Sync with Upstream (#5798)

* WIP Sync with Upstream WIP on syncing API Responses with upstream. This to prevent issues with new clients, and find possible current issues like members, collections, groups etc.. Signed-off-by: BlackDex <black.dex@gmail.com> * More API Response fixes - Some 2fa checks - Some org checks - Reconfigured the experimental flags and noted which are deprecated Also removed some hard-coded defaults. - Updated crates Signed-off-by: BlackDex <black.dex@gmail.com> * Add avatar color to emergency access api Signed-off-by: BlackDex <black.dex@gmail.com> * Fix spelling and some crate updates Signed-off-by: BlackDex <black.dex@gmail.com> * Use PushId and always generate the PushId Signed-off-by: BlackDex <black.dex@gmail.com> * Fix clippy lints Signed-off-by: BlackDex <black.dex@gmail.com> * Fix several Push issues and API's Signed-off-by: BlackDex <black.dex@gmail.com> * Check if push_uuid is empty and generate when needed Signed-off-by: BlackDex <black.dex@gmail.com> * Updated some comments and removed old export format Signed-off-by: BlackDex <black.dex@gmail.com> * cargo update Signed-off-by: BlackDex <black.dex@gmail.com> * Fix bulk edit Fixes #5737 Signed-off-by: BlackDex <black.dex@gmail.com> * Send an email when an account exists already When you want to change your email address into an account which already exists, upstream sends an email to the existing account. Lets do the same. Kinda fixes #5630 Signed-off-by: BlackDex <black.dex@gmail.com> * Update 2fa removal/revoke email Signed-off-by: BlackDex <black.dex@gmail.com> * Allow col managers to import This commit adds functionality to allow users with manage access to a collection, or managers with all access to import into an organization. Fixes #5592 Signed-off-by: BlackDex <black.dex@gmail.com> * Filter deprected flags and only return active flags Signed-off-by: BlackDex <black.dex@gmail.com> * Fix grammer Signed-off-by: BlackDex <black.dex@gmail.com> * Rename Small to Compact Signed-off-by: BlackDex <black.dex@gmail.com> * Rebase with upstream and fix conflicts Signed-off-by: BlackDex <black.dex@gmail.com> --------- Signed-off-by: BlackDex <black.dex@gmail.com>
2025-11-06 13:18:19 +02:00 · 2025-05-26 21:00:59 +02:00
parent 3a44dc963b
commit ef7835d1b0
37 changed files with 636 additions and 371 deletions
--- a/src/api/core/sends.rs
+++ b/src/api/core/sends.rs
@@ -2,6 +2,7 @@ use std::path::Path;

 use chrono::{DateTime, TimeDelta, Utc};
 use num_traits::ToPrimitive;
+use once_cell::sync::Lazy;
 use rocket::form::Form;
 use rocket::fs::NamedFile;
 use rocket::fs::TempFile;
@@ -17,6 +18,21 @@ use crate::{
 };

 const SEND_INACCESSIBLE_MSG: &str = "Send does not exist or is no longer available";
+static ANON_PUSH_DEVICE: Lazy<Device> = Lazy::new(|| {
+    let dt = crate::util::parse_date("1970-01-01T00:00:00.000000Z");
+    Device {
+        uuid: String::from("00000000-0000-0000-0000-000000000000").into(),
+        created_at: dt,
+        updated_at: dt,
+        user_uuid: String::from("00000000-0000-0000-0000-000000000000").into(),
+        name: String::new(),
+        atype: 14, // 14 == Unknown Browser
+        push_uuid: Some(String::from("00000000-0000-0000-0000-000000000000").into()),
+        push_token: None,
+        refresh_token: String::new(),
+        twofactor_remember: None,
+    }
+});

 // The max file size allowed by Bitwarden clients and add an extra 5% to avoid issues
 const SIZE_525_MB: i64 = 550_502_400;
@@ -182,7 +198,7 @@ async fn post_send(data: Json<SendData>, headers: Headers, mut conn: DbConn, nt:
        UpdateType::SyncSendCreate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &headers.device.uuid,
+        &headers.device,
        &mut conn,
    )
    .await;
@@ -204,6 +220,8 @@ struct UploadDataV2<'f> {
 // @deprecated Mar 25 2021: This method has been deprecated in favor of direct uploads (v2).
 // This method still exists to support older clients, probably need to remove it sometime.
 // Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L164-L167
+// 2025: This endpoint doesn't seem to exists anymore in the latest version
+// See: https://github.com/bitwarden/server/blob/9ebe16587175b1c0e9208f84397bb75d0d595510/src/Api/Tools/Controllers/SendsController.cs
 #[post("/sends/file", format = "multipart/form-data", data = "<data>")]
 async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, mut conn: DbConn, nt: Notify<'_>) -> JsonResult {
    enforce_disable_send_policy(&headers, &mut conn).await?;
@@ -272,7 +290,7 @@ async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, mut conn:
        UpdateType::SyncSendCreate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &headers.device.uuid,
+        &headers.device,
        &mut conn,
    )
    .await;
@@ -280,7 +298,7 @@ async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, mut conn:
    Ok(Json(send.to_json()))
 }

-// Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L190
+// Upstream: https://github.com/bitwarden/server/blob/9ebe16587175b1c0e9208f84397bb75d0d595510/src/Api/Tools/Controllers/SendsController.cs#L165
 #[post("/sends/file/v2", data = "<data>")]
 async fn post_send_file_v2(data: Json<SendData>, headers: Headers, mut conn: DbConn) -> JsonResult {
    enforce_disable_send_policy(&headers, &mut conn).await?;
@@ -351,7 +369,7 @@ pub struct SendFileData {
    fileName: String,
 }

-// https://github.com/bitwarden/server/blob/66f95d1c443490b653e5a15d32977e2f5a3f9e32/src/Api/Tools/Controllers/SendsController.cs#L250
+// https://github.com/bitwarden/server/blob/9ebe16587175b1c0e9208f84397bb75d0d595510/src/Api/Tools/Controllers/SendsController.cs#L195
 #[post("/sends/<send_id>/file/<file_id>", format = "multipart/form-data", data = "<data>")]
 async fn post_send_file_v2_data(
    send_id: SendId,
@@ -424,7 +442,7 @@ async fn post_send_file_v2_data(
        UpdateType::SyncSendCreate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &headers.device.uuid,
+        &headers.device,
        &mut conn,
    )
    .await;
@@ -489,7 +507,7 @@ async fn post_access(
        UpdateType::SyncSendUpdate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &String::from("00000000-0000-0000-0000-000000000000").into(),
+        &ANON_PUSH_DEVICE,
        &mut conn,
    )
    .await;
@@ -546,7 +564,7 @@ async fn post_access_file(
        UpdateType::SyncSendUpdate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &String::from("00000000-0000-0000-0000-000000000000").into(),
+        &ANON_PUSH_DEVICE,
        &mut conn,
    )
    .await;
@@ -645,7 +663,7 @@ pub async fn update_send_from_data(

    send.save(conn).await?;
    if ut != UpdateType::None {
-        nt.send_send_update(ut, send, &send.update_users_revision(conn).await, &headers.device.uuid, conn).await;
+        nt.send_send_update(ut, send, &send.update_users_revision(conn).await, &headers.device, conn).await;
    }
    Ok(())
 }
@@ -661,7 +679,7 @@ async fn delete_send(send_id: SendId, headers: Headers, mut conn: DbConn, nt: No
        UpdateType::SyncSendDelete,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &headers.device.uuid,
+        &headers.device,
        &mut conn,
    )
    .await;
@@ -683,7 +701,7 @@ async fn put_remove_password(send_id: SendId, headers: Headers, mut conn: DbConn
        UpdateType::SyncSendUpdate,
        &send,
        &send.update_users_revision(&mut conn).await,
-        &headers.device.uuid,
+        &headers.device,
        &mut conn,
    )
    .await;