mirror of
https://github.com/bitwarden/browser
synced 2026-02-06 19:53:59 +00:00
4a30782939
* Added inputs to the view and edit component to disable or remove the delete button when a user does not have manage rights * Refactored editByCipherId to receive cipherview object * Fixed issue where adding an item on the individual vault throws a null reference * Fixed issue where adding an item on the AC vault throws a null reference * Allow delete in unassigned collection * created reusable service to check if a user has delete permission on an item * Registered service * Used authorizationservice on the browser and desktop Only display the delete button when a user has delete permission * Added comments to the service * Passed active collectionId to add edit component renamed constructor parameter * restored input property used by the web * Fixed dependency issue * Fixed dependency issue * Fixed dependency issue * Modified service to cater for org vault * Updated to include new dependency * Updated components to use the observable * Added check on the cli to know if user has rights to delete an item * Renamed abstraction and renamed implementation to include Default Fixed permission issues * Fixed test to reflect changes in implementation * Modified base classes to use new naming Passed new parameters for the canDeleteCipher * Modified base classes to use new naming Made changes from base class * Desktop changes Updated reference naming * cli changes Updated reference naming Passed new parameters for the canDeleteCipher$ * Updated references * browser changes Updated reference naming Passed new parameters for the canDeleteCipher$ * Modified cipher form dialog to take in active collection id used canDeleteCipher$ on the vault item dialog to disable the delete button when user does not have the required permissions * Fix number of arguments issue * Added active collection id * Updated canDeleteCipher$ arguments * Updated to pass the cipher object * Fixed up refrences and comments * Updated dependency * updated check to canEditUnassignedCiphers * Fixed unit tests * Removed activeCollectionId from cipher form * Fixed issue where bulk delete option shows for can edit users * Fix null reference when checking if a cipher belongs to the unassigned collection * Fixed bug where allowedCollection passed is undefined * Modified cipher by adding a isAdminConsoleAction argument to tell when a reuqest comes from the admin console * Passed isAdminConsoleAction as true when request is from the admin console
149 lines
5.0 KiB
TypeScript
149 lines
5.0 KiB
TypeScript
import { firstValueFrom } from "rxjs";
|
|
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
|
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
|
import { FolderApiServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder-api.service.abstraction";
|
|
import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
|
import { CipherAuthorizationService } from "@bitwarden/common/vault/services/cipher-authorization.service";
|
|
|
|
import { Response } from "../models/response";
|
|
import { CliUtils } from "../utils";
|
|
|
|
export class DeleteCommand {
|
|
constructor(
|
|
private cipherService: CipherService,
|
|
private folderService: FolderService,
|
|
private apiService: ApiService,
|
|
private folderApiService: FolderApiServiceAbstraction,
|
|
private accountProfileService: BillingAccountProfileStateService,
|
|
private cipherAuthorizationService: CipherAuthorizationService,
|
|
) {}
|
|
|
|
async run(object: string, id: string, cmdOptions: Record<string, any>): Promise<Response> {
|
|
if (id != null) {
|
|
id = id.toLowerCase();
|
|
}
|
|
|
|
const normalizedOptions = new Options(cmdOptions);
|
|
switch (object.toLowerCase()) {
|
|
case "item":
|
|
return await this.deleteCipher(id, normalizedOptions);
|
|
case "attachment":
|
|
return await this.deleteAttachment(id, normalizedOptions);
|
|
case "folder":
|
|
return await this.deleteFolder(id);
|
|
case "org-collection":
|
|
return await this.deleteOrganizationCollection(id, normalizedOptions);
|
|
default:
|
|
return Response.badRequest("Unknown object.");
|
|
}
|
|
}
|
|
|
|
private async deleteCipher(id: string, options: Options) {
|
|
const cipher = await this.cipherService.get(id);
|
|
if (cipher == null) {
|
|
return Response.notFound();
|
|
}
|
|
|
|
const canDeleteCipher = await firstValueFrom(
|
|
this.cipherAuthorizationService.canDeleteCipher$(cipher),
|
|
);
|
|
|
|
if (!canDeleteCipher) {
|
|
return Response.error("You do not have permission to delete this item.");
|
|
}
|
|
|
|
try {
|
|
if (options.permanent) {
|
|
await this.cipherService.deleteWithServer(id);
|
|
} else {
|
|
await this.cipherService.softDeleteWithServer(id);
|
|
}
|
|
return Response.success();
|
|
} catch (e) {
|
|
return Response.error(e);
|
|
}
|
|
}
|
|
|
|
private async deleteAttachment(id: string, options: Options) {
|
|
if (options.itemId == null || options.itemId === "") {
|
|
return Response.badRequest("`itemid` option is required.");
|
|
}
|
|
|
|
const itemId = options.itemId.toLowerCase();
|
|
const cipher = await this.cipherService.get(itemId);
|
|
if (cipher == null) {
|
|
return Response.notFound();
|
|
}
|
|
|
|
if (cipher.attachments == null || cipher.attachments.length === 0) {
|
|
return Response.error("No attachments available for this item.");
|
|
}
|
|
|
|
const attachments = cipher.attachments.filter((a) => a.id.toLowerCase() === id);
|
|
if (attachments.length === 0) {
|
|
return Response.error("Attachment `" + id + "` was not found.");
|
|
}
|
|
|
|
const canAccessPremium = await firstValueFrom(
|
|
this.accountProfileService.hasPremiumFromAnySource$,
|
|
);
|
|
if (cipher.organizationId == null && !canAccessPremium) {
|
|
return Response.error("Premium status is required to use this feature.");
|
|
}
|
|
|
|
try {
|
|
await this.cipherService.deleteAttachmentWithServer(cipher.id, attachments[0].id);
|
|
return Response.success();
|
|
} catch (e) {
|
|
return Response.error(e);
|
|
}
|
|
}
|
|
|
|
private async deleteFolder(id: string) {
|
|
const folder = await this.folderService.getFromState(id);
|
|
if (folder == null) {
|
|
return Response.notFound();
|
|
}
|
|
|
|
try {
|
|
await this.folderApiService.delete(id);
|
|
return Response.success();
|
|
} catch (e) {
|
|
return Response.error(e);
|
|
}
|
|
}
|
|
|
|
private async deleteOrganizationCollection(id: string, options: Options) {
|
|
if (options.organizationId == null || options.organizationId === "") {
|
|
return Response.badRequest("`organizationid` options is required.");
|
|
}
|
|
if (!Utils.isGuid(id)) {
|
|
return Response.badRequest("`" + id + "` is not a GUID.");
|
|
}
|
|
if (!Utils.isGuid(options.organizationId)) {
|
|
return Response.badRequest("`" + options.organizationId + "` is not a GUID.");
|
|
}
|
|
try {
|
|
await this.apiService.deleteCollection(options.organizationId, id);
|
|
return Response.success();
|
|
} catch (e) {
|
|
return Response.error(e);
|
|
}
|
|
}
|
|
}
|
|
|
|
class Options {
|
|
itemId: string;
|
|
organizationId: string;
|
|
permanent: boolean;
|
|
|
|
constructor(passedOptions: Record<string, any>) {
|
|
this.organizationId = passedOptions?.organizationid || passedOptions?.organizationId;
|
|
this.itemId = passedOptions?.itemid || passedOptions?.itemId;
|
|
this.permanent = CliUtils.convertBooleanOption(passedOptions?.permanent);
|
|
}
|
|
}
|