bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-26 05:03:18 +00:00
Code Issues Releases Wiki Activity

[PM-26316] Prevent users from sharing archived cipher (#6443)

Browse Source 
* prevent users from sharing an archived cipher

* move check outside of encrypted check

* add check for cipher stored in the DB does not have an archive date
This commit is contained in:
Nick Krantz
2025-10-13 08:03:57 -05:00
committed by GitHub
parent 84534eb8f9
commit 42568b6494
2 changed files with 127 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/Api/Vault/Controllers/CiphersController.cs
View File

@@ -754,6 +754,11 @@ public class CiphersController : Controller
}
}
if (cipher.ArchivedDate.HasValue)
{
throw new BadRequestException("Cannot move an archived item to an organization.");
}
ValidateClientVersionForFido2CredentialSupport(cipher);
var original = cipher.Clone();
@@ -1263,6 +1268,11 @@ public class CiphersController : Controller
_logger.LogError("Cipher was not encrypted for the current user. CipherId: {CipherId}, CurrentUser: {CurrentUserId}, EncryptedFor: {EncryptedFor}", cipher.Id, userId, cipher.EncryptedFor);
throw new BadRequestException("Cipher was not encrypted for the current user. Please try again.");
}
if (cipher.ArchivedDate.HasValue)
{
throw new BadRequestException("Cannot move archived items to an organization.");
}
}
var shareCiphers = new List<(CipherDetails, DateTime?)>();
@@ -1275,6 +1285,11 @@ public class CiphersController : Controller
ValidateClientVersionForFido2CredentialSupport(existingCipher);
if (existingCipher.ArchivedDate.HasValue)
{
throw new BadRequestException("Cannot move archived items to an organization.");
}
shareCiphers.Add((cipher.ToCipherDetails(existingCipher), cipher.LastKnownRevisionDate));
}