From 0fe93edea6cb8d4b30416a6d319164f8828ad8b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Sat, 27 Apr 2024 23:24:04 +0200 Subject: [PATCH] Some fixes for the new mobile apps (#4526) --- src/api/core/ciphers.rs | 9 +++++--- src/api/identity.rs | 7 +++++- src/db/models/organization.rs | 41 +++++++++++++++++------------------ src/db/models/user.rs | 2 ++ src/main.rs | 2 +- 5 files changed, 35 insertions(+), 26 deletions(-) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 5a955d17..18d1b998 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -10,6 +10,7 @@ use rocket::{ }; use serde_json::Value; +use crate::util::NumberOrString; use crate::{ api::{self, core::log_event, EmptyResult, JsonResult, JsonUpcase, Notify, PasswordOrOtpData, UpdateType}, auth::Headers, @@ -964,7 +965,7 @@ async fn get_attachment(uuid: &str, attachment_id: &str, headers: Headers, mut c struct AttachmentRequestData { Key: String, FileName: String, - FileSize: i64, + FileSize: NumberOrString, AdminRequest: Option, // true when attaching from an org vault view } @@ -994,12 +995,14 @@ async fn post_attachment_v2( } let data: AttachmentRequestData = data.into_inner().data; - if data.FileSize < 0 { + let file_size = data.FileSize.into_i64()?; + + if file_size < 0 { err!("Attachment size can't be negative") } let attachment_id = crypto::generate_attachment_id(); let attachment = - Attachment::new(attachment_id.clone(), cipher.uuid.clone(), data.FileName, data.FileSize, Some(data.Key)); + Attachment::new(attachment_id.clone(), cipher.uuid.clone(), data.FileName, file_size, Some(data.Key)); attachment.save(&mut conn).await.expect("Error saving attachment"); let url = format!("/ciphers/{}/attachment/{}", cipher.uuid, attachment_id); diff --git a/src/api/identity.rs b/src/api/identity.rs index 9f3cd1bf..ad51d664 100644 --- a/src/api/identity.rs +++ b/src/api/identity.rs @@ -295,7 +295,12 @@ async fn _password_login( "KdfIterations": user.client_kdf_iter, "KdfMemory": user.client_kdf_memory, "KdfParallelism": user.client_kdf_parallelism, - "ResetMasterPassword": false,// TODO: Same as above + "ResetMasterPassword": false, // TODO: Same as above + "ForcePasswordReset": false, + "MasterPasswordPolicy": { + "object": "masterPasswordPolicy", + }, + "scope": scope, "unofficialServer": true, "UserDecryptionOptions": { diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs index 180b1c1d..59d66856 100644 --- a/src/db/models/organization.rs +++ b/src/db/models/organization.rs @@ -344,6 +344,25 @@ impl UserOrganization { pub async fn to_json(&self, conn: &mut DbConn) -> Value { let org = Organization::find_by_uuid(&self.org_uuid, conn).await.unwrap(); + let permissions = json!({ + // TODO: Add support for Custom User Roles + // See: https://bitwarden.com/help/article/user-types-access-control/#custom-role + "accessEventLogs": false, + "accessImportExport": false, + "accessReports": false, + "createNewCollections": false, + "editAnyCollection": false, + "deleteAnyCollection": false, + "editAssignedCollections": false, + "deleteAssignedCollections": false, + "manageGroups": false, + "managePolicies": false, + "manageSso": false, // Not supported + "manageUsers": false, + "manageResetPassword": false, + "manageScim": false // Not supported (Not AGPLv3 Licensed) + }); + // https://github.com/bitwarden/server/blob/13d1e74d6960cf0d042620b72d85bf583a4236f7/src/Api/Models/Response/ProfileOrganizationResponseModel.cs json!({ "Id": self.org_uuid, @@ -371,27 +390,7 @@ impl UserOrganization { // "KeyConnectorEnabled": false, // "KeyConnectorUrl": null, - // TODO: Add support for Custom User Roles - // See: https://bitwarden.com/help/article/user-types-access-control/#custom-role - // "Permissions": { - // "AccessEventLogs": false, - // "AccessImportExport": false, - // "AccessReports": false, - // "ManageAllCollections": false, - // "CreateNewCollections": false, - // "EditAnyCollection": false, - // "DeleteAnyCollection": false, - // "ManageAssignedCollections": false, - // "editAssignedCollections": false, - // "deleteAssignedCollections": false, - // "ManageCiphers": false, - // "ManageGroups": false, - // "ManagePolicies": false, - // "ManageResetPassword": false, - // "ManageSso": false, // Not supported - // "ManageUsers": false, - // "ManageScim": false, // Not supported (Not AGPLv3 Licensed) - // }, + "permissions": permissions, "MaxStorageGb": 10, // The value doesn't matter, we don't check server-side diff --git a/src/db/models/user.rs b/src/db/models/user.rs index bf7dad32..d87defd0 100644 --- a/src/db/models/user.rs +++ b/src/db/models/user.rs @@ -246,6 +246,7 @@ impl User { "Email": self.email, "EmailVerified": !CONFIG.mail_enabled() || self.verified_at.is_some(), "Premium": true, + "PremiumFromOrganization": false, "MasterPasswordHint": self.password_hint, "Culture": "en-US", "TwoFactorEnabled": twofactor_enabled, @@ -257,6 +258,7 @@ impl User { "ProviderOrganizations": [], "ForcePasswordReset": false, "AvatarColor": self.avatar_color, + "UsesKeyConnector": false, "Object": "profile", }) } diff --git a/src/main.rs b/src/main.rs index c20ecfe1..c7726a87 100644 --- a/src/main.rs +++ b/src/main.rs @@ -3,7 +3,7 @@ // The more key/value pairs there are the more recursion occurs. // We want to keep this as low as possible, but not higher then 128. // If you go above 128 it will cause rust-analyzer to fail, -#![recursion_limit = "87"] +#![recursion_limit = "90"] // When enabled use MiMalloc as malloc instead of the default malloc #[cfg(feature = "enable_mimalloc")]