 +7,10 @@ using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Utilities;
using Bit.Core.Settings;
using Microsoft.AspNetCore.DataProtection;
namespace Bit.Api.Controllers

1
src/Api/Controllers/PushController.cs
View File

@ -10,6 +10,7 @@ using System.Linq;
using Microsoft.AspNetCore.Hosting;
using Bit.Api.Utilities;
using Bit.Core.Utilities;
using Bit.Core.Settings;
using Microsoft.Extensions.Hosting;
namespace Bit.Api.Controllers

2
src/Api/Controllers/SendsController.cs
View File

@ -7,10 +7,10 @@ using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
using Bit.Api.Utilities;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{

2
src/Api/Controllers/SyncController.cs
View File

@ -5,13 +5,13 @@ using Microsoft.AspNetCore.Mvc;
using Bit.Core.Models.Api;
using Bit.Core.Services;
using Bit.Core.Repositories;
using Bit.Core;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using System.Linq;
using Bit.Core.Models.Table;
using System.Collections.Generic;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{

2
src/Api/Controllers/TwoFactorController.cs
View File

@ -9,11 +9,11 @@ using Microsoft.AspNetCore.Identity;
using Bit.Core.Models.Table;
using Bit.Core.Enums;
using System.Linq;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Repositories;
using Bit.Core.Utilities;
using Bit.Core.Utilities.Duo;
using Bit.Core.Settings;
namespace Bit.Api.Controllers
{

2
src/Api/Jobs/JobsHostedService.cs
View File

@ -2,8 +2,8 @@
using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Jobs;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Quartz;

2
src/Api/Public/Controllers/OrganizationController.cs
View File

@ -1,11 +1,11 @@
using System.Linq;
using System.Net;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api.Public;
using Bit.Core.Services;
using Bit.Core.Settings;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

1
src/Api/Startup.cs
View File

@ -7,6 +7,7 @@ using Bit.Api.Utilities;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Identity;
using Bit.Core.Settings;
using Newtonsoft.Json.Serialization;
using AspNetCoreRateLimit;
using Stripe;

2
src/Api/Utilities/ServiceCollectionExtensions.cs
View File

@ -1,7 +1,7 @@
using System;
using System.Collections.Generic;
using System.IO;
using Bit.Core;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.OpenApi.Models;

3
src/Billing/Controllers/FreshdeskController.cs
View File

@ -12,7 +12,8 @@ using System.Reflection;
using System.Text;
using System.Threading.Tasks;
using System.ComponentModel.DataAnnotations;
using Bit.Core;
using Bit.Core.Settings;
namespace Bit.Billing.Controllers
{

4
src/Billing/Controllers/StripeController.cs
View File

@ -1,9 +1,9 @@
using Bit.Core;
using Bit.Core.Enums;
using Bit.Core.Enums;
using Bit.Core.Models.Business;
using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;

2
src/Billing/Jobs/JobsHostedService.cs
View File

@ -3,8 +3,8 @@ using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Threading;
using System.Threading.Tasks;
using Bit.Core;
using Bit.Core.Jobs;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Quartz;

2
src/Billing/Startup.cs
View File

@ -3,8 +3,8 @@ using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Settings;
using Stripe;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Http;

1
src/Core/Context/CurrentContext.cs
View File

@ -9,6 +9,7 @@ using System.Threading.Tasks;
using System.Security.Claims;
using Bit.Core.Utilities;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Context
{

1
src/Core/Context/ICurrentContext.cs
View File

@ -5,6 +5,7 @@ using System.Threading.Tasks;
using Bit.Core.Enums;
using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Settings;
using Microsoft.AspNetCore.Http;
namespace Bit.Core.Context

1
src/Core/HostedServices/ApplicationCacheHostedService.cs
View File

@ -4,6 +4,7 @@ using System.Threading.Tasks;
using Bit.Core.Enums;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Microsoft.Azure.ServiceBus;
using Microsoft.Azure.ServiceBus.Management;

1
src/Core/Identity/DuoWebTokenProvider.cs
View File

@ -7,6 +7,7 @@ using Bit.Core.Models;
using System;
using Microsoft.Extensions.DependencyInjection;
using Bit.Core.Services;
using Bit.Core.Settings;
namespace Bit.Core.Identity
{

1
src/Core/Identity/OrganizationDuoWebTokenProvider.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Models.Table;
using Bit.Core.Enums;
using Bit.Core.Utilities.Duo;
using Bit.Core.Models;
using Bit.Core.Settings;
namespace Bit.Core.Identity
{

1
src/Core/Identity/U2fTokenProvider.cs
View File

@ -13,6 +13,7 @@ using U2F.Core.Exceptions;
using U2F.Core.Utils;
using System;
using Bit.Core.Services;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
namespace Bit.Core.Identity

1
src/Core/Identity/UserStore.cs
View File

@ -6,6 +6,7 @@ using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Context;
using Bit.Core.Settings;
using Microsoft.Extensions.DependencyInjection;
namespace Bit.Core.Identity

1
src/Core/Identity/YubicoOtpTokenProvider.cs
View File

@ -5,6 +5,7 @@ using Bit.Core.Enums;
using YubicoDotNetClient;
using System.Linq;
using Bit.Core.Services;
using Bit.Core.Settings;
using System;
using Microsoft.Extensions.DependencyInjection;

1
src/Core/IdentityServer/ApiClient.cs
View File

@ -1,6 +1,7 @@
using IdentityServer4.Models;
using System.Collections.Generic;
using System.Linq;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/BaseRequestValidator.cs
View File

@ -18,6 +18,7 @@ using System.Reflection;
using Microsoft.Extensions.Logging;
using Bit.Core.Models.Api;
using Bit.Core.Context;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/ClientStore.cs
View File

@ -9,6 +9,7 @@ using IdentityModel;
using Bit.Core.Utilities;
using System.Security.Claims;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Context;
using System.Collections.ObjectModel;

1
src/Core/IdentityServer/ConfigureOpenIdConnectDistributedOptions.cs
View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Caching.Redis;
using Microsoft.Extensions.Options;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/CustomTokenRequestValidator.cs
View File

@ -6,6 +6,7 @@ using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Context;
using System.Linq;
using Bit.Core.Identity;

1
src/Core/IdentityServer/OidcIdentityClient.cs
View File

@ -1,6 +1,7 @@
using IdentityServer4;
using IdentityServer4.Models;
using System.Collections.Generic;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/ProfileService.cs
View File

@ -10,6 +10,7 @@ using System;
using IdentityModel;
using Bit.Core.Utilities;
using Bit.Core.Context;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs
View File

@ -9,6 +9,7 @@ using System.Threading.Tasks;
using Bit.Core.Services;
using Bit.Core.Identity;
using Bit.Core.Context;
using Bit.Core.Settings;
using Microsoft.Extensions.Logging;
namespace Bit.Core.IdentityServer

1
src/Core/IdentityServer/StaticClientStore.cs
View File

@ -1,6 +1,7 @@
using IdentityServer4.Models;
using System.Collections.Generic;
using System.Linq;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/IdentityServer/VaultCorsPolicyService.cs
View File

@ -1,6 +1,7 @@
using Bit.Core.Utilities;
using IdentityServer4.Services;
using System.Threading.Tasks;
using Bit.Core.Settings;
namespace Bit.Core.IdentityServer
{

1
src/Core/Jobs/BaseJobsHostedService.cs
View File

@ -8,6 +8,7 @@ using Microsoft.Extensions.Logging;
using Quartz;
using Quartz.Impl;
using Quartz.Impl.Matchers;
using Bit.Core.Settings;
namespace Bit.Core.Jobs
{

2
src/Core/Models/Api/Request/Accounts/PremiumRequestModel.cs
View File

@ -2,6 +2,8 @@
using System.ComponentModel.DataAnnotations;
using System.Collections.Generic;
using Bit.Core.Enums;
using Bit.Core.Settings;
namespace Bit.Core.Models.Api
{

1
src/Core/Models/Api/Request/BitPayInvoiceRequestModel.cs
View File

@ -1,6 +1,7 @@
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using Bit.Core.Settings;
namespace Bit.Core.Models.Api
{

1
src/Core/Models/Api/Request/Organizations/OrganizationUpdateRequestModel.cs
View File

@ -1,5 +1,6 @@
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.ComponentModel.DataAnnotations;
namespace Bit.Core.Models.Api

1
src/Core/Models/Api/Response/AttachmentResponseModel.cs
View File

@ -2,6 +2,7 @@
using Bit.Core.Models.Table;
using System.Collections.Generic;
using System.Linq;
using Bit.Core.Settings;
namespace Bit.Core.Models.Api
{

1
src/Core/Models/Api/Response/CipherResponseModel.cs
View File

@ -5,6 +5,7 @@ using Bit.Core.Models.Table;
using System.Linq;
using Newtonsoft.Json;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Models.Api
{

1
src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs
View File

@ -4,6 +4,7 @@ using System.Linq;
using Bit.Core.Enums;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Core.Models.Data;
namespace Bit.Core.Models.Api.Response

1
src/Core/Models/Api/Response/SendAccessResponseModel.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Enums;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Bit.Core.Settings;
using Newtonsoft.Json;
namespace Bit.Core.Models.Api

1
src/Core/Models/Api/Response/SendResponseModel.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Enums;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Bit.Core.Settings;
using Newtonsoft.Json;
namespace Bit.Core.Models.Api

1
src/Core/Models/Api/Response/SyncResponseModel.cs
View File

@ -3,6 +3,7 @@ using System.Collections.Generic;
using System.Linq;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Core.Models.Data;
namespace Bit.Core.Models.Api

1
src/Core/Models/Api/SendFileModel.cs
View File

@ -1,5 +1,6 @@
using Bit.Core.Models.Data;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Core.Models.Api
{

1
src/Core/Models/Business/OrganizationLicense.cs
View File

@ -1,6 +1,7 @@
using Bit.Core.Enums;
using Bit.Core.Models.Table;
using Bit.Core.Services;
using Bit.Core.Settings;
using Newtonsoft.Json;
using System;
using System.Linq;

6
src/Core/Models/Data/CipherAttachment.cs
View File

@ -32,6 +32,12 @@ namespace Bit.Core.Models.Data
public string FileName { get; set; }
public string Key { get; set; }
public string ContainerName { get; set; } = "attachments";
// This is stored alongside metadata as an identifier. It does not need repeating in serialization
[JsonIgnore]
public string AttachmentId { get; set; }
}
}
}

1
src/Core/Models/Data/EventMessage.cs
View File

@ -1,6 +1,7 @@
using System;
using Bit.Core.Enums;
using Bit.Core.Context;
using Bit.Core.Settings;
namespace Bit.Core.Models.Data
{

4
src/Core/Models/Table/Cipher.cs
View File

@ -42,6 +42,10 @@ namespace Bit.Core.Models.Table
try
{
_attachmentData = JsonConvert.DeserializeObject<Dictionary<string, CipherAttachment.MetaData>>(Attachments);
foreach (var kvp in _attachmentData)
{
kvp.Value.AttachmentId = kvp.Key;
}
return _attachmentData;
}
catch

1
src/Core/Repositories/PostgreSql/UserRepository.cs
View File

@ -5,6 +5,7 @@ using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Dapper;
using Npgsql;

1
src/Core/Repositories/SqlServer/CipherRepository.cs
View File

@ -10,6 +10,7 @@ using Core.Models.Data;
using Bit.Core.Utilities;
using Newtonsoft.Json;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/CollectionCipherRepository.cs
View File

@ -7,6 +7,7 @@ using System.Data;
using Dapper;
using System.Linq;
using Bit.Core.Utilities;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/CollectionRepository.cs
View File

@ -9,6 +9,7 @@ using System.Linq;
using Newtonsoft.Json;
using Bit.Core.Utilities;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/DeviceRepository.cs
View File

@ -4,6 +4,7 @@ using System.Collections.Generic;
using System.Data.SqlClient;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Data;
using Dapper;

1
src/Core/Repositories/SqlServer/EmergencyAccessRepository.cs
View File

@ -7,6 +7,7 @@ using Dapper;
using System.Linq;
using System.Collections.Generic;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/EventRepository.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Models.Table;
using System.Threading.Tasks;
using System.Collections.Generic;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
using System.Data.SqlClient;
using System.Linq;
using System.Data;

1
src/Core/Repositories/SqlServer/FolderRepository.cs
View File

@ -1,5 +1,6 @@
using System;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Data;

1
src/Core/Repositories/SqlServer/GrantRepository.cs
View File

@ -4,6 +4,7 @@ using System.Data.SqlClient;
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Dapper;
namespace Bit.Core.Repositories.SqlServer

1
src/Core/Repositories/SqlServer/GroupRepository.cs
View File

@ -9,6 +9,7 @@ using System.Linq;
using Newtonsoft.Json;
using Bit.Core.Utilities;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/InstallationRepository.cs
View File

@ -1,5 +1,6 @@
using System;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/MaintenanceRepository.cs
View File

@ -2,6 +2,7 @@
using System.Data.SqlClient;
using System.Threading.Tasks;
using Dapper;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/OrganizationRepository.cs
View File

@ -7,6 +7,7 @@ using Dapper;
using System.Linq;
using System.Collections.Generic;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
View File

@ -9,6 +9,7 @@ using Bit.Core.Models.Data;
using System.Collections.Generic;
using Bit.Core.Enums;
using Bit.Core.Utilities;
using Bit.Core.Settings;
using Newtonsoft.Json;
namespace Bit.Core.Repositories.SqlServer

1
src/Core/Repositories/SqlServer/PolicyRepository.cs
View File

@ -7,6 +7,7 @@ using System.Data;
using Dapper;
using System.Linq;
using Bit.Core.Enums;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/SendRepository.cs
View File

@ -1,5 +1,6 @@
using System;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Data;

1
src/Core/Repositories/SqlServer/SsoConfigRepository.cs
View File

@ -1,5 +1,6 @@
using System;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Threading.Tasks;
using System.Data.SqlClient;
using System.Data;

1
src/Core/Repositories/SqlServer/SsoUserRepository.cs
View File

@ -1,4 +1,5 @@
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Dapper;
using System;
using System.Threading.Tasks;

1
src/Core/Repositories/SqlServer/TaxRateRepository.cs
View File

@ -1,4 +1,5 @@
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Data;

1
src/Core/Repositories/SqlServer/TransactionRepository.cs
View File

@ -7,6 +7,7 @@ using System.Data;
using System.Data.SqlClient;
using System.Linq;
using Bit.Core.Enums;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.SqlServer
{

1
src/Core/Repositories/SqlServer/U2fRepository.cs
View File

@ -4,6 +4,7 @@ using System.Collections.Generic;
using System.Data.SqlClient;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Data;
using Dapper;

1
src/Core/Repositories/SqlServer/UserRepository.cs
View File

@ -6,6 +6,7 @@ using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Dapper;
namespace Bit.Core.Repositories.SqlServer

1
src/Core/Repositories/TableStorage/EventRepository.cs
View File

@ -6,6 +6,7 @@ using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Utilities;
using Microsoft.Azure.Cosmos.Table;
using Bit.Core.Settings;
namespace Bit.Core.Repositories.TableStorage
{

1
src/Core/Repositories/TableStorage/InstallationDeviceRepository.cs
View File

@ -3,6 +3,7 @@ using System.Linq;
using System.Net;
using System.Threading.Tasks;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
using Microsoft.Azure.Cosmos.Table;
namespace Bit.Core.Repositories.TableStorage

1
src/Core/Repositories/TableStorage/MetaDataRepository.cs
View File

@ -3,6 +3,7 @@ using System.Linq;
using System.Net;
using System.Threading.Tasks;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
using Microsoft.Azure.Cosmos.Table;
namespace Bit.Core.Repositories.TableStorage

14
src/Core/Services/IAttachmentStorageService.cs
View File

@ -1,4 +1,5 @@
using Bit.Core.Models.Table;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using System;
using System.IO;
using System.Threading.Tasks;
@ -7,14 +8,15 @@ namespace Bit.Core.Services
{
public interface IAttachmentStorageService
{
Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId);
Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId);
Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, CipherAttachment.MetaData attachment);
Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachment);
Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData);
Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData, string originalContainer);
Task CleanupAsync(Guid cipherId);
Task DeleteAttachmentAsync(Guid cipherId, string attachmentId);
Task DeleteAttachmentAsync(Guid cipherId, CipherAttachment.MetaData attachment);
Task DeleteAttachmentsForCipherAsync(Guid cipherId);
Task DeleteAttachmentsForOrganizationAsync(Guid organizationId);
Task DeleteAttachmentsForUserAsync(Guid userId);
Task<string> GetAttachmentDownloadUrlAsync(Cipher cipher, CipherAttachment.MetaData attachmentData);
}
}

1
src/Core/Services/Implementations/AmazonSesMailDeliveryService.cs
View File

@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Threading.Tasks;
using Bit.Core.Models.Mail;
using Bit.Core.Settings;
using System.Linq;
using Amazon.SimpleEmail;
using Amazon;

1
src/Core/Services/Implementations/AmazonSqsBlockIpService.cs
View File

@ -2,6 +2,7 @@
using System;
using Amazon.SQS;
using Amazon;
using Bit.Core.Settings;
namespace Bit.Core.Services
{

1
src/Core/Services/Implementations/AppleIapService.cs
View File

@ -5,6 +5,7 @@ using System.Net.Http;
using System.Threading.Tasks;
using Bit.Billing.Models;
using Bit.Core.Repositories;
using Bit.Core.Settings;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;

148
src/Core/Services/Implementations/AzureAttachmentStorageService.cs
View File

@ -1,18 +1,22 @@
using System.Threading.Tasks;
using System.Threading.Tasks;
using Microsoft.Azure.Storage;
using Microsoft.Azure.Storage.Blob;
using System.IO;
using System;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using System.Collections.Generic;
namespace Bit.Core.Services
{
public class AzureAttachmentStorageService : IAttachmentStorageService
{
private const string AttchmentContainerName = "attachments";
private const string _defaultContainerName = "attachments";
private readonly static string[] _attachmentContainerName = { "attachments", "attachments-v2" };
private static readonly TimeSpan downloadLinkLiveTime = TimeSpan.FromMinutes(1);
private readonly CloudBlobClient _blobClient;
private CloudBlobContainer _attachmentsContainer;
private readonly Dictionary<string, CloudBlobContainer> _attachmentContainers = new Dictionary<string, CloudBlobContainer>();
public AzureAttachmentStorageService(
GlobalSettings globalSettings)
@ -21,10 +25,24 @@ namespace Bit.Core.Services
_blobClient = storageAccount.CreateCloudBlobClient();
}
public async Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId)
public async Task<string> GetAttachmentDownloadUrlAsync(Cipher cipher, CipherAttachment.MetaData attachmentData)
{
await InitAsync();
var blob = _attachmentsContainer.GetBlockBlobReference($"{cipher.Id}/{attachmentId}");
await InitAsync(attachmentData.ContainerName);
var blob = _attachmentContainers[attachmentData.ContainerName].GetBlockBlobReference($"{cipher.Id}/{attachmentData.AttachmentId}");
var accessPolicy = new SharedAccessBlobPolicy()
{
SharedAccessExpiryTime = DateTime.UtcNow.Add(downloadLinkLiveTime),
Permissions = SharedAccessBlobPermissions.Read
};
return blob.Uri + blob.GetSharedAccessSignature(accessPolicy);
}
public async Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, CipherAttachment.MetaData attachment)
{
attachment.ContainerName = _defaultContainerName;
await InitAsync(_defaultContainerName);
var blob = _attachmentContainers[_defaultContainerName].GetBlockBlobReference($"{cipher.Id}/{attachment.AttachmentId}");
blob.Metadata.Add("cipherId", cipher.Id.ToString());
if (cipher.UserId.HasValue)
{
@ -34,36 +52,38 @@ namespace Bit.Core.Services
{
blob.Metadata.Add("organizationId", cipher.OrganizationId.Value.ToString());
}
blob.Properties.ContentDisposition = $"attachment; filename=\"{attachmentId}\"";
blob.Properties.ContentDisposition = $"attachment; filename=\"{attachment.AttachmentId}\"";
await blob.UploadFromStreamAsync(stream);
}
public async Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId)
public async Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData)
{
await InitAsync();
var blob = _attachmentsContainer.GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{attachmentId}");
attachmentData.ContainerName = _defaultContainerName;
await InitAsync(_defaultContainerName);
var blob = _attachmentContainers[_defaultContainerName].GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{attachmentData.AttachmentId}");
blob.Metadata.Add("cipherId", cipherId.ToString());
blob.Metadata.Add("organizationId", organizationId.ToString());
blob.Properties.ContentDisposition = $"attachment; filename=\"{attachmentId}\"";
blob.Properties.ContentDisposition = $"attachment; filename=\"{attachmentData.AttachmentId}\"";
await blob.UploadFromStreamAsync(stream);
}
public async Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId)
public async Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData data)
{
await InitAsync();
var source = _attachmentsContainer.GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{attachmentId}");
await InitAsync(data.ContainerName);
var source = _attachmentContainers[data.ContainerName].GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{data.AttachmentId}");
if (!(await source.ExistsAsync()))
{
return;
}
var dest = _attachmentsContainer.GetBlockBlobReference($"{cipherId}/{attachmentId}");
await InitAsync(_defaultContainerName);
var dest = _attachmentContainers[_defaultContainerName].GetBlockBlobReference($"{cipherId}/{data.AttachmentId}");
if (!(await dest.ExistsAsync()))
{
return;
}
var original = _attachmentsContainer.GetBlockBlobReference($"temp/{cipherId}/{attachmentId}");
var original = _attachmentContainers[_defaultContainerName].GetBlockBlobReference($"temp/{cipherId}/{data.AttachmentId}");
await original.DeleteIfExistsAsync();
await original.StartCopyAsync(dest);
@ -71,98 +91,88 @@ namespace Bit.Core.Services
await dest.StartCopyAsync(source);
}
public async Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId)
public async Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData, string originalContainer)
{
await InitAsync();
var source = _attachmentsContainer.GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{attachmentId}");
await InitAsync(attachmentData.ContainerName);
var source = _attachmentContainers[attachmentData.ContainerName].GetBlockBlobReference($"temp/{cipherId}/{organizationId}/{attachmentData.AttachmentId}");
await source.DeleteIfExistsAsync();
var original = _attachmentsContainer.GetBlockBlobReference($"temp/{cipherId}/{attachmentId}");
await InitAsync(originalContainer);
var original = _attachmentContainers[originalContainer].GetBlockBlobReference($"temp/{cipherId}/{attachmentData.AttachmentId}");
if (!(await original.ExistsAsync()))
{
return;
}
var dest = _attachmentsContainer.GetBlockBlobReference($"{cipherId}/{attachmentId}");
var dest = _attachmentContainers[originalContainer].GetBlockBlobReference($"{cipherId}/{attachmentData.AttachmentId}");
await dest.DeleteIfExistsAsync();
await dest.StartCopyAsync(original);
await original.DeleteIfExistsAsync();
}
public async Task DeleteAttachmentAsync(Guid cipherId, string attachmentId)
public async Task DeleteAttachmentAsync(Guid cipherId, CipherAttachment.MetaData attachment)
{
await InitAsync();
var blobName = $"{cipherId}/{attachmentId}";
var blob = _attachmentsContainer.GetBlockBlobReference(blobName);
await InitAsync(attachment.ContainerName);
var blobName = $"{cipherId}/{attachment.AttachmentId}";
var blob = _attachmentContainers[attachment.ContainerName].GetBlockBlobReference(blobName);
await blob.DeleteIfExistsAsync();
}
public async Task CleanupAsync(Guid cipherId)
private async Task DeleteAttachmentsForPathAsync(string path)
{
await InitAsync();
var segment = await _attachmentsContainer.ListBlobsSegmentedAsync($"temp/{cipherId}", true,
BlobListingDetails.None, 100, null, null, null);
while (true)
foreach (var container in _attachmentContainerName)
{
foreach (var blob in segment.Results)
await InitAsync(container);
var segment = await _attachmentContainers[container].ListBlobsSegmentedAsync(path, true, BlobListingDetails.None, 100, null, null, null);
while (true)
{
if (blob is CloudBlockBlob blockBlob)
foreach (var blob in segment.Results)
{
await blockBlob.DeleteIfExistsAsync();
if (blob is CloudBlockBlob blockBlob)
{
await blockBlob.DeleteIfExistsAsync();
}
}
}
if (segment.ContinuationToken == null)
{
break;
}
if (segment.ContinuationToken == null)
{
break;
}
segment = await _attachmentsContainer.ListBlobsSegmentedAsync(segment.ContinuationToken);
segment = await _attachmentContainers[container].ListBlobsSegmentedAsync(segment.ContinuationToken);
}
}
}
public async Task DeleteAttachmentsForCipherAsync(Guid cipherId)
{
await InitAsync();
var segment = await _attachmentsContainer.ListBlobsSegmentedAsync(cipherId.ToString(), true,
BlobListingDetails.None, 100, null, null, null);
while (true)
{
foreach (var blob in segment.Results)
{
if (blob is CloudBlockBlob blockBlob)
{
await blockBlob.DeleteIfExistsAsync();
}
}
public async Task CleanupAsync(Guid cipherId) => await DeleteAttachmentsForPathAsync($"temp/{cipherId}");
if (segment.ContinuationToken == null)
{
break;
}
segment = await _attachmentsContainer.ListBlobsSegmentedAsync(segment.ContinuationToken);
}
}
public async Task DeleteAttachmentsForCipherAsync(Guid cipherId) => await DeleteAttachmentsForPathAsync(cipherId.ToString());
public async Task DeleteAttachmentsForOrganizationAsync(Guid organizationId)
{
await InitAsync();
await InitAsync(_defaultContainerName);
}
public async Task DeleteAttachmentsForUserAsync(Guid userId)
{
await InitAsync();
await InitAsync(_defaultContainerName);
}
private async Task InitAsync()
private async Task InitAsync(string containerName)
{
if (_attachmentsContainer == null)
if (!_attachmentContainers.ContainsKey(containerName) || _attachmentContainers[containerName] == null)
{
_attachmentsContainer = _blobClient.GetContainerReference(AttchmentContainerName);
await _attachmentsContainer.CreateIfNotExistsAsync(BlobContainerPublicAccessType.Blob, null, null);
_attachmentContainers[containerName] = _blobClient.GetContainerReference(containerName);
if (containerName == "attachments")
{
await _attachmentContainers[containerName].CreateIfNotExistsAsync(BlobContainerPublicAccessType.Blob, null, null);
}
else
{
await _attachmentContainers[containerName].CreateIfNotExistsAsync(BlobContainerPublicAccessType.Off, null, null);
}
}
}
}

1
src/Core/Services/Implementations/AzureQueueBlockIpService.cs
View File

@ -1,6 +1,7 @@
using System.Threading.Tasks;
using System;
using Azure.Storage.Queues;
using Bit.Core.Settings;
namespace Bit.Core.Services
{

1
src/Core/Services/Implementations/AzureQueueEventWriteService.cs
View File

@ -3,6 +3,7 @@ using System.Collections.Generic;
using Azure.Storage.Queues;
using Newtonsoft.Json;
using Bit.Core.Models.Data;
using Bit.Core.Settings;
namespace Bit.Core.Services
{

5
src/Core/Services/Implementations/AzureQueuePushNotificationService.cs
View File

@ -1,10 +1,11 @@
using System;
using System.Threading.Tasks;
using Bit.Core.Context;
using Bit.Core.Models.Table;
using Bit.Core.Enums;
using Newtonsoft.Json;
using Bit.Core.Models;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Newtonsoft.Json;
using Azure.Storage.Queues;
using Microsoft.AspNetCore.Http;
using System.Collections.Generic;

Some files were not shown because too many files have changed in this diff Show More