bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-13 14:53:34 +00:00
Code Issues Releases Wiki Activity

validation checks on cipher move

Browse Source
This commit is contained in:
Kyle Spearrin
2017-03-25 16:25:10 -04:00
parent 5029af33c5
commit b144f8a686
4 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controllers/CiphersController.cs
View File

@@ -119,12 +119,12 @@ namespace Bit.Api.Controllers
{
var userId = _userService.GetProperUserId(User).Value;
var cipher = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
if(cipher == null)
if(cipher == null || cipher.OrganizationId.HasValue || cipher.UserId != userId)
{
throw new NotFoundException();
}
await _cipherService.MoveSubvaultAsync(model.Cipher.ToCipher(cipher),
await _cipherService.MoveSubvaultAsync(model.Cipher.ToCipher(cipher), new Guid(model.Cipher.OrganizationId),
model.SubvaultIds.Select(s => new Guid(s)), userId);
}