From 82dd364e656b95345c0545ec66fea794c626895a Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Mon, 2 Nov 2020 15:55:49 -0500 Subject: [PATCH] Send APIs (#979) * send work * fix sql proj file * update * updates * access id * delete job * fix delete job * local send storage * update sprocs for null checks --- src/Admin/Jobs/DeleteSendsJob.cs | 47 ++ src/Admin/Jobs/JobsHostedService.cs | 6 + src/Admin/appsettings.json | 4 + src/Api/Controllers/SendsController.cs | 162 +++++++ src/Api/Utilities/MultipartFormDataHelper.cs | 51 ++- src/Api/appsettings.json | 4 + src/Core/Enums/SendType.cs | 8 + src/Core/GlobalSettings.cs | 5 +- .../Api/Request/SendAccessRequestModel.cs | 10 + .../Models/Api/Request/SendRequestModel.cs | 94 ++++ .../Api/Response/SendAccessResponseModel.cs | 49 +++ .../Models/Api/Response/SendResponseModel.cs | 69 +++ src/Core/Models/Api/SendFileModel.cs | 27 ++ src/Core/Models/Api/SendTextModel.cs | 21 + src/Core/Models/Data/SendData.cs | 18 + src/Core/Models/Data/SendFileData.cs | 37 ++ src/Core/Models/Data/SendTextData.cs | 19 + src/Core/Models/Table/Send.cs | 29 ++ src/Core/Repositories/ISendRepository.cs | 13 + .../Repositories/SqlServer/SendRepository.cs | 48 ++ src/Core/Services/ISendService.cs | 17 + src/Core/Services/ISendStorageService.cs | 15 + .../AzureSendFileStorageService.cs | 66 +++ .../LocalSendStorageService.cs | 62 +++ .../Services/Implementations/SendService.cs | 170 +++++++ .../NoopSendFileStorageService.cs | 30 ++ .../Utilities/ServiceCollectionExtensions.cs | 15 + src/Sql/Sql.sqlproj | 13 + .../Organization_UpdateStorage.sql | 22 +- src/Sql/dbo/Stored Procedures/Send_Create.sql | 64 +++ .../dbo/Stored Procedures/Send_DeleteById.sql | 35 ++ .../Send_ReadByDeletionDateBefore.sql | 13 + .../dbo/Stored Procedures/Send_ReadById.sql | 13 + .../Stored Procedures/Send_ReadByUserId.sql | 14 + src/Sql/dbo/Stored Procedures/Send_Update.sql | 44 ++ .../Stored Procedures/User_UpdateStorage.sql | 21 +- src/Sql/dbo/Tables/Send.sql | 29 ++ src/Sql/dbo/Views/SendView.sql | 6 + .../Migrator/DbScripts/2020-10-06_00_Send.sql | 415 ++++++++++++++++++ 39 files changed, 1774 insertions(+), 11 deletions(-) create mode 100644 src/Admin/Jobs/DeleteSendsJob.cs create mode 100644 src/Api/Controllers/SendsController.cs create mode 100644 src/Core/Enums/SendType.cs create mode 100644 src/Core/Models/Api/Request/SendAccessRequestModel.cs create mode 100644 src/Core/Models/Api/Request/SendRequestModel.cs create mode 100644 src/Core/Models/Api/Response/SendAccessResponseModel.cs create mode 100644 src/Core/Models/Api/Response/SendResponseModel.cs create mode 100644 src/Core/Models/Api/SendFileModel.cs create mode 100644 src/Core/Models/Api/SendTextModel.cs create mode 100644 src/Core/Models/Data/SendData.cs create mode 100644 src/Core/Models/Data/SendFileData.cs create mode 100644 src/Core/Models/Data/SendTextData.cs create mode 100644 src/Core/Models/Table/Send.cs create mode 100644 src/Core/Repositories/ISendRepository.cs create mode 100644 src/Core/Repositories/SqlServer/SendRepository.cs create mode 100644 src/Core/Services/ISendService.cs create mode 100644 src/Core/Services/ISendStorageService.cs create mode 100644 src/Core/Services/Implementations/AzureSendFileStorageService.cs create mode 100644 src/Core/Services/Implementations/LocalSendStorageService.cs create mode 100644 src/Core/Services/Implementations/SendService.cs create mode 100644 src/Core/Services/NoopImplementations/NoopSendFileStorageService.cs create mode 100644 src/Sql/dbo/Stored Procedures/Send_Create.sql create mode 100644 src/Sql/dbo/Stored Procedures/Send_DeleteById.sql create mode 100644 src/Sql/dbo/Stored Procedures/Send_ReadByDeletionDateBefore.sql create mode 100644 src/Sql/dbo/Stored Procedures/Send_ReadById.sql create mode 100644 src/Sql/dbo/Stored Procedures/Send_ReadByUserId.sql create mode 100644 src/Sql/dbo/Stored Procedures/Send_Update.sql create mode 100644 src/Sql/dbo/Tables/Send.sql create mode 100644 src/Sql/dbo/Views/SendView.sql create mode 100644 util/Migrator/DbScripts/2020-10-06_00_Send.sql diff --git a/src/Admin/Jobs/DeleteSendsJob.cs b/src/Admin/Jobs/DeleteSendsJob.cs new file mode 100644 index 0000000000..d84eafa188 --- /dev/null +++ b/src/Admin/Jobs/DeleteSendsJob.cs @@ -0,0 +1,47 @@ +using System; +using System.Threading.Tasks; +using Bit.Core; +using Bit.Core.Jobs; +using Bit.Core.Repositories; +using Bit.Core.Services; +using Microsoft.EntityFrameworkCore.Internal; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Logging; +using Quartz; + +namespace Bit.Admin.Jobs +{ + public class DeleteSendsJob : BaseJob + { + private readonly ISendRepository _sendRepository; + private readonly IServiceProvider _serviceProvider; + + public DeleteSendsJob( + ISendRepository sendRepository, + IServiceProvider serviceProvider, + ILogger logger) + : base(logger) + { + _sendRepository = sendRepository; + _serviceProvider = serviceProvider; + } + + protected async override Task ExecuteJobAsync(IJobExecutionContext context) + { + var sends = await _sendRepository.GetManyByDeletionDateAsync(DateTime.UtcNow); + _logger.LogInformation(Constants.BypassFiltersEventId, "Deleting {0} sends.", sends.Count); + if (!sends.Any()) + { + return; + } + using (var scope = _serviceProvider.CreateScope()) + { + var sendService = scope.ServiceProvider.GetRequiredService(); + foreach (var send in sends) + { + await sendService.DeleteSendAsync(send); + } + } + } + } +} diff --git a/src/Admin/Jobs/JobsHostedService.cs b/src/Admin/Jobs/JobsHostedService.cs index 71fbcb312a..ab66cd96dd 100644 --- a/src/Admin/Jobs/JobsHostedService.cs +++ b/src/Admin/Jobs/JobsHostedService.cs @@ -39,6 +39,10 @@ namespace Bit.Admin.Jobs .StartNow() .WithCronSchedule("0 0 * * * ?") .Build(); + var everyFiveMinutesTrigger = TriggerBuilder.Create() + .StartNow() + .WithCronSchedule("0 */5 * * * ?") + .Build(); var everyFridayAt10pmTrigger = TriggerBuilder.Create() .StartNow() .WithCronSchedule("0 0 22 ? * FRI", x => x.InTimeZone(timeZone)) @@ -54,6 +58,7 @@ namespace Bit.Admin.Jobs var jobs = new List> { + new Tuple(typeof(DeleteSendsJob), everyFiveMinutesTrigger), new Tuple(typeof(DatabaseExpiredGrantsJob), everyFridayAt10pmTrigger), new Tuple(typeof(DatabaseUpdateStatisticsJob), everySaturdayAtMidnightTrigger), new Tuple(typeof(DatabaseRebuildlIndexesJob), everySundayAtMidnightTrigger) @@ -77,6 +82,7 @@ namespace Bit.Admin.Jobs services.AddTransient(); services.AddTransient(); services.AddTransient(); + services.AddTransient(); } } } diff --git a/src/Admin/appsettings.json b/src/Admin/appsettings.json index 6e374120e1..42b11fca1c 100644 --- a/src/Admin/appsettings.json +++ b/src/Admin/appsettings.json @@ -56,6 +56,10 @@ "accessKeyId": "SECRET", "accessKeySecret": "SECRET", "region": "SECRET" + }, + "send": { + "connectionString": "SECRET", + "baseUrl": "http://localhost:4000/sendfiles/" } }, "adminSettings": { diff --git a/src/Api/Controllers/SendsController.cs b/src/Api/Controllers/SendsController.cs new file mode 100644 index 0000000000..5a188bffd8 --- /dev/null +++ b/src/Api/Controllers/SendsController.cs @@ -0,0 +1,162 @@ +using System; +using System.Linq; +using System.Threading.Tasks; +using Microsoft.AspNetCore.Mvc; +using Bit.Core.Repositories; +using Microsoft.AspNetCore.Authorization; +using Bit.Core.Models.Api; +using Bit.Core.Exceptions; +using Bit.Core.Services; +using Bit.Core; +using Bit.Api.Utilities; +using Bit.Core.Models.Table; +using Bit.Core.Utilities; + +namespace Bit.Api.Controllers +{ + [Route("sends")] + [Authorize("Application")] + public class SendsController : Controller + { + private readonly ISendRepository _sendRepository; + private readonly IUserService _userService; + private readonly ISendService _sendService; + private readonly GlobalSettings _globalSettings; + + public SendsController( + ISendRepository sendRepository, + IUserService userService, + ISendService sendService, + GlobalSettings globalSettings) + { + _sendRepository = sendRepository; + _userService = userService; + _sendService = sendService; + _globalSettings = globalSettings; + } + + [AllowAnonymous] + [HttpPost("access/{id}")] + public async Task Access(string id, [FromBody] SendAccessRequestModel model) + { + var guid = new Guid(CoreHelpers.Base64UrlDecode(id)); + var (send, passwordRequired, passwordInvalid) = + await _sendService.AccessAsync(guid, model.Password); + if (passwordRequired) + { + return new UnauthorizedResult(); + } + if (passwordInvalid) + { + await Task.Delay(2000); + throw new BadRequestException("Invalid password."); + } + if (send == null) + { + throw new NotFoundException(); + } + + return new ObjectResult(new SendAccessResponseModel(send, _globalSettings)); + } + + [HttpGet("{id}")] + public async Task Get(string id) + { + var userId = _userService.GetProperUserId(User).Value; + var send = await _sendRepository.GetByIdAsync(new Guid(id)); + if (send == null || send.UserId != userId) + { + throw new NotFoundException(); + } + + return new SendResponseModel(send, _globalSettings); + } + + [HttpGet("")] + public async Task> Get() + { + var userId = _userService.GetProperUserId(User).Value; + var sends = await _sendRepository.GetManyByUserIdAsync(userId); + var responses = sends.Select(s => new SendResponseModel(s, _globalSettings)); + return new ListResponseModel(responses); + } + + [HttpPost("")] + public async Task Post([FromBody] SendRequestModel model) + { + var userId = _userService.GetProperUserId(User).Value; + var send = model.ToSend(userId, _sendService); + await _sendService.SaveSendAsync(send); + return new SendResponseModel(send, _globalSettings); + } + + [HttpPost("file")] + [RequestSizeLimit(105_906_176)] + [DisableFormValueModelBinding] + public async Task PostFile() + { + if (!Request?.ContentType.Contains("multipart/") ?? true) + { + throw new BadRequestException("Invalid content."); + } + + if (Request.ContentLength > 105906176) // 101 MB, give em' 1 extra MB for cushion + { + throw new BadRequestException("Max file size is 100 MB."); + } + + Send send = null; + await Request.GetSendFileAsync(async (stream, fileName, model) => + { + var userId = _userService.GetProperUserId(User).Value; + var (madeSend, madeData) = model.ToSend(userId, fileName, _sendService); + send = madeSend; + await _sendService.CreateSendAsync(send, madeData, stream, Request.ContentLength.GetValueOrDefault(0)); + }); + + return new SendResponseModel(send, _globalSettings); + } + + [HttpPut("{id}")] + public async Task Put(string id, [FromBody] SendRequestModel model) + { + var userId = _userService.GetProperUserId(User).Value; + var send = await _sendRepository.GetByIdAsync(new Guid(id)); + if (send == null || send.UserId != userId) + { + throw new NotFoundException(); + } + + await _sendService.SaveSendAsync(model.ToSend(send, _sendService)); + return new SendResponseModel(send, _globalSettings); + } + + [HttpPut("{id}/remove-password")] + public async Task PutRemovePassword(string id) + { + var userId = _userService.GetProperUserId(User).Value; + var send = await _sendRepository.GetByIdAsync(new Guid(id)); + if (send == null || send.UserId != userId) + { + throw new NotFoundException(); + } + + send.Password = null; + await _sendService.SaveSendAsync(send); + return new SendResponseModel(send, _globalSettings); + } + + [HttpDelete("{id}")] + public async Task Delete(string id) + { + var userId = _userService.GetProperUserId(User).Value; + var send = await _sendRepository.GetByIdAsync(new Guid(id)); + if (send == null || send.UserId != userId) + { + throw new NotFoundException(); + } + + await _sendService.DeleteSendAsync(send); + } + } +} diff --git a/src/Api/Utilities/MultipartFormDataHelper.cs b/src/Api/Utilities/MultipartFormDataHelper.cs index cfe03209cb..03ed0f1ae7 100644 --- a/src/Api/Utilities/MultipartFormDataHelper.cs +++ b/src/Api/Utilities/MultipartFormDataHelper.cs @@ -6,6 +6,8 @@ using System; using System.IO; using System.Threading.Tasks; using Microsoft.Extensions.Primitives; +using Bit.Core.Models.Api; +using Newtonsoft.Json; namespace Bit.Api.Utilities { @@ -33,7 +35,7 @@ namespace Bit.Api.Utilities await callback(firstSection.Body, fileName, null); } } - else if (HasKeyDisposition(firstContent)) + else if (HasDispositionName(firstContent, "key")) { // New style with key, then data string key = null; @@ -64,6 +66,49 @@ namespace Bit.Api.Utilities } } + public static async Task GetSendFileAsync(this HttpRequest request, Func callback) + { + var boundary = GetBoundary(MediaTypeHeaderValue.Parse(request.ContentType), + _defaultFormOptions.MultipartBoundaryLengthLimit); + var reader = new MultipartReader(boundary, request.Body); + + var firstSection = await reader.ReadNextSectionAsync(); + if (firstSection != null) + { + if (ContentDispositionHeaderValue.TryParse(firstSection.ContentDisposition, out _)) + { + // Request model json, then data + string requestModelJson = null; + using (var sr = new StreamReader(firstSection.Body)) + { + requestModelJson = await sr.ReadToEndAsync(); + } + + var secondSection = await reader.ReadNextSectionAsync(); + if (secondSection != null) + { + if (ContentDispositionHeaderValue.TryParse(secondSection.ContentDisposition, + out var secondContent) && HasFileContentDisposition(secondContent)) + { + var fileName = HeaderUtilities.RemoveQuotes(secondContent.FileName).ToString(); + using (secondSection.Body) + { + var model = JsonConvert.DeserializeObject(requestModelJson); + await callback(secondSection.Body, fileName, model); + } + } + + secondSection = null; + } + + } + + firstSection = null; + } + } + + private static string GetBoundary(MediaTypeHeaderValue contentType, int lengthLimit) { var boundary = HeaderUtilities.RemoveQuotes(contentType.Boundary); @@ -87,10 +132,10 @@ namespace Bit.Api.Utilities (!StringSegment.IsNullOrEmpty(content.FileName) || !StringSegment.IsNullOrEmpty(content.FileNameStar)); } - private static bool HasKeyDisposition(ContentDispositionHeaderValue content) + private static bool HasDispositionName(ContentDispositionHeaderValue content, string name) { // Content-Disposition: form-data; name="key"; - return content != null && content.DispositionType.Equals("form-data") && content.Name == "key"; + return content != null && content.DispositionType.Equals("form-data") && content.Name == name; } } } diff --git a/src/Api/appsettings.json b/src/Api/appsettings.json index af95b861e3..5eb8def17d 100644 --- a/src/Api/appsettings.json +++ b/src/Api/appsettings.json @@ -44,6 +44,10 @@ "connectionString": "SECRET", "baseUrl": "http://localhost:4000/attachments/" }, + "send": { + "connectionString": "SECRET", + "baseUrl": "http://localhost:4000/sendfiles/" + }, "documentDb": { "uri": "SECRET", "key": "SECRET" diff --git a/src/Core/Enums/SendType.cs b/src/Core/Enums/SendType.cs new file mode 100644 index 0000000000..a52008556a --- /dev/null +++ b/src/Core/Enums/SendType.cs @@ -0,0 +1,8 @@ +namespace Bit.Core.Enums +{ + public enum SendType : byte + { + Text = 0, + File = 1 + } +} diff --git a/src/Core/GlobalSettings.cs b/src/Core/GlobalSettings.cs index 17a58a59b8..364c2b43ed 100644 --- a/src/Core/GlobalSettings.cs +++ b/src/Core/GlobalSettings.cs @@ -29,7 +29,8 @@ namespace Bit.Core public virtual ConnectionStringSettings Storage { get; set; } = new ConnectionStringSettings(); public virtual ConnectionStringSettings Events { get; set; } = new ConnectionStringSettings(); public virtual NotificationsSettings Notifications { get; set; } = new NotificationsSettings(); - public virtual AttachmentSettings Attachment { get; set; } = new AttachmentSettings(); + public virtual FileStorageSettings Attachment { get; set; } = new FileStorageSettings(); + public virtual FileStorageSettings Send { get; set; } = new FileStorageSettings(); public virtual IdentityServerSettings IdentityServer { get; set; } = new IdentityServerSettings(); public virtual DataProtectionSettings DataProtection { get; set; } = new DataProtectionSettings(); public virtual DocumentDbSettings DocumentDb { get; set; } = new DocumentDbSettings(); @@ -101,7 +102,7 @@ namespace Bit.Core } } - public class AttachmentSettings + public class FileStorageSettings { private string _connectionString; diff --git a/src/Core/Models/Api/Request/SendAccessRequestModel.cs b/src/Core/Models/Api/Request/SendAccessRequestModel.cs new file mode 100644 index 0000000000..f987c0802f --- /dev/null +++ b/src/Core/Models/Api/Request/SendAccessRequestModel.cs @@ -0,0 +1,10 @@ +using System.ComponentModel.DataAnnotations; + +namespace Bit.Core.Models.Api +{ + public class SendAccessRequestModel + { + [StringLength(300)] + public string Password { get; set; } + } +} diff --git a/src/Core/Models/Api/Request/SendRequestModel.cs b/src/Core/Models/Api/Request/SendRequestModel.cs new file mode 100644 index 0000000000..c23ec3d5f1 --- /dev/null +++ b/src/Core/Models/Api/Request/SendRequestModel.cs @@ -0,0 +1,94 @@ +using System; +using Bit.Core.Utilities; +using Bit.Core.Models.Table; +using Bit.Core.Enums; +using Newtonsoft.Json; +using Bit.Core.Models.Data; +using System.ComponentModel.DataAnnotations; +using Bit.Core.Services; + +namespace Bit.Core.Models.Api +{ + public class SendRequestModel + { + public SendType Type { get; set; } + [EncryptedString] + [EncryptedStringLength(1000)] + public string Name { get; set; } + [EncryptedString] + [EncryptedStringLength(1000)] + public string Notes { get; set; } + [Required] + [EncryptedString] + [EncryptedStringLength(1000)] + public string Key { get; set; } + public int? MaxAccessCount { get; set; } + public DateTime? ExpirationDate { get; set; } + [Required] + public DateTime? DeletionDate { get; set; } + public SendFileModel File { get; set; } + public SendTextModel Text { get; set; } + [StringLength(1000)] + public string Password { get; set; } + [Required] + public bool? Disabled { get; set; } + + public Send ToSend(Guid userId, ISendService sendService) + { + var send = new Send + { + Type = Type, + UserId = (Guid?)userId + }; + ToSend(send, sendService); + return send; + } + + public (Send, SendFileData) ToSend(Guid userId, string fileName, ISendService sendService) + { + var send = ToSendBase(new Send + { + Type = Type, + UserId = (Guid?)userId + }, sendService); + var data = new SendFileData(this, fileName); + return (send, data); + } + + public Send ToSend(Send existingSend, ISendService sendService) + { + existingSend = ToSendBase(existingSend, sendService); + switch (existingSend.Type) + { + case SendType.File: + var fileData = JsonConvert.DeserializeObject(existingSend.Data); + fileData.Name = Name; + fileData.Notes = Notes; + existingSend.Data = JsonConvert.SerializeObject(fileData, + new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }); + break; + case SendType.Text: + existingSend.Data = JsonConvert.SerializeObject(new SendTextData(this), + new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }); + break; + default: + throw new ArgumentException("Unsupported type: " + nameof(Type) + "."); + } + return existingSend; + } + + private Send ToSendBase(Send existingSend, ISendService sendService) + { + existingSend.Key = Key; + existingSend.ExpirationDate = ExpirationDate; + existingSend.DeletionDate = DeletionDate.Value; + existingSend.MaxAccessCount = MaxAccessCount; + if (!string.IsNullOrWhiteSpace(Password)) + { + existingSend.Password = sendService.HashPassword(Password); + } + existingSend.Disabled = Disabled.GetValueOrDefault(); + return existingSend; + } + } +} diff --git a/src/Core/Models/Api/Response/SendAccessResponseModel.cs b/src/Core/Models/Api/Response/SendAccessResponseModel.cs new file mode 100644 index 0000000000..a83500551d --- /dev/null +++ b/src/Core/Models/Api/Response/SendAccessResponseModel.cs @@ -0,0 +1,49 @@ +using System; +using Bit.Core.Enums; +using Bit.Core.Models.Data; +using Bit.Core.Models.Table; +using Bit.Core.Utilities; +using Newtonsoft.Json; + +namespace Bit.Core.Models.Api +{ + public class SendAccessResponseModel : ResponseModel + { + public SendAccessResponseModel(Send send, GlobalSettings globalSettings) + : base("send-access") + { + if (send == null) + { + throw new ArgumentNullException(nameof(send)); + } + + Id = CoreHelpers.Base64UrlEncode(send.Id.ToByteArray()); + Type = send.Type; + + SendData sendData; + switch (send.Type) + { + case SendType.File: + var fileData = JsonConvert.DeserializeObject(send.Data); + sendData = fileData; + File = new SendFileModel(fileData, globalSettings); + break; + case SendType.Text: + var textData = JsonConvert.DeserializeObject(send.Data); + sendData = textData; + Text = new SendTextModel(textData); + break; + default: + throw new ArgumentException("Unsupported " + nameof(Type) + "."); + } + + Name = sendData.Name; + } + + public string Id { get; set; } + public SendType Type { get; set; } + public string Name { get; set; } + public SendFileModel File { get; set; } + public SendTextModel Text { get; set; } + } +} diff --git a/src/Core/Models/Api/Response/SendResponseModel.cs b/src/Core/Models/Api/Response/SendResponseModel.cs new file mode 100644 index 0000000000..91f093d30b --- /dev/null +++ b/src/Core/Models/Api/Response/SendResponseModel.cs @@ -0,0 +1,69 @@ +using System; +using Bit.Core.Enums; +using Bit.Core.Models.Data; +using Bit.Core.Models.Table; +using Bit.Core.Utilities; +using Newtonsoft.Json; + +namespace Bit.Core.Models.Api +{ + public class SendResponseModel : ResponseModel + { + public SendResponseModel(Send send, GlobalSettings globalSettings) + : base("send") + { + if (send == null) + { + throw new ArgumentNullException(nameof(send)); + } + + Id = send.Id.ToString(); + AccessId = CoreHelpers.Base64UrlEncode(send.Id.ToByteArray()); + Type = send.Type; + Key = send.Key; + MaxAccessCount = send.MaxAccessCount; + AccessCount = send.AccessCount; + RevisionDate = send.RevisionDate; + ExpirationDate = send.ExpirationDate; + DeletionDate = send.DeletionDate; + Password = send.Password; + Disabled = send.Disabled; + + SendData sendData; + switch (send.Type) + { + case SendType.File: + var fileData = JsonConvert.DeserializeObject(send.Data); + sendData = fileData; + File = new SendFileModel(fileData, globalSettings); + break; + case SendType.Text: + var textData = JsonConvert.DeserializeObject(send.Data); + sendData = textData; + Text = new SendTextModel(textData); + break; + default: + throw new ArgumentException("Unsupported " + nameof(Type) + "."); + } + + Name = sendData.Name; + Notes = sendData.Notes; + } + + public string Id { get; set; } + public string AccessId { get; set; } + public SendType Type { get; set; } + public string Name { get; set; } + public string Notes { get; set; } + public SendFileModel File { get; set; } + public SendTextModel Text { get; set; } + public string Key { get; set; } + public int? MaxAccessCount { get; set; } + public int AccessCount { get; set; } + public string Password { get; set; } + public bool Disabled { get; set; } + public DateTime RevisionDate { get; set; } + public DateTime? ExpirationDate { get; set; } + public DateTime DeletionDate { get; set; } + } +} diff --git a/src/Core/Models/Api/SendFileModel.cs b/src/Core/Models/Api/SendFileModel.cs new file mode 100644 index 0000000000..c37a598cc5 --- /dev/null +++ b/src/Core/Models/Api/SendFileModel.cs @@ -0,0 +1,27 @@ +using Bit.Core.Models.Data; +using Bit.Core.Utilities; + +namespace Bit.Core.Models.Api +{ + public class SendFileModel + { + public SendFileModel() { } + + public SendFileModel(SendFileData data, GlobalSettings globalSettings) + { + Id = data.Id; + Url = $"{globalSettings.Send.BaseUrl}/{data.Id}"; + FileName = data.FileName; + Size = data.SizeString; + SizeName = CoreHelpers.ReadableBytesSize(data.Size); + } + + public string Id { get; set; } + public string Url { get; set; } + [EncryptedString] + [EncryptedStringLength(1000)] + public string FileName { get; set; } + public string Size { get; set; } + public string SizeName { get; set; } + } +} diff --git a/src/Core/Models/Api/SendTextModel.cs b/src/Core/Models/Api/SendTextModel.cs new file mode 100644 index 0000000000..b14aca0152 --- /dev/null +++ b/src/Core/Models/Api/SendTextModel.cs @@ -0,0 +1,21 @@ +using Bit.Core.Models.Data; +using Bit.Core.Utilities; + +namespace Bit.Core.Models.Api +{ + public class SendTextModel + { + public SendTextModel() { } + + public SendTextModel(SendTextData data) + { + Text = data.Text; + Hidden = data.Hidden; + } + + [EncryptedString] + [EncryptedStringLength(1000)] + public string Text { get; set; } + public bool Hidden { get; set; } + } +} diff --git a/src/Core/Models/Data/SendData.cs b/src/Core/Models/Data/SendData.cs new file mode 100644 index 0000000000..abb62ba7a7 --- /dev/null +++ b/src/Core/Models/Data/SendData.cs @@ -0,0 +1,18 @@ +using Bit.Core.Models.Api; + +namespace Bit.Core.Models.Data +{ + public abstract class SendData + { + public SendData() { } + + public SendData(SendRequestModel send) + { + Name = send.Name; + Notes = send.Notes; + } + + public string Name { get; set; } + public string Notes { get; set; } + } +} diff --git a/src/Core/Models/Data/SendFileData.cs b/src/Core/Models/Data/SendFileData.cs new file mode 100644 index 0000000000..6227cf4bbe --- /dev/null +++ b/src/Core/Models/Data/SendFileData.cs @@ -0,0 +1,37 @@ +using System; +using Bit.Core.Models.Api; +using Newtonsoft.Json; + +namespace Bit.Core.Models.Data +{ + public class SendFileData : SendData + { + private long _size; + + public SendFileData() { } + + public SendFileData(SendRequestModel send, string fileName) + : base(send) + { + FileName = fileName; + } + + [JsonIgnore] + public long Size + { + get { return _size; } + set { _size = value; } + } + + // We serialize Size as a string since JSON (or Javascript) doesn't support full precision for long numbers + [JsonProperty("Size")] + public string SizeString + { + get { return _size.ToString(); } + set { _size = Convert.ToInt64(value); } + } + + public string Id { get; set; } + public string FileName { get; set; } + } +} diff --git a/src/Core/Models/Data/SendTextData.cs b/src/Core/Models/Data/SendTextData.cs new file mode 100644 index 0000000000..900a4f53f9 --- /dev/null +++ b/src/Core/Models/Data/SendTextData.cs @@ -0,0 +1,19 @@ +using Bit.Core.Models.Api; + +namespace Bit.Core.Models.Data +{ + public class SendTextData : SendData + { + public SendTextData() { } + + public SendTextData(SendRequestModel send) + : base(send) + { + Text = send.Text.Text; + Hidden = send.Text.Hidden; + } + + public string Text { get; set; } + public bool Hidden { get; set; } + } +} diff --git a/src/Core/Models/Table/Send.cs b/src/Core/Models/Table/Send.cs new file mode 100644 index 0000000000..8de335de50 --- /dev/null +++ b/src/Core/Models/Table/Send.cs @@ -0,0 +1,29 @@ +using System; +using Bit.Core.Enums; +using Bit.Core.Utilities; + +namespace Bit.Core.Models.Table +{ + public class Send : ITableObject + { + public Guid Id { get; set; } + public Guid? UserId { get; set; } + public Guid? OrganizationId { get; set; } + public SendType Type { get; set; } + public string Data { get; set; } + public string Key { get; set; } + public string Password { get; set; } + public int? MaxAccessCount { get; set; } + public int AccessCount { get; set; } + public DateTime CreationDate { get; internal set; } = DateTime.UtcNow; + public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow; + public DateTime? ExpirationDate { get; set; } + public DateTime DeletionDate { get; set; } + public bool Disabled { get; set; } + + public void SetNewId() + { + Id = CoreHelpers.GenerateComb(); + } + } +} diff --git a/src/Core/Repositories/ISendRepository.cs b/src/Core/Repositories/ISendRepository.cs new file mode 100644 index 0000000000..761781dcbe --- /dev/null +++ b/src/Core/Repositories/ISendRepository.cs @@ -0,0 +1,13 @@ +using System; +using Bit.Core.Models.Table; +using System.Threading.Tasks; +using System.Collections.Generic; + +namespace Bit.Core.Repositories +{ + public interface ISendRepository : IRepository + { + Task> GetManyByUserIdAsync(Guid userId); + Task> GetManyByDeletionDateAsync(DateTime deletionDateBefore); + } +} diff --git a/src/Core/Repositories/SqlServer/SendRepository.cs b/src/Core/Repositories/SqlServer/SendRepository.cs new file mode 100644 index 0000000000..6300ff7f35 --- /dev/null +++ b/src/Core/Repositories/SqlServer/SendRepository.cs @@ -0,0 +1,48 @@ +using System; +using Bit.Core.Models.Table; +using System.Threading.Tasks; +using System.Collections.Generic; +using System.Data; +using System.Data.SqlClient; +using Dapper; +using System.Linq; + +namespace Bit.Core.Repositories.SqlServer +{ + public class SendRepository : Repository, ISendRepository + { + public SendRepository(GlobalSettings globalSettings) + : this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString) + { } + + public SendRepository(string connectionString, string readOnlyConnectionString) + : base(connectionString, readOnlyConnectionString) + { } + + public async Task> GetManyByUserIdAsync(Guid userId) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var results = await connection.QueryAsync( + $"[{Schema}].[Send_ReadByUserId]", + new { UserId = userId }, + commandType: CommandType.StoredProcedure); + + return results.ToList(); + } + } + + public async Task> GetManyByDeletionDateAsync(DateTime deletionDateBefore) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var results = await connection.QueryAsync( + $"[{Schema}].[Send_ReadByDeletionDateBefore]", + new { DeletionDate = deletionDateBefore }, + commandType: CommandType.StoredProcedure); + + return results.ToList(); + } + } + } +} diff --git a/src/Core/Services/ISendService.cs b/src/Core/Services/ISendService.cs new file mode 100644 index 0000000000..6b44a3824f --- /dev/null +++ b/src/Core/Services/ISendService.cs @@ -0,0 +1,17 @@ +using System; +using System.IO; +using System.Threading.Tasks; +using Bit.Core.Models.Data; +using Bit.Core.Models.Table; + +namespace Bit.Core.Services +{ + public interface ISendService + { + Task DeleteSendAsync(Send send); + Task SaveSendAsync(Send send); + Task CreateSendAsync(Send send, SendFileData data, Stream stream, long requestLength); + Task<(Send, bool, bool)> AccessAsync(Guid sendId, string password); + string HashPassword(string password); + } +} diff --git a/src/Core/Services/ISendStorageService.cs b/src/Core/Services/ISendStorageService.cs new file mode 100644 index 0000000000..9cdce2c422 --- /dev/null +++ b/src/Core/Services/ISendStorageService.cs @@ -0,0 +1,15 @@ +using Bit.Core.Models.Table; +using System; +using System.IO; +using System.Threading.Tasks; + +namespace Bit.Core.Services +{ + public interface ISendFileStorageService + { + Task UploadNewFileAsync(Stream stream, Send send, string fileId); + Task DeleteFileAsync(string fileId); + Task DeleteFilesForOrganizationAsync(Guid organizationId); + Task DeleteFilesForUserAsync(Guid userId); + } +} diff --git a/src/Core/Services/Implementations/AzureSendFileStorageService.cs b/src/Core/Services/Implementations/AzureSendFileStorageService.cs new file mode 100644 index 0000000000..4fdc6b2e77 --- /dev/null +++ b/src/Core/Services/Implementations/AzureSendFileStorageService.cs @@ -0,0 +1,66 @@ +using System.Threading.Tasks; +using Microsoft.Azure.Storage; +using Microsoft.Azure.Storage.Blob; +using System.IO; +using System; +using Bit.Core.Models.Table; + +namespace Bit.Core.Services +{ + public class AzureSendFileStorageService : ISendFileStorageService + { + private const string FilesContainerName = "sendfiles"; + + private readonly CloudBlobClient _blobClient; + private CloudBlobContainer _sendFilesContainer; + + public AzureSendFileStorageService( + GlobalSettings globalSettings) + { + var storageAccount = CloudStorageAccount.Parse(globalSettings.Send.ConnectionString); + _blobClient = storageAccount.CreateCloudBlobClient(); + } + + public async Task UploadNewFileAsync(Stream stream, Send send, string fileId) + { + await InitAsync(); + var blob = _sendFilesContainer.GetBlockBlobReference(fileId); + if (send.UserId.HasValue) + { + blob.Metadata.Add("userId", send.UserId.Value.ToString()); + } + else + { + blob.Metadata.Add("organizationId", send.OrganizationId.Value.ToString()); + } + blob.Properties.ContentDisposition = $"attachment; filename=\"{fileId}\""; + await blob.UploadFromStreamAsync(stream); + } + + public async Task DeleteFileAsync(string fileId) + { + await InitAsync(); + var blob = _sendFilesContainer.GetBlockBlobReference(fileId); + await blob.DeleteIfExistsAsync(); + } + + public async Task DeleteFilesForOrganizationAsync(Guid organizationId) + { + await InitAsync(); + } + + public async Task DeleteFilesForUserAsync(Guid userId) + { + await InitAsync(); + } + + private async Task InitAsync() + { + if (_sendFilesContainer == null) + { + _sendFilesContainer = _blobClient.GetContainerReference(FilesContainerName); + await _sendFilesContainer.CreateIfNotExistsAsync(BlobContainerPublicAccessType.Blob, null, null); + } + } + } +} diff --git a/src/Core/Services/Implementations/LocalSendStorageService.cs b/src/Core/Services/Implementations/LocalSendStorageService.cs new file mode 100644 index 0000000000..4f481532f8 --- /dev/null +++ b/src/Core/Services/Implementations/LocalSendStorageService.cs @@ -0,0 +1,62 @@ +using System.Threading.Tasks; +using System.IO; +using System; +using Bit.Core.Models.Table; + +namespace Bit.Core.Services +{ + public class LocalSendStorageService : ISendFileStorageService + { + private readonly string _baseDirPath; + + public LocalSendStorageService( + GlobalSettings globalSettings) + { + _baseDirPath = globalSettings.Send.BaseDirectory; + } + + public async Task UploadNewFileAsync(Stream stream, Send send, string fileId) + { + await InitAsync(); + using (var fs = File.Create($"{_baseDirPath}/{fileId}")) + { + stream.Seek(0, SeekOrigin.Begin); + await stream.CopyToAsync(fs); + } + } + + public async Task DeleteFileAsync(string fileId) + { + await InitAsync(); + DeleteFileIfExists($"{_baseDirPath}/{fileId}"); + } + + public async Task DeleteFilesForOrganizationAsync(Guid organizationId) + { + await InitAsync(); + } + + public async Task DeleteFilesForUserAsync(Guid userId) + { + await InitAsync(); + } + + private void DeleteFileIfExists(string path) + { + if (File.Exists(path)) + { + File.Delete(path); + } + } + + private Task InitAsync() + { + if (!Directory.Exists(_baseDirPath)) + { + Directory.CreateDirectory(_baseDirPath); + } + + return Task.FromResult(0); + } + } +} diff --git a/src/Core/Services/Implementations/SendService.cs b/src/Core/Services/Implementations/SendService.cs new file mode 100644 index 0000000000..9fbbd4fb81 --- /dev/null +++ b/src/Core/Services/Implementations/SendService.cs @@ -0,0 +1,170 @@ +using System; +using System.IO; +using System.Threading.Tasks; +using Bit.Core.Exceptions; +using Bit.Core.Models.Data; +using Bit.Core.Models.Table; +using Bit.Core.Repositories; +using Microsoft.AspNetCore.Identity; +using Newtonsoft.Json; + +namespace Bit.Core.Services +{ + public class SendService : ISendService + { + private readonly ISendRepository _sendRepository; + private readonly IUserRepository _userRepository; + private readonly IUserService _userService; + private readonly IOrganizationRepository _organizationRepository; + private readonly ISendFileStorageService _sendFileStorageService; + private readonly IPasswordHasher _passwordHasher; + private readonly GlobalSettings _globalSettings; + + public SendService( + ISendRepository sendRepository, + IUserRepository userRepository, + IUserService userService, + IOrganizationRepository organizationRepository, + ISendFileStorageService sendFileStorageService, + IPasswordHasher passwordHasher, + GlobalSettings globalSettings) + { + _sendRepository = sendRepository; + _userRepository = userRepository; + _userService = userService; + _organizationRepository = organizationRepository; + _sendFileStorageService = sendFileStorageService; + _passwordHasher = passwordHasher; + _globalSettings = globalSettings; + } + + public async Task SaveSendAsync(Send send) + { + if (send.Id == default(Guid)) + { + await _sendRepository.CreateAsync(send); + } + else + { + send.RevisionDate = DateTime.UtcNow; + await _sendRepository.UpsertAsync(send); + } + } + + public async Task CreateSendAsync(Send send, SendFileData data, Stream stream, long requestLength) + { + if (send.Type != Enums.SendType.File) + { + throw new BadRequestException("Send is not of type \"file\"."); + } + + if (requestLength < 1) + { + throw new BadRequestException("No file data."); + } + + var storageBytesRemaining = 0L; + if (send.UserId.HasValue) + { + var user = await _userRepository.GetByIdAsync(send.UserId.Value); + if (!(await _userService.CanAccessPremium(user))) + { + throw new BadRequestException("You must have premium status to use file sends."); + } + + if (user.Premium) + { + storageBytesRemaining = user.StorageBytesRemaining(); + } + else + { + // Users that get access to file storage/premium from their organization get the default + // 1 GB max storage. + storageBytesRemaining = user.StorageBytesRemaining( + _globalSettings.SelfHosted ? (short)10240 : (short)1); + } + } + else if (send.OrganizationId.HasValue) + { + var org = await _organizationRepository.GetByIdAsync(send.OrganizationId.Value); + if (!org.MaxStorageGb.HasValue) + { + throw new BadRequestException("This organization cannot use file sends."); + } + + storageBytesRemaining = org.StorageBytesRemaining(); + } + + if (storageBytesRemaining < requestLength) + { + throw new BadRequestException("Not enough storage available."); + } + + var fileId = Utilities.CoreHelpers.SecureRandomString(32, upper: false, special: false); + await _sendFileStorageService.UploadNewFileAsync(stream, send, fileId); + + try + { + data.Id = fileId; + data.Size = stream.Length; + send.Data = JsonConvert.SerializeObject(data, + new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }); + await SaveSendAsync(send); + } + catch + { + // Clean up since this is not transactional + await _sendFileStorageService.DeleteFileAsync(fileId); + throw; + } + } + + public async Task DeleteSendAsync(Send send) + { + await _sendRepository.DeleteAsync(send); + if (send.Type == Enums.SendType.File) + { + var data = JsonConvert.DeserializeObject(send.Data); + await _sendFileStorageService.DeleteFileAsync(data.Id); + } + } + + // Response: Send, password required, password invalid + public async Task<(Send, bool, bool)> AccessAsync(Guid sendId, string password) + { + var send = await _sendRepository.GetByIdAsync(sendId); + var now = DateTime.UtcNow; + if (send == null || send.MaxAccessCount.GetValueOrDefault(int.MaxValue) <= send.AccessCount || + send.ExpirationDate.GetValueOrDefault(DateTime.MaxValue) < now || send.Disabled || + send.DeletionDate < now) + { + return (null, false, false); + } + if (!string.IsNullOrWhiteSpace(send.Password)) + { + if (string.IsNullOrWhiteSpace(password)) + { + return (null, true, false); + } + var passwordResult = _passwordHasher.VerifyHashedPassword(new User(), send.Password, password); + if (passwordResult == PasswordVerificationResult.SuccessRehashNeeded) + { + send.Password = HashPassword(password); + } + if (passwordResult == PasswordVerificationResult.Failed) + { + return (null, false, true); + } + } + // TODO: maybe move this to a simple ++ sproc? + send.AccessCount++; + await _sendRepository.ReplaceAsync(send); + return (send, false, false); + } + + public string HashPassword(string password) + { + return _passwordHasher.HashPassword(new User(), password); + } + } +} diff --git a/src/Core/Services/NoopImplementations/NoopSendFileStorageService.cs b/src/Core/Services/NoopImplementations/NoopSendFileStorageService.cs new file mode 100644 index 0000000000..9b3940af64 --- /dev/null +++ b/src/Core/Services/NoopImplementations/NoopSendFileStorageService.cs @@ -0,0 +1,30 @@ +using System.Threading.Tasks; +using System.IO; +using System; +using Bit.Core.Models.Table; + +namespace Bit.Core.Services +{ + public class NoopSendFileStorageService : ISendFileStorageService + { + public Task UploadNewFileAsync(Stream stream, Send send, string attachmentId) + { + return Task.FromResult(0); + } + + public Task DeleteFileAsync(string fileId) + { + return Task.FromResult(0); + } + + public Task DeleteFilesForOrganizationAsync(Guid organizationId) + { + return Task.FromResult(0); + } + + public Task DeleteFilesForUserAsync(Guid userId) + { + return Task.FromResult(0); + } + } +} diff --git a/src/Core/Utilities/ServiceCollectionExtensions.cs b/src/Core/Utilities/ServiceCollectionExtensions.cs index 4686c3fcb0..c549c571ff 100644 --- a/src/Core/Utilities/ServiceCollectionExtensions.cs +++ b/src/Core/Utilities/ServiceCollectionExtensions.cs @@ -78,6 +78,7 @@ namespace Bit.Core.Utilities services.AddSingleton(); services.AddSingleton(); services.AddSingleton(); + services.AddSingleton(); } if (globalSettings.SelfHosted) @@ -113,6 +114,7 @@ namespace Bit.Core.Utilities services.AddSingleton(); services.AddSingleton(); services.AddSingleton(); + services.AddScoped(); } public static void AddDefaultServices(this IServiceCollection services, GlobalSettings globalSettings) @@ -200,6 +202,19 @@ namespace Bit.Core.Utilities services.AddSingleton(); } + if (CoreHelpers.SettingHasValue(globalSettings.Send.ConnectionString)) + { + services.AddSingleton(); + } + else if (CoreHelpers.SettingHasValue(globalSettings.Send.BaseDirectory)) + { + services.AddSingleton(); + } + else + { + services.AddSingleton(); + } + if (globalSettings.SelfHosted) { services.AddSingleton(); diff --git a/src/Sql/Sql.sqlproj b/src/Sql/Sql.sqlproj index afc9cf443a..ada31e7b91 100644 --- a/src/Sql/Sql.sqlproj +++ b/src/Sql/Sql.sqlproj @@ -274,5 +274,18 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Organization_UpdateStorage.sql b/src/Sql/dbo/Stored Procedures/Organization_UpdateStorage.sql index 5640ee4474..75a5a3adf5 100644 --- a/src/Sql/dbo/Stored Procedures/Organization_UpdateStorage.sql +++ b/src/Sql/dbo/Stored Procedures/Organization_UpdateStorage.sql @@ -4,7 +4,8 @@ AS BEGIN SET NOCOUNT ON - DECLARE @Storage BIGINT + DECLARE @AttachmentStorage BIGINT + DECLARE @SendStorage BIGINT CREATE TABLE #OrgStorageUpdateTemp ( @@ -35,16 +36,31 @@ BEGIN #OrgStorageUpdateTemp ) SELECT - @Storage = SUM([Size]) + @AttachmentStorage = SUM([Size]) FROM [CTE] DROP TABLE #OrgStorageUpdateTemp + ;WITH [CTE] AS ( + SELECT + [Id], + CAST(JSON_VALUE([Data],'$.Size') AS BIGINT) [Size] + FROM + [Send] + WHERE + [UserId] IS NULL + AND [OrganizationId] = @Id + ) + SELECT + @SendStorage = SUM([CTE].[Size]) + FROM + [CTE] + UPDATE [dbo].[Organization] SET - [Storage] = @Storage, + [Storage] = (ISNULL(@AttachmentStorage, 0) + ISNULL(@SendStorage, 0)), [RevisionDate] = GETUTCDATE() WHERE [Id] = @Id diff --git a/src/Sql/dbo/Stored Procedures/Send_Create.sql b/src/Sql/dbo/Stored Procedures/Send_Create.sql new file mode 100644 index 0000000000..6b550f6560 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_Create.sql @@ -0,0 +1,64 @@ +CREATE PROCEDURE [dbo].[Send_Create] + @Id UNIQUEIDENTIFIER, + @UserId UNIQUEIDENTIFIER, + @OrganizationId UNIQUEIDENTIFIER, + @Type TINYINT, + @Data VARCHAR(MAX), + @Key VARCHAR(MAX), + @Password NVARCHAR(300), + @MaxAccessCount INT, + @AccessCount INT, + @CreationDate DATETIME2(7), + @RevisionDate DATETIME2(7), + @ExpirationDate DATETIME2(7), + @DeletionDate DATETIME2(7), + @Disabled BIT +AS +BEGIN + SET NOCOUNT ON + + INSERT INTO [dbo].[Send] + ( + [Id], + [UserId], + [OrganizationId], + [Type], + [Data], + [Key], + [Password], + [MaxAccessCount], + [AccessCount], + [CreationDate], + [RevisionDate], + [ExpirationDate], + [DeletionDate], + [Disabled] + ) + VALUES + ( + @Id, + @UserId, + @OrganizationId, + @Type, + @Data, + @Key, + @Password, + @MaxAccessCount, + @AccessCount, + @CreationDate, + @RevisionDate, + @ExpirationDate, + @DeletionDate, + @Disabled + ) + + IF @UserId IS NOT NULL + BEGIN + IF @Type = 1 --File + BEGIN + EXEC [dbo].[User_UpdateStorage] @UserId + END + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Send_DeleteById.sql b/src/Sql/dbo/Stored Procedures/Send_DeleteById.sql new file mode 100644 index 0000000000..2185719de8 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_DeleteById.sql @@ -0,0 +1,35 @@ +CREATE PROCEDURE [dbo].[Send_DeleteById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + DECLARE @UserId UNIQUEIDENTIFIER + DECLARE @OrganizationId UNIQUEIDENTIFIER + DECLARE @Type TINYINT + + SELECT TOP 1 + @UserId = [UserId], + @OrganizationId = [OrganizationId], + @Type = [Type] + FROM + [dbo].[Send] + WHERE + [Id] = @Id + + DELETE + FROM + [dbo].[Send] + WHERE + [Id] = @Id + + IF @UserId IS NOT NULL + BEGIN + IF @Type = 1 --File + BEGIN + EXEC [dbo].[User_UpdateStorage] @UserId + END + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Send_ReadByDeletionDateBefore.sql b/src/Sql/dbo/Stored Procedures/Send_ReadByDeletionDateBefore.sql new file mode 100644 index 0000000000..02dff47600 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_ReadByDeletionDateBefore.sql @@ -0,0 +1,13 @@ +CREATE PROCEDURE [dbo].[Send_ReadByDeletionDateBefore] + @DeletionDate DATETIME2(7) +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [DeletionDate] < @DeletionDate +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Send_ReadById.sql b/src/Sql/dbo/Stored Procedures/Send_ReadById.sql new file mode 100644 index 0000000000..89d7f52cd3 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_ReadById.sql @@ -0,0 +1,13 @@ +CREATE PROCEDURE [dbo].[Send_ReadById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [Id] = @Id +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Send_ReadByUserId.sql b/src/Sql/dbo/Stored Procedures/Send_ReadByUserId.sql new file mode 100644 index 0000000000..5d0c7d6e9c --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_ReadByUserId.sql @@ -0,0 +1,14 @@ +CREATE PROCEDURE [dbo].[Send_ReadByUserId] + @UserId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [OrganizationId] IS NULL + AND [UserId] = @UserId +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/Send_Update.sql b/src/Sql/dbo/Stored Procedures/Send_Update.sql new file mode 100644 index 0000000000..9bc9ad7ad1 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Send_Update.sql @@ -0,0 +1,44 @@ +CREATE PROCEDURE [dbo].[Send_Update] + @Id UNIQUEIDENTIFIER, + @UserId UNIQUEIDENTIFIER, + @OrganizationId UNIQUEIDENTIFIER, + @Type TINYINT, + @Data VARCHAR(MAX), + @Key VARCHAR(MAX), + @Password NVARCHAR(300), + @MaxAccessCount INT, + @AccessCount INT, + @CreationDate DATETIME2(7), + @RevisionDate DATETIME2(7), + @ExpirationDate DATETIME2(7), + @DeletionDate DATETIME2(7), + @Disabled BIT +AS +BEGIN + SET NOCOUNT ON + + UPDATE + [dbo].[Send] + SET + [UserId] = @UserId, + [OrganizationId] = @OrganizationId, + [Type] = @Type, + [Data] = @Data, + [Key] = @Key, + [Password] = @Password, + [MaxAccessCount] = @MaxAccessCount, + [AccessCount] = @AccessCount, + [CreationDate] = @CreationDate, + [RevisionDate] = @RevisionDate, + [ExpirationDate] = @ExpirationDate, + [DeletionDate] = @DeletionDate, + [Disabled] = @Disabled + WHERE + [Id] = @Id + + IF @UserId IS NOT NULL + BEGIN + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/User_UpdateStorage.sql b/src/Sql/dbo/Stored Procedures/User_UpdateStorage.sql index a58e2be728..895d967deb 100644 --- a/src/Sql/dbo/Stored Procedures/User_UpdateStorage.sql +++ b/src/Sql/dbo/Stored Procedures/User_UpdateStorage.sql @@ -4,7 +4,8 @@ AS BEGIN SET NOCOUNT ON - DECLARE @Storage BIGINT + DECLARE @AttachmentStorage BIGINT + DECLARE @SendStorage BIGINT CREATE TABLE #UserStorageUpdateTemp ( @@ -34,16 +35,30 @@ BEGIN #UserStorageUpdateTemp ) SELECT - @Storage = SUM([CTE].[Size]) + @AttachmentStorage = SUM([CTE].[Size]) FROM [CTE] DROP TABLE #UserStorageUpdateTemp + ;WITH [CTE] AS ( + SELECT + [Id], + CAST(JSON_VALUE([Data],'$.Size') AS BIGINT) [Size] + FROM + [Send] + WHERE + [UserId] = @Id + ) + SELECT + @SendStorage = SUM([CTE].[Size]) + FROM + [CTE] + UPDATE [dbo].[User] SET - [Storage] = @Storage, + [Storage] = (ISNULL(@AttachmentStorage, 0) + ISNULL(@SendStorage, 0)), [RevisionDate] = GETUTCDATE() WHERE [Id] = @Id diff --git a/src/Sql/dbo/Tables/Send.sql b/src/Sql/dbo/Tables/Send.sql new file mode 100644 index 0000000000..23d824a25d --- /dev/null +++ b/src/Sql/dbo/Tables/Send.sql @@ -0,0 +1,29 @@ +CREATE TABLE [dbo].[Send] ( + [Id] UNIQUEIDENTIFIER NOT NULL, + [UserId] UNIQUEIDENTIFIER NULL, + [OrganizationId] UNIQUEIDENTIFIER NULL, + [Type] TINYINT NOT NULL, + [Data] VARCHAR(MAX) NOT NULL, + [Key] VARCHAR (MAX) NOT NULL, + [Password] NVARCHAR (300) NULL, + [MaxAccessCount] INT NULL, + [AccessCount] INT NOT NULL, + [CreationDate] DATETIME2 (7) NOT NULL, + [RevisionDate] DATETIME2 (7) NOT NULL, + [ExpirationDate] DATETIME2 (7) NULL, + [DeletionDate] DATETIME2 (7) NOT NULL, + [Disabled] BIT NOT NULL, + CONSTRAINT [PK_Send] PRIMARY KEY CLUSTERED ([Id] ASC), + CONSTRAINT [FK_Send_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id]), + CONSTRAINT [FK_Send_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id]) +); + + +GO +CREATE NONCLUSTERED INDEX [IX_Send_UserId_OrganizationId] + ON [dbo].[Send]([UserId] ASC, [OrganizationId] ASC); + +GO +CREATE NONCLUSTERED INDEX [IX_Send_DeletionDate] + ON [dbo].[Send]([DeletionDate] ASC); + diff --git a/src/Sql/dbo/Views/SendView.sql b/src/Sql/dbo/Views/SendView.sql new file mode 100644 index 0000000000..ff8f3847cf --- /dev/null +++ b/src/Sql/dbo/Views/SendView.sql @@ -0,0 +1,6 @@ +CREATE VIEW [dbo].[SendView] +AS +SELECT + * +FROM + [dbo].[Send] \ No newline at end of file diff --git a/util/Migrator/DbScripts/2020-10-06_00_Send.sql b/util/Migrator/DbScripts/2020-10-06_00_Send.sql new file mode 100644 index 0000000000..11ca84ae21 --- /dev/null +++ b/util/Migrator/DbScripts/2020-10-06_00_Send.sql @@ -0,0 +1,415 @@ +CREATE TABLE [dbo].[Send] ( + [Id] UNIQUEIDENTIFIER NOT NULL, + [UserId] UNIQUEIDENTIFIER NULL, + [OrganizationId] UNIQUEIDENTIFIER NULL, + [Type] TINYINT NOT NULL, + [Data] VARCHAR(MAX) NOT NULL, + [Key] VARCHAR (MAX) NOT NULL, + [Password] NVARCHAR (300) NULL, + [MaxAccessCount] INT NULL, + [AccessCount] INT NOT NULL, + [CreationDate] DATETIME2 (7) NOT NULL, + [RevisionDate] DATETIME2 (7) NOT NULL, + [ExpirationDate] DATETIME2 (7) NULL, + [DeletionDate] DATETIME2 (7) NOT NULL, + [Disabled] BIT NOT NULL, + CONSTRAINT [PK_Send] PRIMARY KEY CLUSTERED ([Id] ASC), + CONSTRAINT [FK_Send_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id]), + CONSTRAINT [FK_Send_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id]) +); +GO + +CREATE NONCLUSTERED INDEX [IX_Send_UserId_OrganizationId] + ON [dbo].[Send]([UserId] ASC, [OrganizationId] ASC); +GO + +CREATE NONCLUSTERED INDEX [IX_Send_DeletionDate] + ON [dbo].[Send]([DeletionDate] ASC); +GO + +CREATE VIEW [dbo].[SendView] +AS +SELECT + * +FROM + [dbo].[Send] +GO + +IF OBJECT_ID('[dbo].[Send_Create]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_Create] +END +GO + +CREATE PROCEDURE [dbo].[Send_Create] + @Id UNIQUEIDENTIFIER, + @UserId UNIQUEIDENTIFIER, + @OrganizationId UNIQUEIDENTIFIER, + @Type TINYINT, + @Data VARCHAR(MAX), + @Key VARCHAR(MAX), + @Password NVARCHAR(300), + @MaxAccessCount INT, + @AccessCount INT, + @CreationDate DATETIME2(7), + @RevisionDate DATETIME2(7), + @ExpirationDate DATETIME2(7), + @DeletionDate DATETIME2(7), + @Disabled BIT +AS +BEGIN + SET NOCOUNT ON + + INSERT INTO [dbo].[Send] + ( + [Id], + [UserId], + [OrganizationId], + [Type], + [Data], + [Key], + [Password], + [MaxAccessCount], + [AccessCount], + [CreationDate], + [RevisionDate], + [ExpirationDate], + [DeletionDate], + [Disabled] + ) + VALUES + ( + @Id, + @UserId, + @OrganizationId, + @Type, + @Data, + @Key, + @Password, + @MaxAccessCount, + @AccessCount, + @CreationDate, + @RevisionDate, + @ExpirationDate, + @DeletionDate, + @Disabled + ) + + IF @UserId IS NOT NULL + BEGIN + IF @Type = 1 --File + BEGIN + EXEC [dbo].[User_UpdateStorage] @UserId + END + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END +GO + +IF OBJECT_ID('[dbo].[Send_DeleteById]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_DeleteById] +END +GO + +CREATE PROCEDURE [dbo].[Send_DeleteById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + DECLARE @UserId UNIQUEIDENTIFIER + DECLARE @OrganizationId UNIQUEIDENTIFIER + DECLARE @Type TINYINT + + SELECT TOP 1 + @UserId = [UserId], + @OrganizationId = [OrganizationId], + @Type = [Type] + FROM + [dbo].[Send] + WHERE + [Id] = @Id + + DELETE + FROM + [dbo].[Send] + WHERE + [Id] = @Id + + IF @UserId IS NOT NULL + BEGIN + IF @Type = 1 --File + BEGIN + EXEC [dbo].[User_UpdateStorage] @UserId + END + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END +GO + +IF OBJECT_ID('[dbo].[Send_ReadById]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_ReadById] +END +GO + +CREATE PROCEDURE [dbo].[Send_ReadById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [Id] = @Id +END +GO + +IF OBJECT_ID('[dbo].[Send_ReadByUserId]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_ReadByUserId] +END +GO + +CREATE PROCEDURE [dbo].[Send_ReadByUserId] + @UserId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [OrganizationId] IS NULL + AND [UserId] = @UserId +END +GO + +IF OBJECT_ID('[dbo].[Send_Update]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_Update] +END +GO + +CREATE PROCEDURE [dbo].[Send_Update] + @Id UNIQUEIDENTIFIER, + @UserId UNIQUEIDENTIFIER, + @OrganizationId UNIQUEIDENTIFIER, + @Type TINYINT, + @Data VARCHAR(MAX), + @Key VARCHAR(MAX), + @Password NVARCHAR(300), + @MaxAccessCount INT, + @AccessCount INT, + @CreationDate DATETIME2(7), + @RevisionDate DATETIME2(7), + @ExpirationDate DATETIME2(7), + @DeletionDate DATETIME2(7), + @Disabled BIT +AS +BEGIN + SET NOCOUNT ON + + UPDATE + [dbo].[Send] + SET + [UserId] = @UserId, + [OrganizationId] = @OrganizationId, + [Type] = @Type, + [Data] = @Data, + [Key] = @Key, + [Password] = @Password, + [MaxAccessCount] = @MaxAccessCount, + [AccessCount] = @AccessCount, + [CreationDate] = @CreationDate, + [RevisionDate] = @RevisionDate, + [ExpirationDate] = @ExpirationDate, + [DeletionDate] = @DeletionDate, + [Disabled] = @Disabled + WHERE + [Id] = @Id + + IF @UserId IS NOT NULL + BEGIN + EXEC [dbo].[User_BumpAccountRevisionDate] @UserId + END + -- TODO: OrganizationId bump? +END +GO + +IF OBJECT_ID('[dbo].[Organization_UpdateStorage]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Organization_UpdateStorage] +END +GO + +CREATE PROCEDURE [dbo].[Organization_UpdateStorage] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + DECLARE @AttachmentStorage BIGINT + DECLARE @SendStorage BIGINT + + CREATE TABLE #OrgStorageUpdateTemp + ( + [Id] UNIQUEIDENTIFIER NOT NULL, + [Attachments] VARCHAR(MAX) NULL + ) + + INSERT INTO #OrgStorageUpdateTemp + SELECT + [Id], + [Attachments] + FROM + [dbo].[Cipher] + WHERE + [UserId] IS NULL + AND [OrganizationId] = @Id + + ;WITH [CTE] AS ( + SELECT + [Id], + ( + SELECT + SUM(CAST(JSON_VALUE(value,'$.Size') AS BIGINT)) + FROM + OPENJSON([Attachments]) + ) [Size] + FROM + #OrgStorageUpdateTemp + ) + SELECT + @AttachmentStorage = SUM([Size]) + FROM + [CTE] + + DROP TABLE #OrgStorageUpdateTemp + + ;WITH [CTE] AS ( + SELECT + [Id], + CAST(JSON_VALUE([Data],'$.Size') AS BIGINT) [Size] + FROM + [Send] + WHERE + [UserId] IS NULL + AND [OrganizationId] = @Id + ) + SELECT + @SendStorage = SUM([CTE].[Size]) + FROM + [CTE] + + UPDATE + [dbo].[Organization] + SET + [Storage] = (ISNULL(@AttachmentStorage, 0) + ISNULL(@SendStorage, 0)), + [RevisionDate] = GETUTCDATE() + WHERE + [Id] = @Id +END +GO + +IF OBJECT_ID('[dbo].[User_UpdateStorage]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[User_UpdateStorage] +END +GO + +CREATE PROCEDURE [dbo].[User_UpdateStorage] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + DECLARE @AttachmentStorage BIGINT + DECLARE @SendStorage BIGINT + + CREATE TABLE #UserStorageUpdateTemp + ( + [Id] UNIQUEIDENTIFIER NOT NULL, + [Attachments] VARCHAR(MAX) NULL + ) + + INSERT INTO #UserStorageUpdateTemp + SELECT + [Id], + [Attachments] + FROM + [dbo].[Cipher] + WHERE + [UserId] = @Id + + ;WITH [CTE] AS ( + SELECT + [Id], + ( + SELECT + SUM(CAST(JSON_VALUE(value,'$.Size') AS BIGINT)) + FROM + OPENJSON([Attachments]) + ) [Size] + FROM + #UserStorageUpdateTemp + ) + SELECT + @AttachmentStorage = SUM([CTE].[Size]) + FROM + [CTE] + + DROP TABLE #UserStorageUpdateTemp + + ;WITH [CTE] AS ( + SELECT + [Id], + CAST(JSON_VALUE([Data],'$.Size') AS BIGINT) [Size] + FROM + [Send] + WHERE + [UserId] = @Id + ) + SELECT + @SendStorage = SUM([CTE].[Size]) + FROM + [CTE] + + UPDATE + [dbo].[User] + SET + [Storage] = (ISNULL(@AttachmentStorage, 0) + ISNULL(@SendStorage, 0)), + [RevisionDate] = GETUTCDATE() + WHERE + [Id] = @Id +END +GO + +IF OBJECT_ID('[dbo].[Send_ReadByDeletionDateBefore]') IS NOT NULL +BEGIN + DROP PROCEDURE [dbo].[Send_ReadByDeletionDateBefore] +END +GO + +CREATE PROCEDURE [dbo].[Send_ReadByDeletionDateBefore] + @DeletionDate DATETIME2(7) +AS +BEGIN + SET NOCOUNT ON + + SELECT + * + FROM + [dbo].[SendView] + WHERE + [DeletionDate] < @DeletionDate +END +GO