2018-12-30 22:34:31 +00:00
|
|
|
use std::collections::{HashMap, HashSet};
|
2018-10-10 18:40:39 +00:00
|
|
|
use std::path::Path;
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2020-07-14 16:00:09 +00:00
|
|
|
use rocket::{http::ContentType, request::Form, Data, Route};
|
2018-10-10 18:40:39 +00:00
|
|
|
use rocket_contrib::json::Json;
|
|
|
|
use serde_json::Value;
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-02-14 23:40:34 +00:00
|
|
|
use data_encoding::HEXLOWER;
|
2020-07-14 16:00:09 +00:00
|
|
|
use multipart::server::{save::SavedData, Multipart, SaveResult};
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2020-07-14 16:00:09 +00:00
|
|
|
use crate::{
|
|
|
|
api::{self, EmptyResult, JsonResult, JsonUpcase, Notify, PasswordData, UpdateType},
|
|
|
|
auth::Headers,
|
|
|
|
crypto,
|
|
|
|
db::{models::*, DbConn},
|
|
|
|
CONFIG,
|
|
|
|
};
|
2018-02-14 23:40:34 +00:00
|
|
|
|
2018-10-10 18:40:39 +00:00
|
|
|
pub fn routes() -> Vec<Route> {
|
|
|
|
routes![
|
|
|
|
sync,
|
|
|
|
get_ciphers,
|
|
|
|
get_cipher,
|
|
|
|
get_cipher_admin,
|
|
|
|
get_cipher_details,
|
|
|
|
post_ciphers,
|
|
|
|
put_cipher_admin,
|
|
|
|
post_ciphers_admin,
|
2018-11-19 19:21:02 +00:00
|
|
|
post_ciphers_create,
|
2018-10-10 18:40:39 +00:00
|
|
|
post_ciphers_import,
|
|
|
|
post_attachment,
|
|
|
|
post_attachment_admin,
|
|
|
|
post_attachment_share,
|
|
|
|
delete_attachment_post,
|
|
|
|
delete_attachment_post_admin,
|
|
|
|
delete_attachment,
|
|
|
|
delete_attachment_admin,
|
|
|
|
post_cipher_admin,
|
|
|
|
post_cipher_share,
|
|
|
|
put_cipher_share,
|
|
|
|
put_cipher_share_seleted,
|
|
|
|
post_cipher,
|
|
|
|
put_cipher,
|
|
|
|
delete_cipher_post,
|
|
|
|
delete_cipher_post_admin,
|
2020-04-17 20:35:27 +00:00
|
|
|
delete_cipher_put,
|
|
|
|
delete_cipher_put_admin,
|
2018-10-10 18:40:39 +00:00
|
|
|
delete_cipher,
|
|
|
|
delete_cipher_admin,
|
|
|
|
delete_cipher_selected,
|
|
|
|
delete_cipher_selected_post,
|
2020-04-17 20:35:27 +00:00
|
|
|
delete_cipher_selected_put,
|
|
|
|
restore_cipher_put,
|
|
|
|
restore_cipher_put_admin,
|
|
|
|
restore_cipher_selected,
|
2018-10-10 18:40:39 +00:00
|
|
|
delete_all,
|
|
|
|
move_cipher_selected,
|
|
|
|
move_cipher_selected_put,
|
2019-01-08 19:27:28 +00:00
|
|
|
put_collections_update,
|
2018-10-10 18:40:39 +00:00
|
|
|
post_collections_update,
|
|
|
|
post_collections_admin,
|
|
|
|
put_collections_admin,
|
|
|
|
]
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(FromForm, Default)]
|
2018-10-17 21:22:07 +00:00
|
|
|
struct SyncData {
|
2018-10-10 18:40:39 +00:00
|
|
|
#[form(field = "excludeDomains")]
|
|
|
|
exclude_domains: bool, // Default: 'false'
|
2018-10-17 21:22:07 +00:00
|
|
|
}
|
|
|
|
|
2018-10-10 18:40:39 +00:00
|
|
|
#[get("/sync?<data..>")]
|
|
|
|
fn sync(data: Form<SyncData>, headers: Headers, conn: DbConn) -> JsonResult {
|
2018-04-24 20:01:55 +00:00
|
|
|
let user_json = headers.user.to_json(&conn);
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-02-20 13:09:00 +00:00
|
|
|
let folders = Folder::find_by_user(&headers.user.uuid, &conn);
|
2019-02-27 16:21:04 +00:00
|
|
|
let folders_json: Vec<Value> = folders.iter().map(Folder::to_json).collect();
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-05-31 22:20:09 +00:00
|
|
|
let collections = Collection::find_by_user_uuid(&headers.user.uuid, &conn);
|
2019-02-27 16:21:04 +00:00
|
|
|
let collections_json: Vec<Value> = collections.iter().map(Collection::to_json).collect();
|
2018-05-31 22:20:09 +00:00
|
|
|
|
2020-03-14 12:22:30 +00:00
|
|
|
let policies = OrgPolicy::find_by_user(&headers.user.uuid, &conn);
|
|
|
|
let policies_json: Vec<Value> = policies.iter().map(OrgPolicy::to_json).collect();
|
|
|
|
|
2018-02-20 13:09:00 +00:00
|
|
|
let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn);
|
2018-12-30 22:34:31 +00:00
|
|
|
let ciphers_json: Vec<Value> = ciphers
|
|
|
|
.iter()
|
|
|
|
.map(|c| c.to_json(&headers.host, &headers.user.uuid, &conn))
|
|
|
|
.collect();
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
let domains_json = if data.exclude_domains {
|
|
|
|
Value::Null
|
|
|
|
} else {
|
2019-11-05 02:30:57 +00:00
|
|
|
api::core::_get_eq_domains(headers, true).unwrap().into_inner()
|
2018-12-30 22:34:31 +00:00
|
|
|
};
|
2018-02-20 13:09:00 +00:00
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
Ok(Json(json!({
|
2018-02-20 13:09:00 +00:00
|
|
|
"Profile": user_json,
|
2018-02-10 00:00:55 +00:00
|
|
|
"Folders": folders_json,
|
2018-05-31 22:20:09 +00:00
|
|
|
"Collections": collections_json,
|
2020-03-14 12:22:30 +00:00
|
|
|
"Policies": policies_json,
|
2018-02-10 00:00:55 +00:00
|
|
|
"Ciphers": ciphers_json,
|
2018-02-20 13:09:00 +00:00
|
|
|
"Domains": domains_json,
|
2018-02-10 00:00:55 +00:00
|
|
|
"Object": "sync"
|
|
|
|
})))
|
|
|
|
}
|
|
|
|
|
|
|
|
#[get("/ciphers")]
|
2018-02-17 19:47:13 +00:00
|
|
|
fn get_ciphers(headers: Headers, conn: DbConn) -> JsonResult {
|
2018-02-10 00:00:55 +00:00
|
|
|
let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn);
|
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
let ciphers_json: Vec<Value> = ciphers
|
|
|
|
.iter()
|
|
|
|
.map(|c| c.to_json(&headers.host, &headers.user.uuid, &conn))
|
|
|
|
.collect();
|
2018-02-10 00:00:55 +00:00
|
|
|
|
|
|
|
Ok(Json(json!({
|
|
|
|
"Data": ciphers_json,
|
|
|
|
"Object": "list",
|
2018-10-01 16:02:58 +00:00
|
|
|
"ContinuationToken": null
|
2018-02-10 00:00:55 +00:00
|
|
|
})))
|
|
|
|
}
|
|
|
|
|
|
|
|
#[get("/ciphers/<uuid>")]
|
2018-02-17 19:47:13 +00:00
|
|
|
fn get_cipher(uuid: String, headers: Headers, conn: DbConn) -> JsonResult {
|
2018-02-10 00:00:55 +00:00
|
|
|
let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-02-10 00:00:55 +00:00
|
|
|
};
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
if !cipher.is_accessible_to_user(&headers.user.uuid, &conn) {
|
2018-02-14 23:40:34 +00:00
|
|
|
err!("Cipher is not owned by user")
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
2018-05-04 17:25:50 +00:00
|
|
|
#[get("/ciphers/<uuid>/admin")]
|
|
|
|
fn get_cipher_admin(uuid: String, headers: Headers, conn: DbConn) -> JsonResult {
|
|
|
|
// TODO: Implement this correctly
|
|
|
|
get_cipher(uuid, headers, conn)
|
|
|
|
}
|
|
|
|
|
2018-05-17 22:03:08 +00:00
|
|
|
#[get("/ciphers/<uuid>/details")]
|
|
|
|
fn get_cipher_details(uuid: String, headers: Headers, conn: DbConn) -> JsonResult {
|
|
|
|
get_cipher(uuid, headers, conn)
|
|
|
|
}
|
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
#[derive(Deserialize, Debug)]
|
|
|
|
#[allow(non_snake_case)]
|
2018-09-13 13:16:24 +00:00
|
|
|
pub struct CipherData {
|
2018-08-13 11:35:41 +00:00
|
|
|
// Id is optional as it is included only in bulk share
|
2018-11-24 22:00:41 +00:00
|
|
|
pub Id: Option<String>,
|
2018-02-22 23:38:54 +00:00
|
|
|
// Folder id is not included in import
|
2018-05-31 22:18:50 +00:00
|
|
|
FolderId: Option<String>,
|
2018-02-22 23:38:54 +00:00
|
|
|
// TODO: Some of these might appear all the time, no need for Option
|
2018-05-31 22:18:50 +00:00
|
|
|
OrganizationId: Option<String>,
|
2018-03-05 23:02:36 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
Login = 1,
|
|
|
|
SecureNote = 2,
|
|
|
|
Card = 3,
|
|
|
|
Identity = 4
|
|
|
|
*/
|
2018-09-13 13:16:24 +00:00
|
|
|
pub Type: i32, // TODO: Change this to NumberOrString
|
|
|
|
pub Name: String,
|
2018-05-31 22:18:50 +00:00
|
|
|
Notes: Option<String>,
|
|
|
|
Fields: Option<Value>,
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-03-05 23:02:36 +00:00
|
|
|
// Only one of these should exist, depending on type
|
2018-05-31 22:18:50 +00:00
|
|
|
Login: Option<Value>,
|
|
|
|
SecureNote: Option<Value>,
|
|
|
|
Card: Option<Value>,
|
|
|
|
Identity: Option<Value>,
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
Favorite: Option<bool>,
|
2018-08-27 21:08:58 +00:00
|
|
|
|
|
|
|
PasswordHistory: Option<Value>,
|
2018-11-27 16:24:12 +00:00
|
|
|
|
|
|
|
// These are used during key rotation
|
|
|
|
#[serde(rename = "Attachments")]
|
|
|
|
_Attachments: Option<Value>, // Unused, contains map of {id: filename}
|
2018-12-30 22:34:31 +00:00
|
|
|
Attachments2: Option<HashMap<String, Attachments2Data>>,
|
2018-11-27 16:24:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Deserialize, Debug)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
pub struct Attachments2Data {
|
|
|
|
FileName: String,
|
|
|
|
Key: String,
|
2018-04-27 11:49:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[post("/ciphers/admin", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_ciphers_admin(data: JsonUpcase<ShareCipherData>, headers: Headers, conn: DbConn, nt: Notify) -> JsonResult {
|
2018-11-13 15:34:37 +00:00
|
|
|
let data: ShareCipherData = data.into_inner().data;
|
|
|
|
|
2018-12-07 14:01:29 +00:00
|
|
|
let mut cipher = Cipher::new(data.Cipher.Type, data.Cipher.Name.clone());
|
2018-11-13 15:34:37 +00:00
|
|
|
cipher.user_uuid = Some(headers.user.uuid.clone());
|
2018-12-19 20:52:53 +00:00
|
|
|
cipher.save(&conn)?;
|
2018-11-13 15:34:37 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
share_cipher_by_uuid(&cipher.uuid, data, &headers, &conn, &nt)
|
2018-11-19 19:21:02 +00:00
|
|
|
}
|
2018-11-13 15:34:37 +00:00
|
|
|
|
2018-11-19 19:21:02 +00:00
|
|
|
#[post("/ciphers/create", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_ciphers_create(data: JsonUpcase<ShareCipherData>, headers: Headers, conn: DbConn, nt: Notify) -> JsonResult {
|
|
|
|
post_ciphers_admin(data, headers, conn, nt)
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[post("/ciphers", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_ciphers(data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn, nt: Notify) -> JsonResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: CipherData = data.into_inner().data;
|
2018-02-17 22:38:55 +00:00
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
let mut cipher = Cipher::new(data.Type, data.Name.clone());
|
2018-12-30 22:34:31 +00:00
|
|
|
update_cipher_from_data(&mut cipher, data, &headers, false, &conn, &nt, UpdateType::CipherCreate)?;
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
|
2018-02-15 23:32:26 +00:00
|
|
|
}
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
pub fn update_cipher_from_data(
|
|
|
|
cipher: &mut Cipher,
|
|
|
|
data: CipherData,
|
|
|
|
headers: &Headers,
|
|
|
|
shared_to_collection: bool,
|
|
|
|
conn: &DbConn,
|
|
|
|
nt: &Notify,
|
|
|
|
ut: UpdateType,
|
|
|
|
) -> EmptyResult {
|
2019-01-16 11:33:43 +00:00
|
|
|
if cipher.organization_uuid.is_some() && cipher.organization_uuid != data.OrganizationId {
|
2019-01-15 15:35:08 +00:00
|
|
|
err!("Organization mismatch. Please resync the client before updating the cipher")
|
|
|
|
}
|
|
|
|
|
2018-08-29 13:22:03 +00:00
|
|
|
if let Some(org_id) = data.OrganizationId {
|
|
|
|
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
|
|
|
|
None => err!("You don't have permission to add item to organization"),
|
2018-12-30 22:34:31 +00:00
|
|
|
Some(org_user) => {
|
|
|
|
if shared_to_collection
|
|
|
|
|| org_user.has_full_access()
|
|
|
|
|| cipher.is_write_accessible_to_user(&headers.user.uuid, &conn)
|
|
|
|
{
|
|
|
|
cipher.organization_uuid = Some(org_id);
|
|
|
|
cipher.user_uuid = None;
|
|
|
|
} else {
|
|
|
|
err!("You don't have permission to add cipher directly to organization")
|
|
|
|
}
|
2018-05-04 17:02:19 +00:00
|
|
|
}
|
|
|
|
}
|
2018-08-29 13:22:03 +00:00
|
|
|
} else {
|
|
|
|
cipher.user_uuid = Some(headers.user.uuid.clone());
|
2018-05-04 17:02:19 +00:00
|
|
|
}
|
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
if let Some(ref folder_id) = data.FolderId {
|
2018-04-19 15:54:56 +00:00
|
|
|
match Folder::find_by_uuid(folder_id, conn) {
|
2018-02-14 23:40:34 +00:00
|
|
|
Some(folder) => {
|
|
|
|
if folder.user_uuid != headers.user.uuid {
|
|
|
|
err!("Folder is not owned by user")
|
|
|
|
}
|
|
|
|
}
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Folder doesn't exist"),
|
2018-02-14 23:40:34 +00:00
|
|
|
}
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
2018-11-27 16:24:12 +00:00
|
|
|
// Modify attachments name and keys when rotating
|
|
|
|
if let Some(attachments) = data.Attachments2 {
|
|
|
|
for (id, attachment) in attachments {
|
|
|
|
let mut saved_att = match Attachment::find_by_id(&id, &conn) {
|
|
|
|
Some(att) => att,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Attachment doesn't exist"),
|
2018-11-27 16:24:12 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if saved_att.cipher_uuid != cipher.uuid {
|
2020-06-07 15:57:04 +00:00
|
|
|
// Warn and break here since cloning ciphers provides attachment data but will not be cloned.
|
|
|
|
// If we error out here it will break the whole cloning and causes empty ciphers to appear.
|
|
|
|
warn!("Attachment is not owned by the cipher");
|
|
|
|
break;
|
2018-11-27 16:24:12 +00:00
|
|
|
}
|
|
|
|
|
2019-05-20 19:24:29 +00:00
|
|
|
saved_att.akey = Some(attachment.Key);
|
2018-11-27 16:24:12 +00:00
|
|
|
saved_att.file_name = attachment.FileName;
|
|
|
|
|
2018-12-19 20:52:53 +00:00
|
|
|
saved_att.save(&conn)?;
|
2018-11-27 16:24:12 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
let type_data_opt = match data.Type {
|
|
|
|
1 => data.Login,
|
|
|
|
2 => data.SecureNote,
|
|
|
|
3 => data.Card,
|
|
|
|
4 => data.Identity,
|
2018-12-30 22:34:31 +00:00
|
|
|
_ => err!("Invalid type"),
|
2018-02-15 23:32:26 +00:00
|
|
|
};
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-06-12 21:15:27 +00:00
|
|
|
let mut type_data = match type_data_opt {
|
2018-02-15 23:32:26 +00:00
|
|
|
Some(data) => data,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Data missing"),
|
2018-02-15 23:32:26 +00:00
|
|
|
};
|
|
|
|
|
2018-06-12 21:15:27 +00:00
|
|
|
// TODO: ******* Backwards compat start **********
|
|
|
|
// To remove backwards compatibility, just delete this code,
|
|
|
|
// and remove the compat code from cipher::to_json
|
|
|
|
type_data["Name"] = Value::String(data.Name.clone());
|
|
|
|
type_data["Notes"] = data.Notes.clone().map(Value::String).unwrap_or(Value::Null);
|
|
|
|
type_data["Fields"] = data.Fields.clone().unwrap_or(Value::Null);
|
2018-08-27 21:08:58 +00:00
|
|
|
type_data["PasswordHistory"] = data.PasswordHistory.clone().unwrap_or(Value::Null);
|
2018-06-12 21:15:27 +00:00
|
|
|
// TODO: ******* Backwards compat end **********
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
cipher.name = data.Name;
|
|
|
|
cipher.notes = data.Notes;
|
2018-06-12 21:15:27 +00:00
|
|
|
cipher.fields = data.Fields.map(|f| f.to_string());
|
|
|
|
cipher.data = type_data.to_string();
|
2018-08-27 21:08:58 +00:00
|
|
|
cipher.password_history = data.PasswordHistory.map(|f| f.to_string());
|
2019-01-25 17:23:51 +00:00
|
|
|
|
2018-12-19 20:52:53 +00:00
|
|
|
cipher.save(&conn)?;
|
2019-01-16 18:55:14 +00:00
|
|
|
cipher.move_to_folder(data.FolderId, &headers.user.uuid, &conn)?;
|
2020-08-19 09:16:27 +00:00
|
|
|
cipher.set_favorite(data.Favorite, &headers.user.uuid, &conn)?;
|
2018-05-19 20:33:15 +00:00
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
if ut != UpdateType::None {
|
|
|
|
nt.send_cipher_update(ut, &cipher, &cipher.update_users_revision(&conn));
|
|
|
|
}
|
2018-05-19 20:33:15 +00:00
|
|
|
|
2019-01-15 14:28:25 +00:00
|
|
|
Ok(())
|
2018-02-15 23:32:26 +00:00
|
|
|
}
|
|
|
|
|
2018-02-22 23:38:54 +00:00
|
|
|
use super::folders::FolderData;
|
|
|
|
|
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct ImportData {
|
2018-05-31 22:18:50 +00:00
|
|
|
Ciphers: Vec<CipherData>,
|
|
|
|
Folders: Vec<FolderData>,
|
|
|
|
FolderRelationships: Vec<RelationsData>,
|
2018-02-22 23:38:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct RelationsData {
|
|
|
|
// Cipher id
|
2018-06-13 12:25:50 +00:00
|
|
|
Key: usize,
|
2018-02-22 23:38:54 +00:00
|
|
|
// Folder id
|
2018-06-13 12:25:50 +00:00
|
|
|
Value: usize,
|
2018-02-22 23:38:54 +00:00
|
|
|
}
|
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
#[post("/ciphers/import", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_ciphers_import(data: JsonUpcase<ImportData>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: ImportData = data.into_inner().data;
|
2018-02-15 23:32:26 +00:00
|
|
|
|
|
|
|
// Read and create the folders
|
2018-10-14 12:55:00 +00:00
|
|
|
let mut folders: Vec<_> = Vec::new();
|
|
|
|
for folder in data.Folders.into_iter() {
|
|
|
|
let mut new_folder = Folder::new(headers.user.uuid.clone(), folder.Name);
|
2018-12-19 20:52:53 +00:00
|
|
|
new_folder.save(&conn)?;
|
|
|
|
|
|
|
|
folders.push(new_folder);
|
2018-10-14 12:55:00 +00:00
|
|
|
}
|
2018-02-15 23:32:26 +00:00
|
|
|
|
|
|
|
// Read the relations between folders and ciphers
|
2018-02-22 23:38:54 +00:00
|
|
|
let mut relations_map = HashMap::new();
|
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
for relation in data.FolderRelationships {
|
2018-06-13 12:25:50 +00:00
|
|
|
relations_map.insert(relation.Key, relation.Value);
|
2018-02-22 23:38:54 +00:00
|
|
|
}
|
2018-02-15 23:32:26 +00:00
|
|
|
|
|
|
|
// Read and create the ciphers
|
2019-01-27 23:39:14 +00:00
|
|
|
for (index, mut cipher_data) in data.Ciphers.into_iter().enumerate() {
|
2018-12-30 22:34:31 +00:00
|
|
|
let folder_uuid = relations_map.get(&index).map(|i| folders[*i].uuid.clone());
|
2019-01-27 23:39:14 +00:00
|
|
|
cipher_data.FolderId = folder_uuid;
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
let mut cipher = Cipher::new(cipher_data.Type, cipher_data.Name.clone());
|
2019-01-27 23:39:14 +00:00
|
|
|
update_cipher_from_data(&mut cipher, cipher_data, &headers, false, &conn, &nt, UpdateType::None)?;
|
2018-02-22 23:38:54 +00:00
|
|
|
}
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-08-13 09:58:39 +00:00
|
|
|
let mut user = headers.user;
|
2019-01-27 23:39:14 +00:00
|
|
|
user.update_revision(&conn)?;
|
|
|
|
nt.send_user_update(UpdateType::Vault, &user);
|
|
|
|
Ok(())
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
2018-08-15 13:27:37 +00:00
|
|
|
#[put("/ciphers/<uuid>/admin", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn put_cipher_admin(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
|
|
|
put_cipher(uuid, data, headers, conn, nt)
|
2018-08-15 13:27:37 +00:00
|
|
|
}
|
|
|
|
|
2018-05-04 17:25:50 +00:00
|
|
|
#[post("/ciphers/<uuid>/admin", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_cipher_admin(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
|
|
|
post_cipher(uuid, data, headers, conn, nt)
|
2018-05-04 17:25:50 +00:00
|
|
|
}
|
|
|
|
|
2018-02-15 23:32:26 +00:00
|
|
|
#[post("/ciphers/<uuid>", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_cipher(uuid: String, data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn, nt: Notify) -> JsonResult {
|
|
|
|
put_cipher(uuid, data, headers, conn, nt)
|
2018-02-15 23:32:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/<uuid>", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn put_cipher(uuid: String, data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn, nt: Notify) -> JsonResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: CipherData = data.into_inner().data;
|
2018-02-17 22:38:55 +00:00
|
|
|
|
2018-02-15 23:32:26 +00:00
|
|
|
let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-02-15 23:32:26 +00:00
|
|
|
};
|
|
|
|
|
2020-08-19 09:16:27 +00:00
|
|
|
// TODO: Check if only the folder ID or favorite status is being changed.
|
|
|
|
// These are per-user properties that technically aren't part of the
|
|
|
|
// cipher itself, so the user shouldn't need write access to change these.
|
|
|
|
// Interestingly, upstream Bitwarden doesn't properly handle this either.
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
err!("Cipher is not write accessible")
|
2018-02-15 23:32:26 +00:00
|
|
|
}
|
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
update_cipher_from_data(&mut cipher, data, &headers, false, &conn, &nt, UpdateType::CipherUpdate)?;
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
|
2018-02-15 23:32:26 +00:00
|
|
|
}
|
|
|
|
|
2018-05-09 10:55:05 +00:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct CollectionsAdminData {
|
2018-05-31 22:18:50 +00:00
|
|
|
CollectionIds: Vec<String>,
|
2018-05-09 10:55:05 +00:00
|
|
|
}
|
|
|
|
|
2019-01-08 19:27:28 +00:00
|
|
|
#[put("/ciphers/<uuid>/collections", data = "<data>")]
|
|
|
|
fn put_collections_update(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CollectionsAdminData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
) -> EmptyResult {
|
|
|
|
post_collections_admin(uuid, data, headers, conn)
|
|
|
|
}
|
|
|
|
|
2018-05-17 22:03:08 +00:00
|
|
|
#[post("/ciphers/<uuid>/collections", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_collections_update(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CollectionsAdminData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
) -> EmptyResult {
|
2018-05-17 22:03:08 +00:00
|
|
|
post_collections_admin(uuid, data, headers, conn)
|
|
|
|
}
|
|
|
|
|
2018-08-13 15:00:10 +00:00
|
|
|
#[put("/ciphers/<uuid>/collections-admin", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn put_collections_admin(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CollectionsAdminData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
) -> EmptyResult {
|
2018-08-13 15:00:10 +00:00
|
|
|
post_collections_admin(uuid, data, headers, conn)
|
|
|
|
}
|
|
|
|
|
2018-05-09 10:55:05 +00:00
|
|
|
#[post("/ciphers/<uuid>/collections-admin", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_collections_admin(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<CollectionsAdminData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
) -> EmptyResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: CollectionsAdminData = data.into_inner().data;
|
2018-05-09 10:55:05 +00:00
|
|
|
|
|
|
|
let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-05-09 10:55:05 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
err!("Cipher is not write accessible")
|
|
|
|
}
|
|
|
|
|
2018-05-31 22:18:50 +00:00
|
|
|
let posted_collections: HashSet<String> = data.CollectionIds.iter().cloned().collect();
|
2018-12-30 22:34:31 +00:00
|
|
|
let current_collections: HashSet<String> = cipher
|
|
|
|
.get_collections(&headers.user.uuid, &conn)
|
|
|
|
.iter()
|
|
|
|
.cloned()
|
|
|
|
.collect();
|
2018-05-09 10:55:05 +00:00
|
|
|
|
|
|
|
for collection in posted_collections.symmetric_difference(¤t_collections) {
|
|
|
|
match Collection::find_by_uuid(&collection, &conn) {
|
2018-05-11 10:45:55 +00:00
|
|
|
None => err!("Invalid collection ID provided"),
|
2018-05-09 10:55:05 +00:00
|
|
|
Some(collection) => {
|
|
|
|
if collection.is_writable_by_user(&headers.user.uuid, &conn) {
|
2018-12-30 22:34:31 +00:00
|
|
|
if posted_collections.contains(&collection.uuid) {
|
|
|
|
// Add to collection
|
2018-12-19 20:52:53 +00:00
|
|
|
CollectionCipher::save(&cipher.uuid, &collection.uuid, &conn)?;
|
2018-12-30 22:34:31 +00:00
|
|
|
} else {
|
|
|
|
// Remove from collection
|
2018-12-19 20:52:53 +00:00
|
|
|
CollectionCipher::delete(&cipher.uuid, &collection.uuid, &conn)?;
|
2018-05-09 10:55:05 +00:00
|
|
|
}
|
2018-05-11 10:45:55 +00:00
|
|
|
} else {
|
|
|
|
err!("No rights to modify the collection")
|
2018-05-09 10:55:05 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
2018-02-15 23:32:26 +00:00
|
|
|
|
2018-05-14 15:13:59 +00:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct ShareCipherData {
|
2018-05-31 22:18:50 +00:00
|
|
|
Cipher: CipherData,
|
|
|
|
CollectionIds: Vec<String>,
|
2018-05-14 15:13:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[post("/ciphers/<uuid>/share", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_cipher_share(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<ShareCipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: ShareCipherData = data.into_inner().data;
|
2018-05-14 15:13:59 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
share_cipher_by_uuid(&uuid, data, &headers, &conn, &nt)
|
2018-08-13 11:35:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/<uuid>/share", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn put_cipher_share(
|
|
|
|
uuid: String,
|
|
|
|
data: JsonUpcase<ShareCipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
2018-08-13 11:35:41 +00:00
|
|
|
let data: ShareCipherData = data.into_inner().data;
|
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
share_cipher_by_uuid(&uuid, data, &headers, &conn, &nt)
|
2018-08-13 11:35:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct ShareSelectedCipherData {
|
|
|
|
Ciphers: Vec<CipherData>,
|
2018-12-30 22:34:31 +00:00
|
|
|
CollectionIds: Vec<String>,
|
2018-08-13 11:35:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/share", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn put_cipher_share_seleted(
|
|
|
|
data: JsonUpcase<ShareSelectedCipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
2018-08-13 11:35:41 +00:00
|
|
|
let mut data: ShareSelectedCipherData = data.into_inner().data;
|
|
|
|
let mut cipher_ids: Vec<String> = Vec::new();
|
|
|
|
|
2018-09-13 19:55:23 +00:00
|
|
|
if data.Ciphers.is_empty() {
|
2018-08-13 11:35:41 +00:00
|
|
|
err!("You must select at least one cipher.")
|
|
|
|
}
|
2018-08-29 13:22:19 +00:00
|
|
|
|
2018-09-13 19:55:23 +00:00
|
|
|
if data.CollectionIds.is_empty() {
|
2018-08-13 11:35:41 +00:00
|
|
|
err!("You must select at least one collection.")
|
|
|
|
}
|
2018-08-29 13:22:19 +00:00
|
|
|
|
2018-08-13 11:35:41 +00:00
|
|
|
for cipher in data.Ciphers.iter() {
|
|
|
|
match cipher.Id {
|
|
|
|
Some(ref id) => cipher_ids.push(id.to_string()),
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Request missing ids field"),
|
2018-08-13 11:35:41 +00:00
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
let attachments = Attachment::find_by_ciphers(cipher_ids, &conn);
|
2018-08-29 13:22:19 +00:00
|
|
|
|
2018-09-13 19:55:23 +00:00
|
|
|
if !attachments.is_empty() {
|
2018-08-13 11:35:41 +00:00
|
|
|
err!("Ciphers should not have any attachments.")
|
|
|
|
}
|
|
|
|
|
|
|
|
while let Some(cipher) = data.Ciphers.pop() {
|
|
|
|
let mut shared_cipher_data = ShareCipherData {
|
|
|
|
Cipher: cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
CollectionIds: data.CollectionIds.clone(),
|
2018-08-13 11:35:41 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
match shared_cipher_data.Cipher.Id.take() {
|
2018-12-30 22:34:31 +00:00
|
|
|
Some(id) => share_cipher_by_uuid(&id, shared_cipher_data, &headers, &conn, &nt)?,
|
|
|
|
None => err!("Request missing ids field"),
|
2018-08-13 11:35:41 +00:00
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
fn share_cipher_by_uuid(
|
|
|
|
uuid: &str,
|
|
|
|
data: ShareCipherData,
|
|
|
|
headers: &Headers,
|
|
|
|
conn: &DbConn,
|
|
|
|
nt: &Notify,
|
|
|
|
) -> JsonResult {
|
2018-05-14 15:13:59 +00:00
|
|
|
let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
2018-05-15 12:57:00 +00:00
|
|
|
Some(cipher) => {
|
|
|
|
if cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
cipher
|
|
|
|
} else {
|
|
|
|
err!("Cipher is not write accessible")
|
|
|
|
}
|
2018-12-30 22:34:31 +00:00
|
|
|
}
|
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-05-14 15:13:59 +00:00
|
|
|
};
|
|
|
|
|
2020-03-15 16:26:07 +00:00
|
|
|
let mut shared_to_collection = false;
|
|
|
|
|
2018-08-29 13:22:03 +00:00
|
|
|
match data.Cipher.OrganizationId.clone() {
|
2020-03-14 13:08:57 +00:00
|
|
|
// If we don't get an organization ID, we don't do anything
|
|
|
|
// No error because this is used when using the Clone functionality
|
2020-07-14 16:00:09 +00:00
|
|
|
None => {}
|
2018-08-29 13:22:03 +00:00
|
|
|
Some(organization_uuid) => {
|
2018-06-11 13:44:37 +00:00
|
|
|
for uuid in &data.CollectionIds {
|
2018-10-01 14:59:10 +00:00
|
|
|
match Collection::find_by_uuid_and_org(uuid, &organization_uuid, &conn) {
|
2018-05-14 15:13:59 +00:00
|
|
|
None => err!("Invalid collection ID provided"),
|
|
|
|
Some(collection) => {
|
|
|
|
if collection.is_writable_by_user(&headers.user.uuid, &conn) {
|
2019-02-20 16:54:18 +00:00
|
|
|
CollectionCipher::save(&cipher.uuid, &collection.uuid, &conn)?;
|
2018-10-01 14:59:10 +00:00
|
|
|
shared_to_collection = true;
|
2018-05-14 15:13:59 +00:00
|
|
|
} else {
|
|
|
|
err!("No rights to modify the collection")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-03-15 16:26:07 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
update_cipher_from_data(
|
|
|
|
&mut cipher,
|
|
|
|
data.Cipher,
|
|
|
|
&headers,
|
|
|
|
shared_to_collection,
|
|
|
|
&conn,
|
|
|
|
&nt,
|
|
|
|
UpdateType::CipherUpdate,
|
|
|
|
)?;
|
|
|
|
|
|
|
|
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
|
2018-05-14 15:13:59 +00:00
|
|
|
}
|
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
#[post("/ciphers/<uuid>/attachment", format = "multipart/form-data", data = "<data>")]
|
2019-01-27 23:39:14 +00:00
|
|
|
fn post_attachment(
|
|
|
|
uuid: String,
|
|
|
|
data: Data,
|
|
|
|
content_type: &ContentType,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
2018-02-14 23:40:34 +00:00
|
|
|
let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
2020-02-17 21:56:26 +00:00
|
|
|
None => err_discard!("Cipher doesn't exist", data),
|
2018-02-14 23:40:34 +00:00
|
|
|
};
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
2020-02-17 21:56:26 +00:00
|
|
|
err_discard!("Cipher is not write accessible", data)
|
2018-02-14 23:40:34 +00:00
|
|
|
}
|
2020-03-14 12:22:30 +00:00
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
let mut params = content_type.params();
|
2018-02-14 23:40:34 +00:00
|
|
|
let boundary_pair = params.next().expect("No boundary provided");
|
2018-02-10 00:00:55 +00:00
|
|
|
let boundary = boundary_pair.1;
|
|
|
|
|
2020-02-17 21:56:26 +00:00
|
|
|
let size_limit = if let Some(ref user_uuid) = cipher.user_uuid {
|
|
|
|
match CONFIG.user_attachment_limit() {
|
|
|
|
Some(0) => err_discard!("Attachments are disabled", data),
|
2020-03-31 09:30:28 +00:00
|
|
|
Some(limit_kb) => {
|
|
|
|
let left = (limit_kb * 1024) - Attachment::size_by_user(user_uuid, &conn);
|
2020-02-17 21:56:26 +00:00
|
|
|
if left <= 0 {
|
|
|
|
err_discard!("Attachment size limit reached! Delete some files to open space", data)
|
|
|
|
}
|
|
|
|
Some(left as u64)
|
|
|
|
}
|
|
|
|
None => None,
|
|
|
|
}
|
|
|
|
} else if let Some(ref org_uuid) = cipher.organization_uuid {
|
|
|
|
match CONFIG.org_attachment_limit() {
|
|
|
|
Some(0) => err_discard!("Attachments are disabled", data),
|
2020-03-31 09:30:28 +00:00
|
|
|
Some(limit_kb) => {
|
|
|
|
let left = (limit_kb * 1024) - Attachment::size_by_org(org_uuid, &conn);
|
2020-02-17 21:56:26 +00:00
|
|
|
if left <= 0 {
|
|
|
|
err_discard!("Attachment size limit reached! Delete some files to open space", data)
|
|
|
|
}
|
|
|
|
Some(left as u64)
|
|
|
|
}
|
|
|
|
None => None,
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
err_discard!("Cipher is neither owned by a user nor an organization", data);
|
|
|
|
};
|
|
|
|
|
2019-01-25 17:23:51 +00:00
|
|
|
let base_path = Path::new(&CONFIG.attachments_folder()).join(&cipher.uuid);
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-11-27 16:24:12 +00:00
|
|
|
let mut attachment_key = None;
|
2020-02-17 21:56:26 +00:00
|
|
|
let mut error = None;
|
2018-11-27 16:24:12 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
Multipart::with_body(data.open(), boundary)
|
|
|
|
.foreach_entry(|mut field| {
|
2019-02-01 22:39:14 +00:00
|
|
|
match &*field.headers.name {
|
2018-12-30 22:34:31 +00:00
|
|
|
"key" => {
|
|
|
|
use std::io::Read;
|
|
|
|
let mut key_buffer = String::new();
|
|
|
|
if field.data.read_to_string(&mut key_buffer).is_ok() {
|
|
|
|
attachment_key = Some(key_buffer);
|
2018-11-27 16:24:12 +00:00
|
|
|
}
|
2018-12-30 22:34:31 +00:00
|
|
|
}
|
|
|
|
"data" => {
|
|
|
|
// This is provided by the client, don't trust it
|
|
|
|
let name = field.headers.filename.expect("No filename provided");
|
|
|
|
|
|
|
|
let file_name = HEXLOWER.encode(&crypto::get_random(vec![0; 10]));
|
|
|
|
let path = base_path.join(&file_name);
|
|
|
|
|
2020-02-17 21:56:26 +00:00
|
|
|
let size = match field.data.save().memory_threshold(0).size_limit(size_limit).with_path(path.clone()) {
|
2018-12-30 22:34:31 +00:00
|
|
|
SaveResult::Full(SavedData::File(_, size)) => size as i32,
|
|
|
|
SaveResult::Full(other) => {
|
2020-02-17 21:56:26 +00:00
|
|
|
std::fs::remove_file(path).ok();
|
|
|
|
error = Some(format!("Attachment is not a file: {:?}", other));
|
2018-12-30 22:34:31 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
SaveResult::Partial(_, reason) => {
|
2020-02-17 21:56:26 +00:00
|
|
|
std::fs::remove_file(path).ok();
|
|
|
|
error = Some(format!("Attachment size limit exceeded with this file: {:?}", reason));
|
2018-12-30 22:34:31 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
SaveResult::Error(e) => {
|
2020-02-17 21:56:26 +00:00
|
|
|
std::fs::remove_file(path).ok();
|
|
|
|
error = Some(format!("Error: {:?}", e));
|
2018-12-30 22:34:31 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
};
|
2018-11-27 16:24:12 +00:00
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
let mut attachment = Attachment::new(file_name, cipher.uuid.clone(), name, size);
|
2019-05-20 19:24:29 +00:00
|
|
|
attachment.akey = attachment_key.clone();
|
2019-01-15 21:00:41 +00:00
|
|
|
attachment.save(&conn).expect("Error saving attachment");
|
2018-12-30 22:34:31 +00:00
|
|
|
}
|
|
|
|
_ => error!("Invalid multipart name"),
|
|
|
|
}
|
|
|
|
})
|
|
|
|
.expect("Error processing multipart data");
|
2018-02-14 23:40:34 +00:00
|
|
|
|
2020-02-17 21:56:26 +00:00
|
|
|
if let Some(ref e) = error {
|
|
|
|
err!(e);
|
|
|
|
}
|
|
|
|
|
2019-01-11 00:08:35 +00:00
|
|
|
nt.send_cipher_update(UpdateType::CipherUpdate, &cipher, &cipher.update_users_revision(&conn));
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
|
2018-02-14 23:40:34 +00:00
|
|
|
}
|
|
|
|
|
2018-07-14 06:09:20 +00:00
|
|
|
#[post("/ciphers/<uuid>/attachment-admin", format = "multipart/form-data", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_attachment_admin(
|
|
|
|
uuid: String,
|
|
|
|
data: Data,
|
|
|
|
content_type: &ContentType,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
2019-01-11 00:08:35 +00:00
|
|
|
nt: Notify,
|
2018-12-30 22:34:31 +00:00
|
|
|
) -> JsonResult {
|
2019-01-11 00:08:35 +00:00
|
|
|
post_attachment(uuid, data, content_type, headers, conn, nt)
|
2018-07-14 06:09:20 +00:00
|
|
|
}
|
|
|
|
|
2020-05-07 22:02:37 +00:00
|
|
|
#[post("/ciphers/<uuid>/attachment/<attachment_id>/share", format = "multipart/form-data", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn post_attachment_share(
|
|
|
|
uuid: String,
|
|
|
|
attachment_id: String,
|
|
|
|
data: Data,
|
|
|
|
content_type: &ContentType,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> JsonResult {
|
|
|
|
_delete_cipher_attachment_by_id(&uuid, &attachment_id, &headers, &conn, &nt)?;
|
2019-01-11 00:08:35 +00:00
|
|
|
post_attachment(uuid, data, content_type, headers, conn, nt)
|
2018-07-14 06:09:20 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete-admin")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_attachment_post_admin(
|
|
|
|
uuid: String,
|
|
|
|
attachment_id: String,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
|
|
|
delete_attachment(uuid, attachment_id, headers, conn, nt)
|
2018-07-14 06:09:20 +00:00
|
|
|
}
|
|
|
|
|
2018-02-17 22:38:55 +00:00
|
|
|
#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_attachment_post(
|
|
|
|
uuid: String,
|
|
|
|
attachment_id: String,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
|
|
|
delete_attachment(uuid, attachment_id, headers, conn, nt)
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[delete("/ciphers/<uuid>/attachment/<attachment_id>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_attachment(uuid: String, attachment_id: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_delete_cipher_attachment_by_id(&uuid, &attachment_id, &headers, &conn, &nt)
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
|
|
|
|
2018-08-28 22:48:53 +00:00
|
|
|
#[delete("/ciphers/<uuid>/attachment/<attachment_id>/admin")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_attachment_admin(
|
|
|
|
uuid: String,
|
|
|
|
attachment_id: String,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
|
|
|
_delete_cipher_attachment_by_id(&uuid, &attachment_id, &headers, &conn, &nt)
|
2018-08-28 22:48:53 +00:00
|
|
|
}
|
|
|
|
|
2018-02-15 23:32:26 +00:00
|
|
|
#[post("/ciphers/<uuid>/delete")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_cipher_post(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2020-04-17 20:35:27 +00:00
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, false, &nt)
|
2018-02-15 18:05:57 +00:00
|
|
|
}
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-07-01 11:43:11 +00:00
|
|
|
#[post("/ciphers/<uuid>/delete-admin")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_cipher_post_admin(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2020-04-17 20:35:27 +00:00
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, false, &nt)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/<uuid>/delete")]
|
|
|
|
fn delete_cipher_put(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, true, &nt)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/<uuid>/delete-admin")]
|
|
|
|
fn delete_cipher_put_admin(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, true, &nt)
|
2018-07-01 11:43:11 +00:00
|
|
|
}
|
|
|
|
|
2018-02-10 00:00:55 +00:00
|
|
|
#[delete("/ciphers/<uuid>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_cipher(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2020-04-17 20:35:27 +00:00
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, false, &nt)
|
2018-02-15 18:05:57 +00:00
|
|
|
}
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-08-28 22:48:53 +00:00
|
|
|
#[delete("/ciphers/<uuid>/admin")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_cipher_admin(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2020-04-17 20:35:27 +00:00
|
|
|
_delete_cipher_by_uuid(&uuid, &headers, &conn, false, &nt)
|
2018-08-28 22:48:53 +00:00
|
|
|
}
|
|
|
|
|
2018-08-03 13:53:27 +00:00
|
|
|
#[delete("/ciphers", data = "<data>")]
|
2018-12-30 22:34:31 +00:00
|
|
|
fn delete_cipher_selected(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2020-04-17 20:35:27 +00:00
|
|
|
_delete_multiple_ciphers(data, headers, conn, false, nt)
|
|
|
|
}
|
2018-03-05 23:02:36 +00:00
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
#[post("/ciphers/delete", data = "<data>")]
|
|
|
|
fn delete_cipher_selected_post(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_delete_multiple_ciphers(data, headers, conn, false, nt)
|
|
|
|
}
|
2018-04-19 14:32:11 +00:00
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
#[put("/ciphers/delete", data = "<data>")]
|
|
|
|
fn delete_cipher_selected_put(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_delete_multiple_ciphers(data, headers, conn, true, nt)
|
|
|
|
}
|
2018-04-19 14:32:11 +00:00
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
#[put("/ciphers/<uuid>/restore")]
|
|
|
|
fn restore_cipher_put(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_restore_cipher_by_uuid(&uuid, &headers, &conn, &nt)
|
2018-04-19 14:32:11 +00:00
|
|
|
}
|
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
#[put("/ciphers/<uuid>/restore-admin")]
|
|
|
|
fn restore_cipher_put_admin(uuid: String, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_restore_cipher_by_uuid(&uuid, &headers, &conn, &nt)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/restore", data = "<data>")]
|
|
|
|
fn restore_cipher_selected(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
_restore_multiple_ciphers(data, headers, conn, nt)
|
2018-08-03 13:53:27 +00:00
|
|
|
}
|
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[allow(non_snake_case)]
|
|
|
|
struct MoveCipherData {
|
|
|
|
FolderId: Option<String>,
|
|
|
|
Ids: Vec<String>,
|
|
|
|
}
|
|
|
|
|
2018-08-01 05:51:05 +00:00
|
|
|
#[post("/ciphers/move", data = "<data>")]
|
2019-01-27 23:39:14 +00:00
|
|
|
fn move_cipher_selected(data: JsonUpcase<MoveCipherData>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data = data.into_inner().data;
|
2019-01-27 23:39:14 +00:00
|
|
|
let user_uuid = headers.user.uuid;
|
2018-05-31 22:18:50 +00:00
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
if let Some(ref folder_id) = data.FolderId {
|
|
|
|
match Folder::find_by_uuid(folder_id, &conn) {
|
|
|
|
Some(folder) => {
|
|
|
|
if folder.user_uuid != user_uuid {
|
|
|
|
err!("Folder is not owned by user")
|
2018-04-24 20:01:55 +00:00
|
|
|
}
|
2019-01-27 23:39:14 +00:00
|
|
|
}
|
|
|
|
None => err!("Folder doesn't exist"),
|
|
|
|
}
|
|
|
|
}
|
2018-08-01 05:51:05 +00:00
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
for uuid in data.Ids {
|
2019-02-05 13:52:30 +00:00
|
|
|
let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
2018-08-01 05:51:05 +00:00
|
|
|
Some(cipher) => cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-08-01 05:51:05 +00:00
|
|
|
};
|
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
if !cipher.is_accessible_to_user(&user_uuid, &conn) {
|
2018-08-01 05:51:05 +00:00
|
|
|
err!("Cipher is not accessible by user")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Move cipher
|
2019-01-27 23:39:14 +00:00
|
|
|
cipher.move_to_folder(data.FolderId.clone(), &user_uuid, &conn)?;
|
2018-12-19 20:52:53 +00:00
|
|
|
|
2019-03-03 15:11:55 +00:00
|
|
|
nt.send_cipher_update(UpdateType::CipherUpdate, &cipher, &[user_uuid.clone()]);
|
2018-08-01 05:51:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[put("/ciphers/move", data = "<data>")]
|
2019-01-27 23:39:14 +00:00
|
|
|
fn move_cipher_selected_put(
|
|
|
|
data: JsonUpcase<MoveCipherData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
2018-12-30 22:34:31 +00:00
|
|
|
move_cipher_selected(data, headers, conn, nt)
|
2018-03-05 23:02:36 +00:00
|
|
|
}
|
|
|
|
|
2019-04-14 20:06:08 +00:00
|
|
|
#[derive(FromForm)]
|
|
|
|
struct OrganizationId {
|
|
|
|
#[form(field = "organizationId")]
|
|
|
|
org_id: String,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[post("/ciphers/purge?<organization..>", data = "<data>")]
|
2019-04-26 20:08:26 +00:00
|
|
|
fn delete_all(
|
|
|
|
organization: Option<Form<OrganizationId>>,
|
|
|
|
data: JsonUpcase<PasswordData>,
|
|
|
|
headers: Headers,
|
|
|
|
conn: DbConn,
|
|
|
|
nt: Notify,
|
|
|
|
) -> EmptyResult {
|
2018-05-31 22:18:50 +00:00
|
|
|
let data: PasswordData = data.into_inner().data;
|
|
|
|
let password_hash = data.MasterPasswordHash;
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2019-01-27 23:39:14 +00:00
|
|
|
let mut user = headers.user;
|
2018-02-10 00:00:55 +00:00
|
|
|
|
2018-02-22 23:38:54 +00:00
|
|
|
if !user.check_valid_password(&password_hash) {
|
2018-02-10 00:00:55 +00:00
|
|
|
err!("Invalid password")
|
|
|
|
}
|
|
|
|
|
2019-04-14 20:06:08 +00:00
|
|
|
match organization {
|
|
|
|
Some(org_data) => {
|
|
|
|
// Organization ID in query params, purging organization vault
|
|
|
|
match UserOrganization::find_by_user_and_org(&user.uuid, &org_data.org_id, &conn) {
|
|
|
|
None => err!("You don't have permission to purge the organization vault"),
|
|
|
|
Some(user_org) => {
|
2019-05-20 19:24:29 +00:00
|
|
|
if user_org.atype == UserOrgType::Owner {
|
2019-04-14 20:06:08 +00:00
|
|
|
Cipher::delete_all_by_organization(&org_data.org_id, &conn)?;
|
|
|
|
Collection::delete_all_by_organization(&org_data.org_id, &conn)?;
|
|
|
|
nt.send_user_update(UpdateType::Vault, &user);
|
|
|
|
Ok(())
|
|
|
|
} else {
|
|
|
|
err!("You don't have permission to purge the organization vault");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-04-26 20:08:26 +00:00
|
|
|
}
|
2019-04-14 20:06:08 +00:00
|
|
|
None => {
|
|
|
|
// No organization ID in query params, purging user vault
|
|
|
|
// Delete ciphers and their attachments
|
|
|
|
for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) {
|
|
|
|
cipher.delete(&conn)?;
|
|
|
|
}
|
2018-02-15 18:05:57 +00:00
|
|
|
|
2019-04-14 20:06:08 +00:00
|
|
|
// Delete folders
|
|
|
|
for f in Folder::find_by_user(&user.uuid, &conn) {
|
|
|
|
f.delete(&conn)?;
|
|
|
|
}
|
2018-02-15 18:05:57 +00:00
|
|
|
|
2019-04-14 20:06:08 +00:00
|
|
|
user.update_revision(&conn)?;
|
|
|
|
nt.send_user_update(UpdateType::Vault, &user);
|
|
|
|
Ok(())
|
2019-04-26 20:08:26 +00:00
|
|
|
}
|
2019-04-14 20:06:08 +00:00
|
|
|
}
|
2018-02-10 00:00:55 +00:00
|
|
|
}
|
2018-04-19 16:57:17 +00:00
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
fn _delete_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn, soft_delete: bool, nt: &Notify) -> EmptyResult {
|
|
|
|
let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
2018-04-19 16:57:17 +00:00
|
|
|
Some(cipher) => cipher,
|
|
|
|
None => err!("Cipher doesn't exist"),
|
|
|
|
};
|
|
|
|
|
2018-04-30 09:52:15 +00:00
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
err!("Cipher can't be deleted by user")
|
2018-04-19 16:57:17 +00:00
|
|
|
}
|
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
if soft_delete {
|
|
|
|
cipher.deleted_at = Some(chrono::Utc::now().naive_utc());
|
|
|
|
cipher.save(&conn)?;
|
2020-07-26 23:19:47 +00:00
|
|
|
nt.send_cipher_update(UpdateType::CipherUpdate, &cipher, &cipher.update_users_revision(&conn));
|
2020-04-17 20:35:27 +00:00
|
|
|
} else {
|
|
|
|
cipher.delete(&conn)?;
|
2020-07-26 23:19:47 +00:00
|
|
|
nt.send_cipher_update(UpdateType::CipherDelete, &cipher, &cipher.update_users_revision(&conn));
|
2020-04-17 20:35:27 +00:00
|
|
|
}
|
|
|
|
|
2018-12-19 20:52:53 +00:00
|
|
|
Ok(())
|
2018-04-19 16:57:17 +00:00
|
|
|
}
|
2018-07-14 06:09:20 +00:00
|
|
|
|
2020-04-17 20:35:27 +00:00
|
|
|
fn _delete_multiple_ciphers(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, soft_delete: bool, nt: Notify) -> EmptyResult {
|
|
|
|
let data: Value = data.into_inner().data;
|
|
|
|
|
|
|
|
let uuids = match data.get("Ids") {
|
|
|
|
Some(ids) => match ids.as_array() {
|
|
|
|
Some(ids) => ids.iter().filter_map(Value::as_str),
|
|
|
|
None => err!("Posted ids field is not an array"),
|
|
|
|
},
|
|
|
|
None => err!("Request missing ids field"),
|
|
|
|
};
|
|
|
|
|
|
|
|
for uuid in uuids {
|
|
|
|
if let error @ Err(_) = _delete_cipher_by_uuid(uuid, &headers, &conn, soft_delete, &nt) {
|
|
|
|
return error;
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn _restore_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn, nt: &Notify) -> EmptyResult {
|
|
|
|
let mut cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
|
|
|
None => err!("Cipher doesn't exist"),
|
|
|
|
};
|
|
|
|
|
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
err!("Cipher can't be restored by user")
|
|
|
|
}
|
|
|
|
|
|
|
|
cipher.deleted_at = None;
|
|
|
|
cipher.save(&conn)?;
|
|
|
|
|
|
|
|
nt.send_cipher_update(UpdateType::CipherUpdate, &cipher, &cipher.update_users_revision(&conn));
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn _restore_multiple_ciphers(data: JsonUpcase<Value>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
|
|
|
let data: Value = data.into_inner().data;
|
|
|
|
|
|
|
|
let uuids = match data.get("Ids") {
|
|
|
|
Some(ids) => match ids.as_array() {
|
|
|
|
Some(ids) => ids.iter().filter_map(Value::as_str),
|
|
|
|
None => err!("Posted ids field is not an array"),
|
|
|
|
},
|
|
|
|
None => err!("Request missing ids field"),
|
|
|
|
};
|
|
|
|
|
|
|
|
for uuid in uuids {
|
|
|
|
if let error @ Err(_) = _restore_cipher_by_uuid(uuid, &headers, &conn, &nt) {
|
|
|
|
return error;
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2018-12-30 22:34:31 +00:00
|
|
|
fn _delete_cipher_attachment_by_id(
|
|
|
|
uuid: &str,
|
|
|
|
attachment_id: &str,
|
|
|
|
headers: &Headers,
|
|
|
|
conn: &DbConn,
|
|
|
|
nt: &Notify,
|
|
|
|
) -> EmptyResult {
|
2018-07-14 06:09:20 +00:00
|
|
|
let attachment = match Attachment::find_by_id(&attachment_id, &conn) {
|
|
|
|
Some(attachment) => attachment,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Attachment doesn't exist"),
|
2018-07-14 06:09:20 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if attachment.cipher_uuid != uuid {
|
|
|
|
err!("Attachment from other cipher")
|
|
|
|
}
|
|
|
|
|
2018-07-18 20:35:45 +00:00
|
|
|
let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
|
|
|
|
Some(cipher) => cipher,
|
2018-12-30 22:34:31 +00:00
|
|
|
None => err!("Cipher doesn't exist"),
|
2018-07-18 20:35:45 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
|
|
|
|
err!("Cipher cannot be deleted by user")
|
|
|
|
}
|
|
|
|
|
2018-07-14 06:09:20 +00:00
|
|
|
// Delete attachment
|
2018-12-19 20:52:53 +00:00
|
|
|
attachment.delete(&conn)?;
|
2019-01-11 00:08:35 +00:00
|
|
|
nt.send_cipher_update(UpdateType::CipherUpdate, &cipher, &cipher.update_users_revision(&conn));
|
2018-12-19 20:52:53 +00:00
|
|
|
Ok(())
|
2018-07-14 06:09:20 +00:00
|
|
|
}
|