nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 05:28:15 -05:00
Code

adjust date validation for send (#1137)

Browse Source
This commit is contained in:
Kyle Spearrin 2021-02-11 14:39:21 -05:00 committed by GitHub
parent 7c9ea83ad2
commit c3a99402f8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Api/Controllers/SendsController.cs
View File

@ -122,6 +122,7 @@ namespace Bit.Api.Controllers
[HttpPut("{id}")] [HttpPut("{id}")]
public async Task<SendResponseModel> Put(string id, [FromBody] SendRequestModel model) public async Task<SendResponseModel> Put(string id, [FromBody] SendRequestModel model)
{ {
model.ValidateEdit();
var userId = _userService.GetProperUserId(User).Value; var userId = _userService.GetProperUserId(User).Value;
var send = await _sendRepository.GetByIdAsync(new Guid(id)); var send = await _sendRepository.GetByIdAsync(new Guid(id));
if (send == null || send.UserId != userId) if (send == null || send.UserId != userId)

28
src/Core/Models/Api/Request/SendRequestModel.cs
View File

@ -81,17 +81,35 @@ namespace Bit.Core.Models.Api
public void ValidateCreation() public void ValidateCreation()
{ {
var now = DateTime.UtcNow;
// Add 1 minute for a sane buffer and client clock float // Add 1 minute for a sane buffer and client clock float
var nowPlus1Minute = DateTime.UtcNow.AddMinutes(1); var nowPlus1Minute = now.AddMinutes(1);
if (ExpirationDate.HasValue && ExpirationDate.Value <= nowPlus1Minute) if (ExpirationDate.HasValue && ExpirationDate.Value <= nowPlus1Minute)
{ {
throw new BadRequestException("You cannot create a send that is already expired. " + throw new BadRequestException("You cannot create a Send that is already expired. " +
"Adjust the expiration date and try again."); "Adjust the expiration date and try again.");
} }
if (DeletionDate.HasValue && DeletionDate.Value <= nowPlus1Minute) ValidateEdit();
}
public void ValidateEdit()
{
var now = DateTime.UtcNow;
// Add 1 minute for a sane buffer and client clock float
var nowPlus1Minute = now.AddMinutes(1);
if (DeletionDate.HasValue)
{ {
throw new BadRequestException("You cannot create a send that is already deleted. " + if (DeletionDate.Value <= nowPlus1Minute)
"Adjust the deletion date and try again."); {
throw new BadRequestException("You cannot have a Send with a deletion date in the past. " +
"Adjust the deletion date and try again.");
}
if (DeletionDate.Value > now.AddDays(31))
{
throw new BadRequestException("You cannot have a Send with a deletion date that far " +
"into the future. Adjust the Deletion Date to a value less than 31 days from now " +
"and try again.");
}
} }
} }