bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-11 22:03:38 +00:00
Code Issues Releases Wiki Activity

[EC-92] Add organization vault export to event logs (#2128)

Browse Source 
* Added nullable OrganizationId to EventModel

* Added EventType Organization_ClientExportedVault

* Updated CollectController to save the event Organization_ClientExportedVault

* Added OrganizationExportResponseModel to encapsulate Organization Export data

* Added OrganizationExportController to have a single endpoint for Organization vault export

* Added method GetOrganizationCollections to ICollectionService to get collections for an organization

* Added GetOrganizationCiphers to ICipherService to get ciphers for an organization

* Updated controllers to use new methods in ICollectionService and ICipherService
This commit is contained in:
Rui Tomé
2022-07-25 09:56:23 +01:00
committed by GitHub
parent f6a18db582
commit 7dfb04298d
11 changed files with 164 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/Core/Services/Implementations/CipherService.cs
View File

@@ -1,4 +1,5 @@
using System.Text.Json;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
@@ -29,6 +30,8 @@ namespace Bit.Core.Services
private readonly GlobalSettings _globalSettings;
private const long _fileSizeLeeway = 1024L * 1024L; // 1MB
private readonly IReferenceEventService _referenceEventService;
private readonly ICurrentContext _currentContext;
private readonly IProviderService _providerService;
public CipherService(
ICipherRepository cipherRepository,
@@ -43,7 +46,8 @@ namespace Bit.Core.Services
IUserService userService,
IPolicyRepository policyRepository,
GlobalSettings globalSettings,
IReferenceEventService referenceEventService)
IReferenceEventService referenceEventService,
ICurrentContext currentContext)
{
_cipherRepository = cipherRepository;
_folderRepository = folderRepository;
@@ -58,6 +62,7 @@ namespace Bit.Core.Services
_policyRepository = policyRepository;
_globalSettings = globalSettings;
_referenceEventService = referenceEventService;
_currentContext = currentContext;
}
public async Task SaveAsync(Cipher cipher, Guid savingUserId, DateTime? lastKnownRevisionDate,
@@ -845,6 +850,41 @@ namespace Bit.Core.Services
await _pushService.PushSyncCiphersAsync(restoringUserId);
}
public async Task<(IEnumerable<CipherOrganizationDetails>, Dictionary<Guid, IGrouping<Guid, CollectionCipher>>)> GetOrganizationCiphers(Guid userId, Guid organizationId)
{
if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.AccessReports(organizationId))
{
throw new NotFoundException();
}
IEnumerable<CipherOrganizationDetails> orgCiphers;
if (await _currentContext.OrganizationAdmin(organizationId))
{
// Admins, Owners and Providers can access all items even if not assigned to them
orgCiphers = await _cipherRepository.GetManyOrganizationDetailsByOrganizationIdAsync(organizationId);
}
else
{
var ciphers = await _cipherRepository.GetManyByUserIdAsync(userId, true);
orgCiphers = ciphers.Where(c => c.OrganizationId == organizationId);
}
var orgCipherIds = orgCiphers.Select(c => c.Id);
var collectionCiphers = await _collectionCipherRepository.GetManyByOrganizationIdAsync(organizationId);
var collectionCiphersGroupDict = collectionCiphers
.Where(c => orgCipherIds.Contains(c.CipherId))
.GroupBy(c => c.CipherId).ToDictionary(s => s.Key);
var providerId = await _currentContext.ProviderIdForOrg(organizationId);
if (providerId.HasValue)
{
await _providerService.LogProviderAccessToOrganizationAsync(organizationId);
}
return (orgCiphers, collectionCiphersGroupDict);
}
private async Task<bool> UserCanEditAsync(Cipher cipher, Guid userId)
{
if (!cipher.OrganizationId.HasValue && cipher.UserId.HasValue && cipher.UserId.Value == userId)