[EC-92] Add organization vault export to event logs (#2128)

* Added nullable OrganizationId to EventModel * Added EventType Organization_ClientExportedVault * Updated CollectController to save the event Organization_ClientExportedVault * Added OrganizationExportResponseModel to encapsulate Organization Export data * Added OrganizationExportController to have a single endpoint for Organization vault export * Added method GetOrganizationCollections to ICollectionService to get collections for an organization * Added GetOrganizationCiphers to ICipherService to get ciphers for an organization * Updated controllers to use new methods in ICollectionService and ICipherService
2025-07-03 00:52:49 -05:00 · 2022-07-25 09:56:23 +01:00
parent f6a18db582
commit 7dfb04298d
11 changed files with 164 additions and 50 deletions
--- a/src/Core/Services/Implementations/CollectionService.cs
+++ b/src/Core/Services/Implementations/CollectionService.cs
@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Core.Context;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Business;
@ -16,6 +17,7 @@ namespace Bit.Core.Services
        private readonly IUserRepository _userRepository;
        private readonly IMailService _mailService;
        private readonly IReferenceEventService _referenceEventService;
+        private readonly ICurrentContext _currentContext;

        public CollectionService(
            IEventService eventService,
@ -24,7 +26,8 @@ namespace Bit.Core.Services
            ICollectionRepository collectionRepository,
            IUserRepository userRepository,
            IMailService mailService,
-            IReferenceEventService referenceEventService)
+            IReferenceEventService referenceEventService,
+            ICurrentContext currentContext)
        {
            _eventService = eventService;
            _organizationRepository = organizationRepository;
@ -33,6 +36,7 @@ namespace Bit.Core.Services
            _userRepository = userRepository;
            _mailService = mailService;
            _referenceEventService = referenceEventService;
+            _currentContext = currentContext;
        }

        public async Task SaveAsync(Collection collection, IEnumerable<SelectionReadOnly> groups = null,
@ -111,5 +115,27 @@ namespace Bit.Core.Services
            await _collectionRepository.DeleteUserAsync(collection.Id, organizationUserId);
            await _eventService.LogOrganizationUserEventAsync(orgUser, Enums.EventType.OrganizationUser_Updated);
        }
+
+        public async Task<IEnumerable<Collection>> GetOrganizationCollections(Guid organizationId)
+        {
+            if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.ManageUsers(organizationId))
+            {
+                throw new NotFoundException();
+            }
+
+            IEnumerable<Collection> orgCollections;
+            if (await _currentContext.OrganizationAdmin(organizationId))
+            {
+                // Admins, Owners and Providers can access all items even if not assigned to them
+                orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(organizationId);
+            }
+            else
+            {
+                var collections = await _collectionRepository.GetManyByUserIdAsync(_currentContext.UserId.Value);
+                orgCollections = collections.Where(c => c.OrganizationId == organizationId);
+            }
+
+            return orgCollections;
+        }
    }
 }