src/Api/Controllers/LoginsController.cs

using System;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Bit.Core.Repositories;
using Microsoft.AspNetCore.Authorization;
using Bit.Core.Models.Api;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Core;
using System.Collections.Generic;
using Core.Models.Data;
using Bit.Core.Models.Table;

namespace Bit.Api.Controllers
{
    [Route("logins")]
    // "sites" route is deprecated
    [Route("sites")]
    [Authorize("Application")]
    public class LoginsController : Controller
    {
        private readonly ICipherRepository _cipherRepository;
        private readonly IFolderRepository _folderRepository;
        private readonly ICipherService _cipherService;
        private readonly IUserService _userService;
        private readonly CurrentContext _currentContext;

        public LoginsController(
            ICipherRepository cipherRepository,
            IFolderRepository folderRepository,
            ICipherService cipherService,
            IUserService userService,
            CurrentContext currentContext)
        {
            _cipherRepository = cipherRepository;
            _folderRepository = folderRepository;
            _cipherService = cipherService;
            _userService = userService;
            _currentContext = currentContext;
        }

        [HttpGet("{id}")]
        public async Task<LoginResponseModel> Get(string id)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
            if(login == null || login.Type != Core.Enums.CipherType.Login)
            {
                throw new NotFoundException();
            }

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpGet("{id}/admin")]
        public async Task<LoginResponseModel> GetAdmin(string id)
        {
            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
            if(login == null || !login.OrganizationId.HasValue ||
                !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
            {
                throw new NotFoundException();
            }

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpGet("")]
        public async Task<ListResponseModel<LoginResponseModel>> Get(string[] expand = null)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var logins = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Login,
                userId);
            var responses = logins.Select(l => new LoginResponseModel(l)).ToList();
            await ExpandManyAsync(logins, responses, expand, userId);
            return new ListResponseModel<LoginResponseModel>(responses);
        }

        [HttpPost("")]
        public async Task<LoginResponseModel> Post([FromBody]LoginRequestModel model)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var login = model.ToCipherDetails(userId);
            await _cipherService.SaveDetailsAsync(login, userId);

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpPost("admin")]
        public async Task<LoginResponseModel> PostAdmin([FromBody]LoginRequestModel model)
        {
            var login = model.ToOrganizationCipher();
            if(!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
            {
                throw new NotFoundException();
            }

            var userId = _userService.GetProperUserId(User).Value;
            await _cipherService.SaveAsync(login, userId, true);

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpPut("{id}")]
        [HttpPost("{id}")]
        public async Task<LoginResponseModel> Put(string id, [FromBody]LoginRequestModel model)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
            if(login == null || login.Type != Core.Enums.CipherType.Login)
            {
                throw new NotFoundException();
            }

            await _cipherService.SaveDetailsAsync(model.ToCipherDetails(login), userId);

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpPut("{id}/admin")]
        [HttpPost("{id}/admin")]
        public async Task<LoginResponseModel> PutAdmin(string id, [FromBody]LoginRequestModel model)
        {
            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
            if(login == null || !login.OrganizationId.HasValue ||
                !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
            {
                throw new NotFoundException();
            }

            var userId = _userService.GetProperUserId(User).Value;
            await _cipherService.SaveAsync(model.ToCipher(login), userId, true);

            var response = new LoginResponseModel(login);
            return response;
        }

        [HttpDelete("{id}")]
        [HttpPost("{id}/delete")]
        public async Task Delete(string id)
        {
            var userId = _userService.GetProperUserId(User).Value;
            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
            if(login == null || login.Type != Core.Enums.CipherType.Login)
            {
                throw new NotFoundException();
            }

            await _cipherService.DeleteAsync(login, userId);
        }

        [Obsolete]
        private async Task ExpandManyAsync(IEnumerable<CipherDetails> logins, ICollection<LoginResponseModel> responses,
            string[] expand, Guid userId)
        {
            if(expand == null || expand.Count() == 0)
            {
                return;
            }

            if(expand.Any(e => e.ToLower() == "folder"))
            {
                var folders = await _folderRepository.GetManyByUserIdAsync(userId);
                if(folders != null && folders.Count() > 0)
                {
                    foreach(var response in responses)
                    {
                        var login = logins.SingleOrDefault(s => s.Id.ToString() == response.Id);
                        if(login == null)
                        {
                            continue;
                        }

                        var folder = folders.SingleOrDefault(f => f.Id == login.FolderId);
                        if(folder == null)
                        {
                            continue;
                        }

                        response.Folder = new FolderResponseModel(folder);
                    }
                }
            }
        }
    }
}
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								using System;
 								using System.Linq;
 								using System.Threading.Tasks;
-												Upgrade to ASP.NET Core RC2 release.

											
										
										
											2016-05-19 19:10:24 -04:00
+								using Microsoft.AspNetCore.Mvc;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								using Bit.Core.Repositories;
-												Upgrade to ASP.NET Core RC2 release.

											
										
										
											2016-05-19 19:10:24 -04:00
+								using Microsoft.AspNetCore.Authorization;
-												move all models into core

											
										
										
											2017-03-08 21:55:08 -05:00
+								using Bit.Core.Models.Api;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								using Bit.Core.Exceptions;
-												added push events and moved cipher writing to cipher service.

											
										
										
											2016-06-29 01:15:37 -04:00
+								using Bit.Core.Services;
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								using Bit.Core;
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								using System.Collections.Generic;
 								using Core.Models.Data;
 								using Bit.Core.Models.Table;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
 								namespace Bit.Api.Controllers
 								{
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								    [Route("logins")]
-												equivalent domains APIs and data models

											
										
										
											2017-01-09 22:20:34 -05:00
+								    // "sites" route is deprecated
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    [Route("sites")]
 								    [Authorize("Application")]
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								    public class LoginsController : Controller
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    {
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								        private readonly ICipherRepository _cipherRepository;
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								        private readonly IFolderRepository _folderRepository;
-												added push events and moved cipher writing to cipher service.

											
										
										
											2016-06-29 01:15:37 -04:00
+								        private readonly ICipherService _cipherService;
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        private readonly IUserService _userService;
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								        private readonly CurrentContext _currentContext;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								        public LoginsController(
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								            ICipherRepository cipherRepository,
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								            IFolderRepository folderRepository,
-												added push events and moved cipher writing to cipher service.

											
										
										
											2016-06-29 01:15:37 -04:00
+								            ICipherService cipherService,
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								            IUserService userService,
 								            CurrentContext currentContext)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								            _cipherRepository = cipherRepository;
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								            _folderRepository = folderRepository;
-												added push events and moved cipher writing to cipher service.

											
										
										
											2016-06-29 01:15:37 -04:00
+								            _cipherService = cipherService;
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								            _userService = userService;
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								            _currentContext = currentContext;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
 								        [HttpGet("{id}")]
-												CipherDetails Edit property

											
										
										
											2017-05-06 23:23:01 -04:00
+								        public async Task<LoginResponseModel> Get(string id)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												cipher share data and key response

											
										
										
											2017-02-18 01:17:09 -05:00
+								            var userId = _userService.GetProperUserId(User).Value;
-												CipherDetails Edit property

											
										
										
											2017-05-06 23:23:01 -04:00
+								            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								            if(login == null || login.Type != Core.Enums.CipherType.Login)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
 								                throw new NotFoundException();
 								            }
-												CipherDetails Edit property

											
										
										
											2017-05-06 23:23:01 -04:00
+								            var response = new LoginResponseModel(login);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return response;
 								        }
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								        [HttpGet("{id}/admin")]
 								        public async Task<LoginResponseModel> GetAdmin(string id)
 								        {
 								            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
 								            if(login == null || !login.OrganizationId.HasValue ||
 								                !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
 								            {
 								                throw new NotFoundException();
 								            }
 								            var response = new LoginResponseModel(login);
 								            return response;
 								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        [HttpGet("")]
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								        public async Task<ListResponseModel<LoginResponseModel>> Get(string[] expand = null)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												cipher share data and key response

											
										
										
											2017-02-18 01:17:09 -05:00
+								            var userId = _userService.GetProperUserId(User).Value;
-												remove old share solution code

											
										
										
											2017-02-28 22:51:29 -05:00
+								            var logins = await _cipherRepository.GetManyByTypeAndUserIdAsync(Core.Enums.CipherType.Login,
-												cipher share data and key response

											
										
										
											2017-02-18 01:17:09 -05:00
+								                userId);
-												renaming collection linq predicates

											
										
										
											2017-04-27 09:39:21 -04:00
+								            var responses = logins.Select(l => new LoginResponseModel(l)).ToList();
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
+								            await ExpandManyAsync(logins, responses, expand, userId);
-												remove old share solution code

											
										
										
											2017-02-28 22:51:29 -05:00
+								            return new ListResponseModel<LoginResponseModel>(responses);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
 								        [HttpPost("")]
-												refactor for cipher details, folders, favorites

											
										
										
											2017-03-18 11:58:02 -04:00
+								        public async Task<LoginResponseModel> Post([FromBody]LoginRequestModel model)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												cipher share data and key response

											
										
										
											2017-02-18 01:17:09 -05:00
+								            var userId = _userService.GetProperUserId(User).Value;
-												cipher details create/update

											
										
										
											2017-03-18 23:41:46 -04:00
+								            var login = model.ToCipherDetails(userId);
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								            await _cipherService.SaveDetailsAsync(login, userId);
 								            var response = new LoginResponseModel(login);
 								            return response;
 								        }
 								        [HttpPost("admin")]
 								        public async Task<LoginResponseModel> PostAdmin([FromBody]LoginRequestModel model)
 								        {
 								            var login = model.ToOrganizationCipher();
 								            if(!_currentContext.OrganizationAdmin(login.OrganizationId.Value))
 								            {
 								                throw new NotFoundException();
 								            }
 								            var userId = _userService.GetProperUserId(User).Value;
 								            await _cipherService.SaveAsync(login, userId, true);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												refactor for cipher details, folders, favorites

											
										
										
											2017-03-18 11:58:02 -04:00
+								            var response = new LoginResponseModel(login);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return response;
 								        }
 								        [HttpPut("{id}")]
-												Added POST route endpoints for all PUT and DELETE operations to allow for vault to avoid preflight.

											
										
										
											2016-07-13 21:43:48 -04:00
+								        [HttpPost("{id}")]
-												refactor for cipher details, folders, favorites

											
										
										
											2017-03-18 11:58:02 -04:00
+								        public async Task<LoginResponseModel> Put(string id, [FromBody]LoginRequestModel model)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												cipher share data and key response

											
										
										
											2017-02-18 01:17:09 -05:00
+								            var userId = _userService.GetProperUserId(User).Value;
-												user can edit responses and cipher partial updates

											
										
										
											2017-03-24 16:15:50 -04:00
+								            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								            if(login == null || login.Type != Core.Enums.CipherType.Login)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
 								                throw new NotFoundException();
 								            }
-												admin login apis

											
										
										
											2017-04-27 14:50:22 -04:00
+								            await _cipherService.SaveDetailsAsync(model.ToCipherDetails(login), userId);
 								            var response = new LoginResponseModel(login);
 								            return response;
 								        }
 								        [HttpPut("{id}/admin")]
 								        [HttpPost("{id}/admin")]
 								        public async Task<LoginResponseModel> PutAdmin(string id, [FromBody]LoginRequestModel model)
 								        {
 								            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
 								            if(login == null || !login.OrganizationId.HasValue ||
 								                !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
 								            {
 								                throw new NotFoundException();
 								            }
 								            var userId = _userService.GetProperUserId(User).Value;
 								            await _cipherService.SaveAsync(model.ToCipher(login), userId, true);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												refactor for cipher details, folders, favorites

											
										
										
											2017-03-18 11:58:02 -04:00
+								            var response = new LoginResponseModel(login);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return response;
 								        }
 								        [HttpDelete("{id}")]
-												Added POST route endpoints for all PUT and DELETE operations to allow for vault to avoid preflight.

											
										
										
											2016-07-13 21:43:48 -04:00
+								        [HttpPost("{id}/delete")]
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        public async Task Delete(string id)
 								        {
-												permission checks for cipher crud operations

											
										
										
											2017-03-24 09:27:15 -04:00
+								            var userId = _userService.GetProperUserId(User).Value;
 								            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
-												Refactor naming: Sites => Logins

											
										
										
											2017-01-02 21:52:13 -05:00
+								            if(login == null || login.Type != Core.Enums.CipherType.Login)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
 								                throw new NotFoundException();
 								            }
-												permission checks for cipher crud operations

											
										
										
											2017-03-24 09:27:15 -04:00
+								            await _cipherService.DeleteAsync(login, userId);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												add back folder expand for backwards compat.

											
										
										
											2017-04-28 16:06:25 -04:00
 								        [Obsolete]
 								        private async Task ExpandManyAsync(IEnumerable<CipherDetails> logins, ICollection<LoginResponseModel> responses,
 								            string[] expand, Guid userId)
 								        {
 								            if(expand == null || expand.Count() == 0)
 								            {
 								                return;
 								            }
 								            if(expand.Any(e => e.ToLower() == "folder"))
 								            {
 								                var folders = await _folderRepository.GetManyByUserIdAsync(userId);
 								                if(folders != null && folders.Count() > 0)
 								                {
 								                    foreach(var response in responses)
 								                    {
 								                        var login = logins.SingleOrDefault(s => s.Id.ToString() == response.Id);
 								                        if(login == null)
 								                        {
 								                            continue;
 								                        }
 								                        var folder = folders.SingleOrDefault(f => f.Id == login.FolderId);
 								                        if(folder == null)
 								                        {
 								                            continue;
 								                        }
 								                        response.Folder = new FolderResponseModel(folder);
 								                    }
 								                }
 								            }
 								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    }
 								}