topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch 'master' into alpine

pull/166/head
Miroslav Prasil 7 years ago
parent
45d676eb10 fe473b9e75
commit
cec9566d2a
2 changed files with 36 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 47
      src/api/core/ciphers.rs
  2. 10
      src/db/models/attachment.rs

47
src/api/core/ciphers.rs
View File

@ -127,26 +127,24 @@ fn post_ciphers(data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn) ->
let data: CipherData = data.into_inner().data; let data: CipherData = data.into_inner().data;
let mut cipher = Cipher::new(data.Type, data.Name.clone()); let mut cipher = Cipher::new(data.Type, data.Name.clone());
update_cipher_from_data(&mut cipher, data, &headers, true, &conn)?; update_cipher_from_data(&mut cipher, data, &headers, false, &conn)?;
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }
fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, is_new_or_shared: bool, conn: &DbConn) -> EmptyResult { fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, shared_to_collection: bool, conn: &DbConn) -> EmptyResult {
if is_new_or_shared { if let Some(org_id) = data.OrganizationId {
if let Some(org_id) = data.OrganizationId { match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) { None => err!("You don't have permission to add item to organization"),
None => err!("You don't have permission to add item to organization"), Some(org_user) => if shared_to_collection || org_user.has_full_access() {
Some(org_user) => if org_user.has_full_access() { cipher.organization_uuid = Some(org_id);
cipher.organization_uuid = Some(org_id); cipher.user_uuid = None;
cipher.user_uuid = None; } else {
} else { err!("You don't have permission to add cipher directly to organization")
err!("You don't have permission to add cipher directly to organization")
}
} }
} else {
cipher.user_uuid = Some(headers.user.uuid.clone());
} }
} else {
cipher.user_uuid = Some(headers.user.uuid.clone());
} }
if let Some(ref folder_id) = data.FolderId { if let Some(ref folder_id) = data.FolderId {
@ -243,7 +241,7 @@ fn post_ciphers_import(data: JsonUpcase<ImportData>, headers: Headers, conn: DbC
.map(|i| folders[*i].uuid.clone()); .map(|i| folders[*i].uuid.clone());
let mut cipher = Cipher::new(cipher_data.Type, cipher_data.Name.clone()); let mut cipher = Cipher::new(cipher_data.Type, cipher_data.Name.clone());
update_cipher_from_data(&mut cipher, cipher_data, &headers, true, &conn)?; update_cipher_from_data(&mut cipher, cipher_data, &headers, false, &conn)?;
cipher.move_to_folder(folder_uuid, &headers.user.uuid.clone(), &conn).ok(); cipher.move_to_folder(folder_uuid, &headers.user.uuid.clone(), &conn).ok();
} }
@ -422,22 +420,28 @@ fn share_cipher_by_uuid(uuid: &str, data: ShareCipherData, headers: &Headers, co
None => err!("Cipher doesn't exist") None => err!("Cipher doesn't exist")
}; };
match data.Cipher.OrganizationId { match data.Cipher.OrganizationId.clone() {
None => err!("Organization id not provided"), None => err!("Organization id not provided"),
Some(_) => { Some(organization_uuid) => {
update_cipher_from_data(&mut cipher, data.Cipher, &headers, true, &conn)?; let mut shared_to_collection = false;
for uuid in &data.CollectionIds { for uuid in &data.CollectionIds {
match Collection::find_by_uuid(uuid, &conn) { match Collection::find_by_uuid(uuid, &conn) {
None => err!("Invalid collection ID provided"), None => err!("Invalid collection ID provided"),
Some(collection) => { Some(collection) => {
if collection.is_writable_by_user(&headers.user.uuid, &conn) { if collection.is_writable_by_user(&headers.user.uuid, &conn) {
CollectionCipher::save(&cipher.uuid.clone(), &collection.uuid, &conn); if collection.org_uuid == organization_uuid {
CollectionCipher::save(&cipher.uuid.clone(), &collection.uuid, &conn);
shared_to_collection = true;
} else {
err!("Collection does not belong to organization")
}
} else { } else {
err!("No rights to modify the collection") err!("No rights to modify the collection")
} }
} }
} }
} }
update_cipher_from_data(&mut cipher, data.Cipher, &headers, shared_to_collection, &conn)?;
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }
@ -488,7 +492,10 @@ fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers
}; };
let attachment = Attachment::new(file_name, cipher.uuid.clone(), name, size); let attachment = Attachment::new(file_name, cipher.uuid.clone(), name, size);
attachment.save(&conn); match attachment.save(&conn) {
Ok(()) => (),
Err(_) => println!("Error: failed to save attachment")
};
}).expect("Error processing multipart data"); }).expect("Error processing multipart data");
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))

10
src/db/models/attachment.rs
View File

@ -53,13 +53,11 @@ use db::schema::attachments;
/// Database methods /// Database methods
impl Attachment { impl Attachment {
pub fn save(&self, conn: &DbConn) -> bool { pub fn save(&self, conn: &DbConn) -> QueryResult<()> {
match diesel::replace_into(attachments::table) diesel::replace_into(attachments::table)
.values(self) .values(self)
.execute(&**conn) { .execute(&**conn)
Ok(1) => true, // One row inserted .and(Ok(()))
_ => false,
}
} }
pub fn delete(self, conn: &DbConn) -> QueryResult<()> { pub fn delete(self, conn: &DbConn) -> QueryResult<()> {

Write Preview
Loading…
Cancel
Save