1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-22 05:10:29 +01:00

add endpoint to bulk delete collections

Dieser Commit ist enthalten in:
Stefan Melmuk 2023-03-18 20:52:55 +01:00
Ursprung 3cf67e0b8d
Commit 56cad93e0f
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 817020C608FE9C09
2 geänderte Dateien mit 91 neuen und 30 gelöschten Zeilen

Datei anzeigen

@ -39,6 +39,7 @@ pub fn routes() -> Vec<Route> {
put_organization_collection_update, put_organization_collection_update,
delete_organization_collection, delete_organization_collection,
post_organization_collection_delete, post_organization_collection_delete,
bulk_delete_organization_collections,
get_org_details, get_org_details,
get_org_users, get_org_users,
send_invite, send_invite,
@ -538,6 +539,34 @@ async fn post_organization_collection_delete_user(
delete_organization_collection_user(org_id, col_id, org_user_id, headers, conn).await delete_organization_collection_user(org_id, col_id, org_user_id, headers, conn).await
} }
async fn _delete_organization_collection(
org_id: &str,
col_id: &str,
headers: &ManagerHeaders,
conn: &mut DbConn,
) -> EmptyResult {
match Collection::find_by_uuid(col_id, conn).await {
None => err!("Collection not found"),
Some(collection) => {
if collection.org_uuid == org_id {
log_event(
EventType::CollectionDeleted as i32,
&collection.uuid,
org_id.to_string(),
headers.user.uuid.clone(),
headers.device.atype,
&headers.ip.ip,
conn,
)
.await;
collection.delete(conn).await
} else {
err!("Collection and Organization id do not match")
}
}
}
}
#[delete("/organizations/<org_id>/collections/<col_id>")] #[delete("/organizations/<org_id>/collections/<col_id>")]
async fn delete_organization_collection( async fn delete_organization_collection(
org_id: String, org_id: String,
@ -545,26 +574,7 @@ async fn delete_organization_collection(
headers: ManagerHeaders, headers: ManagerHeaders,
mut conn: DbConn, mut conn: DbConn,
) -> EmptyResult { ) -> EmptyResult {
match Collection::find_by_uuid(&col_id, &mut conn).await { _delete_organization_collection(&org_id, &col_id, &headers, &mut conn).await
None => err!("Collection not found"),
Some(collection) => {
if collection.org_uuid == org_id {
log_event(
EventType::CollectionDeleted as i32,
&collection.uuid,
org_id,
headers.user.uuid.clone(),
headers.device.atype,
&headers.ip.ip,
&mut conn,
)
.await;
collection.delete(&mut conn).await
} else {
err!("Collection and Organization id do not match")
}
}
}
} }
#[derive(Deserialize, Debug)] #[derive(Deserialize, Debug)]
@ -580,9 +590,36 @@ async fn post_organization_collection_delete(
col_id: String, col_id: String,
headers: ManagerHeaders, headers: ManagerHeaders,
_data: JsonUpcase<DeleteCollectionData>, _data: JsonUpcase<DeleteCollectionData>,
conn: DbConn, mut conn: DbConn,
) -> EmptyResult { ) -> EmptyResult {
delete_organization_collection(org_id, col_id, headers, conn).await _delete_organization_collection(&org_id, &col_id, &headers, &mut conn).await
}
#[derive(Deserialize, Debug)]
#[allow(non_snake_case)]
struct BulkCollectionIds {
Ids: Vec<String>,
OrganizationId: String,
}
#[delete("/organizations/<org_id>/collections", data = "<data>")]
async fn bulk_delete_organization_collections(
org_id: &str,
headers: ManagerHeadersLoose,
data: JsonUpcase<BulkCollectionIds>,
mut conn: DbConn,
) -> EmptyResult {
let data: BulkCollectionIds = data.into_inner().data;
assert!(org_id == data.OrganizationId);
let collections = data.Ids;
let headers = ManagerHeaders::from_loose(headers, &collections, &mut conn).await?;
for col_id in collections {
_delete_organization_collection(org_id, &col_id, &headers, &mut conn).await?
}
Ok(())
} }
#[get("/organizations/<org_id>/collections/<coll_id>/details")] #[get("/organizations/<org_id>/collections/<coll_id>/details")]

Datei anzeigen

@ -598,14 +598,7 @@ impl<'r> FromRequest<'r> for ManagerHeaders {
_ => err_handler!("Error getting DB"), _ => err_handler!("Error getting DB"),
}; };
if !headers.org_user.has_full_access() if !can_access_collection(&headers.org_user, &col_id, &mut conn).await {
&& !Collection::has_access_by_collection_and_user_uuid(
&col_id,
&headers.org_user.user_uuid,
&mut conn,
)
.await
{
err_handler!("The current user isn't a manager for this collection") err_handler!("The current user isn't a manager for this collection")
} }
} }
@ -642,6 +635,7 @@ pub struct ManagerHeadersLoose {
pub host: String, pub host: String,
pub device: Device, pub device: Device,
pub user: User, pub user: User,
pub org_user: UserOrganization,
pub org_user_type: UserOrgType, pub org_user_type: UserOrgType,
pub ip: ClientIp, pub ip: ClientIp,
} }
@ -657,6 +651,7 @@ impl<'r> FromRequest<'r> for ManagerHeadersLoose {
host: headers.host, host: headers.host,
device: headers.device, device: headers.device,
user: headers.user, user: headers.user,
org_user: headers.org_user,
org_user_type: headers.org_user_type, org_user_type: headers.org_user_type,
ip: headers.ip, ip: headers.ip,
}) })
@ -676,6 +671,35 @@ impl From<ManagerHeadersLoose> for Headers {
} }
} }
} }
async fn can_access_collection(org_user: &UserOrganization, col_id: &str, conn: &mut DbConn) -> bool {
org_user.has_full_access()
|| Collection::has_access_by_collection_and_user_uuid(col_id, &org_user.user_uuid, conn).await
}
impl ManagerHeaders {
pub async fn from_loose(
h: ManagerHeadersLoose,
collections: &Vec<String>,
conn: &mut DbConn,
) -> Result<ManagerHeaders, Error> {
for col_id in collections {
if uuid::Uuid::parse_str(col_id).is_err() {
err!("Collection Id is malformed!");
}
if !can_access_collection(&h.org_user, col_id, conn).await {
err!("You don't have access to all collections!");
}
}
Ok(ManagerHeaders {
host: h.host,
device: h.device,
user: h.user,
org_user_type: h.org_user_type,
ip: h.ip,
})
}
}
pub struct OwnerHeaders { pub struct OwnerHeaders {
pub host: String, pub host: String,