mirror of
https://github.com/bitwarden/server
synced 2025-12-16 08:13:33 +00:00
5537470703
* Get limited life attachment download URL This change limits url download to a 1min lifetime. This requires moving to a new container to allow for non-public blob access. Clients will have to call GetAttachmentData api function to receive the download URL. For backwards compatibility, attachment URLs are still present, but will not work for attachments stored in non-public access blobs. * Make GlobalSettings interface for testing * Test LocalAttachmentStorageService equivalence * Remove comment * Add missing globalSettings using * Simplify default attachment container * Default to attachments containe for existing methods A new upload method will be made for uploading to attachments-v2. For compatibility for clients which don't use these new methods, we need to still use the old container. The new container will be used only for new uploads * Remove Default MetaData fixture. * Keep attachments container blob-level security for all instances * Close unclosed FileStream * Favor default value for noop services
122 lines
4.1 KiB
C#
122 lines
4.1 KiB
C#
using Microsoft.AspNetCore.Mvc;
|
|
using Bit.Core.Services;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Bit.Core;
|
|
using Bit.Core.Context;
|
|
using Bit.Core.Exceptions;
|
|
using Bit.Core.Models.Api;
|
|
using System.Threading.Tasks;
|
|
using System.Linq;
|
|
using Microsoft.AspNetCore.Hosting;
|
|
using Bit.Api.Utilities;
|
|
using Bit.Core.Utilities;
|
|
using Bit.Core.Settings;
|
|
using Microsoft.Extensions.Hosting;
|
|
|
|
namespace Bit.Api.Controllers
|
|
{
|
|
[Route("push")]
|
|
[Authorize("Push")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public class PushController : Controller
|
|
{
|
|
private readonly IPushRegistrationService _pushRegistrationService;
|
|
private readonly IPushNotificationService _pushNotificationService;
|
|
private readonly IWebHostEnvironment _environment;
|
|
private readonly ICurrentContext _currentContext;
|
|
private readonly GlobalSettings _globalSettings;
|
|
|
|
public PushController(
|
|
IPushRegistrationService pushRegistrationService,
|
|
IPushNotificationService pushNotificationService,
|
|
IWebHostEnvironment environment,
|
|
ICurrentContext currentContext,
|
|
GlobalSettings globalSettings)
|
|
{
|
|
_currentContext = currentContext;
|
|
_environment = environment;
|
|
_pushRegistrationService = pushRegistrationService;
|
|
_pushNotificationService = pushNotificationService;
|
|
_globalSettings = globalSettings;
|
|
}
|
|
|
|
[HttpPost("register")]
|
|
public async Task PostRegister([FromBody]PushRegistrationRequestModel model)
|
|
{
|
|
CheckUsage();
|
|
await _pushRegistrationService.CreateOrUpdateRegistrationAsync(model.PushToken, Prefix(model.DeviceId),
|
|
Prefix(model.UserId), Prefix(model.Identifier), model.Type);
|
|
}
|
|
|
|
[HttpDelete("{id}")]
|
|
public async Task Delete(string id)
|
|
{
|
|
CheckUsage();
|
|
await _pushRegistrationService.DeleteRegistrationAsync(Prefix(id));
|
|
}
|
|
|
|
[HttpPut("add-organization")]
|
|
public async Task PutAddOrganization([FromBody]PushUpdateRequestModel model)
|
|
{
|
|
CheckUsage();
|
|
await _pushRegistrationService.AddUserRegistrationOrganizationAsync(
|
|
model.DeviceIds.Select(d => Prefix(d)), Prefix(model.OrganizationId));
|
|
}
|
|
|
|
[HttpPut("delete-organization")]
|
|
public async Task PutDeleteOrganization([FromBody]PushUpdateRequestModel model)
|
|
{
|
|
CheckUsage();
|
|
await _pushRegistrationService.DeleteUserRegistrationOrganizationAsync(
|
|
model.DeviceIds.Select(d => Prefix(d)), Prefix(model.OrganizationId));
|
|
}
|
|
|
|
[HttpPost("send")]
|
|
public async Task PostSend([FromBody]PushSendRequestModel model)
|
|
{
|
|
CheckUsage();
|
|
|
|
if (!string.IsNullOrWhiteSpace(model.UserId))
|
|
{
|
|
await _pushNotificationService.SendPayloadToUserAsync(Prefix(model.UserId),
|
|
model.Type.Value, model.Payload, Prefix(model.Identifier), Prefix(model.DeviceId));
|
|
}
|
|
else if (!string.IsNullOrWhiteSpace(model.OrganizationId))
|
|
{
|
|
await _pushNotificationService.SendPayloadToOrganizationAsync(Prefix(model.OrganizationId),
|
|
model.Type.Value, model.Payload, Prefix(model.Identifier), Prefix(model.DeviceId));
|
|
}
|
|
}
|
|
|
|
private string Prefix(string value)
|
|
{
|
|
if (string.IsNullOrWhiteSpace(value))
|
|
{
|
|
return null;
|
|
}
|
|
|
|
return $"{_currentContext.InstallationId.Value}_{value}";
|
|
}
|
|
|
|
private void CheckUsage()
|
|
{
|
|
if (CanUse())
|
|
{
|
|
return;
|
|
}
|
|
|
|
throw new BadRequestException("Not correctly configured for push relays.");
|
|
}
|
|
|
|
private bool CanUse()
|
|
{
|
|
if (_environment.IsDevelopment())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
return _currentContext.InstallationId.HasValue && !_globalSettings.SelfHosted;
|
|
}
|
|
}
|
|
}
|