Merge pull request #107 from shauder/bug/attachments_for_orgs

Bug/attachments for orgs
Bump version to 0.12.0
2025-09-10 10:45:57 +03:00 · 2018-07-31 20:08:05 +02:00 · 2018-07-31 12:07:03 -05:00 · 2018-07-31 12:05:52 -05:00 · 2018-07-31 12:03:39 -05:00 · 2018-07-31 11:39:45 -05:00
6 changed files with 79 additions and 32 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "bitwarden_rs"
-version = "0.11.0"
+version = "0.12.0"
 authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]

 [dependencies]
--- a/README.md
+++ b/README.md
@@ -138,7 +138,7 @@ docker run -d --name bitwarden \
  -v /ssl/keys/:/ssl/ \
  -v /bw-data/:/data/ \
  -v /icon_cache/ \
-  -p 443:443 \
+  -p 443:80 \
  mprasil/bitwarden:latest
 ```
 Note that you need to mount ssl files and you need to forward appropriate port.
@@ -317,4 +317,4 @@ docker run -d --name bitwarden \

 To ask an question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine, also please report any bugs spotted here.

-If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/!cASGtOHlSftdScFNMs:matrix.org) room on Matrix. Feel free to join us!
+If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/#bitwarden_rs:matrix.org) room on Matrix. Feel free to join us!
--- a/src/api/core/ciphers.rs
+++ b/src/api/core/ciphers.rs
@@ -415,6 +415,22 @@ fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers
    Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
 }

+#[post("/ciphers/<uuid>/attachment-admin", format = "multipart/form-data", data = "<data>")]
+fn post_attachment_admin(uuid: String, data: Data, content_type: &ContentType, headers: Headers, conn: DbConn) -> JsonResult {
+    post_attachment(uuid, data, content_type, headers, conn)
+}
+
+#[post("/ciphers/<uuid>/attachment/<attachment_id>/share", format = "multipart/form-data", data = "<data>")]
+fn post_attachment_share(uuid: String, attachment_id: String, data: Data, content_type: &ContentType, headers: Headers, conn: DbConn) -> JsonResult {
+    _delete_cipher_attachment_by_id(&uuid, &attachment_id, &headers, &conn)?;
+    post_attachment(uuid, data, content_type, headers, conn)
+}
+
+#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete-admin")]
+fn delete_attachment_post_admin(uuid: String, attachment_id: String, headers: Headers, conn: DbConn) -> EmptyResult {
+    delete_attachment(uuid, attachment_id, headers, conn)
+}
+
 #[post("/ciphers/<uuid>/attachment/<attachment_id>/delete")]
 fn delete_attachment_post(uuid: String, attachment_id: String, headers: Headers, conn: DbConn) -> EmptyResult {
    delete_attachment(uuid, attachment_id, headers, conn)
@@ -422,29 +438,7 @@ fn delete_attachment_post(uuid: String, attachment_id: String, headers: Headers,

 #[delete("/ciphers/<uuid>/attachment/<attachment_id>")]
 fn delete_attachment(uuid: String, attachment_id: String, headers: Headers, conn: DbConn) -> EmptyResult {
-    let attachment = match Attachment::find_by_id(&attachment_id, &conn) {
-        Some(attachment) => attachment,
-        None => err!("Attachment doesn't exist")
-    };
-
-    if attachment.cipher_uuid != uuid {
-        err!("Attachment from other cipher")
-    }
-
-    let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
-        Some(cipher) => cipher,
-        None => err!("Cipher doesn't exist")
-    };
-
-    if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
-        err!("Cipher cannot be deleted by user")
-    }
-
-    // Delete attachment
-    match attachment.delete(&conn) {
-        Ok(()) => Ok(()),
-        Err(_) => err!("Deleting attachement failed")
-    }
+    _delete_cipher_attachment_by_id(&uuid, &attachment_id, &headers, &conn)
 }

 #[post("/ciphers/<uuid>/delete")]
@@ -578,3 +572,29 @@ fn _delete_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn) -> Empty
        Err(_) => err!("Failed deleting cipher")
    }
 }
+
+fn _delete_cipher_attachment_by_id(uuid: &str, attachment_id: &str, headers: &Headers, conn: &DbConn) -> EmptyResult {
+    let attachment = match Attachment::find_by_id(&attachment_id, &conn) {
+        Some(attachment) => attachment,
+        None => err!("Attachment doesn't exist")
+    };
+
+    if attachment.cipher_uuid != uuid {
+        err!("Attachment from other cipher")
+    }
+
+    let cipher = match Cipher::find_by_uuid(&uuid, &conn) {
+        Some(cipher) => cipher,
+        None => err!("Cipher doesn't exist")
+    };
+
+    if !cipher.is_write_accessible_to_user(&headers.user.uuid, &conn) {
+        err!("Cipher cannot be deleted by user")
+    }
+
+    // Delete attachment
+    match attachment.delete(&conn) {
+        Ok(()) => Ok(()),
+        Err(_) => err!("Deleting attachement failed")
+    }
+}
--- a/src/api/core/mod.rs
+++ b/src/api/core/mod.rs
@@ -34,7 +34,10 @@ pub fn routes() -> Vec<Route> {
        post_ciphers_admin,
        post_ciphers_import,
        post_attachment,
+        post_attachment_admin,
+        post_attachment_share,
        delete_attachment_post,
+        delete_attachment_post_admin,
        delete_attachment,
        post_cipher_admin,
        post_cipher_share,
--- a/src/db/models/attachment.rs
+++ b/src/db/models/attachment.rs
@@ -64,14 +64,33 @@ impl Attachment {

    pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
        use util;
+        use std::{thread, time};
+
+        let mut retries = 10;
+        
+        loop {
+            match diesel::delete(
+                attachments::table.filter(
+                    attachments::id.eq(&self.id)
+                )
+            ).execute(&**conn) {
+                Ok(_) => break,
+                Err(err) => {
+                    if retries < 1 {
+                        println!("ERROR: Failed with 10 retries");
+                        return Err(err)
+                    } else {
+                        retries = retries - 1;
+                        println!("Had to retry! Retries left: {}", retries);
+                        thread::sleep(time::Duration::from_millis(500));
+                        continue
+                    }
+                }
+            }
+        }

        util::delete_file(&self.get_file_path());
-
-        diesel::delete(
-            attachments::table.filter(
-                attachments::id.eq(self.id)
-            )
-        ).execute(&**conn).and(Ok(()))
+        Ok(())
    }

    pub fn delete_all_by_cipher(cipher_uuid: &str, conn: &DbConn) -> QueryResult<()> {
--- a/src/main.rs
+++ b/src/main.rs
@@ -83,6 +83,11 @@ fn check_db() {
            exit(1);
        }
    }
+
+    // Turn on WAL in SQLite
+    use diesel::RunQueryDsl;
+    let connection = db::get_connection().expect("Can't conect to DB");
+    diesel::sql_query("PRAGMA journal_mode=wal").execute(&connection).expect("Failed to turn on WAL");
 }

 fn check_rsa_keys() {
Author	SHA1	Message	Date
Daniel García	56b3afa77c	Merge pull request #107 from shauder/bug/attachments_for_orgs Bug/attachments for orgs	2018-07-31 20:08:05 +02:00
Shane A. Faulkner	d335f45e34	Bump version to 0.12.0	2018-07-31 12:07:03 -05:00
Shane A. Faulkner	34d2648509	Merge pull request #3 from shauder/master Sync working branch with changes in master upstream	2018-07-31 12:05:52 -05:00
Shane A. Faulkner	f39c4fe2f4	Merge pull request #2 from dani-garcia/master Sync local fork with upstream	2018-07-31 12:03:39 -05:00
Shane A. Faulkner	01875c395b	Merge pull request #1 from mprasil/concurrency_fix WAL journal mode and delete retry added	2018-07-31 11:39:45 -05:00
Miroslav Prasil	2872f40d13	WAL journal mode and delete retry added	2018-07-31 16:43:43 +01:00
mprasil	d7df545078	Merge pull request #104 from jcgruenhage/patch-1 Update matrix.to link in the README	2018-07-26 22:52:12 +01:00
Jan Christian Grünhage	d073f06652	Update matrix.to link in the README Using the room ID instead of an alias isn't supposed to be working for joining rooms, and doesn't work when joining over federation. It only works when your server is already participating in the room.	2018-07-26 22:42:02 +01:00
Daniel García	3726da9c14	Merge pull request #103 from mprasil/https_doc_fix Fixed the documentation for https (resolves #101)	2018-07-24 15:28:23 +02:00
Miroslav Prasil	51450a0df9	Fixed the documentation for https (resolves #101 )	2018-07-24 12:32:41 +01:00
Shane A. Faulkner	98bae4a0a1	Cleanup and working with 2 or less attachments	2018-07-18 15:35:45 -05:00
Shane A. Faulkner	31349a47d3	Very dirty addition of missing api's	2018-07-14 01:09:20 -05:00