vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 328cbade195324d8edbc7e532a17b4da77a08e26
parent 8a0eac803049954fbc516d2a3ac3297a703e7e4a
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Thu, 19 Apr 2018 17:28:14 +0200

Merge pull request #3 from mprasil/update-multi

Add bulk move and bulk delete
Diffstat:
Msrc/api/core/ciphers.rs | 76++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
Msrc/api/core/mod.rs | 1+
2 files changed, 75 insertions(+), 2 deletions(-)

diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs @@ -388,8 +388,80 @@ fn delete_cipher(uuid: String, headers: Headers, conn: DbConn) -> EmptyResult { fn delete_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) -> EmptyResult { let data: Value = data.into_inner(); - println!("{:#?}", data); - unimplemented!() + let uuids = match data.get("ids") { + Some(ids) => match ids.as_array() { + Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}), + None => err!("Posted ids field is not an array") + }, + None => err!("Request missing ids field") + }; + + for uuid in uuids { + let cipher = match Cipher::find_by_uuid(uuid, &conn) { + Some(cipher) => cipher, + None => err!("Cipher doesn't exist") + }; + + if cipher.user_uuid != headers.user.uuid { + err!("Cipher is not owned by user") + } + + // Delete attachments + for a in Attachment::find_by_cipher(&cipher.uuid, &conn) { a.delete(&conn); } + + // Delete cipher + cipher.delete(&conn); + } + + Ok(()) +} + +#[post("/ciphers/move", data = "<data>")] +fn move_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) -> EmptyResult { + let folder_id = match data.get("folderId") { + Some(folder_id) => { + match folder_id.as_str() { + Some(folder_id) => { + match Folder::find_by_uuid(folder_id, &conn) { + Some(folder) => { + if folder.user_uuid != headers.user.uuid { + err!("Folder is not owned by user") + } + Some(folder_id.to_string()) + } + None => err!("Folder doesn't exist") + } + }, + None => err!("Folder id provided in wrong format") + } + }, + None => None + }; + + let uuids = match data.get("ids") { + Some(ids) => match ids.as_array() { + Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}), + None => err!("Posted ids field is not an array") + }, + None => err!("Request missing ids field") + }; + + for uuid in uuids { + let mut cipher = match Cipher::find_by_uuid(uuid, &conn) { + Some(cipher) => cipher, + None => err!("Cipher doesn't exist") + }; + + if cipher.user_uuid != headers.user.uuid { + err!("Cipher is not owned by user") + } + + // Move cipher + cipher.folder_uuid = folder_id.clone(); + cipher.save(&conn); + } + + Ok(()) } #[post("/ciphers/purge", data = "<data>")] diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs @@ -36,6 +36,7 @@ pub fn routes() -> Vec<Route> { delete_cipher, delete_cipher_selected, delete_all, + move_cipher_selected, get_folders, get_folder,