vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit da47846f2258b72ba92746f14868360469432c10
parent 9c46d2f72d9d0752ba023c97529f5c449be94bda
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Fri, 27 Apr 2018 13:58:43 +0200

Merge pull request #9 from mprasil/org_cipher

Add support for adding and viewing of org ciphers
Diffstat:

Msrc/api/core/ciphers.rs | 25++++++++++++++++++-------


Msrc/api/core/mod.rs | 1+


Msrc/api/core/organizations.rs | 8++++----


Msrc/db/models/cipher.rs | 8+++++++-


4 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs
@@ -95,7 +95,12 @@ struct CipherData {
     card: Option<Value>,
     identity: Option<Value>,
 
-    favorite: bool,
+    favorite: Option<bool>,
+}
+
+#[post("/ciphers/admin", data = "<data>")]
+fn post_ciphers_admin(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonResult {
+    post_ciphers(data, headers, conn)
 }
 
 #[post("/ciphers", data = "<data>")]
@@ -103,7 +108,7 @@ fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonR
     let data: CipherData = data.into_inner();
 
     let user_uuid = headers.user.uuid.clone();
-    let favorite = data.favorite;
+    let favorite = data.favorite.unwrap_or(false);
     let mut cipher = Cipher::new(user_uuid, data.type_, data.name.clone(), favorite);
 
     update_cipher_from_data(&mut cipher, data, &headers, &conn)?;
@@ -126,9 +131,15 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
 
     cipher.folder_uuid = data.folderId;
 
-    if let org_id @ Some(_) = data.organizationId {
-        // TODO: Check if user in org
-        cipher.organization_uuid = org_id;
+    if let Some(org_id) = data.organizationId {
+        match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
+            None => err!("You don't have permission to add item to organization"),
+            Some(org_user) => if org_user.access_all || org_user.type_ < UserOrgType::User as i32 {
+                cipher.organization_uuid = Some(org_id);
+            } else {
+                err!("You don't have permission to add cipher directly to organization")
+            }
+        }
     }
 
     // TODO: ******* Backwards compat start **********
@@ -246,7 +257,7 @@ fn post_ciphers_import(data: Json<ImportData>, headers: Headers, conn: DbConn) -
             .map(|i| folders[*i as usize].uuid.clone());
 
         let user_uuid = headers.user.uuid.clone();
-        let favorite = cipher_data.favorite;
+        let favorite = cipher_data.favorite.unwrap_or(false);
         let mut cipher = Cipher::new(user_uuid, cipher_data.type_, cipher_data.name.clone(), favorite);
 
         if update_cipher_from_data(&mut cipher, cipher_data, &headers, &conn).is_err() { err!("Error creating cipher") }
@@ -278,7 +289,7 @@ fn put_cipher(uuid: String, data: Json<CipherData>, headers: Headers, conn: DbCo
         err!("Cipher is not owned by user")
     }
 
-    cipher.favorite = data.favorite;
+    cipher.favorite = data.favorite.unwrap_or(false);
 
     update_cipher_from_data(&mut cipher, data, &headers, &conn)?;
     cipher.save(&conn);
diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs
@@ -27,6 +27,7 @@ pub fn routes() -> Vec<Route> {
         get_ciphers,
         get_cipher,
         post_ciphers,
+        post_ciphers_admin,
         post_ciphers_import,
         post_attachment,
         delete_attachment_post,
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -229,12 +229,12 @@ struct OrgIdData {
 
 #[get("/ciphers/organization-details?<data>")]
 fn get_org_details(data: OrgIdData, headers: Headers, conn: DbConn) -> JsonResult {
-
-    // Get list of ciphers in org?
+    let ciphers = Cipher::find_by_org(&data.organizationId, &conn);
+    let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&headers.host, &conn)).collect();
 
     Ok(Json(json!({
-        "Data": [],
-        "Object": "list"
+      "Data": ciphers_json,
+      "Object": "list",
     })))
 }
 
diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs
@@ -96,7 +96,7 @@ impl Cipher {
             "RevisionDate": format_date(&self.updated_at),
             "FolderId": self.folder_uuid,
             "Favorite": self.favorite,
-            "OrganizationId": "",
+            "OrganizationId": self.organization_uuid,
             "Attachments": attachments_json,
             "OrganizationUseTotp": false,
 
@@ -154,6 +154,12 @@ impl Cipher {
             .load::<Self>(&**conn).expect("Error loading ciphers")
     }
 
+    pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {
+        ciphers::table
+            .filter(ciphers::organization_uuid.eq(org_uuid))
+            .load::<Self>(&**conn).expect("Error loading ciphers")
+    }
+
     pub fn find_by_folder(folder_uuid: &str, conn: &DbConn) -> Vec<Self> {
         ciphers::table
             .filter(ciphers::folder_uuid.eq(folder_uuid))