vw_small

ciphers.rs (47896B)

---

 use super::folders::FolderData;
 use crate::{
     api::{self, EmptyResult, JsonResult, PasswordOrOtpData},
     auth::Headers,
     db::{
         models::{
             Cipher, Collection, CollectionCipher, CollectionUser, Favorite, Folder, FolderCipher,
             OrgPolicy, OrgPolicyType, UserOrgType, UserOrganization,
         },
         DbConn,
     },
     error::Error,
     util::NumberOrString,
 };
 use chrono::{NaiveDateTime, Utc};
 use rocket::{
     form::{Form, FromForm},
     fs::TempFile,
     serde::json::Json,
     Route,
 };
 use serde_json::Value;
 use std::collections::{HashMap, HashSet};
 pub fn routes() -> Vec<Route> {
     // Note that many routes have an `admin` variant; this seems to be
     // because the stored procedure that upstream Bitwarden uses to determine
     // whether the user can edit a cipher doesn't take into account whether
     // the user is an org owner/admin. The `admin` variant first checks
     // whether the user is an owner/admin of the relevant org, and if so,
     // allows the operation unconditionally.
     //
     // vaultwarden factors in the org owner/admin status as part of
     // determining the write accessibility of a cipher, so most
     // admin/non-admin implementations can be shared.
     routes![
         delete_all,
         delete_attachment,
         delete_attachment_admin,
         delete_attachment_post,
         delete_attachment_post_admin,
         delete_cipher,
         delete_cipher_admin,
         delete_cipher_post,
         delete_cipher_post_admin,
         delete_cipher_put,
         delete_cipher_put_admin,
         delete_cipher_selected,
         delete_cipher_selected_admin,
         delete_cipher_selected_post,
         delete_cipher_selected_post_admin,
         delete_cipher_selected_put,
         delete_cipher_selected_put_admin,
         get_attachment,
         get_cipher,
         get_cipher_admin,
         get_cipher_details,
         get_ciphers,
         move_cipher_selected,
         move_cipher_selected_put,
         post_attachment,
         post_attachment_admin,
         post_attachment_share,
         post_attachment_v2,
         post_attachment_v2_data,
         post_cipher,
         post_cipher_admin,
         post_cipher_partial,
         post_cipher_share,
         post_ciphers,
         post_ciphers_admin,
         post_ciphers_create,
         post_ciphers_import,
         post_collections2_update,
         post_collections_admin,
         post_collections_update,
         put_cipher,
         put_cipher_admin,
         put_cipher_partial,
         put_cipher_share,
         put_cipher_share_selected,
         put_collections2_update,
         put_collections_admin,
         put_collections_update,
         restore_cipher_put,
         restore_cipher_put_admin,
         restore_cipher_selected,
         sync,
     ]
 }
 
 #[derive(FromForm, Default)]
 struct SyncData {
     #[field(name = "excludeDomains")]
     exclude_domains: bool, // Default: 'false'
 }
 
 #[get("/sync?<data..>")]
 async fn sync(data: SyncData, headers: Headers, conn: DbConn) -> Json<Value> {
     let user_json = headers.user.to_json(&conn).await;
     // Get all ciphers which are visible by the user
     let ciphers = Cipher::find_by_user_visible(&headers.user.uuid, &conn).await;
     let cipher_sync_data =
         CipherSyncData::new(&headers.user.uuid, CipherSyncType::User, &conn).await;
 
     // Lets generate the ciphers_json using all the gathered info
     let mut ciphers_json = Vec::with_capacity(ciphers.len());
     for c in ciphers {
         ciphers_json.push(
             c.to_json(
                 &headers.user.uuid,
                 Some(&cipher_sync_data),
                 CipherSyncType::User,
                 &conn,
             )
             .await,
         );
     }
     let collections = Collection::find_by_user_uuid(headers.user.uuid.clone(), &conn).await;
     let mut collections_json = Vec::with_capacity(collections.len());
     for c in collections {
         collections_json.push(
             c.to_json_details(&headers.user.uuid, Some(&cipher_sync_data), &conn)
                 .await,
         );
     }
     let folders_json: Vec<Value> = Folder::find_by_user(&headers.user.uuid, &conn)
         .await
         .iter()
         .map(Folder::to_json)
         .collect();
     let policies_json: Vec<Value> = OrgPolicy::find_confirmed_by_user(&headers.user.uuid, &conn)
         .await
         .iter()
         .map(OrgPolicy::to_json)
         .collect();
     let domains_json = if data.exclude_domains {
         Value::Null
     } else {
         api::core::_get_eq_domains(headers, true).into_inner()
     };
     Json(json!({
         "profile": user_json,
         "folders": folders_json,
         "collections": collections_json,
         "policies": policies_json,
         "ciphers": ciphers_json,
         "domains": domains_json,
         "sends": Vec::<Value>::new(),
         "object": "sync"
     }))
 }
 
 #[get("/ciphers")]
 async fn get_ciphers(headers: Headers, conn: DbConn) -> Json<Value> {
     let ciphers = Cipher::find_by_user_visible(&headers.user.uuid, &conn).await;
     let cipher_sync_data =
         CipherSyncData::new(&headers.user.uuid, CipherSyncType::User, &conn).await;
     let mut ciphers_json = Vec::with_capacity(ciphers.len());
     for c in ciphers {
         ciphers_json.push(
             c.to_json(
                 &headers.user.uuid,
                 Some(&cipher_sync_data),
                 CipherSyncType::User,
                 &conn,
             )
             .await,
         );
     }
     Json(json!({
       "data": ciphers_json,
       "object": "list",
       "continuationToken": null
     }))
 }
 
 #[get("/ciphers/<uuid>")]
 async fn get_cipher(uuid: &str, headers: Headers, conn: DbConn) -> JsonResult {
     let Some(cipher) = Cipher::find_by_uuid(uuid, &conn).await else {
         err!("Cipher doesn't exist")
     };
     if !cipher
         .is_accessible_to_user(&headers.user.uuid, &conn)
         .await
     {
         err!("Cipher is not owned by user")
     }
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, &conn)
             .await,
     ))
 }
 
 #[get("/ciphers/<uuid>/admin")]
 async fn get_cipher_admin(uuid: &str, headers: Headers, conn: DbConn) -> JsonResult {
     // TODO: Implement this correctly
     get_cipher(uuid, headers, conn).await
 }
 
 #[get("/ciphers/<uuid>/details")]
 async fn get_cipher_details(uuid: &str, headers: Headers, conn: DbConn) -> JsonResult {
     get_cipher(uuid, headers, conn).await
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct CipherData {
     // id is optional as it is included only in bulk share
     pub id: Option<String>,
     // folder id is not included in import
     folder_id: Option<String>,
     // TODO: Some of these might appear all the time, no need for Option
     #[serde(alias = "organizationID")]
     pub organization_id: Option<String>,
     key: Option<String>,
     pub r#type: i32,
     pub name: String,
     pub notes: Option<String>,
     fields: Option<Value>,
     // Only one of these should exist, depending on type
     login: Option<Value>,
     secure_note: Option<Value>,
     card: Option<Value>,
     identity: Option<Value>,
     favorite: Option<bool>,
     reprompt: Option<i32>,
     pub password_history: Option<Value>,
     // These are used during key rotation
     // 'Attachments' is unused, contains map of {id: filename}
     #[allow(dead_code)]
     attachments: Option<Value>,
     #[allow(dead_code)]
     attachments2: Option<HashMap<String, Attachments2Data>>,
     // The revision datetime (in ISO 8601 format) of the client's local copy
     // of the cipher. This is used to prevent a client from updating a cipher
     // when it doesn't have the latest version, as that can result in data
     // loss. It's not an error when no value is provided; this can happen
     // when using older client versions, or if the operation doesn't involve
     // updating an existing cipher.
     last_known_revision_date: Option<String>,
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct PartialCipherData {
     folder_id: Option<String>,
     favorite: bool,
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct Attachments2Data {
     #[allow(dead_code)]
     file_name: String,
     #[allow(dead_code)]
     key: String,
 }
 
 /// Called when an org admin clones an org cipher.
 #[post("/ciphers/admin", data = "<data>")]
 async fn post_ciphers_admin(
     data: Json<ShareCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     post_ciphers_create(data, headers, conn).await
 }
 
 /// Called when creating a new org-owned cipher, or cloning a cipher (whether
 /// user- or org-owned). When cloning a cipher to a user-owned cipher,
 /// `organizationId` is null.
 #[post("/ciphers/create", data = "<data>")]
 async fn post_ciphers_create(
     data: Json<ShareCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let mut data: ShareCipherData = data.into_inner();
     // Check if there are one more more collections selected when this cipher is part of an organization.
     // err if this is not the case before creating an empty cipher.
     if data.cipher.organization_id.is_some() && data.collection_ids.is_empty() {
         err!("You must select at least one collection.");
     }
     // This check is usually only needed in update_cipher_from_data(), but we
     // need it here as well to avoid creating an empty cipher in the call to
     // cipher.save() below.
     enforce_personal_ownership_policy(Some(&data.cipher), &headers, &conn).await?;
     let mut cipher = Cipher::new(data.cipher.r#type, data.cipher.name.clone());
     cipher.user_uuid = Some(headers.user.uuid.clone());
     cipher.save(&conn).await?;
     // When cloning a cipher, the Bitwarden clients seem to set this field
     // based on the cipher being cloned (when creating a new cipher, it's set
     // to null as expected). However, `cipher.created_at` is initialized to
     // the current time, so the stale data check will end up failing down the
     // line. Since this function only creates new ciphers (whether by cloning
     // or otherwise), we can just ignore this field entirely.
     data.cipher.last_known_revision_date = None;
     share_cipher_by_uuid(&cipher.uuid, data, &headers, &conn).await
 }
 
 /// Called when creating a new user-owned cipher.
 #[post("/ciphers", data = "<data>")]
 async fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonResult {
     let mut data: CipherData = data.into_inner();
     // The web/browser clients set this field to null as expected, but the
     // mobile clients seem to set the invalid value `0001-01-01T00:00:00`,
     // which results in a warning message being logged. This field isn't
     // needed when creating a new cipher, so just ignore it unconditionally.
     data.last_known_revision_date = None;
     let mut cipher = Cipher::new(data.r#type, data.name.clone());
     update_cipher_from_data(&mut cipher, data, &headers, None, &conn, false).await?;
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, &conn)
             .await,
     ))
 }
 
 /// Enforces the personal ownership policy on user-owned ciphers, if applicable.
 /// A non-owner/admin user belonging to an org with the personal ownership policy
 /// enabled isn't allowed to create new user-owned ciphers or modify existing ones
 /// (that were created before the policy was applicable to the user). The user is
 /// allowed to delete or share such ciphers to an org, however.
 ///
 /// Ref: https://bitwarden.com/help/article/policies/#personal-ownership
 async fn enforce_personal_ownership_policy(
     data: Option<&CipherData>,
     headers: &Headers,
     conn: &DbConn,
 ) -> EmptyResult {
     if data.is_none() || data.unwrap().organization_id.is_none() {
         let user_uuid = &headers.user.uuid;
         let policy_type = OrgPolicyType::PersonalOwnership;
         if OrgPolicy::is_applicable_to_user(user_uuid, policy_type, None, conn).await {
             err!("Due to an Enterprise Policy, you are restricted from saving items to your personal vault.")
         }
     }
     Ok(())
 }
 
 pub async fn update_cipher_from_data(
     cipher: &mut Cipher,
     data: CipherData,
     headers: &Headers,
     shared_to_collections: Option<Vec<String>>,
     conn: &DbConn,
     import_cipher: bool,
 ) -> EmptyResult {
     enforce_personal_ownership_policy(Some(&data), headers, conn).await?;
     // Check that the client isn't updating an existing cipher with stale data.
     // And only perform this check when not importing ciphers, else the date/time check will fail.
     if !import_cipher {
         if let Some(dt) = data.last_known_revision_date {
             match NaiveDateTime::parse_from_str(&dt, "%+") {
                 // ISO 8601 format
                 Err(err) => warn!("Error parsing LastKnownRevisionDate '{}': {}", dt, err),
                 Ok(dt) if cipher.updated_at.signed_duration_since(dt).num_seconds() > 1 => {
                     err!("The client copy of this cipher is out of date. Resync the client and try again.")
                 }
                 Ok(_) => (),
             }
         }
     }
     if cipher.organization_uuid.is_some() && cipher.organization_uuid != data.organization_id {
         err!("Organization mismatch. Please resync the client before updating the cipher")
     }
     if let Some(ref note) = data.notes {
         if note.len() > 10_000 {
             err!("The field Notes exceeds the maximum encrypted value length of 10000 characters.")
         }
     }
     if let Some(org_id) = data.organization_id {
         match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, conn).await {
             None => err!("You don't have permission to add item to organization"),
             Some(org_user) => {
                 if shared_to_collections.is_some()
                     || org_user.has_full_access()
                     || cipher
                         .is_write_accessible_to_user(&headers.user.uuid, conn)
                         .await
                 {
                     cipher.organization_uuid = Some(org_id);
                     // After some discussion in PR #1329 re-added the user_uuid = None again.
                     // TODO: Audit/Check the whole save/update cipher chain.
                     // Upstream uses the user_uuid to allow a cipher added by a user to an org to still allow the user to view/edit the cipher
                     // even when the user has hide-passwords configured as there policy.
                     // Removing the line below would fix that, but we have to check which effect this would have on the rest of the code.
                     cipher.user_uuid = None;
                 } else {
                     err!("You don't have permission to add cipher directly to organization")
                 }
             }
         }
     } else {
         cipher.user_uuid = Some(headers.user.uuid.clone());
     }
     if let Some(ref folder_id) = data.folder_id {
         match Folder::find_by_uuid(folder_id, conn).await {
             Some(folder) => {
                 if folder.user_uuid != headers.user.uuid {
                     err!("Folder is not owned by user")
                 }
             }
             None => err!("Folder doesn't exist"),
         }
     }
     // Cleanup cipher data, like removing the 'Response' key.
     // This key is somewhere generated during Javascript so no way for us this fix this.
     // Also, upstream only retrieves keys they actually want to store, and thus skip the 'Response' key.
     // We do not mind which data is in it, the keep our model more flexible when there are upstream changes.
     // But, we at least know we do not need to store and return this specific key.
     fn _clean_cipher_data(mut json_data: Value) -> Value {
         if json_data.is_array() {
             json_data
                 .as_array_mut()
                 .unwrap()
                 .iter_mut()
                 .for_each(|ref mut f| {
                     f.as_object_mut().unwrap().remove("Response");
                 });
         };
         json_data
     }
     let type_data_opt = match data.r#type {
         1i32 => data.login,
         2i32 => data.secure_note,
         3i32 => data.card,
         4i32 => data.identity,
         _ => err!("Invalid type"),
     };
     let type_data = match type_data_opt {
         Some(mut data_in_type) => {
             // Remove the 'Response' key from the base object.
             data_in_type.as_object_mut().unwrap().remove("Response");
             // Remove the 'Response' key from every Uri.
             if data_in_type["Uris"].is_array() {
                 data_in_type["Uris"] = _clean_cipher_data(data_in_type["Uris"].clone());
             }
             data_in_type
         }
         None => err!("Data missing"),
     };
     cipher.key = data.key;
     cipher.name = data.name;
     cipher.notes = data.notes;
     cipher.fields = data.fields.map(|f| _clean_cipher_data(f).to_string());
     cipher.data = type_data.to_string();
     cipher.password_history = data.password_history.map(|f| f.to_string());
     cipher.reprompt = data.reprompt;
     cipher.save(conn).await?;
     cipher
         .move_to_folder(data.folder_id, &headers.user.uuid, conn)
         .await?;
     cipher
         .set_favorite(data.favorite, &headers.user.uuid, conn)
         .await?;
     Ok(())
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct ImportData {
     ciphers: Vec<CipherData>,
     folders: Vec<FolderData>,
     folder_relationships: Vec<RelationsData>,
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct RelationsData {
     // Cipher id
     key: usize,
     // Folder id
     value: usize,
 }
 
 #[post("/ciphers/import", data = "<data>")]
 async fn post_ciphers_import(
     data: Json<ImportData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     enforce_personal_ownership_policy(None, &headers, &conn).await?;
     let data: ImportData = data.into_inner();
     // Validate the import before continuing
     // Bitwarden does not process the import if there is one item invalid.
     // Since we check for the size of the encrypted note length, we need to do that here to pre-validate it.
     // TODO: See if we can optimize the whole cipher adding/importing and prevent duplicate code and checks.
     Cipher::validate_cipher_data(&data.ciphers)?;
     let existing_folders: Vec<String> = Folder::find_by_user(&headers.user.uuid, &conn)
         .await
         .into_iter()
         .map(|f| f.uuid)
         .collect();
     let mut folders: Vec<String> = Vec::with_capacity(data.folders.len());
     for folder in data.folders {
         let folder_uuid =
             if folder.id.is_some() && existing_folders.contains(folder.id.as_ref().unwrap()) {
                 folder.id.unwrap()
             } else {
                 let mut new_folder = Folder::new(headers.user.uuid.clone(), folder.name);
                 new_folder.save(&conn).await?;
                 new_folder.uuid
             };
         folders.push(folder_uuid);
     }
     // Read the relations between folders and ciphers
     let mut relations_map = HashMap::with_capacity(data.folder_relationships.len());
     for relation in data.folder_relationships {
         relations_map.insert(relation.key, relation.value);
     }
     // Read and create the ciphers
     for (index, mut cipher_data) in data.ciphers.into_iter().enumerate() {
         let folder_uuid = relations_map.get(&index).map(|i| folders[*i].clone());
         cipher_data.folder_id = folder_uuid;
         let mut cipher = Cipher::new(cipher_data.r#type, cipher_data.name.clone());
         update_cipher_from_data(&mut cipher, cipher_data, &headers, None, &conn, true).await?;
     }
     let mut user = headers.user;
     user.update_revision(&conn).await?;
     Ok(())
 }
 
 /// Called when an org admin modifies an existing org cipher.
 #[put("/ciphers/<uuid>/admin", data = "<data>")]
 async fn put_cipher_admin(
     uuid: &str,
     data: Json<CipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     put_cipher(uuid, data, headers, conn).await
 }
 
 #[post("/ciphers/<uuid>/admin", data = "<data>")]
 async fn post_cipher_admin(
     uuid: &str,
     data: Json<CipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     post_cipher(uuid, data, headers, conn).await
 }
 
 #[post("/ciphers/<uuid>", data = "<data>")]
 async fn post_cipher(
     uuid: &str,
     data: Json<CipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     put_cipher(uuid, data, headers, conn).await
 }
 
 #[put("/ciphers/<uuid>", data = "<data>")]
 async fn put_cipher(
     uuid: &str,
     data: Json<CipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let data: CipherData = data.into_inner();
     let Some(mut cipher) = Cipher::find_by_uuid(uuid, &conn).await else {
         err!("Cipher doesn't exist")
     };
     // TODO: Check if only the folder ID or favorite status is being changed.
     // These are per-user properties that technically aren't part of the
     // cipher itself, so the user shouldn't need write access to change these.
     // Interestingly, upstream Bitwarden doesn't properly handle this either.
     if !cipher
         .is_write_accessible_to_user(&headers.user.uuid, &conn)
         .await
     {
         err!("Cipher is not write accessible")
     }
     update_cipher_from_data(&mut cipher, data, &headers, None, &conn, false).await?;
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, &conn)
             .await,
     ))
 }
 
 #[post("/ciphers/<uuid>/partial", data = "<data>")]
 async fn post_cipher_partial(
     uuid: &str,
     data: Json<PartialCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     put_cipher_partial(uuid, data, headers, conn).await
 }
 
 // Only update the folder and favorite for the user, since this cipher is read-only
 #[put("/ciphers/<uuid>/partial", data = "<data>")]
 async fn put_cipher_partial(
     uuid: &str,
     data: Json<PartialCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let data: PartialCipherData = data.into_inner();
     let Some(cipher) = Cipher::find_by_uuid(uuid, &conn).await else {
         err!("Cipher doesn't exist")
     };
     if let Some(ref folder_id) = data.folder_id {
         match Folder::find_by_uuid(folder_id, &conn).await {
             Some(folder) => {
                 if folder.user_uuid != headers.user.uuid {
                     err!("Folder is not owned by user")
                 }
             }
             None => err!("Folder doesn't exist"),
         }
     }
     // Move cipher
     cipher
         .move_to_folder(data.folder_id.clone(), &headers.user.uuid, &conn)
         .await?;
     // Update favorite
     cipher
         .set_favorite(Some(data.favorite), &headers.user.uuid, &conn)
         .await?;
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, &conn)
             .await,
     ))
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct CollectionsAdminData {
     #[serde(alias = "CollectionIds")]
     collection_ids: Vec<String>,
 }
 
 #[put("/ciphers/<uuid>/collections_v2", data = "<data>")]
 async fn put_collections2_update(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     post_collections2_update(uuid, data, headers, conn).await
 }
 
 #[post("/ciphers/<uuid>/collections_v2", data = "<data>")]
 async fn post_collections2_update(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let cipher_details = post_collections_update(uuid, data, headers, conn).await?;
     Ok(Json(json!({
         "object": "optionalCipherDetails",
         "unavailable": false,
         "cipher": *cipher_details
     })))
 }
 
 #[put("/ciphers/<uuid>/collections", data = "<data>")]
 async fn put_collections_update(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     post_collections_update(uuid, data, headers, conn).await
 }
 
 #[post("/ciphers/<uuid>/collections", data = "<data>")]
 async fn post_collections_update(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let data: CollectionsAdminData = data.into_inner();
     let Some(cipher) = Cipher::find_by_uuid(uuid, &conn).await else {
         err!("Cipher doesn't exist")
     };
     if !cipher
         .is_write_accessible_to_user(&headers.user.uuid, &conn)
         .await
     {
         err!("Cipher is not write accessible")
     }
 
     let posted_collections = HashSet::<String>::from_iter(data.collection_ids);
     let current_collections = HashSet::<String>::from_iter(
         cipher
             .get_collections(headers.user.uuid.clone(), &conn)
             .await,
     );
 
     for collection in posted_collections.symmetric_difference(&current_collections) {
         match Collection::find_by_uuid(collection, &conn).await {
             None => err!("Invalid collection ID provided"),
             Some(collection) => {
                 if collection
                     .is_writable_by_user(&headers.user.uuid, &conn)
                     .await
                 {
                     if posted_collections.contains(&collection.uuid) {
                         // Add to collection
                         CollectionCipher::save(&cipher.uuid, &collection.uuid, &conn).await?;
                     } else {
                         // Remove from collection
                         CollectionCipher::delete(&cipher.uuid, &collection.uuid, &conn).await?;
                     }
                 } else {
                     err!("No rights to modify the collection")
                 }
             }
         }
     }
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, &conn)
             .await,
     ))
 }
 
 #[put("/ciphers/<uuid>/collections-admin", data = "<data>")]
 async fn put_collections_admin(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     post_collections_admin(uuid, data, headers, conn).await
 }
 
 #[post("/ciphers/<uuid>/collections-admin", data = "<data>")]
 async fn post_collections_admin(
     uuid: &str,
     data: Json<CollectionsAdminData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     let data: CollectionsAdminData = data.into_inner();
     let Some(cipher) = Cipher::find_by_uuid(uuid, &conn).await else {
         err!("Cipher doesn't exist")
     };
     if !cipher
         .is_write_accessible_to_user(&headers.user.uuid, &conn)
         .await
     {
         err!("Cipher is not write accessible")
     }
     let posted_collections = HashSet::<String>::from_iter(data.collection_ids);
     let current_collections = HashSet::<String>::from_iter(
         cipher
             .get_admin_collections(headers.user.uuid.clone(), &conn)
             .await,
     );
     for collection in posted_collections.symmetric_difference(&current_collections) {
         match Collection::find_by_uuid(collection, &conn).await {
             None => err!("Invalid collection ID provided"),
             Some(collection) => {
                 if collection
                     .is_writable_by_user(&headers.user.uuid, &conn)
                     .await
                 {
                     if posted_collections.contains(&collection.uuid) {
                         // Add to collection
                         CollectionCipher::save(&cipher.uuid, &collection.uuid, &conn).await?;
                     } else {
                         // Remove from collection
                         CollectionCipher::delete(&cipher.uuid, &collection.uuid, &conn).await?;
                     }
                 } else {
                     err!("No rights to modify the collection")
                 }
             }
         }
     }
     Ok(())
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct ShareCipherData {
     #[serde(alias = "Cipher")]
     cipher: CipherData,
     #[serde(alias = "CollectionIds")]
     collection_ids: Vec<String>,
 }
 
 #[post("/ciphers/<uuid>/share", data = "<data>")]
 async fn post_cipher_share(
     uuid: &str,
     data: Json<ShareCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let data: ShareCipherData = data.into_inner();
     share_cipher_by_uuid(uuid, data, &headers, &conn).await
 }
 
 #[put("/ciphers/<uuid>/share", data = "<data>")]
 async fn put_cipher_share(
     uuid: &str,
     data: Json<ShareCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     let data: ShareCipherData = data.into_inner();
     share_cipher_by_uuid(uuid, data, &headers, &conn).await
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct ShareSelectedCipherData {
     ciphers: Vec<CipherData>,
     collection_ids: Vec<String>,
 }
 
 #[put("/ciphers/share", data = "<data>")]
 async fn put_cipher_share_selected(
     data: Json<ShareSelectedCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     let mut data: ShareSelectedCipherData = data.into_inner();
     if data.ciphers.is_empty() {
         err!("You must select at least one cipher.")
     }
     if data.collection_ids.is_empty() {
         err!("You must select at least one collection.")
     }
     for cipher in &data.ciphers {
         if cipher.id.is_none() {
             err!("Request missing ids field");
         }
     }
     while let Some(cipher) = data.ciphers.pop() {
         let mut shared_cipher_data = ShareCipherData {
             cipher,
             collection_ids: data.collection_ids.clone(),
         };
         match shared_cipher_data.cipher.id.take() {
             Some(id) => share_cipher_by_uuid(&id, shared_cipher_data, &headers, &conn).await?,
             None => err!("Request missing ids field"),
         };
     }
     Ok(())
 }
 
 async fn share_cipher_by_uuid(
     uuid: &str,
     data: ShareCipherData,
     headers: &Headers,
     conn: &DbConn,
 ) -> JsonResult {
     let mut cipher = match Cipher::find_by_uuid(uuid, conn).await {
         Some(cipher) => {
             if cipher
                 .is_write_accessible_to_user(&headers.user.uuid, conn)
                 .await
             {
                 cipher
             } else {
                 err!("Cipher is not write accessible")
             }
         }
         None => err!("Cipher doesn't exist"),
     };
     let mut shared_to_collections = Vec::new();
     if let Some(ref organization_uuid) = data.cipher.organization_id {
         for col_uuid in &data.collection_ids {
             match Collection::find_by_uuid_and_org(col_uuid, organization_uuid, conn).await {
                 None => err!("Invalid collection ID provided"),
                 Some(collection) => {
                     if collection
                         .is_writable_by_user(&headers.user.uuid, conn)
                         .await
                     {
                         CollectionCipher::save(&cipher.uuid, &collection.uuid, conn).await?;
                         shared_to_collections.push(collection.uuid);
                     } else {
                         err!("No rights to modify the collection")
                     }
                 }
             }
         }
     };
     update_cipher_from_data(
         &mut cipher,
         data.cipher,
         headers,
         Some(shared_to_collections),
         conn,
         false,
     )
     .await?;
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, conn)
             .await,
     ))
 }
 
 const ATTACHMENTS_DISABLED_MSG: &str = "Attachments are disabled.";
 /// v2 API for downloading an attachment. This just redirects the client to
 /// the actual location of an attachment.
 ///
 /// Upstream added this v2 API to support direct download of attachments from
 /// their object storage service. For self-hosted instances, it basically just
 /// redirects to the same location as before the v2 API.
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[get("/ciphers/<uuid>/attachment/<attachment_id>")]
 fn get_attachment(uuid: &str, attachment_id: &str, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct AttachmentRequestData {
     #[allow(dead_code)]
     key: String,
     #[allow(dead_code)]
     file_name: String,
     #[allow(dead_code)]
     file_size: NumberOrString,
     #[allow(dead_code)]
     admin_request: Option<bool>, // true when attaching from an org vault view
 }
 
 /// v2 API for creating an attachment associated with a cipher.
 /// This redirects the client to the API it should use to upload the attachment.
 /// For upstream's cloud-hosted service, it's an Azure object storage API.
 /// For self-hosted instances, it's another API on the local instance.
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post("/ciphers/<uuid>/attachment/v2", data = "<data>")]
 fn post_attachment_v2(uuid: &str, data: Json<AttachmentRequestData>, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(dead_code)]
 #[derive(FromForm)]
 struct UploadData<'f> {
     key: Option<String>,
     data: TempFile<'f>,
 }
 
 /// v2 API for uploading the actual data content of an attachment.
 /// This route needs a rank specified so that Rocket prioritizes the
 /// /ciphers/<uuid>/attachment/v2 route, which would otherwise conflict
 /// with this one.
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post(
     "/ciphers/<uuid>/attachment/<attachment_id>",
     format = "multipart/form-data",
     data = "<data>",
     rank = 1
 )]
 fn post_attachment_v2_data(
     uuid: &str,
     attachment_id: &str,
     data: Form<UploadData<'_>>,
     _headers: Headers,
 ) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 /// Legacy API for creating an attachment associated with a cipher.
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post(
     "/ciphers/<uuid>/attachment",
     format = "multipart/form-data",
     data = "<data>"
 )]
 fn post_attachment(uuid: &str, data: Form<UploadData<'_>>, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post(
     "/ciphers/<uuid>/attachment-admin",
     format = "multipart/form-data",
     data = "<data>"
 )]
 fn post_attachment_admin(uuid: &str, data: Form<UploadData<'_>>, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post(
     "/ciphers/<uuid>/attachment/<attachment_id>/share",
     format = "multipart/form-data",
     data = "<data>"
 )]
 fn post_attachment_share(
     uuid: &str,
     attachment_id: &str,
     data: Form<UploadData<'_>>,
     _headers: Headers,
 ) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post("/ciphers/<uuid>/attachment/<attachment_id>/delete-admin")]
 fn delete_attachment_post_admin(uuid: &str, attachment_id: &str, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[post("/ciphers/<uuid>/attachment/<attachment_id>/delete")]
 fn delete_attachment_post(uuid: &str, attachment_id: &str, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[delete("/ciphers/<uuid>/attachment/<attachment_id>")]
 fn delete_attachment(uuid: &str, attachment_id: &str, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[allow(unused_variables, clippy::needless_pass_by_value)]
 #[delete("/ciphers/<uuid>/attachment/<attachment_id>/admin")]
 fn delete_attachment_admin(uuid: &str, attachment_id: &str, _headers: Headers) -> Error {
     Error::new(ATTACHMENTS_DISABLED_MSG, ATTACHMENTS_DISABLED_MSG)
 }
 
 #[post("/ciphers/<uuid>/delete")]
 async fn delete_cipher_post(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, false).await
 }
 
 #[post("/ciphers/<uuid>/delete-admin")]
 async fn delete_cipher_post_admin(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, false).await
 }
 
 #[put("/ciphers/<uuid>/delete")]
 async fn delete_cipher_put(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, true).await
 }
 
 #[put("/ciphers/<uuid>/delete-admin")]
 async fn delete_cipher_put_admin(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, true).await
 }
 
 #[delete("/ciphers/<uuid>")]
 async fn delete_cipher(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, false).await
 }
 
 #[delete("/ciphers/<uuid>/admin")]
 async fn delete_cipher_admin(uuid: &str, headers: Headers, conn: DbConn) -> EmptyResult {
     _delete_cipher_by_uuid(uuid, &headers, &conn, false).await
 }
 
 #[delete("/ciphers", data = "<data>")]
 async fn delete_cipher_selected(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, false).await // permanent delete
 }
 
 #[post("/ciphers/delete", data = "<data>")]
 async fn delete_cipher_selected_post(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, false).await // permanent delete
 }
 
 #[put("/ciphers/delete", data = "<data>")]
 async fn delete_cipher_selected_put(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, true).await // soft delete
 }
 
 #[delete("/ciphers/admin", data = "<data>")]
 async fn delete_cipher_selected_admin(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, false).await // permanent delete
 }
 
 #[post("/ciphers/delete-admin", data = "<data>")]
 async fn delete_cipher_selected_post_admin(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, false).await // permanent delete
 }
 
 #[put("/ciphers/delete-admin", data = "<data>")]
 async fn delete_cipher_selected_put_admin(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     _delete_multiple_ciphers(data, headers, conn, true).await // soft delete
 }
 
 #[put("/ciphers/<uuid>/restore")]
 async fn restore_cipher_put(uuid: &str, headers: Headers, conn: DbConn) -> JsonResult {
     _restore_cipher_by_uuid(uuid, &headers, &conn).await
 }
 
 #[put("/ciphers/<uuid>/restore-admin")]
 async fn restore_cipher_put_admin(uuid: &str, headers: Headers, conn: DbConn) -> JsonResult {
     _restore_cipher_by_uuid(uuid, &headers, &conn).await
 }
 
 #[put("/ciphers/restore", data = "<data>")]
 async fn restore_cipher_selected(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
 ) -> JsonResult {
     _restore_multiple_ciphers(data, &headers, &conn).await
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct MoveCipherData {
     folder_id: Option<String>,
     ids: Vec<String>,
 }
 
 #[post("/ciphers/move", data = "<data>")]
 async fn move_cipher_selected(
     data: Json<MoveCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     let data = data.into_inner();
     let user_uuid = headers.user.uuid;
     if let Some(ref folder_id) = data.folder_id {
         match Folder::find_by_uuid(folder_id, &conn).await {
             Some(folder) => {
                 if folder.user_uuid != user_uuid {
                     err!("Folder is not owned by user")
                 }
             }
             None => err!("Folder doesn't exist"),
         }
     }
     for uuid in data.ids {
         let Some(cipher) = Cipher::find_by_uuid(&uuid, &conn).await else {
             err!("Cipher doesn't exist")
         };
         if !cipher.is_accessible_to_user(&user_uuid, &conn).await {
             err!("Cipher is not accessible by user")
         }
         // Move cipher
         cipher
             .move_to_folder(data.folder_id.clone(), &user_uuid, &conn)
             .await?;
     }
     Ok(())
 }
 
 #[put("/ciphers/move", data = "<data>")]
 async fn move_cipher_selected_put(
     data: Json<MoveCipherData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     move_cipher_selected(data, headers, conn).await
 }
 
 #[derive(FromForm)]
 struct OrganizationId {
     #[field(name = "organizationId")]
     org_id: String,
 }
 
 #[post("/ciphers/purge?<organization..>", data = "<data>")]
 async fn delete_all(
     organization: Option<OrganizationId>,
     data: Json<PasswordOrOtpData>,
     headers: Headers,
     conn: DbConn,
 ) -> EmptyResult {
     let data: PasswordOrOtpData = data.into_inner();
     let mut user = headers.user;
     data.validate(&user)?;
     if let Some(org_data) = organization {
         // Organization ID in query params, purging organization vault
         match UserOrganization::find_by_user_and_org(&user.uuid, &org_data.org_id, &conn).await {
             None => err!("You don't have permission to purge the organization vault"),
             Some(user_org) => {
                 if user_org.atype == UserOrgType::Owner {
                     Cipher::delete_all_by_organization(&org_data.org_id, &conn).await?;
                     Ok(())
                 } else {
                     err!("You don't have permission to purge the organization vault");
                 }
             }
         }
     } else {
         // No organization ID in query params, purging user vault
         // Delete ciphers and their attachments
         for cipher in Cipher::find_owned_by_user(&user.uuid, &conn).await {
             cipher.delete(&conn).await?;
         }
         // Delete folders
         for f in Folder::find_by_user(&user.uuid, &conn).await {
             f.delete(&conn).await?;
         }
         user.update_revision(&conn).await?;
         Ok(())
     }
 }
 
 async fn _delete_cipher_by_uuid(
     uuid: &str,
     headers: &Headers,
     conn: &DbConn,
     soft_delete: bool,
 ) -> EmptyResult {
     let Some(mut cipher) = Cipher::find_by_uuid(uuid, conn).await else {
         err!("Cipher doesn't exist")
     };
     if !cipher
         .is_write_accessible_to_user(&headers.user.uuid, conn)
         .await
     {
         err!("Cipher can't be deleted by user")
     }
     if soft_delete {
         cipher.deleted_at = Some(Utc::now().naive_utc());
         cipher.save(conn).await?;
     } else {
         cipher.delete(conn).await?;
     }
     Ok(())
 }
 
 #[derive(Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct CipherIdsData {
     ids: Vec<String>,
 }
 
 async fn _delete_multiple_ciphers(
     data: Json<CipherIdsData>,
     headers: Headers,
     conn: DbConn,
     soft_delete: bool,
 ) -> EmptyResult {
     let data = data.into_inner();
     for uuid in data.ids {
         if let error @ Err(_) = _delete_cipher_by_uuid(&uuid, &headers, &conn, soft_delete).await {
             return error;
         };
     }
     Ok(())
 }
 
 async fn _restore_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn) -> JsonResult {
     let Some(mut cipher) = Cipher::find_by_uuid(uuid, conn).await else {
         err!("Cipher doesn't exist")
     };
     if !cipher
         .is_write_accessible_to_user(&headers.user.uuid, conn)
         .await
     {
         err!("Cipher can't be restored by user")
     }
     cipher.deleted_at = None;
     cipher.save(conn).await?;
     Ok(Json(
         cipher
             .to_json(&headers.user.uuid, None, CipherSyncType::User, conn)
             .await,
     ))
 }
 
 async fn _restore_multiple_ciphers(
     data: Json<CipherIdsData>,
     headers: &Headers,
     conn: &DbConn,
 ) -> JsonResult {
     let data = data.into_inner();
     let mut ciphers: Vec<Value> = Vec::new();
     for uuid in data.ids {
         match _restore_cipher_by_uuid(&uuid, headers, conn).await {
             Ok(json) => ciphers.push(json.into_inner()),
             err => return err,
         }
     }
     Ok(Json(json!({
       "data": ciphers,
       "object": "list",
       "continuationToken": null
     })))
 }
 /// This will hold all the necessary data to improve a full sync of all the ciphers
 /// It can be used during the `Cipher::to_json()` call.
 /// It will prevent the so called N+1 SQL issue by running just a few queries which will hold all the data needed.
 /// This will not improve the speed of a single cipher.to_json() call that much, so better not to use it for those calls.
 pub struct CipherSyncData {
     pub cipher_folders: HashMap<String, String>,
     pub cipher_favorites: HashSet<String>,
     pub cipher_collections: HashMap<String, Vec<String>>,
     pub user_organizations: HashMap<String, UserOrganization>,
     pub user_collections: HashMap<String, CollectionUser>,
 }
 
 #[derive(Eq, PartialEq)]
 pub enum CipherSyncType {
     User,
     Organization,
 }
 
 impl CipherSyncData {
     pub async fn new(user_uuid: &str, sync_type: CipherSyncType, conn: &DbConn) -> Self {
         let cipher_folders: HashMap<String, String>;
         let cipher_favorites: HashSet<String>;
         match sync_type {
             // User Sync supports Folders and Favorites
             CipherSyncType::User => {
                 // Generate a HashMap with the Cipher UUID as key and the Folder UUID as value
                 cipher_folders = FolderCipher::find_by_user(user_uuid, conn)
                     .await
                     .into_iter()
                     .collect();
                 // Generate a HashSet of all the Cipher UUID's which are marked as favorite
                 cipher_favorites = Favorite::get_all_cipher_uuid_by_user(user_uuid, conn)
                     .await
                     .into_iter()
                     .collect();
             }
             // Organization Sync does not support Folders and Favorites.
             // If these are set, it will cause issues in the web-vault.
             CipherSyncType::Organization => {
                 cipher_folders = HashMap::with_capacity(0);
                 cipher_favorites = HashSet::with_capacity(0);
             }
         }
         // Generate a HashMap with the Cipher UUID as key and one or more Collection UUID's
         let user_cipher_collections =
             Cipher::get_collections_with_cipher_by_user(user_uuid.to_owned(), conn).await;
         let mut cipher_collections: HashMap<String, Vec<String>> =
             HashMap::with_capacity(user_cipher_collections.len());
         for (cipher, collection) in user_cipher_collections {
             cipher_collections
                 .entry(cipher)
                 .or_default()
                 .push(collection);
         }
         // Generate a HashMap with the Organization UUID as key and the UserOrganization record
         let user_organizations: HashMap<String, UserOrganization> =
             UserOrganization::find_by_user(user_uuid, conn)
                 .await
                 .into_iter()
                 .map(|uo| (uo.org_uuid.clone(), uo))
                 .collect();
         // Generate a HashMap with the User_Collections UUID as key and the CollectionUser record
         let user_collections: HashMap<String, CollectionUser> =
             CollectionUser::find_by_user(user_uuid, conn)
                 .await
                 .into_iter()
                 .map(|uc| (uc.collection_uuid.clone(), uc))
                 .collect();
         Self {
             cipher_folders,
             cipher_favorites,
             cipher_collections,
             user_organizations,
             user_collections,
         }
     }
 }