From a92a42af7236cb53201dacdc4d28c6965fb046bc Mon Sep 17 00:00:00 2001
From: Kumar Ankur <kmrankur@outlook.com>
Date: Mon, 27 Aug 2018 23:43:59 +0530
Subject: [PATCH] Password History Support (#155)

---
 .../2018-08-27-172114_update_ciphers/down.sql | 20 +++++++++++++++++++
 .../2018-08-27-172114_update_ciphers/up.sql   |  3 +++
 src/api/core/accounts.rs                      |  7 +------
 src/api/core/ciphers.rs                       |  4 ++++
 src/db/models/cipher.rs                       |  8 ++++++++
 src/db/schema.rs                              |  1 +
 6 files changed, 37 insertions(+), 6 deletions(-)
 create mode 100644 migrations/2018-08-27-172114_update_ciphers/down.sql
 create mode 100644 migrations/2018-08-27-172114_update_ciphers/up.sql

diff --git a/migrations/2018-08-27-172114_update_ciphers/down.sql b/migrations/2018-08-27-172114_update_ciphers/down.sql
new file mode 100644
index 00000000..63277712
--- /dev/null
+++ b/migrations/2018-08-27-172114_update_ciphers/down.sql
@@ -0,0 +1,20 @@
+ALTER TABLE ciphers RENAME TO oldCiphers;
+
+CREATE TABLE ciphers (
+  uuid              TEXT     NOT NULL PRIMARY KEY,
+  created_at        DATETIME NOT NULL,
+  updated_at        DATETIME NOT NULL,
+  user_uuid         TEXT     REFERENCES users (uuid),
+  organization_uuid TEXT     REFERENCES organizations (uuid),
+  type              INTEGER  NOT NULL,
+  name              TEXT     NOT NULL,
+  notes             TEXT,
+  fields            TEXT,
+  data              TEXT     NOT NULL,
+  favorite          BOOLEAN  NOT NULL
+);
+
+INSERT INTO ciphers (uuid, created_at, updated_at, user_uuid, organization_uuid, type, name, notes, fields, data, favorite) 
+SELECT uuid, created_at, updated_at, user_uuid, organization_uuid, type, name, notes, fields, data, favorite FROM oldCiphers;
+
+DROP TABLE oldCiphers;
\ No newline at end of file
diff --git a/migrations/2018-08-27-172114_update_ciphers/up.sql b/migrations/2018-08-27-172114_update_ciphers/up.sql
new file mode 100644
index 00000000..624efd66
--- /dev/null
+++ b/migrations/2018-08-27-172114_update_ciphers/up.sql
@@ -0,0 +1,3 @@
+ALTER TABLE ciphers
+    ADD COLUMN
+    password_history TEXT;
\ No newline at end of file
diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
index f9e7d6c1..a551a868 100644
--- a/src/api/core/accounts.rs
+++ b/src/api/core/accounts.rs
@@ -168,9 +168,8 @@ struct EmailTokenData {
 #[post("/accounts/email-token", data = "<data>")]
 fn post_email_token(data: JsonUpcase<EmailTokenData>, headers: Headers, conn: DbConn) -> EmptyResult {
     let data: EmailTokenData = data.into_inner().data;
-    let mut user = headers.user;
 
-    if !user.check_valid_password(&data.MasterPasswordHash) {
+    if !headers.user.check_valid_password(&data.MasterPasswordHash) {
         err!("Invalid password")
     }
 
@@ -178,10 +177,6 @@ fn post_email_token(data: JsonUpcase<EmailTokenData>, headers: Headers, conn: Db
         err!("Email already in use");
     }
 
-    user.email = data.NewEmail;
-
-    user.save(&conn);
-    
     Ok(())
 }
 
diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs
index beb68e05..eefd1675 100644
--- a/src/api/core/ciphers.rs
+++ b/src/api/core/ciphers.rs
@@ -112,6 +112,8 @@ struct CipherData {
     Identity: Option<Value>,
 
     Favorite: Option<bool>,
+
+    PasswordHistory: Option<Value>,
 }
 
 #[post("/ciphers/admin", data = "<data>")]
@@ -177,6 +179,7 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
     type_data["Name"] = Value::String(data.Name.clone());
     type_data["Notes"] = data.Notes.clone().map(Value::String).unwrap_or(Value::Null);
     type_data["Fields"] = data.Fields.clone().unwrap_or(Value::Null);
+    type_data["PasswordHistory"] = data.PasswordHistory.clone().unwrap_or(Value::Null);
     // TODO: ******* Backwards compat end **********
 
     cipher.favorite = data.Favorite.unwrap_or(false);
@@ -184,6 +187,7 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
     cipher.notes = data.Notes;
     cipher.fields = data.Fields.map(|f| f.to_string());
     cipher.data = type_data.to_string();
+    cipher.password_history = data.PasswordHistory.map(|f| f.to_string());
 
     cipher.save(&conn);
 
diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs
index 3faf1aea..917a76ea 100644
--- a/src/db/models/cipher.rs
+++ b/src/db/models/cipher.rs
@@ -32,6 +32,7 @@ pub struct Cipher {
     pub data: String,
 
     pub favorite: bool,
+    pub password_history: Option<String>,
 }
 
 /// Local methods
@@ -55,6 +56,7 @@ impl Cipher {
             fields: None,
 
             data: String::new(),
+            password_history: None,
         }
     }
 }
@@ -77,6 +79,10 @@ impl Cipher {
         let fields_json: JsonValue = if let Some(ref fields) = self.fields {
             serde_json::from_str(fields).unwrap()
         } else { JsonValue::Null };
+        
+        let password_history_json: JsonValue = if let Some(ref password_history) = self.password_history {
+            serde_json::from_str(password_history).unwrap()
+        } else { JsonValue::Null };
 
         let mut data_json: JsonValue = serde_json::from_str(&self.data).unwrap();
 
@@ -108,6 +114,8 @@ impl Cipher {
 
             "Object": "cipher",
             "Edit": true,
+
+            "PasswordHistory": password_history_json,
         });
 
         let key = match self.type_ {
diff --git a/src/db/schema.rs b/src/db/schema.rs
index f39701b1..5382e697 100644
--- a/src/db/schema.rs
+++ b/src/db/schema.rs
@@ -21,6 +21,7 @@ table! {
         fields -> Nullable<Text>,
         data -> Text,
         favorite -> Bool,
+        password_history -> Nullable<Text>,
     }
 }