mirror of
https://github.com/bitwarden/server.git
synced 2025-04-15 10:08:14 -05:00
250 lines
8.9 KiB
C#
250 lines
8.9 KiB
C#
using System;
|
|
using System.Linq;
|
|
using System.Collections.Generic;
|
|
using System.Threading.Tasks;
|
|
using Bit.Core.Models.Table;
|
|
using Bit.Core.Repositories;
|
|
using Core.Models.Data;
|
|
using Bit.Core.Exceptions;
|
|
|
|
namespace Bit.Core.Services
|
|
{
|
|
public class CipherService : ICipherService
|
|
{
|
|
private readonly ICipherRepository _cipherRepository;
|
|
private readonly IFolderRepository _folderRepository;
|
|
private readonly IUserRepository _userRepository;
|
|
private readonly IOrganizationRepository _organizationRepository;
|
|
private readonly IOrganizationUserRepository _organizationUserRepository;
|
|
private readonly ISubvaultUserRepository _subvaultUserRepository;
|
|
private readonly ISubvaultCipherRepository _subvaultCipherRepository;
|
|
private readonly IPushService _pushService;
|
|
|
|
public CipherService(
|
|
ICipherRepository cipherRepository,
|
|
IFolderRepository folderRepository,
|
|
IUserRepository userRepository,
|
|
IOrganizationRepository organizationRepository,
|
|
IOrganizationUserRepository organizationUserRepository,
|
|
ISubvaultUserRepository subvaultUserRepository,
|
|
ISubvaultCipherRepository subvaultCipherRepository,
|
|
IPushService pushService)
|
|
{
|
|
_cipherRepository = cipherRepository;
|
|
_folderRepository = folderRepository;
|
|
_userRepository = userRepository;
|
|
_organizationRepository = organizationRepository;
|
|
_organizationUserRepository = organizationUserRepository;
|
|
_subvaultUserRepository = subvaultUserRepository;
|
|
_subvaultCipherRepository = subvaultCipherRepository;
|
|
_pushService = pushService;
|
|
}
|
|
|
|
public async Task SaveAsync(CipherDetails cipher, Guid savingUserId)
|
|
{
|
|
if(!(await UserCanEditAsync(cipher, savingUserId)))
|
|
{
|
|
throw new BadRequestException("Not an admin.");
|
|
}
|
|
|
|
cipher.UserId = savingUserId;
|
|
if(cipher.Id == default(Guid))
|
|
{
|
|
await _cipherRepository.CreateAsync(cipher);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherCreateAsync(cipher);
|
|
}
|
|
else
|
|
{
|
|
cipher.RevisionDate = DateTime.UtcNow;
|
|
await _cipherRepository.ReplaceAsync(cipher);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherUpdateAsync(cipher);
|
|
}
|
|
}
|
|
|
|
public async Task UpdatePartialAsync(Guid cipherId, Guid savingUserId, Guid? folderId, bool favorite)
|
|
{
|
|
if(!(await UserCanPartialEditAsync(cipherId, savingUserId)))
|
|
{
|
|
throw new BadRequestException("Cannot edit.");
|
|
}
|
|
|
|
await _cipherRepository.UpdatePartialAsync(cipherId, savingUserId, folderId, favorite);
|
|
}
|
|
|
|
public async Task DeleteAsync(CipherDetails cipher, Guid deletingUserId)
|
|
{
|
|
if(!(await UserCanEditAsync(cipher, deletingUserId)))
|
|
{
|
|
throw new BadRequestException("Not an admin.");
|
|
}
|
|
|
|
await _cipherRepository.DeleteAsync(cipher);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherDeleteAsync(cipher);
|
|
}
|
|
|
|
public async Task SaveFolderAsync(Folder folder)
|
|
{
|
|
if(folder.Id == default(Guid))
|
|
{
|
|
await _folderRepository.CreateAsync(folder);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherCreateAsync(cipher);
|
|
}
|
|
else
|
|
{
|
|
folder.RevisionDate = DateTime.UtcNow;
|
|
await _folderRepository.UpsertAsync(folder);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherUpdateAsync(cipher);
|
|
}
|
|
}
|
|
|
|
public async Task DeleteFolderAsync(Folder folder)
|
|
{
|
|
await _folderRepository.DeleteAsync(folder);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherDeleteAsync(cipher);
|
|
}
|
|
|
|
public async Task ShareAsync(Cipher cipher, Guid organizationId, IEnumerable<Guid> subvaultIds, Guid sharingUserId)
|
|
{
|
|
if(cipher.Id == default(Guid))
|
|
{
|
|
throw new BadRequestException(nameof(cipher.Id));
|
|
}
|
|
|
|
if(cipher.OrganizationId.HasValue)
|
|
{
|
|
throw new BadRequestException("Already belongs to an organization.");
|
|
}
|
|
|
|
if(!cipher.UserId.HasValue || cipher.UserId.Value != sharingUserId)
|
|
{
|
|
throw new NotFoundException();
|
|
}
|
|
|
|
// We do not need to check if the user belongs to this organization since this call will return no subvaults
|
|
// and therefore be caught by the .Any() check below.
|
|
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(sharingUserId, subvaultIds,
|
|
organizationId);
|
|
|
|
var writeableSubvaults = subvaultUserDetails.Where(s => !s.ReadOnly).Select(s => s.SubvaultId);
|
|
if(!writeableSubvaults.Any())
|
|
{
|
|
throw new BadRequestException("No subvaults.");
|
|
}
|
|
|
|
cipher.UserId = null;
|
|
cipher.OrganizationId = organizationId;
|
|
cipher.RevisionDate = DateTime.UtcNow;
|
|
await _cipherRepository.ReplaceAsync(cipher, writeableSubvaults);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherUpdateAsync(cipher);
|
|
}
|
|
|
|
public async Task SaveSubvaultsAsync(Cipher cipher, IEnumerable<Guid> subvaultIds, Guid savingUserId)
|
|
{
|
|
if(cipher.Id == default(Guid))
|
|
{
|
|
throw new BadRequestException(nameof(cipher.Id));
|
|
}
|
|
|
|
if(!cipher.OrganizationId.HasValue)
|
|
{
|
|
throw new BadRequestException("Cipher must belong to an organization.");
|
|
}
|
|
|
|
// We do not need to check if the user belongs to this organization since this call will return no subvaults
|
|
// and therefore be caught by the .Any() check below.
|
|
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(savingUserId, subvaultIds,
|
|
cipher.OrganizationId.Value);
|
|
|
|
var writeableSubvaults = subvaultUserDetails.Where(s => !s.ReadOnly).Select(s => s.SubvaultId);
|
|
if(!writeableSubvaults.Any())
|
|
{
|
|
throw new BadRequestException("No subvaults.");
|
|
}
|
|
|
|
await _subvaultCipherRepository.UpdateSubvaultsAsync(cipher.Id, savingUserId, writeableSubvaults);
|
|
|
|
// push
|
|
//await _pushService.PushSyncCipherUpdateAsync(cipher);
|
|
}
|
|
|
|
public async Task ImportCiphersAsync(
|
|
List<Folder> folders,
|
|
List<CipherDetails> ciphers,
|
|
IEnumerable<KeyValuePair<int, int>> folderRelationships)
|
|
{
|
|
foreach(var cipher in ciphers)
|
|
{
|
|
cipher.SetNewId();
|
|
|
|
if(cipher.UserId.HasValue && cipher.Favorite)
|
|
{
|
|
cipher.Favorites = $"{{\"{cipher.UserId.ToString().ToUpperInvariant()}\":\"true\"}}";
|
|
}
|
|
}
|
|
|
|
// Init. ids for folders
|
|
foreach(var folder in folders)
|
|
{
|
|
folder.SetNewId();
|
|
}
|
|
|
|
// Create the folder associations based on the newly created folder ids
|
|
foreach(var relationship in folderRelationships)
|
|
{
|
|
var cipher = ciphers.ElementAtOrDefault(relationship.Key);
|
|
var folder = folders.ElementAtOrDefault(relationship.Value);
|
|
|
|
if(cipher == null || folder == null)
|
|
{
|
|
continue;
|
|
}
|
|
|
|
cipher.Folders = $"{{\"{cipher.UserId.ToString().ToUpperInvariant()}\":" +
|
|
$"\"{folder.Id.ToString().ToUpperInvariant()}\"}}";
|
|
}
|
|
|
|
// Create it all
|
|
await _cipherRepository.CreateAsync(ciphers, folders);
|
|
|
|
// push
|
|
var userId = folders.FirstOrDefault()?.UserId ?? ciphers.FirstOrDefault()?.UserId;
|
|
if(userId.HasValue)
|
|
{
|
|
await _pushService.PushSyncCiphersAsync(userId.Value);
|
|
}
|
|
}
|
|
|
|
private async Task<bool> UserCanEditAsync(Cipher cipher, Guid userId)
|
|
{
|
|
if(!cipher.OrganizationId.HasValue && cipher.UserId.HasValue && cipher.UserId.Value == userId)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
return await _subvaultUserRepository.GetCanEditByUserIdCipherIdAsync(userId, cipher.Id);
|
|
}
|
|
|
|
private Task<bool> UserCanPartialEditAsync(Guid cipherId, Guid userId)
|
|
{
|
|
// TODO: implement
|
|
|
|
return Task.FromResult(true);
|
|
//return await _subvaultUserRepository.GetCanEditByUserIdCipherIdAsync(userId, cipherId);
|
|
}
|
|
}
|
|
}
|