Delete folder mappings when deleting folders and make sure that we can't change a ciphers owner when created

This commit is contained in:
Daniel García 2018-05-04 19:02:19 +02:00
parent 85bc5514f8
commit 92236394e6
4 changed files with 39 additions and 35 deletions

View File

@ -107,17 +107,28 @@ fn post_ciphers_admin(data: Json<CipherData>, headers: Headers, conn: DbConn) ->
fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonResult { fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonResult {
let data: CipherData = data.into_inner(); let data: CipherData = data.into_inner();
let user_uuid = headers.user.uuid.clone(); let mut cipher = Cipher::new(data.type_, data.name.clone());
let favorite = data.favorite.unwrap_or(false); update_cipher_from_data(&mut cipher, data, &headers, true, &conn)?;
let mut cipher = Cipher::new(Some(user_uuid), None, data.type_, data.name.clone(), favorite);
update_cipher_from_data(&mut cipher, data, &headers, &conn)?;
cipher.save(&conn);
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }
fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult { fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, is_new: bool, conn: &DbConn) -> EmptyResult {
if is_new {
if let Some(org_id) = data.organizationId {
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
None => err!("You don't have permission to add item to organization"),
Some(org_user) => if org_user.access_all || org_user.type_ < UserOrgType::User as i32 {
cipher.organization_uuid = Some(org_id);
} else {
err!("You don't have permission to add cipher directly to organization")
}
}
} else {
cipher.user_uuid = Some(headers.user.uuid.clone());
}
}
if let Some(ref folder_id) = data.folderId { if let Some(ref folder_id) = data.folderId {
match Folder::find_by_uuid(folder_id, conn) { match Folder::find_by_uuid(folder_id, conn) {
Some(folder) => { Some(folder) => {
@ -129,17 +140,6 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
} }
} }
if let Some(org_id) = data.organizationId {
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
None => err!("You don't have permission to add item to organization"),
Some(org_user) => if org_user.access_all || org_user.type_ < UserOrgType::User as i32 {
cipher.organization_uuid = Some(org_id);
} else {
err!("You don't have permission to add cipher directly to organization")
}
}
}
let uppercase_fields = data.fields.map(|f| { let uppercase_fields = data.fields.map(|f| {
let mut value = json!({}); let mut value = json!({});
// Copy every field object and change the names to the correct case // Copy every field object and change the names to the correct case
@ -177,11 +177,14 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
if cipher.move_to_folder(data.folderId, &headers.user.uuid, &conn).is_err() { if cipher.move_to_folder(data.folderId, &headers.user.uuid, &conn).is_err() {
err!("Error saving the folder information") err!("Error saving the folder information")
} }
cipher.favorite = data.favorite.unwrap_or(false);
cipher.name = data.name; cipher.name = data.name;
cipher.notes = data.notes; cipher.notes = data.notes;
cipher.fields = uppercase_fields.map(|f| f.to_string()); cipher.fields = uppercase_fields.map(|f| f.to_string());
cipher.data = values.to_string(); cipher.data = values.to_string();
cipher.save(&conn);
Ok(()) Ok(())
} }
@ -247,14 +250,11 @@ fn post_ciphers_import(data: Json<ImportData>, headers: Headers, conn: DbConn) -
let folder_uuid = relations_map.get(&index) let folder_uuid = relations_map.get(&index)
.map(|i| folders[*i as usize].uuid.clone()); .map(|i| folders[*i as usize].uuid.clone());
let user_uuid = headers.user.uuid.clone(); let mut cipher = Cipher::new(cipher_data.type_, cipher_data.name.clone());
let favorite = cipher_data.favorite.unwrap_or(false); update_cipher_from_data(&mut cipher, cipher_data, &headers, true, &conn)?;
let mut cipher = Cipher::new(Some(user_uuid), None, cipher_data.type_, cipher_data.name.clone(), favorite);
if update_cipher_from_data(&mut cipher, cipher_data, &headers, &conn).is_err() { err!("Error creating cipher") }
cipher.move_to_folder(folder_uuid, &headers.user.uuid.clone(), &conn).ok(); cipher.move_to_folder(folder_uuid, &headers.user.uuid.clone(), &conn).ok();
cipher.save(&conn);
index += 1; index += 1;
} }
@ -279,10 +279,7 @@ fn put_cipher(uuid: String, data: Json<CipherData>, headers: Headers, conn: DbCo
err!("Cipher is not write accessible") err!("Cipher is not write accessible")
} }
cipher.favorite = data.favorite.unwrap_or(false); update_cipher_from_data(&mut cipher, data, &headers, false, &conn)?;
update_cipher_from_data(&mut cipher, data, &headers, &conn)?;
cipher.save(&conn);
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }

View File

@ -89,10 +89,10 @@ fn delete_folder(uuid: String, headers: Headers, conn: DbConn) -> EmptyResult {
err!("Folder belongs to another user") err!("Folder belongs to another user")
} }
if !Cipher::find_by_folder(&folder.uuid, &conn).is_empty() { // Delete FolderCipher mappings
err!("Folder is not empty") for fc in FolderCipher::find_by_folder(&uuid, &conn) { fc.delete(&conn).expect("Error deleting mapping"); }
}
// Delete the actual folder entry
folder.delete(&conn); folder.delete(&conn);
Ok(()) Ok(())

View File

@ -36,7 +36,7 @@ pub struct Cipher {
/// Local methods /// Local methods
impl Cipher { impl Cipher {
pub fn new(user_uuid: Option<String>, organization_uuid: Option<String>, type_: i32, name: String, favorite: bool) -> Self { pub fn new(type_: i32, name: String) -> Self {
let now = Utc::now().naive_utc(); let now = Utc::now().naive_utc();
Self { Self {
@ -44,11 +44,11 @@ impl Cipher {
created_at: now, created_at: now,
updated_at: now, updated_at: now,
user_uuid, user_uuid: None,
organization_uuid, organization_uuid: None,
type_, type_,
favorite, favorite: false,
name, name,
notes: None, notes: None,
@ -98,6 +98,7 @@ impl Cipher {
"OrganizationId": self.organization_uuid, "OrganizationId": self.organization_uuid,
"Attachments": attachments_json, "Attachments": attachments_json,
"OrganizationUseTotp": false, "OrganizationUseTotp": false,
"CollectionIds": [],
"Name": self.name, "Name": self.name,
"Notes": self.notes, "Notes": self.notes,

View File

@ -123,4 +123,10 @@ impl FolderCipher {
.filter(folders_ciphers::cipher_uuid.eq(cipher_uuid)) .filter(folders_ciphers::cipher_uuid.eq(cipher_uuid))
.first::<Self>(&**conn).ok() .first::<Self>(&**conn).ok()
} }
pub fn find_by_folder(folder_uuid: &str, conn: &DbConn) -> Vec<Self> {
folders_ciphers::table
.filter(folders_ciphers::folder_uuid.eq(folder_uuid))
.load::<Self>(&**conn).expect("Error loading folders")
}
} }