nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

validation checks on cipher move

Browse Source
This commit is contained in:
Kyle Spearrin
2017-03-25 16:25:10 -04:00
parent 5029af33c5
commit b144f8a686
4 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controllers/CiphersController.cs
View File

@ -119,12 +119,12 @@ namespace Bit.Api.Controllers
{
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
if(cipher == null)
if(cipher == null || cipher.OrganizationId.HasValue || cipher.UserId != userId)
{
throw new NotFoundException();
}
await _cipherService.MoveSubvaultAsync(model.Cipher.ToCipher(cipher),
await _cipherService.MoveSubvaultAsync(model.Cipher.ToCipher(cipher), new Guid(model.Cipher.OrganizationId),
model.SubvaultIds.Select(s => new Guid(s)), userId);
}

2
src/Api/IdentityServer/ResourceOwnerPasswordValidator.cs
View File

@ -121,7 +121,7 @@ namespace Bit.Api.IdentityServer
var customResponse = new Dictionary<string, object>();
if(!string.IsNullOrWhiteSpace(user.PrivateKey))
{
customResponse.Add("EncryptedPrivateKey", user.PrivateKey);
customResponse.Add("PrivateKey", user.PrivateKey);
}
context.Result = new GrantValidationResult(user.Id.ToString(), "Application",