Use sas token for attachment downloads (#1153)

* Get limited life attachment download URL This change limits url download to a 1min lifetime. This requires moving to a new container to allow for non-public blob access. Clients will have to call GetAttachmentData api function to receive the download URL. For backwards compatibility, attachment URLs are still present, but will not work for attachments stored in non-public access blobs. * Make GlobalSettings interface for testing * Test LocalAttachmentStorageService equivalence * Remove comment * Add missing globalSettings using * Simplify default attachment container * Default to attachments containe for existing methods A new upload method will be made for uploading to attachments-v2. For compatibility for clients which don't use these new methods, we need to still use the old container. The new container will be used only for new uploads * Remove Default MetaData fixture. * Keep attachments container blob-level security for all instances * Close unclosed FileStream * Favor default value for noop services
2025-07-03 00:52:49 -05:00 · 2021-02-22 15:35:16 -06:00
parent 78606d5f13
commit 5537470703
177 changed files with 694 additions and 178 deletions
--- a/src/Core/Services/Implementations/CipherService.cs
+++ b/src/Core/Services/Implementations/CipherService.cs
@ -11,6 +11,7 @@ using Newtonsoft.Json;
 using System.IO;
 using Bit.Core.Enums;
 using Bit.Core.Utilities;
+using Bit.Core.Settings;

 namespace Bit.Core.Services
 {
@ -216,17 +217,18 @@ namespace Bit.Core.Services
            }

            var attachmentId = Utilities.CoreHelpers.SecureRandomString(32, upper: false, special: false);
-            await _attachmentStorageService.UploadNewAttachmentAsync(stream, cipher, attachmentId);
+            var data = new CipherAttachment.MetaData
+            {
+                AttachmentId = attachmentId,
+                FileName = fileName,
+                Key = key,
+                Size = stream.Length
+            };
+
+            await _attachmentStorageService.UploadNewAttachmentAsync(stream, cipher, data);

            try
            {
-                var data = new CipherAttachment.MetaData
-                {
-                    FileName = fileName,
-                    Key = key,
-                    Size = stream.Length
-                };
-
                var attachment = new CipherAttachment
                {
                    Id = cipher.Id,
@ -243,7 +245,7 @@ namespace Bit.Core.Services
            catch
            {
                // Clean up since this is not transactional
-                await _attachmentStorageService.DeleteAttachmentAsync(cipher.Id, attachmentId);
+                await _attachmentStorageService.DeleteAttachmentAsync(cipher.Id, data);
                throw;
            }

@ -283,8 +285,26 @@ namespace Bit.Core.Services
                    throw new BadRequestException("Not enough storage available for this organization.");
                }

+                var attachments = cipher.GetAttachments();
+                if (!attachments.ContainsKey(attachmentId))
+                {
+                    throw new BadRequestException($"Cipher does not own specified attachment");
+                }
+
                await _attachmentStorageService.UploadShareAttachmentAsync(stream, cipher.Id, organizationId,
-                    attachmentId);
+                    attachments[attachmentId]);
+
+                // Previous call may alter metadata
+                var updatedAttachment = new CipherAttachment
+                {
+                    Id = cipher.Id,
+                    UserId = cipher.UserId,
+                    OrganizationId = cipher.OrganizationId,
+                    AttachmentId = attachmentId,
+                    AttachmentData = JsonConvert.SerializeObject(attachments[attachmentId])
+                };
+
+                await _cipherRepository.UpdateAttachmentAsync(updatedAttachment);
            }
            catch
            {
@ -350,9 +370,10 @@ namespace Bit.Core.Services
                throw new NotFoundException();
            }

+            var data = cipher.GetAttachments()[attachmentId];
            await _cipherRepository.DeleteAttachmentAsync(cipher.Id, attachmentId);
            cipher.DeleteAttachment(attachmentId);
-            await _attachmentStorageService.DeleteAttachmentAsync(cipher.Id, attachmentId);
+            await _attachmentStorageService.DeleteAttachmentAsync(cipher.Id, data);
            await _eventService.LogCipherEventAsync(cipher, Enums.EventType.Cipher_AttachmentDeleted);

            // push
@ -421,6 +442,7 @@ namespace Bit.Core.Services
            var hasOldAttachments = attachments?.Any(a => a.Key == null) ?? false;
            var updatedCipher = false;
            var migratedAttachments = false;
+            var originalAttachments = CoreHelpers.CloneObject(attachments);

            try
            {
@ -471,7 +493,7 @@ namespace Bit.Core.Services
                    foreach (var attachment in attachments.Where(a => a.Key == null))
                    {
                        await _attachmentStorageService.StartShareAttachmentAsync(cipher.Id, organizationId,
-                            attachment.Key);
+                            attachment.Value);
                        migratedAttachments = true;
                    }

@ -504,7 +526,7 @@ namespace Bit.Core.Services
                foreach (var attachment in attachments.Where(a => a.Key == null))
                {
                    await _attachmentStorageService.RollbackShareAttachmentAsync(cipher.Id, organizationId,
-                        attachment.Key);
+                        attachment.Value, originalAttachments[attachment.Key].ContainerName);
                }

                await _attachmentStorageService.CleanupAsync(cipher.Id);