Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-22 05:10:29 +01:00
add endpoint to bulk delete collections
Dieser Commit ist enthalten in:
Ursprung
3cf67e0b8d
Commit
56cad93e0f
2 geänderte Dateien mit 91 neuen und 30 gelöschten Zeilen
|
@ -39,6 +39,7 @@ pub fn routes() -> Vec<Route> {
|
||||||
put_organization_collection_update,
|
put_organization_collection_update,
|
||||||
delete_organization_collection,
|
delete_organization_collection,
|
||||||
post_organization_collection_delete,
|
post_organization_collection_delete,
|
||||||
|
bulk_delete_organization_collections,
|
||||||
get_org_details,
|
get_org_details,
|
||||||
get_org_users,
|
get_org_users,
|
||||||
send_invite,
|
send_invite,
|
||||||
|
@ -538,6 +539,34 @@ async fn post_organization_collection_delete_user(
|
||||||
delete_organization_collection_user(org_id, col_id, org_user_id, headers, conn).await
|
delete_organization_collection_user(org_id, col_id, org_user_id, headers, conn).await
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async fn _delete_organization_collection(
|
||||||
|
org_id: &str,
|
||||||
|
col_id: &str,
|
||||||
|
headers: &ManagerHeaders,
|
||||||
|
conn: &mut DbConn,
|
||||||
|
) -> EmptyResult {
|
||||||
|
match Collection::find_by_uuid(col_id, conn).await {
|
||||||
|
None => err!("Collection not found"),
|
||||||
|
Some(collection) => {
|
||||||
|
if collection.org_uuid == org_id {
|
||||||
|
log_event(
|
||||||
|
EventType::CollectionDeleted as i32,
|
||||||
|
&collection.uuid,
|
||||||
|
org_id.to_string(),
|
||||||
|
headers.user.uuid.clone(),
|
||||||
|
headers.device.atype,
|
||||||
|
&headers.ip.ip,
|
||||||
|
conn,
|
||||||
|
)
|
||||||
|
.await;
|
||||||
|
collection.delete(conn).await
|
||||||
|
} else {
|
||||||
|
err!("Collection and Organization id do not match")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[delete("/organizations/<org_id>/collections/<col_id>")]
|
#[delete("/organizations/<org_id>/collections/<col_id>")]
|
||||||
async fn delete_organization_collection(
|
async fn delete_organization_collection(
|
||||||
org_id: String,
|
org_id: String,
|
||||||
|
@ -545,26 +574,7 @@ async fn delete_organization_collection(
|
||||||
headers: ManagerHeaders,
|
headers: ManagerHeaders,
|
||||||
mut conn: DbConn,
|
mut conn: DbConn,
|
||||||
) -> EmptyResult {
|
) -> EmptyResult {
|
||||||
match Collection::find_by_uuid(&col_id, &mut conn).await {
|
_delete_organization_collection(&org_id, &col_id, &headers, &mut conn).await
|
||||||
None => err!("Collection not found"),
|
|
||||||
Some(collection) => {
|
|
||||||
if collection.org_uuid == org_id {
|
|
||||||
log_event(
|
|
||||||
EventType::CollectionDeleted as i32,
|
|
||||||
&collection.uuid,
|
|
||||||
org_id,
|
|
||||||
headers.user.uuid.clone(),
|
|
||||||
headers.device.atype,
|
|
||||||
&headers.ip.ip,
|
|
||||||
&mut conn,
|
|
||||||
)
|
|
||||||
.await;
|
|
||||||
collection.delete(&mut conn).await
|
|
||||||
} else {
|
|
||||||
err!("Collection and Organization id do not match")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize, Debug)]
|
#[derive(Deserialize, Debug)]
|
||||||
|
@ -580,9 +590,36 @@ async fn post_organization_collection_delete(
|
||||||
col_id: String,
|
col_id: String,
|
||||||
headers: ManagerHeaders,
|
headers: ManagerHeaders,
|
||||||
_data: JsonUpcase<DeleteCollectionData>,
|
_data: JsonUpcase<DeleteCollectionData>,
|
||||||
conn: DbConn,
|
mut conn: DbConn,
|
||||||
) -> EmptyResult {
|
) -> EmptyResult {
|
||||||
delete_organization_collection(org_id, col_id, headers, conn).await
|
_delete_organization_collection(&org_id, &col_id, &headers, &mut conn).await
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Deserialize, Debug)]
|
||||||
|
#[allow(non_snake_case)]
|
||||||
|
struct BulkCollectionIds {
|
||||||
|
Ids: Vec<String>,
|
||||||
|
OrganizationId: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[delete("/organizations/<org_id>/collections", data = "<data>")]
|
||||||
|
async fn bulk_delete_organization_collections(
|
||||||
|
org_id: &str,
|
||||||
|
headers: ManagerHeadersLoose,
|
||||||
|
data: JsonUpcase<BulkCollectionIds>,
|
||||||
|
mut conn: DbConn,
|
||||||
|
) -> EmptyResult {
|
||||||
|
let data: BulkCollectionIds = data.into_inner().data;
|
||||||
|
assert!(org_id == data.OrganizationId);
|
||||||
|
|
||||||
|
let collections = data.Ids;
|
||||||
|
|
||||||
|
let headers = ManagerHeaders::from_loose(headers, &collections, &mut conn).await?;
|
||||||
|
|
||||||
|
for col_id in collections {
|
||||||
|
_delete_organization_collection(org_id, &col_id, &headers, &mut conn).await?
|
||||||
|
}
|
||||||
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/organizations/<org_id>/collections/<coll_id>/details")]
|
#[get("/organizations/<org_id>/collections/<coll_id>/details")]
|
||||||
|
|
40
src/auth.rs
40
src/auth.rs
|
@ -598,14 +598,7 @@ impl<'r> FromRequest<'r> for ManagerHeaders {
|
||||||
_ => err_handler!("Error getting DB"),
|
_ => err_handler!("Error getting DB"),
|
||||||
};
|
};
|
||||||
|
|
||||||
if !headers.org_user.has_full_access()
|
if !can_access_collection(&headers.org_user, &col_id, &mut conn).await {
|
||||||
&& !Collection::has_access_by_collection_and_user_uuid(
|
|
||||||
&col_id,
|
|
||||||
&headers.org_user.user_uuid,
|
|
||||||
&mut conn,
|
|
||||||
)
|
|
||||||
.await
|
|
||||||
{
|
|
||||||
err_handler!("The current user isn't a manager for this collection")
|
err_handler!("The current user isn't a manager for this collection")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -642,6 +635,7 @@ pub struct ManagerHeadersLoose {
|
||||||
pub host: String,
|
pub host: String,
|
||||||
pub device: Device,
|
pub device: Device,
|
||||||
pub user: User,
|
pub user: User,
|
||||||
|
pub org_user: UserOrganization,
|
||||||
pub org_user_type: UserOrgType,
|
pub org_user_type: UserOrgType,
|
||||||
pub ip: ClientIp,
|
pub ip: ClientIp,
|
||||||
}
|
}
|
||||||
|
@ -657,6 +651,7 @@ impl<'r> FromRequest<'r> for ManagerHeadersLoose {
|
||||||
host: headers.host,
|
host: headers.host,
|
||||||
device: headers.device,
|
device: headers.device,
|
||||||
user: headers.user,
|
user: headers.user,
|
||||||
|
org_user: headers.org_user,
|
||||||
org_user_type: headers.org_user_type,
|
org_user_type: headers.org_user_type,
|
||||||
ip: headers.ip,
|
ip: headers.ip,
|
||||||
})
|
})
|
||||||
|
@ -676,6 +671,35 @@ impl From<ManagerHeadersLoose> for Headers {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
async fn can_access_collection(org_user: &UserOrganization, col_id: &str, conn: &mut DbConn) -> bool {
|
||||||
|
org_user.has_full_access()
|
||||||
|
|| Collection::has_access_by_collection_and_user_uuid(col_id, &org_user.user_uuid, conn).await
|
||||||
|
}
|
||||||
|
|
||||||
|
impl ManagerHeaders {
|
||||||
|
pub async fn from_loose(
|
||||||
|
h: ManagerHeadersLoose,
|
||||||
|
collections: &Vec<String>,
|
||||||
|
conn: &mut DbConn,
|
||||||
|
) -> Result<ManagerHeaders, Error> {
|
||||||
|
for col_id in collections {
|
||||||
|
if uuid::Uuid::parse_str(col_id).is_err() {
|
||||||
|
err!("Collection Id is malformed!");
|
||||||
|
}
|
||||||
|
if !can_access_collection(&h.org_user, col_id, conn).await {
|
||||||
|
err!("You don't have access to all collections!");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(ManagerHeaders {
|
||||||
|
host: h.host,
|
||||||
|
device: h.device,
|
||||||
|
user: h.user,
|
||||||
|
org_user_type: h.org_user_type,
|
||||||
|
ip: h.ip,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub struct OwnerHeaders {
|
pub struct OwnerHeaders {
|
||||||
pub host: String,
|
pub host: String,
|
||||||
|
|
Laden …
In neuem Issue referenzieren