Support for CipherKey and Share APIs

2025-07-02 00:22:50 -05:00 · 2017-02-27 22:58:01 -05:00
parent 48cf44f5b2
commit 8c7f1dd343
27 changed files with 144 additions and 53 deletions
--- a/src/Api/Controllers/LoginsController.cs
+++ b/src/Api/Controllers/LoginsController.cs
@ -8,7 +8,6 @@ using Microsoft.AspNetCore.Authorization;
 using Bit.Api.Models;
 using Bit.Core.Exceptions;
 using Bit.Core.Domains;
 using Microsoft.AspNetCore.Identity;
 using Bit.Core.Services;
 namespace Bit.Api.Controllers
@ -34,29 +33,29 @@ namespace Bit.Api.Controllers
        }
        [HttpGet("{id}")]
-        public async Task<LoginResponseModel> Get(string id, string[] expand = null)
+        public async Task<LoginShareResponseModel> Get(string id, string[] expand = null)
        {
            var userId = _userService.GetProperUserId(User).Value;
-            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
+            var login = await _cipherRepository.GetShareByIdAsync(new Guid(id), userId);
            if(login == null || login.Type != Core.Enums.CipherType.Login)
            {
                throw new NotFoundException();
            }
-            var response = new LoginResponseModel(login, userId);
+            var response = new LoginShareResponseModel(login, userId);
            await ExpandAsync(login, response, expand, null, userId);
            return response;
        }
        [HttpGet("")]
-        public async Task<ListResponseModel<LoginResponseModel>> Get(string[] expand = null)
+        public async Task<ListResponseModel<LoginShareResponseModel>> Get(string[] expand = null)
        {
            var userId = _userService.GetProperUserId(User).Value;
-            ICollection<Cipher> logins = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Login,
+            var logins = await _cipherRepository.GetManyShareByTypeAndUserIdAsync(Core.Enums.CipherType.Login,
                userId);
-            var responses = logins.Select(s => new LoginResponseModel(s, userId)).ToList();
+            var responses = logins.Select(s => new LoginShareResponseModel(s, userId)).ToList();
            await ExpandManyAsync(logins, responses, expand, null, userId);
-            return new ListResponseModel<LoginResponseModel>(responses);
+            return new ListResponseModel<LoginShareResponseModel>(responses);
        }
        [HttpPost("")]
@ -120,8 +119,8 @@ namespace Bit.Api.Controllers
            }
        }
-        private async Task ExpandManyAsync(IEnumerable<Cipher> logins, ICollection<LoginResponseModel> responses,
+        private async Task ExpandManyAsync<TResponseModel>(IEnumerable<Cipher> logins, ICollection<TResponseModel> responses,
-            string[] expand, IEnumerable<Cipher> folders, Guid userId)
+            string[] expand, IEnumerable<Cipher> folders, Guid userId) where TResponseModel : LoginResponseModel
        {
            if(expand == null || expand.Count() == 0)
            {
--- a/src/Api/Controllers/SharesController.cs
+++ b/src/Api/Controllers/SharesController.cs
@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Authorization;
 using Bit.Api.Models;
 using Bit.Core.Exceptions;
 using Bit.Core.Services;
 using System.Collections.Generic;
 namespace Bit.Api.Controllers
 {
@ -41,6 +42,19 @@ namespace Bit.Api.Controllers
            return new ShareResponseModel(share);
        }
        //[HttpGet("cipher/{cipherId}")]
        //public async Task<IEnumerable<ShareResponseModel>> GetCipher(string cipherId)
        //{
        //    var userId = _userService.GetProperUserId(User).Value;
        //    var share = await _shareRepository.GetByIdAsync(new Guid(cipherId), userId);
        //    if(share == null)
        //    {
        //        throw new NotFoundException();
        //    }
        //    return new ShareResponseModel(share);
        //}
        [HttpPost("")]
        public async Task<ShareResponseModel> Post([FromBody]ShareRequestModel model)
        {
--- a/src/Api/Models/Response/CipherResponseModel.cs
+++ b/src/Api/Models/Response/CipherResponseModel.cs
@ -1,8 +1,6 @@
 using System;
 using Bit.Core.Domains;
 using Bit.Core.Models.Data;
 using System.Collections.Generic;
 using Newtonsoft.Json;
 namespace Bit.Api.Models
 {
@ -21,6 +19,7 @@ namespace Bit.Api.Models
            Type = cipher.Type;
            Favorite = cipher.Favorite;
            RevisionDate = cipher.RevisionDate;
            Key = cipher.Key;
            switch(cipher.Type)
            {
@ -39,6 +38,7 @@ namespace Bit.Api.Models
        public string FolderId { get; set; }
        public Core.Enums.CipherType Type { get; set; }
        public bool Favorite { get; set; }
        public string Key { get; set; }
        public dynamic Data { get; set; }
        public DateTime RevisionDate { get; set; }
    }
@ -48,14 +48,11 @@ namespace Bit.Api.Models
        public CipherShareResponseModel(CipherShare cipherShare, Guid userId)
            : base(cipherShare, userId, "cipherShare")
        {
-            Key = cipherShare.Key;
+            ReadOnly = cipherShare.ReadOnly;
            Permissions = cipherShare.Permissions == null ? null :
                JsonConvert.DeserializeObject<IEnumerable<Core.Enums.SharePermissionType>>(cipherShare.Permissions);
            Status = cipherShare.Status;
        }
-        public string Key { get; set; }
+        public bool ReadOnly { get; set; }
        public IEnumerable<Core.Enums.SharePermissionType> Permissions { get; set; }
        public Core.Enums.ShareStatusType? Status { get; set; }
    }
 }
--- a/src/Api/Models/Response/FolderResponseModel.cs
+++ b/src/Api/Models/Response/FolderResponseModel.cs
@ -1,8 +1,5 @@
 using System;
 using Bit.Core.Domains;
 using Newtonsoft.Json;
 using System.Collections.Generic;
 using System.Linq;
 namespace Bit.Api.Models
 {
@ -30,7 +27,6 @@ namespace Bit.Api.Models
        public string Id { get; set; }
        public string Name { get; set; }
        public string Key { get; set; }
        public DateTime RevisionDate { get; set; }
    }
 }
--- a/src/Api/Models/Response/LoginResponseModel.cs
+++ b/src/Api/Models/Response/LoginResponseModel.cs
@ -1,14 +1,12 @@
 using System;
 using Bit.Core.Domains;
-using Newtonsoft.Json;
+using Bit.Core.Models.Data;
 using System.Collections.Generic;
 using System.Linq;
 namespace Bit.Api.Models
 {
    public class LoginResponseModel : ResponseModel
    {
-        public LoginResponseModel(Cipher cipher, Guid userId)
+        public LoginResponseModel(Cipher cipher, Guid userId, string obj = "login")
            : base("login")
        {
            if(cipher == null)
@ -32,6 +30,7 @@ namespace Bit.Api.Models
            Password = data.Password;
            Notes = data.Notes;
            RevisionDate = cipher.RevisionDate;
            Key = cipher.Key;
        }
        public string Id { get; set; }
@ -42,10 +41,23 @@ namespace Bit.Api.Models
        public string Username { get; set; }
        public string Password { get; set; }
        public string Notes { get; set; }
        public string Key { get; set; }
        public DateTime RevisionDate { get; set; }
        public string Key { get; set; }
        // Expandables
        public FolderResponseModel Folder { get; set; }
    }
    public class LoginShareResponseModel : LoginResponseModel
    {
        public LoginShareResponseModel(CipherShare cipherShare, Guid userId)
            : base(cipherShare, userId, "loginShare")
        {
            ReadOnly = cipherShare.ReadOnly;
            Status = cipherShare.Status;
        }
        public bool ReadOnly { get; set; }
        public Core.Enums.ShareStatusType? Status { get; set; }
    }
 }
--- a/src/Api/Models/Response/ShareResponseModel.cs
+++ b/src/Api/Models/Response/ShareResponseModel.cs
@ -1,7 +1,5 @@
 using System;
 using Bit.Core.Domains;
 using System.Collections.Generic;
 using Newtonsoft.Json;
 namespace Bit.Api.Models
 {
@ -20,8 +18,7 @@ namespace Bit.Api.Models
            SharerUserId = share.SharerUserId.ToString();
            CipherId = share.CipherId.ToString();
            Key = Key;
-            Permissions = share.Permissions == null ? null :
+            ReadOnly = share.ReadOnly;
                JsonConvert.DeserializeObject<IEnumerable<Core.Enums.SharePermissionType>>(share.Permissions);
            Status = share.Status;
        }
@ -30,7 +27,7 @@ namespace Bit.Api.Models
        public string SharerUserId { get; set; }
        public string CipherId { get; set; }
        public string Key { get; set; }
-        public IEnumerable<Core.Enums.SharePermissionType> Permissions { get; set; }
+        public bool ReadOnly { get; set; }
        public Core.Enums.ShareStatusType? Status { get; set; }
    }
 }
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@ -79,6 +79,7 @@ namespace Bit.Api
            services.AddSingleton<ICipherRepository, SqlServerRepos.CipherRepository>();
            services.AddSingleton<IDeviceRepository, SqlServerRepos.DeviceRepository>();
            services.AddSingleton<IGrantRepository, SqlServerRepos.GrantRepository>();
            services.AddSingleton<IShareRepository, SqlServerRepos.ShareRepository>();
            // Context
            services.AddScoped<CurrentContext>();
--- a/src/Core/Domains/Cipher.cs
+++ b/src/Core/Domains/Cipher.cs
@ -10,6 +10,7 @@ namespace Bit.Core.Domains
        public Guid? FolderId { get; set; }
        public Enums.CipherType Type { get; set; }
        public bool Favorite { get; set; }
        public string Key { get; set; }
        public string Data { get; set; }
        public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
        public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
--- a/src/Core/Domains/Share.cs
+++ b/src/Core/Domains/Share.cs
@ -10,7 +10,7 @@ namespace Bit.Core.Domains
        public Guid SharerUserId { get; set; }
        public Guid CipherId { get; set; }
        public string Key { get; set; }
-        public string Permissions { get; set; }
+        public bool ReadOnly { get; set; }
        public Enums.ShareStatusType Status { get; set; }
        public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
        public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
--- a/src/Core/Enums/SharePermissionType.cs
+++ b/src/Core/Enums/SharePermissionType.cs
@ -1,8 +0,0 @@
 namespace Bit.Core.Enums
 {
    public enum SharePermissionType : byte
    {
        Reshare = 0,
        Edit = 1
    }
 }
--- a/src/Core/Models/Data/CipherShare.cs
+++ b/src/Core/Models/Data/CipherShare.cs
@ -4,8 +4,7 @@ namespace Bit.Core.Models.Data
 {
    public class CipherShare : Cipher
    {
-        public string Key { get; internal set; }
+        public bool ReadOnly { get; internal set; }
        public string Permissions { get; internal set; }
        public Enums.ShareStatusType? Status { get; internal set; }
    }
 }
--- a/src/Core/Repositories/ICipherRepository.cs
+++ b/src/Core/Repositories/ICipherRepository.cs
@ -13,6 +13,7 @@ namespace Bit.Core.Repositories
        Task<ICollection<Cipher>> GetManyByUserIdAsync(Guid userId);
        Task<ICollection<CipherShare>> GetManyShareByUserIdAsync(Guid userId);
        Task<ICollection<Cipher>> GetManyByTypeAndUserIdAsync(Enums.CipherType type, Guid userId);
        Task<ICollection<CipherShare>> GetManyShareByTypeAndUserIdAsync(Enums.CipherType type, Guid userId);
        Task<Tuple<ICollection<Cipher>, ICollection<Guid>>>
            GetManySinceRevisionDateAndUserIdWithDeleteHistoryAsync(DateTime sinceRevisionDate, Guid userId);
        Task UpdateUserEmailPasswordAndCiphersAsync(User user, IEnumerable<Cipher> ciphers);
--- a/src/Core/Repositories/IShareRepository.cs
+++ b/src/Core/Repositories/IShareRepository.cs
@ -1,11 +1,13 @@
 using System;
 using Bit.Core.Domains;
 using System.Threading.Tasks;
 using System.Collections.Generic;
 namespace Bit.Core.Repositories
 {
    public interface IShareRepository : IRepository<Share, Guid>
    {
        Task<Share> GetByIdAsync(Guid id, Guid userId);
        Task<ICollection<Share>> GetManyByCipherId(Guid id);
    }
 }
--- a/src/Core/Repositories/SqlServer/CipherRepository.cs
+++ b/src/Core/Repositories/SqlServer/CipherRepository.cs
@ -88,6 +88,23 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }
        public async Task<ICollection<CipherShare>> GetManyShareByTypeAndUserIdAsync(Enums.CipherType type, Guid userId)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
                var results = await connection.QueryAsync<CipherShare>(
                    $"[{Schema}].[CipherShare_ReadByTypeUserId]",
                    new
                    {
                        Type = type,
                        UserId = userId
                    },
                    commandType: CommandType.StoredProcedure);
                return results.ToList();
            }
        }
        public async Task<Tuple<ICollection<Cipher>, ICollection<Guid>>>
            GetManySinceRevisionDateAndUserIdWithDeleteHistoryAsync(DateTime sinceRevisionDate, Guid userId)
        {
--- a/src/Core/Repositories/SqlServer/ShareRepository.cs
+++ b/src/Core/Repositories/SqlServer/ShareRepository.cs
@ -1,6 +1,11 @@
 using System;
 using Bit.Core.Domains;
 using System.Threading.Tasks;
 using System.Collections.Generic;
 using System.Data.SqlClient;
 using Dapper;
 using System.Data;
 using System.Linq;
 namespace Bit.Core.Repositories.SqlServer
 {
@ -24,5 +29,18 @@ namespace Bit.Core.Repositories.SqlServer
            return share;
        }
        public async Task<ICollection<Share>> GetManyByCipherId(Guid cipherId)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
                var results = await connection.QueryAsync<Share>(
                    $"[{Schema}].[Share_ReadByCipherId]",
                    new { CipherId = cipherId },
                    commandType: CommandType.StoredProcedure);
                return results.ToList();
            }
        }
    }
 }
--- a/src/Core/Services/Implementations/CipherService.cs
+++ b/src/Core/Services/Implementations/CipherService.cs
@ -104,7 +104,7 @@ namespace Bit.Core.Services
            share.UserId = user.Id;
            // TODO: Permissions and status
-            share.Permissions = null;
+            share.ReadOnly = false;
            share.Status = Enums.ShareStatusType.Accepted;
            await _shareRepository.CreateAsync(share);
--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -112,5 +112,7 @@
    <Build Include="dbo\Views\CipherShareView.sql" />
    <Build Include="dbo\Stored Procedures\CipherShare_ReadByUserId.sql" />
    <Build Include="dbo\Stored Procedures\CipherShare_ReadById.sql" />
    <Build Include="dbo\Stored Procedures\Share_ReadByCipherId.sql" />
    <Build Include="dbo\Stored Procedures\CipherShare_ReadByTypeUserId.sql" />
  </ItemGroup>
 </Project>
--- a/Procedures/CipherShare_ReadByTypeUserId.sql
+++ b/Procedures/CipherShare_ReadByTypeUserId.sql
@ -0,0 +1,15 @@
 CREATE PROCEDURE [dbo].[CipherShare_ReadByTypeUserId]
    @Type TINYINT,
    @UserId UNIQUEIDENTIFIER
 AS
 BEGIN
    SET NOCOUNT ON
    SELECT
        *
    FROM
        [dbo].[CipherView]
    WHERE
        [Type] = @Type
        AND [UserId] = @UserId
 END
--- a/Procedures/CipherShare_ReadByUserId.sql
+++ b/Procedures/CipherShare_ReadByUserId.sql
@ -10,4 +10,5 @@ BEGIN
        [dbo].[CipherShareView]
    WHERE
        [UserId] = @UserId
        OR [ShareUserId] = @UserId
 END
--- a/Procedures/Cipher_Create.sql
+++ b/Procedures/Cipher_Create.sql
@ -4,6 +4,7 @@
    @FolderId UNIQUEIDENTIFIER,
    @Type TINYINT,
    @Favorite BIT,
    @Key NVARCHAR(MAX),
    @Data NVARCHAR(MAX),
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7)
@ -18,6 +19,7 @@ BEGIN
        [FolderId],
        [Type],
        [Favorite],
        [Key],
        [Data],
        [CreationDate],
        [RevisionDate]
@ -29,6 +31,7 @@ BEGIN
        @FolderId,
        @Type,
        @Favorite,
        @Key,
        @Data,
        @CreationDate,
        @RevisionDate
--- a/Procedures/Cipher_Update.sql
+++ b/Procedures/Cipher_Update.sql
@ -4,6 +4,7 @@
    @FolderId UNIQUEIDENTIFIER,
    @Type TINYINT,
    @Favorite BIT,
    @Key NVARCHAR(MAX),
    @Data NVARCHAR(MAX),
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7)
@ -18,6 +19,7 @@ BEGIN
        [FolderId] = @FolderId,
        [Type] = @Type,
        [Favorite] = @Favorite,
        [Key] = @Key,
        [Data] = @Data,
        [CreationDate] = @CreationDate,
        [RevisionDate] = @RevisionDate
--- a/Procedures/Share_Create.sql
+++ b/Procedures/Share_Create.sql
@ -4,7 +4,7 @@
    @SharerUserId UNIQUEIDENTIFIER,
    @CipherId UNIQUEIDENTIFIER,
    @Key NVARCHAR(MAX),
-    @Permissions NVARCHAR(MAX),
+    @ReadOnly BIT,
    @Status TINYINT,
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7)
@ -19,7 +19,7 @@ BEGIN
        [SharerUserId],
        [CipherId],
        [Key],
-        [Permissions],
+        [ReadOnly],
        [Status],
        [CreationDate],
        [RevisionDate]
@ -31,7 +31,7 @@ BEGIN
        @SharerUserId,
        @CipherId,
        @Key,
-        @Permissions,
+        @ReadOnly,
        @Status,
        @CreationDate,
        @RevisionDate
--- a/Procedures/Share_ReadByCipherId.sql
+++ b/Procedures/Share_ReadByCipherId.sql
@ -0,0 +1,13 @@
 CREATE PROCEDURE [dbo].[Share_ReadByCipherId]
    @CipherId UNIQUEIDENTIFIER
 AS
 BEGIN
    SET NOCOUNT ON
    SELECT
        *
    FROM
        [dbo].[ShareView]
    WHERE
        [CipherId] = @CipherId
 END
--- a/Procedures/Share_Update.sql
+++ b/Procedures/Share_Update.sql
@ -4,7 +4,7 @@
    @SharerUserId UNIQUEIDENTIFIER,
    @CipherId UNIQUEIDENTIFIER,
    @Key NVARCHAR(MAX),
-    @Permissions NVARCHAR(MAX),
+    @ReadOnly BIT,
    @Status TINYINT,
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7)
@ -19,7 +19,7 @@ BEGIN
        [SharerUserId] = @SharerUserId,
        [CipherId] = @CipherId,
        [Key] = @Key,
-        [Permissions] = @Permissions,
+        [ReadOnly] = @ReadOnly,
        [Status] = @Status,
        [CreationDate] = @CreationDate,
        [RevisionDate] = @RevisionDate
--- a/src/Sql/dbo/Tables/Cipher.sql
+++ b/src/Sql/dbo/Tables/Cipher.sql
@ -4,6 +4,7 @@
    [FolderId]     UNIQUEIDENTIFIER NULL,
    [Type]         TINYINT          NOT NULL,
    [Favorite]     BIT              NOT NULL,
    [Key]          NVARCHAR (MAX)   NULL,
    [Data]         NVARCHAR (MAX)   NOT NULL,
    [CreationDate] DATETIME2 (7)    NOT NULL,
    [RevisionDate] DATETIME2 (7)    NOT NULL,
--- a/src/Sql/dbo/Tables/Share.sql
+++ b/src/Sql/dbo/Tables/Share.sql
@ -4,7 +4,7 @@
    [SharerUserId] UNIQUEIDENTIFIER NOT NULL,
    [CipherId]     UNIQUEIDENTIFIER NOT NULL,
    [Key]          VARCHAR (MAX)    NULL,
-    [Permissions]  VARCHAR (MAX)    NULL,
+    [ReadOnly]     BIT              NOT NULL,
    [Status]       TINYINT          NOT NULL,
    [CreationDate] DATETIME2 (7)    NOT NULL,
    [RevisionDate] DATETIME2 (7)    NOT NULL,
--- a/src/Sql/dbo/Views/CipherShareView.sql
+++ b/src/Sql/dbo/Views/CipherShareView.sql
@ -1,10 +1,18 @@
 CREATE VIEW [dbo].[CipherShareView]
 AS
 SELECT
-    C.*,
+    C.[Id],
-    S.[Key],
+    C.[UserId],
-    S.[Permissions],
+    C.[FolderId],
-    S.[Status]
+    C.[Type],
    C.[Favorite],
    ISNULL(S.[Key], C.[Key]) [Key],
    C.[Data],
    C.[CreationDate],
    C.[RevisionDate],
    S.[ReadOnly],
    S.[Status],
    S.[UserId] [ShareUserId]
 FROM
    [dbo].[Cipher] C
 LEFT JOIN