mirror of
https://github.com/bitwarden/server.git
synced 2025-04-06 05:28:15 -05:00
CipherDetails Edit property
This commit is contained in:
Kyle Spearrin
parent
3018655d7e
commit
b039461ff4
@ -52,18 +52,19 @@ namespace Bit.Api.Controllers
|
||||
}
|
||||
|
||||
[HttpGet("{id}/full-details")]
|
||||
public async Task<CipherFullDetailsResponseModel> GetDetails(string id)
|
||||
[HttpGet("{id}/details")]
|
||||
public async Task<CipherDetailsResponseModel> GetDetails(string id)
|
||||
{
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var cipherId = new Guid(id);
|
||||
var cipher = await _cipherRepository.GetFullDetailsByIdAsync(cipherId, userId);
|
||||
var cipher = await _cipherRepository.GetByIdAsync(cipherId, userId);
|
||||
if(cipher == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, cipherId);
|
||||
return new CipherFullDetailsResponseModel(cipher, collectionCiphers);
|
||||
return new CipherDetailsResponseModel(cipher, collectionCiphers);
|
||||
}
|
||||
|
||||
[HttpGet("")]
|
||||
|
||||
@ -41,16 +41,16 @@ namespace Bit.Api.Controllers
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<LoginDetailsResponseModel> Get(string id)
|
||||
public async Task<LoginResponseModel> Get(string id)
|
||||
{
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var login = await _cipherRepository.GetFullDetailsByIdAsync(new Guid(id), userId);
|
||||
var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
|
||||
if(login == null || login.Type != Core.Enums.CipherType.Login)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var response = new LoginDetailsResponseModel(login);
|
||||
var response = new LoginResponseModel(login);
|
||||
return response;
|
||||
}
|
||||
|
||||
|
||||
@ -60,6 +60,7 @@ namespace Bit.Core.Models.Api
|
||||
{
|
||||
FolderId = cipher.FolderId?.ToString();
|
||||
Favorite = cipher.Favorite;
|
||||
Edit = cipher.Edit;
|
||||
}
|
||||
|
||||
[Obsolete]
|
||||
@ -69,6 +70,7 @@ namespace Bit.Core.Models.Api
|
||||
|
||||
public string FolderId { get; set; }
|
||||
public bool Favorite { get; set; }
|
||||
public bool Edit { get; set; }
|
||||
}
|
||||
|
||||
public class CipherDetailsResponseModel : CipherResponseModel
|
||||
@ -115,15 +117,4 @@ namespace Bit.Core.Models.Api
|
||||
|
||||
public IEnumerable<Guid> CollectionIds { get; set; }
|
||||
}
|
||||
|
||||
public class CipherFullDetailsResponseModel : CipherDetailsResponseModel
|
||||
{
|
||||
public CipherFullDetailsResponseModel(CipherFullDetails cipher, IEnumerable<CollectionCipher> collectionCiphers)
|
||||
: base(cipher, collectionCiphers, "cipherFullDetails")
|
||||
{
|
||||
Edit = cipher.Edit;
|
||||
}
|
||||
|
||||
public bool Edit { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -36,12 +36,14 @@ namespace Bit.Core.Models.Api
|
||||
{
|
||||
FolderId = cipher.FolderId?.ToString();
|
||||
Favorite = cipher.Favorite;
|
||||
Edit = cipher.Edit;
|
||||
}
|
||||
|
||||
public string Id { get; set; }
|
||||
public string OrganizationId { get; set; }
|
||||
public string FolderId { get; set; }
|
||||
public bool Favorite { get; set; }
|
||||
public bool Edit { get; set; }
|
||||
public string Name { get; set; }
|
||||
public string Uri { get; set; }
|
||||
public string Username { get; set; }
|
||||
@ -52,15 +54,4 @@ namespace Bit.Core.Models.Api
|
||||
[Obsolete]
|
||||
public FolderResponseModel Folder { get; set; }
|
||||
}
|
||||
|
||||
public class LoginDetailsResponseModel : LoginResponseModel
|
||||
{
|
||||
public LoginDetailsResponseModel(CipherFullDetails cipher)
|
||||
: base(cipher, "loginDetails")
|
||||
{
|
||||
Edit = cipher.Edit;
|
||||
}
|
||||
|
||||
public bool Edit { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,5 +7,6 @@ namespace Core.Models.Data
|
||||
{
|
||||
public Guid? FolderId { get; set; }
|
||||
public bool Favorite { get; set; }
|
||||
public bool Edit { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +0,0 @@
|
||||
namespace Core.Models.Data
|
||||
{
|
||||
public class CipherFullDetails : CipherDetails
|
||||
{
|
||||
public bool Edit { get; set; }
|
||||
}
|
||||
}
|
||||
@ -9,7 +9,7 @@ namespace Bit.Core.Repositories
|
||||
public interface ICipherRepository : IRepository<Cipher, Guid>
|
||||
{
|
||||
Task<CipherDetails> GetByIdAsync(Guid id, Guid userId);
|
||||
Task<CipherFullDetails> GetFullDetailsByIdAsync(Guid id, Guid userId);
|
||||
Task<bool> GetCanEditByIdAsync(Guid userId, Guid cipherId);
|
||||
Task<ICollection<CipherDetails>> GetManyByUserIdAsync(Guid userId);
|
||||
Task<ICollection<CipherDetails>> GetManyByUserIdHasCollectionsAsync(Guid userId);
|
||||
Task<ICollection<Cipher>> GetManyByOrganizationIdAsync(Guid organizationId);
|
||||
|
||||
@ -11,6 +11,5 @@ namespace Bit.Core.Repositories
|
||||
Task<ICollection<CollectionUser>> GetManyByOrganizationUserIdAsync(Guid orgUserId);
|
||||
Task<ICollection<CollectionUserCollectionDetails>> GetManyDetailsByUserIdAsync(Guid userId);
|
||||
Task<ICollection<CollectionUserUserDetails>> GetManyDetailsByCollectionIdAsync(Guid organizationId, Guid collectionId);
|
||||
Task<bool> GetCanEditByUserIdCipherIdAsync(Guid userId, Guid cipherId);
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,16 +35,16 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<CipherFullDetails> GetFullDetailsByIdAsync(Guid id, Guid userId)
|
||||
public async Task<bool> GetCanEditByIdAsync(Guid userId, Guid cipherId)
|
||||
{
|
||||
using(var connection = new SqlConnection(ConnectionString))
|
||||
{
|
||||
var results = await connection.QueryAsync<CipherFullDetails>(
|
||||
$"[{Schema}].[CipherFullDetails_ReadByIdUserId]",
|
||||
new { Id = id, UserId = userId },
|
||||
var result = await connection.QueryFirstOrDefaultAsync<bool>(
|
||||
$"[{Schema}].[Cipher_ReadCanEditByIdUserId]",
|
||||
new { UserId = userId, CipherId = cipherId },
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
return results.FirstOrDefault();
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
@ -57,8 +57,11 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
new { UserId = userId },
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
// Return distinct Id results
|
||||
return results.GroupBy(c => c.Id).Select(g => g.First()).ToList();
|
||||
// Return distinct Id results. If at least one of the grouped results allows edit, that we return it.
|
||||
return results
|
||||
.GroupBy(c => c.Id)
|
||||
.Select(g => g.OrderByDescending(og => og.Edit).First())
|
||||
.ToList();
|
||||
}
|
||||
}
|
||||
|
||||
@ -71,8 +74,11 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
new { UserId = userId },
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
// Return distinct Id results
|
||||
return results.GroupBy(c => c.Id).Select(g => g.First()).ToList();
|
||||
// Return distinct Id results. If at least one of the grouped results allows edit, that we return it.
|
||||
return results
|
||||
.GroupBy(c => c.Id)
|
||||
.Select(g => g.OrderByDescending(og => og.Edit).First())
|
||||
.ToList();
|
||||
}
|
||||
}
|
||||
|
||||
@ -102,8 +108,11 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
},
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
// Return distinct Id results
|
||||
return results.GroupBy(c => c.Id).Select(g => g.First()).ToList();
|
||||
// Return distinct Id results. If at least one of the grouped results allows edit, that we return it.
|
||||
return results
|
||||
.GroupBy(c => c.Id)
|
||||
.Select(g => g.OrderByDescending(og => og.Edit).First())
|
||||
.ToList();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -59,18 +59,5 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
return results.ToList();
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<bool> GetCanEditByUserIdCipherIdAsync(Guid userId, Guid cipherId)
|
||||
{
|
||||
using(var connection = new SqlConnection(ConnectionString))
|
||||
{
|
||||
var result = await connection.QueryFirstOrDefaultAsync<bool>(
|
||||
$"[{Schema}].[CollectionUser_ReadCanEditByCipherIdUserId]",
|
||||
new { UserId = userId, CipherId = cipherId },
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
return result;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -16,7 +16,6 @@ namespace Bit.Core.Services
|
||||
private readonly IUserRepository _userRepository;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly IOrganizationUserRepository _organizationUserRepository;
|
||||
private readonly ICollectionUserRepository _collectionUserRepository;
|
||||
private readonly ICollectionCipherRepository _collectionCipherRepository;
|
||||
private readonly IPushService _pushService;
|
||||
|
||||
@ -26,7 +25,6 @@ namespace Bit.Core.Services
|
||||
IUserRepository userRepository,
|
||||
IOrganizationRepository organizationRepository,
|
||||
IOrganizationUserRepository organizationUserRepository,
|
||||
ICollectionUserRepository collectionUserRepository,
|
||||
ICollectionCipherRepository collectionCipherRepository,
|
||||
IPushService pushService)
|
||||
{
|
||||
@ -35,7 +33,6 @@ namespace Bit.Core.Services
|
||||
_userRepository = userRepository;
|
||||
_organizationRepository = organizationRepository;
|
||||
_organizationUserRepository = organizationUserRepository;
|
||||
_collectionUserRepository = collectionUserRepository;
|
||||
_collectionCipherRepository = collectionCipherRepository;
|
||||
_pushService = pushService;
|
||||
}
|
||||
@ -237,7 +234,7 @@ namespace Bit.Core.Services
|
||||
return true;
|
||||
}
|
||||
|
||||
return await _collectionUserRepository.GetCanEditByUserIdCipherIdAsync(userId, cipher.Id);
|
||||
return await _cipherRepository.GetCanEditByIdAsync(userId, cipher.Id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -93,7 +93,6 @@
|
||||
<Build Include="dbo\Views\OrganizationUserUserDetailsView.sql" />
|
||||
<Build Include="dbo\Views\OrganizationUserView.sql" />
|
||||
<Build Include="dbo\Views\OrganizationView.sql" />
|
||||
<Build Include="dbo\Functions\UserCanEditCipher.sql" />
|
||||
<Build Include="dbo\Functions\CipherDetails.sql" />
|
||||
<Build Include="dbo\Stored Procedures\OrganizationUserUserDetails_ReadByOrganizationId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Grant_DeleteByKey.sql" />
|
||||
@ -136,7 +135,6 @@
|
||||
<Build Include="dbo\Stored Procedures\Cipher_Create.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CollectionUser_ReadByOrganizationUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Cipher_DeleteById.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CollectionUser_ReadCanEditByCipherIdUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Cipher_ReadById.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CollectionUser_Update.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CollectionUserCollectionDetails_ReadByUserId.sql" />
|
||||
@ -159,7 +157,6 @@
|
||||
<Build Include="dbo\Stored Procedures\CipherDetails_ReadByIdUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CipherDetails_ReadByTypeUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CipherDetails_ReadByUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\CipherFullDetails_ReadByIdUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Folder_ReadById.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Folder_ReadByUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Organization_Create.sql" />
|
||||
@ -180,5 +177,6 @@
|
||||
<Build Include="dbo\Stored Procedures\OrganizationUserUserDetails_ReadById.sql" />
|
||||
<Build Include="dbo\User Defined Types\GuidIdArray.sql" />
|
||||
<Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByOrganizationOwnerUser.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Cipher_ReadCanEditByIdUserId.sql" />
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
@ -1,33 +0,0 @@
|
||||
CREATE FUNCTION [dbo].[UserCanEditCipher](@UserId UNIQUEIDENTIFIER, @CipherId UNIQUEIDENTIFIER)
|
||||
RETURNS BIT AS
|
||||
BEGIN
|
||||
DECLARE @CanEdit BIT
|
||||
|
||||
;WITH [CTE] AS(
|
||||
SELECT
|
||||
CASE WHEN OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1 ELSE 0 END [CanEdit]
|
||||
FROM
|
||||
[dbo].[Cipher] C
|
||||
INNER JOIN
|
||||
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
|
||||
INNER JOIN
|
||||
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionCipher] CC ON C.[UserId] IS NULL AND OU.[AccessAll] = 0 AND CC.[CipherId] = C.[Id]
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionUser] CU ON CU.[CollectionId] = CC.[CollectionId] AND CU.[OrganizationUserId] = OU.[Id]
|
||||
WHERE
|
||||
C.[Id] = @CipherId
|
||||
AND OU.[Status] = 2 -- 2 = Confirmed
|
||||
AND O.[Enabled] = 1
|
||||
AND (OU.[AccessAll] = 1 OR CU.[CollectionId] IS NOT NULL)
|
||||
)
|
||||
SELECT
|
||||
@CanEdit = CASE WHEN COUNT(1) > 0 THEN 1 ELSE 0 END
|
||||
FROM
|
||||
[CTE]
|
||||
WHERE
|
||||
[CanEdit] = 1
|
||||
|
||||
RETURN @CanEdit
|
||||
END
|
||||
@ -6,7 +6,11 @@ BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT TOP 1
|
||||
C.*
|
||||
C.*,
|
||||
CASE
|
||||
WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1
|
||||
ELSE 0
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
LEFT JOIN
|
||||
@ -28,4 +32,6 @@ BEGIN
|
||||
AND (OU.[AccessAll] = 1 OR CU.[CollectionId] IS NOT NULL)
|
||||
)
|
||||
)
|
||||
ORDER BY
|
||||
[Edit] DESC
|
||||
END
|
||||
@ -6,7 +6,11 @@ BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
C.*
|
||||
C.*,
|
||||
CASE
|
||||
WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1
|
||||
ELSE 0
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
LEFT JOIN
|
||||
|
||||
@ -5,7 +5,11 @@ BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
C.*
|
||||
C.*,
|
||||
CASE
|
||||
WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1
|
||||
ELSE 0
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
LEFT JOIN
|
||||
|
||||
@ -5,7 +5,11 @@ BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
C.*
|
||||
C.*,
|
||||
CASE
|
||||
WHEN OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1
|
||||
ELSE 0
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
INNER JOIN
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
CREATE PROCEDURE [dbo].[CipherFullDetails_ReadByIdUserId]
|
||||
@Id UNIQUEIDENTIFIER,
|
||||
@UserId UNIQUEIDENTIFIER
|
||||
AS
|
||||
BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT TOP 1
|
||||
C.*,
|
||||
CASE
|
||||
WHEN C.[OrganizationId] IS NULL THEN 1
|
||||
ELSE [dbo].[UserCanEditCipher](@UserId, @Id)
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
LEFT JOIN
|
||||
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
|
||||
LEFT JOIN
|
||||
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionCipher] CC ON C.[UserId] IS NULL AND OU.[AccessAll] = 0 AND CC.[CipherId] = C.[Id]
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionUser] CU ON CU.[CollectionId] = CC.[CollectionId] AND CU.[OrganizationUserId] = OU.[Id]
|
||||
WHERE
|
||||
C.Id = @Id
|
||||
AND (
|
||||
C.[UserId] = @UserId
|
||||
OR (
|
||||
C.[UserId] IS NULL
|
||||
AND OU.[Status] = 2 -- 2 = Confirmed
|
||||
AND O.[Enabled] = 1
|
||||
AND (OU.[AccessAll] = 1 OR CU.[CollectionId] IS NOT NULL)
|
||||
)
|
||||
)
|
||||
END
|
||||
@ -0,0 +1,39 @@
|
||||
CREATE PROCEDURE [dbo].[Cipher_CanEditByIdUserId]
|
||||
@Id UNIQUEIDENTIFIER,
|
||||
@UserId UNIQUEIDENTIFIER
|
||||
AS
|
||||
BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
(
|
||||
SELECT TOP 1
|
||||
CASE
|
||||
WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 THEN 1
|
||||
ELSE 0
|
||||
END [Edit]
|
||||
FROM
|
||||
[dbo].[CipherDetails](@UserId) C
|
||||
LEFT JOIN
|
||||
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
|
||||
LEFT JOIN
|
||||
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionCipher] CC ON C.[UserId] IS NULL AND OU.[AccessAll] = 0 AND CC.[CipherId] = C.[Id]
|
||||
LEFT JOIN
|
||||
[dbo].[CollectionUser] CU ON CU.[CollectionId] = CC.[CollectionId] AND CU.[OrganizationUserId] = OU.[Id]
|
||||
WHERE
|
||||
C.Id = @Id
|
||||
AND (
|
||||
C.[UserId] = @UserId
|
||||
OR (
|
||||
C.[UserId] IS NULL
|
||||
AND OU.[Status] = 2 -- 2 = Confirmed
|
||||
AND O.[Enabled] = 1
|
||||
AND (OU.[AccessAll] = 1 OR CU.[CollectionId] IS NOT NULL)
|
||||
)
|
||||
)
|
||||
ORDER BY
|
||||
[Edit] DESC
|
||||
)
|
||||
END
|
||||
@ -1,10 +0,0 @@
|
||||
CREATE PROCEDURE [dbo].[CollectionUser_ReadCanEditByCipherIdUserId]
|
||||
@UserId UNIQUEIDENTIFIER,
|
||||
@CipherId AS UNIQUEIDENTIFIER
|
||||
AS
|
||||
BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
[dbo].[UserCanEditCipher](@UserId, @CipherId)
|
||||
END
|
||||
Loading…
x
Reference in New Issue
Block a user