nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-10 23:58:13 -05:00
Code

Throw if collection Id does not exist on the organization ()

Browse Source 
Otherwise, we're just saving strings for fun. This makes it clear the
user's specified collection won't do anything.
This commit is contained in:
Matt Gibson 2021-04-05 15:20:13 -05:00 committed by GitHub
parent 7a35813dfd
commit 79f3dabaac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 3 deletions

10
src/Core/Services/Implementations/CipherService.cs

@ -122,6 +122,11 @@ namespace Bit.Core.Services
{
if (cipher.OrganizationId.HasValue && collectionIds != null)
{
var existingCollectionIds = (await _collectionRepository.GetManyByOrganizationIdAsync(cipher.OrganizationId.Value)).Select(c => c.Id);
if (collectionIds.Except(existingCollectionIds).Any())
{
throw new BadRequestException("Specified CollectionId does not exist on the specified Organization.");
}
await _cipherRepository.CreateAsync(cipher, collectionIds);
}
else
@ -198,7 +203,7 @@ namespace Bit.Core.Services
Key = request.Key,
Size = request.FileSize,
Validated = false,
};
};
var uploadUrl = await _attachmentStorageService.GetAttachmentUploadUrlAsync(cipher, data);
@ -248,7 +253,8 @@ namespace Bit.Core.Services
await _eventService.LogCipherEventAsync(cipher, Enums.EventType.Cipher_AttachmentCreated);
cipher.AddAttachment(attachmentId, data);
if (!await ValidateCipherAttachmentFile(cipher, data)) {
if (!await ValidateCipherAttachmentFile(cipher, data))
{
throw new Exception("Content-Length does not match uploaded file size");
}
}