nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 05:28:15 -05:00
Code

admin attachment apis

Browse Source
This commit is contained in:
Kyle Spearrin 2018-02-24 14:29:11 -05:00
parent b8720be78f
commit a5630f8af4
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/Api/Controllers/CiphersController.cs
View File

@ -414,6 +414,29 @@ namespace Bit.Api.Controllers
return new CipherResponseModel(cipher, _globalSettings); return new CipherResponseModel(cipher, _globalSettings);
} }
[HttpPost("{id}/attachment-admin")]
[DisableFormValueModelBinding]
public async Task<CipherResponseModel> PostAttachmentAdmin(string id)
{
ValidateAttachment();
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetDetailsByIdAsync(new Guid(id));
if(cipher == null || !cipher.OrganizationId.HasValue ||
!_currentContext.OrganizationAdmin(cipher.OrganizationId.Value))
{
throw new NotFoundException();
}
await Request.GetFileAsync(async (stream, fileName) =>
{
await _cipherService.CreateAttachmentAsync(cipher, stream, fileName,
Request.ContentLength.GetValueOrDefault(0), userId);
});
return new CipherResponseModel(cipher, _globalSettings);
}
[HttpPost("{id}/attachment/{attachmentId}/share")] [HttpPost("{id}/attachment/{attachmentId}/share")]
[RequestSizeLimit(105_906_176)] [RequestSizeLimit(105_906_176)]
[DisableFormValueModelBinding] [DisableFormValueModelBinding]
@ -450,6 +473,22 @@ namespace Bit.Api.Controllers
await _cipherService.DeleteAttachmentAsync(cipher, attachmentId, userId, false); await _cipherService.DeleteAttachmentAsync(cipher, attachmentId, userId, false);
} }
[HttpDelete("{id}/attachment/{attachmentId}/admin")]
[HttpPost("{id}/attachment/{attachmentId}/delete-admin")]
public async Task DeleteAttachmentAdmin(string id, string attachmentId)
{
var idGuid = new Guid(id);
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(idGuid);
if(cipher == null || !cipher.OrganizationId.HasValue ||
!_currentContext.OrganizationAdmin(cipher.OrganizationId.Value))
{
throw new NotFoundException();
}
await _cipherService.DeleteAttachmentAsync(cipher, attachmentId, userId, false);
}
private void ValidateAttachment() private void ValidateAttachment()
{ {
if(!Request?.ContentType.Contains("multipart/") ?? true) if(!Request?.ContentType.Contains("multipart/") ?? true)