SM-365: Add Export & Import Functionality for SM (#2591)

* SM-365: Add Export endpoint * SM-365: Add SM Import/Export support * SM-365: Fix DI and add temp NoAccessCheck * SM-365: Add access checks to import / export * SM-365: dotnet format * SM-365: Fix import bugs * SM-365: Fix import bug with EF & refactor based on PR comments * SM-365: Update access permissions in export * SM-365: Address PR comments * SM-365: Refactor for readability and PR comments
2025-07-05 01:52:49 -05:00 · 2023-02-14 09:24:31 -05:00
parent 109d915d9e
commit 5836c87bb4
12 changed files with 453 additions and 1 deletions
--- a/src/Api/SecretsManager/Controllers/SecretsManagerPortingController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsManagerPortingController.cs
@ -0,0 +1,66 @@
+using Bit.Api.SecretsManager.Models.Request;
+using Bit.Api.SecretsManager.Models.Response;
+using Bit.Core.Context;
+using Bit.Core.Enums;
+using Bit.Core.Exceptions;
+using Bit.Core.SecretsManager.Commands.Porting.Interfaces;
+using Bit.Core.SecretsManager.Repositories;
+using Bit.Core.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Bit.Api.SecretsManager.Controllers;
+
+[SecretsManager]
+public class SecretsManagerPortingController : Controller
+{
+    private readonly ISecretRepository _secretRepository;
+    private readonly IProjectRepository _projectRepository;
+    private readonly IUserService _userService;
+    private readonly IImportCommand _importCommand;
+    private readonly ICurrentContext _currentContext;
+
+    public SecretsManagerPortingController(ISecretRepository secretRepository, IProjectRepository projectRepository, IUserService userService, IImportCommand importCommand, ICurrentContext currentContext)
+    {
+        _secretRepository = secretRepository;
+        _projectRepository = projectRepository;
+        _userService = userService;
+        _importCommand = importCommand;
+        _currentContext = currentContext;
+    }
+
+    [HttpGet("sm/{organizationId}/export")]
+    public async Task<SMExportResponseModel> Export([FromRoute] Guid organizationId, [FromRoute] string format = "json")
+    {
+        if (!await _currentContext.OrganizationAdmin(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        var userId = _userService.GetProperUserId(User).Value;
+        var projects = await _projectRepository.GetManyByOrganizationIdAsync(organizationId, userId, AccessClientType.NoAccessCheck);
+        var secrets = await _secretRepository.GetManyByOrganizationIdAsync(organizationId);
+
+        if (projects == null && secrets == null)
+        {
+            throw new NotFoundException();
+        }
+
+        return new SMExportResponseModel(projects, secrets);
+    }
+
+    [HttpPost("sm/{organizationId}/import")]
+    public async Task Import([FromRoute] Guid organizationId, [FromBody] SMImportRequestModel importRequest)
+    {
+        if (!await _currentContext.OrganizationAdmin(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        if (importRequest.Projects?.Count() > 1000 || importRequest.Secrets?.Count() > 6000)
+        {
+            throw new BadRequestException("You cannot import this much data at once, the limit is 1000 projects and 6000 secrets.");
+        }
+
+        await _importCommand.ImportAsync(organizationId, importRequest.ToSMImport());
+    }
+}