From ddda86b90d1d4db22ef86a183f00654d9b71271c Mon Sep 17 00:00:00 2001 From: Kumar Ankur Date: Mon, 6 Aug 2018 03:29:44 +0530 Subject: [PATCH 1/3] Implemented bulk cipher share (share selected) #100 --- src/api/core/ciphers.rs | 66 ++++++++++++++++++++++++++++++++++--- src/api/core/mod.rs | 1 + src/db/models/attachment.rs | 6 ++++ 3 files changed, 68 insertions(+), 5 deletions(-) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 95df5a00..a253e201 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -87,6 +87,8 @@ fn get_cipher_details(uuid: String, headers: Headers, conn: DbConn) -> JsonResul #[derive(Deserialize, Debug)] #[allow(non_snake_case)] struct CipherData { + // Id is optional as it is included only in bulk share + Id: Option, // Folder id is not included in import FolderId: Option, // TODO: Some of these might appear all the time, no need for Option @@ -332,6 +334,65 @@ struct ShareCipherData { fn post_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { let data: ShareCipherData = data.into_inner().data; + share_cipher_by_uuid(&uuid, data, &headers, &conn) +} + +#[put("/ciphers//share", data = "")] +fn put_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { + let data: ShareCipherData = data.into_inner().data; + + share_cipher_by_uuid(&uuid, data, &headers, &conn) +} + +#[derive(Deserialize)] +#[allow(non_snake_case)] +struct ShareSelectedCipherData { + Ciphers: Vec, + CollectionIds: Vec +} + +#[put("/ciphers/share", data = "")] +fn put_cipher_share_seleted(data: JsonUpcase, headers: Headers, conn: DbConn) -> EmptyResult { + let mut data: ShareSelectedCipherData = data.into_inner().data; + let mut cipher_ids: Vec = Vec::new(); + + if data.Ciphers.len() == 0 { + err!("You must select at least one cipher.") + } + + if data.CollectionIds.len() == 0 { + err!("You must select at least one collection.") + } + + for cipher in data.Ciphers.iter() { + match cipher.Id { + Some(ref id) => cipher_ids.push(id.to_string()), + None => err!("Request missing ids field") + }; + } + + let attachments = Attachment::find_by_ciphers(cipher_ids, &conn); + + if attachments.len() > 0 { + err!("Ciphers should not have any attachments.") + } + + while let Some(cipher) = data.Ciphers.pop() { + let mut shared_cipher_data = ShareCipherData { + Cipher: cipher, + CollectionIds: data.CollectionIds.clone() + }; + + match shared_cipher_data.Cipher.Id.take() { + Some(id) => share_cipher_by_uuid(&id, shared_cipher_data , &headers, &conn)?, + None => err!("Request missing ids field") + }; + } + + Ok(()) +} + +fn share_cipher_by_uuid(uuid: &str, data: ShareCipherData, headers: &Headers, conn: &DbConn) -> JsonResult { let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) { Some(cipher) => { if cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) { @@ -365,11 +426,6 @@ fn post_cipher_share(uuid: String, data: JsonUpcase, headers: H } } -#[put("/ciphers//share", data = "")] -fn put_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { - post_cipher_share(uuid, data, headers, conn) -} - #[post("/ciphers//attachment", format = "multipart/form-data", data = "")] fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers: Headers, conn: DbConn) -> JsonResult { let cipher = match Cipher::find_by_uuid(&uuid, &conn) { diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index e06c36b4..a3d565cb 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -42,6 +42,7 @@ pub fn routes() -> Vec { post_cipher_admin, post_cipher_share, put_cipher_share, + put_cipher_share_seleted, post_cipher, put_cipher, delete_cipher_post, diff --git a/src/db/models/attachment.rs b/src/db/models/attachment.rs index 1f5e29a7..66d5b723 100644 --- a/src/db/models/attachment.rs +++ b/src/db/models/attachment.rs @@ -111,4 +111,10 @@ impl Attachment { .filter(attachments::cipher_uuid.eq(cipher_uuid)) .load::(&**conn).expect("Error loading attachments") } + + pub fn find_by_ciphers(cipher_uuids: Vec, conn: &DbConn) -> Vec { + attachments::table + .filter(attachments::cipher_uuid.eq_any(cipher_uuids)) + .load::(&**conn).expect("Error loading attachments") + } } From 5f6d721c091029f02efd6bbacc57fa9847d95dc5 Mon Sep 17 00:00:00 2001 From: Kumar Ankur Date: Fri, 10 Aug 2018 23:19:07 +0530 Subject: [PATCH 2/3] Implemented PUT for /two-factor/authenticator and /two-factor/disable --- src/api/core/mod.rs | 2 ++ src/api/core/two_factor.rs | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index a3d565cb..3d130f3a 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -66,8 +66,10 @@ pub fn routes() -> Vec { get_recover, recover, disable_twofactor, + disable_twofactor_put, generate_authenticator, activate_authenticator, + activate_authenticator_put, generate_u2f, activate_u2f, diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs index 420362a5..67088aae 100644 --- a/src/api/core/two_factor.rs +++ b/src/api/core/two_factor.rs @@ -112,6 +112,15 @@ fn disable_twofactor( }))) } +#[put("/two-factor/disable", data = "")] +fn disable_twofactor_put( + data: JsonUpcase, + headers: Headers, + conn: DbConn, +) -> JsonResult { + disable_twofactor(data, headers, conn) +} + #[post("/two-factor/get-authenticator", data = "")] fn generate_authenticator( data: JsonUpcase, @@ -194,6 +203,15 @@ fn activate_authenticator( }))) } +#[put("/two-factor/authenticator", data = "")] +fn activate_authenticator_put( + data: JsonUpcase, + headers: Headers, + conn: DbConn, +) -> JsonResult { + activate_authenticator(data, headers, conn) +} + fn _generate_recover_code(user: &mut User, conn: &DbConn) { if user.totp_recover.is_none() { let totp_recover = BASE32.encode(&crypto::get_random(vec![0u8; 20])); From 3fd3d8d5e9e424ebe976a33a86d8fa42e8d8b7f6 Mon Sep 17 00:00:00 2001 From: Kumar Ankur Date: Fri, 10 Aug 2018 23:49:34 +0530 Subject: [PATCH 3/3] Merge branch 'beta' of https://github.com/krankur/bitwarden_rs into beta --- src/api/core/ciphers.rs | 66 +++---------------------------------- src/api/core/mod.rs | 1 - src/db/models/attachment.rs | 6 ---- 3 files changed, 5 insertions(+), 68 deletions(-) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index a253e201..95df5a00 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -87,8 +87,6 @@ fn get_cipher_details(uuid: String, headers: Headers, conn: DbConn) -> JsonResul #[derive(Deserialize, Debug)] #[allow(non_snake_case)] struct CipherData { - // Id is optional as it is included only in bulk share - Id: Option, // Folder id is not included in import FolderId: Option, // TODO: Some of these might appear all the time, no need for Option @@ -334,65 +332,6 @@ struct ShareCipherData { fn post_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { let data: ShareCipherData = data.into_inner().data; - share_cipher_by_uuid(&uuid, data, &headers, &conn) -} - -#[put("/ciphers//share", data = "")] -fn put_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { - let data: ShareCipherData = data.into_inner().data; - - share_cipher_by_uuid(&uuid, data, &headers, &conn) -} - -#[derive(Deserialize)] -#[allow(non_snake_case)] -struct ShareSelectedCipherData { - Ciphers: Vec, - CollectionIds: Vec -} - -#[put("/ciphers/share", data = "")] -fn put_cipher_share_seleted(data: JsonUpcase, headers: Headers, conn: DbConn) -> EmptyResult { - let mut data: ShareSelectedCipherData = data.into_inner().data; - let mut cipher_ids: Vec = Vec::new(); - - if data.Ciphers.len() == 0 { - err!("You must select at least one cipher.") - } - - if data.CollectionIds.len() == 0 { - err!("You must select at least one collection.") - } - - for cipher in data.Ciphers.iter() { - match cipher.Id { - Some(ref id) => cipher_ids.push(id.to_string()), - None => err!("Request missing ids field") - }; - } - - let attachments = Attachment::find_by_ciphers(cipher_ids, &conn); - - if attachments.len() > 0 { - err!("Ciphers should not have any attachments.") - } - - while let Some(cipher) = data.Ciphers.pop() { - let mut shared_cipher_data = ShareCipherData { - Cipher: cipher, - CollectionIds: data.CollectionIds.clone() - }; - - match shared_cipher_data.Cipher.Id.take() { - Some(id) => share_cipher_by_uuid(&id, shared_cipher_data , &headers, &conn)?, - None => err!("Request missing ids field") - }; - } - - Ok(()) -} - -fn share_cipher_by_uuid(uuid: &str, data: ShareCipherData, headers: &Headers, conn: &DbConn) -> JsonResult { let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) { Some(cipher) => { if cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) { @@ -426,6 +365,11 @@ fn share_cipher_by_uuid(uuid: &str, data: ShareCipherData, headers: &Headers, co } } +#[put("/ciphers//share", data = "")] +fn put_cipher_share(uuid: String, data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { + post_cipher_share(uuid, data, headers, conn) +} + #[post("/ciphers//attachment", format = "multipart/form-data", data = "")] fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers: Headers, conn: DbConn) -> JsonResult { let cipher = match Cipher::find_by_uuid(&uuid, &conn) { diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index 3d130f3a..6b988fc8 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -42,7 +42,6 @@ pub fn routes() -> Vec { post_cipher_admin, post_cipher_share, put_cipher_share, - put_cipher_share_seleted, post_cipher, put_cipher, delete_cipher_post, diff --git a/src/db/models/attachment.rs b/src/db/models/attachment.rs index 66d5b723..1f5e29a7 100644 --- a/src/db/models/attachment.rs +++ b/src/db/models/attachment.rs @@ -111,10 +111,4 @@ impl Attachment { .filter(attachments::cipher_uuid.eq(cipher_uuid)) .load::(&**conn).expect("Error loading attachments") } - - pub fn find_by_ciphers(cipher_uuids: Vec, conn: &DbConn) -> Vec { - attachments::table - .filter(attachments::cipher_uuid.eq_any(cipher_uuids)) - .load::(&**conn).expect("Error loading attachments") - } }