nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 21:48:12 -05:00
Code

admin login apis

Browse Source
This commit is contained in:
Kyle Spearrin 2017-04-27 14:50:22 -04:00
parent 44883091f6
commit 8458022a58
5 changed files with 117 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
src/Api/Controllers/LoginsController.cs
View File

@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api; using Bit.Core.Models.Api;
using Bit.Core.Exceptions; using Bit.Core.Exceptions;
using Bit.Core.Services; using Bit.Core.Services;
using Bit.Core;
namespace Bit.Api.Controllers namespace Bit.Api.Controllers
{ {
@ -19,15 +20,18 @@ namespace Bit.Api.Controllers
private readonly ICipherRepository _cipherRepository; private readonly ICipherRepository _cipherRepository;
private readonly ICipherService _cipherService; private readonly ICipherService _cipherService;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly CurrentContext _currentContext;
public LoginsController( public LoginsController(
ICipherRepository cipherRepository, ICipherRepository cipherRepository,
ICipherService cipherService, ICipherService cipherService,
IUserService userService) IUserService userService,
CurrentContext currentContext)
{ {
_cipherRepository = cipherRepository; _cipherRepository = cipherRepository;
_cipherService = cipherService; _cipherService = cipherService;
_userService = userService; _userService = userService;
_currentContext = currentContext;
} }
[HttpGet("{id}")] [HttpGet("{id}")]
@ -44,6 +48,20 @@ namespace Bit.Api.Controllers
return response; return response;
} }
[HttpGet("{id}/admin")]
public async Task<LoginResponseModel> GetAdmin(string id)
{
var login = await _cipherRepository.GetByIdAsync(new Guid(id));
if(login == null || !login.OrganizationId.HasValue ||
!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
{
throw new NotFoundException();
}
var response = new LoginResponseModel(login);
return response;
}
[HttpGet("")] [HttpGet("")]
public async Task<ListResponseModel<LoginResponseModel>> Get() public async Task<ListResponseModel<LoginResponseModel>> Get()
{ {
@ -59,7 +77,23 @@ namespace Bit.Api.Controllers
{ {
var userId = _userService.GetProperUserId(User).Value; var userId = _userService.GetProperUserId(User).Value;
var login = model.ToCipherDetails(userId); var login = model.ToCipherDetails(userId);
await _cipherService.SaveAsync(login, userId); await _cipherService.SaveDetailsAsync(login, userId);
var response = new LoginResponseModel(login);
return response;
}
[HttpPost("admin")]
public async Task<LoginResponseModel> PostAdmin([FromBody]LoginRequestModel model)
{
var login = model.ToOrganizationCipher();
if(!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
{
throw new NotFoundException();
}
var userId = _userService.GetProperUserId(User).Value;
await _cipherService.SaveAsync(login, userId, true);
var response = new LoginResponseModel(login); var response = new LoginResponseModel(login);
return response; return response;
@ -76,7 +110,25 @@ namespace Bit.Api.Controllers
throw new NotFoundException(); throw new NotFoundException();
} }
await _cipherService.SaveAsync(model.ToCipherDetails(login), userId); await _cipherService.SaveDetailsAsync(model.ToCipherDetails(login), userId);
var response = new LoginResponseModel(login);
return response;
}
[HttpPut("{id}/admin")]
[HttpPost("{id}/admin")]
public async Task<LoginResponseModel> PutAdmin(string id, [FromBody]LoginRequestModel model)
{
var login = await _cipherRepository.GetByIdAsync(new Guid(id));
if(login == null || !login.OrganizationId.HasValue ||
!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
{
throw new NotFoundException();
}
var userId = _userService.GetProperUserId(User).Value;
await _cipherService.SaveAsync(model.ToCipher(login), userId, true);
var response = new LoginResponseModel(login); var response = new LoginResponseModel(login);
return response; return response;

27
src/Core/Models/Api/Request/LoginRequestModel.cs
View File

@ -9,6 +9,8 @@ namespace Bit.Core.Models.Api
{ {
public class LoginRequestModel public class LoginRequestModel
{ {
[StringLength(36)]
public string OrganizationId { get; set; }
[StringLength(36)] [StringLength(36)]
public string FolderId { get; set; } public string FolderId { get; set; }
public bool Favorite { get; set; } public bool Favorite { get; set; }
@ -33,7 +35,21 @@ namespace Bit.Core.Models.Api
{ {
return ToCipherDetails(new CipherDetails return ToCipherDetails(new CipherDetails
{ {
UserId = userId UserId = string.IsNullOrWhiteSpace(OrganizationId) ? (Guid?)userId : null,
OrganizationId = string.IsNullOrWhiteSpace(OrganizationId) ? (Guid?)null : new Guid(OrganizationId)
});
}
public Cipher ToOrganizationCipher()
{
if(string.IsNullOrWhiteSpace(OrganizationId))
{
throw new ArgumentNullException(nameof(OrganizationId));
}
return ToCipher(new Cipher
{
OrganizationId = new Guid(OrganizationId)
}); });
} }
@ -48,6 +64,15 @@ namespace Bit.Core.Models.Api
return existingLogin; return existingLogin;
} }
public Cipher ToCipher(Cipher existingLogin)
{
existingLogin.Data = JsonConvert.SerializeObject(new LoginDataModel(this),
new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
existingLogin.Type = Enums.CipherType.Login;
return existingLogin;
}
} }
public class LoginWithIdRequestModel : LoginRequestModel public class LoginWithIdRequestModel : LoginRequestModel

12
src/Core/Models/Api/Response/LoginResponseModel.cs
View File

@ -1,11 +1,12 @@
using System; using System;
using Core.Models.Data; using Core.Models.Data;
using Bit.Core.Models.Table;
namespace Bit.Core.Models.Api namespace Bit.Core.Models.Api
{ {
public class LoginResponseModel : ResponseModel public class LoginResponseModel : ResponseModel
{ {
public LoginResponseModel(CipherDetails cipher, string obj = "login") public LoginResponseModel(Cipher cipher, string obj = "login")
: base(obj) : base(obj)
{ {
if(cipher == null) if(cipher == null)
@ -22,8 +23,6 @@ namespace Bit.Core.Models.Api
Id = cipher.Id.ToString(); Id = cipher.Id.ToString();
OrganizationId = cipher.OrganizationId?.ToString(); OrganizationId = cipher.OrganizationId?.ToString();
FolderId = cipher.FolderId?.ToString();
Favorite = cipher.Favorite;
Name = data.Name; Name = data.Name;
Uri = data.Uri; Uri = data.Uri;
Username = data.Username; Username = data.Username;
@ -32,6 +31,13 @@ namespace Bit.Core.Models.Api
RevisionDate = cipher.RevisionDate; RevisionDate = cipher.RevisionDate;
} }
public LoginResponseModel(CipherDetails cipher, string obj = "login")
: this(cipher as Cipher, obj)
{
FolderId = cipher.FolderId?.ToString();
Favorite = cipher.Favorite;
}
public string Id { get; set; } public string Id { get; set; }
public string OrganizationId { get; set; } public string OrganizationId { get; set; }
public string FolderId { get; set; } public string FolderId { get; set; }

3
src/Core/Services/ICipherService.cs
View File

@ -8,7 +8,8 @@ namespace Bit.Core.Services
{ {
public interface ICipherService public interface ICipherService
{ {
Task SaveAsync(CipherDetails cipher, Guid savingUserId); Task SaveAsync(Cipher cipher, Guid savingUserId, bool orgAdmin = false);
Task SaveDetailsAsync(CipherDetails cipher, Guid savingUserId);
Task DeleteAsync(Cipher cipher, Guid deletingUserId, bool orgAdmin = false); Task DeleteAsync(Cipher cipher, Guid deletingUserId, bool orgAdmin = false);
Task SaveFolderAsync(Folder folder); Task SaveFolderAsync(Folder folder);
Task DeleteFolderAsync(Folder folder); Task DeleteFolderAsync(Folder folder);

26
src/Core/Services/Implementations/CipherService.cs
View File

@ -40,7 +40,31 @@ namespace Bit.Core.Services
_pushService = pushService; _pushService = pushService;
} }
public async Task SaveAsync(CipherDetails cipher, Guid savingUserId) public async Task SaveAsync(Cipher cipher, Guid savingUserId, bool orgAdmin = false)
{
if(!orgAdmin && !(await UserCanEditAsync(cipher, savingUserId)))
{
throw new BadRequestException("You do not have permissions to edit this.");
}
if(cipher.Id == default(Guid))
{
await _cipherRepository.CreateAsync(cipher);
// push
await _pushService.PushSyncCipherCreateAsync(cipher);
}
else
{
cipher.RevisionDate = DateTime.UtcNow;
await _cipherRepository.ReplaceAsync(cipher);
// push
await _pushService.PushSyncCipherUpdateAsync(cipher);
}
}
public async Task SaveDetailsAsync(CipherDetails cipher, Guid savingUserId)
{ {
if(!(await UserCanEditAsync(cipher, savingUserId))) if(!(await UserCanEditAsync(cipher, savingUserId)))
{ {