nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 13:08:17 -05:00
Code

[PM-517] Added validation to maximum and minimum expiry date (#4199)

Browse Source 
* Added validation to maximum and minimum expiry date

* Updated error text on SendRequestModel

* Add tests to ValidateEdit on SendRequestModel
This commit is contained in:
aj-rosado 2024-06-21 13:56:43 +01:00 committed by GitHub
parent de56461b97
commit f275b2567d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/Api/Tools/Models/Request/SendRequestModel.cs
View File

@ -110,6 +110,19 @@ public class SendRequestModel
"and try again."); "and try again.");
} }
} }
if (ExpirationDate.HasValue)
{
if (ExpirationDate.Value <= nowPlus1Minute)
{
throw new BadRequestException("You cannot have a Send with an expiration date in the past. " +
"Adjust the expiration date and try again.");
}
if (ExpirationDate.Value > DeletionDate.Value)
{
throw new BadRequestException("You cannot have a Send with an expiration date greater than the deletion date. " +
"Adjust the expiration date and try again.");
}
}
} }
private Send ToSendBase(Send existingSend, ISendService sendService) private Send ToSendBase(Send existingSend, ISendService sendService)

60
test/Api.Test/Tools/Models/Request/SendRequestModelTests.cs
View File

@ -1,6 +1,7 @@
using System.Text.Json; using System.Text.Json;
using Bit.Api.Tools.Models; using Bit.Api.Tools.Models;
using Bit.Api.Tools.Models.Request; using Bit.Api.Tools.Models.Request;
using Bit.Core.Exceptions;
using Bit.Core.Tools.Enums; using Bit.Core.Tools.Enums;
using Bit.Core.Tools.Services; using Bit.Core.Tools.Services;
using Bit.Test.Common.Helpers; using Bit.Test.Common.Helpers;
@ -55,4 +56,63 @@ public class SendRequestModelTests
var name = AssertHelper.AssertJsonProperty(root, "Name", JsonValueKind.String).GetString(); var name = AssertHelper.AssertJsonProperty(root, "Name", JsonValueKind.String).GetString();
Assert.Equal("encrypted_name", name); Assert.Equal("encrypted_name", name);
} }
[Fact]
public void ValidateEdit_DeletionDateInPast_ThrowsBadRequestException()
{
var send = new SendRequestModel
{
DeletionDate = DateTime.UtcNow.AddMinutes(-5)
};
Assert.Throws<BadRequestException>(() => send.ValidateEdit());
}
[Fact]
public void ValidateEdit_DeletionDateTooFarInFuture_ThrowsBadRequestException()
{
var send = new SendRequestModel
{
DeletionDate = DateTime.UtcNow.AddDays(32)
};
Assert.Throws<BadRequestException>(() => send.ValidateEdit());
}
[Fact]
public void ValidateEdit_ExpirationDateInPast_ThrowsBadRequestException()
{
var send = new SendRequestModel
{
ExpirationDate = DateTime.UtcNow.AddMinutes(-5)
};
Assert.Throws<BadRequestException>(() => send.ValidateEdit());
}
[Fact]
public void ValidateEdit_ExpirationDateGreaterThanDeletionDate_ThrowsBadRequestException()
{
var send = new SendRequestModel
{
DeletionDate = DateTime.UtcNow.AddDays(1),
ExpirationDate = DateTime.UtcNow.AddDays(2)
};
Assert.Throws<BadRequestException>(() => send.ValidateEdit());
}
[Fact]
public void ValidateEdit_ValidDates_Success()
{
var send = new SendRequestModel
{
DeletionDate = DateTime.UtcNow.AddDays(10),
ExpirationDate = DateTime.UtcNow.AddDays(5)
};
Exception ex = Record.Exception(() => send.ValidateEdit());
Assert.Null(ex);
}
} }