passman/lib/Db/CredentialMapper.php

<?php
/**
 * Nextcloud - passman
 *
 * @copyright Copyright (c) 2016, Sander Brand (brantje@gmail.com)
 * @copyright Copyright (c) 2016, Marcos Zuriaga Miguel (wolfi@wolfi.es)
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

namespace OCA\Passman\Db;

use OCA\Passman\Utility\Utils;
use OCP\IDBConnection;
use OCP\AppFramework\Db\Mapper;

class CredentialMapper extends Mapper {
	private $utils;

	public function __construct(IDBConnection $db, Utils $utils) {
		parent::__construct($db, 'passman_credentials');
		$this->utils = $utils;
	}


	/**
	 * Obtains the credentials by vault id (not guid)
	 *
	 * @throws \OCP\AppFramework\Db\DoesNotExistException if not found
	 * @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result
	 * @return Credential[]
	 */
	public function getCredentialsByVaultId($vault_id, $user_id) {
		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
			'WHERE `user_id` = ? and vault_id = ?';
		return $this->findEntities($sql, [$user_id, $vault_id]);
	}

	/**
	 * Get a random credentail from a vault
	 *
	 * @param $vault_id
	 * @param $user_id
	 * @return Credential
	 */
	public function getRandomCredentialByVaultId($vault_id, $user_id) {
		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
			'WHERE `user_id` = ? and vault_id = ? AND shared_key is NULL LIMIT 20';
		$entities = $this->findEntities($sql, [$user_id, $vault_id]);
		$count = count($entities) - 1;
		$entities = array_splice($entities, rand(0, $count), 1);
		return $entities;
	}

	/**
	 * Get expired credentials
	 *
	 * @param $timestamp
	 * @return Credential[]
	 */
	public function getExpiredCredentials($timestamp) {
		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
			'WHERE `expire_time` > 0 AND `expire_time` < ?';
		return $this->findEntities($sql, [$timestamp]);
	}

	/**
	 * Get an credential by id.
	 * Optional user id
	 *
	 * @param $credential_id
	 * @param null $user_id
	 * @return Credential
	 */
	public function getCredentialById($credential_id, $user_id = null) {
		$sql = 'SELECT * FROM `*PREFIX*passman_credentials` ' .
			'WHERE `id` = ?';
		// If we want to check the owner, add it to the query
		$params = [$credential_id];
		if ($user_id !== null) {
			$sql .= ' and `user_id` = ? ';
			array_push($params, $user_id);
		}
		return $this->findEntity($sql, $params);
	}

	/**
	 * Get credential label by id
	 *
	 * @param $credential_id
	 * @return Credential
	 */
	public function getCredentialLabelById($credential_id) {
		$sql = 'SELECT id, label FROM `*PREFIX*passman_credentials` ' .
			'WHERE `id` = ? ';
		return $this->findEntity($sql, [$credential_id]);
	}

	/**
	 * Save credential to the database.
	 *
	 * @param $raw_credential
	 * @return Credential
	 */
	public function create($raw_credential) {
		$credential = new Credential();

		$credential->setGuid($this->utils->GUID());
		$credential->setVaultId($raw_credential['vault_id']);
		$credential->setUserId($raw_credential['user_id']);
		$credential->setLabel($raw_credential['label']);
		$credential->setDescription($raw_credential['description']);
		$credential->setCreated($this->utils->getTime());
		$credential->setChanged($this->utils->getTime());
		$credential->setTags($raw_credential['tags']);
		$credential->setEmail($raw_credential['email']);
		$credential->setUsername($raw_credential['username']);
		$credential->setPassword($raw_credential['password']);
		$credential->setUrl($raw_credential['url']);
		$credential->setIcon($raw_credential['favicon']);
		$credential->setRenewInterval($raw_credential['renew_interval']);
		$credential->setExpireTime($raw_credential['expire_time']);
		$credential->setDeleteTime($raw_credential['delete_time']);
		$credential->setFiles($raw_credential['files']);
		$credential->setCustomFields($raw_credential['custom_fields']);
		$credential->setOtp($raw_credential['otp']);
		$credential->setHidden($raw_credential['hidden']);
		if (isset($raw_credential['shared_key'])) {
			$credential->setSharedKey($raw_credential['shared_key']);
		}
		return parent::insert($credential);
	}

	/**
	 * Update a credential
	 *
	 * @param $raw_credential array An array containing all the credential fields
	 * @param $useRawUser bool
	 * @return Credential The updated credential
	 */
	public function updateCredential($raw_credential, $useRawUser) {
		$original = $this->getCredentialByGUID($raw_credential['guid']);
		$uid = ($useRawUser) ? $raw_credential['user_id'] : $original->getUserId();

		$credential = new Credential();
		$credential->setId($original->getId());
		$credential->setGuid($original->getGuid());
		$credential->setVaultId($original->getVaultId());
		$credential->setUserId($uid);
		$credential->setLabel($raw_credential['label']);
		$credential->setDescription($raw_credential['description']);
		$credential->setCreated($original->getCreated());
		$credential->setChanged($this->utils->getTime());
		$credential->setTags($raw_credential['tags']);
		$credential->setEmail($raw_credential['email']);
		$credential->setUsername($raw_credential['username']);
		$credential->setPassword($raw_credential['password']);
		$credential->setUrl($raw_credential['url']);
		$credential->setIcon($raw_credential['icon']);
		$credential->setRenewInterval($raw_credential['renew_interval']);
		$credential->setExpireTime($raw_credential['expire_time']);
		$credential->setFiles($raw_credential['files']);
		$credential->setCustomFields($raw_credential['custom_fields']);
		$credential->setOtp($raw_credential['otp']);
		$credential->setHidden($raw_credential['hidden']);
		$credential->setDeleteTime($raw_credential['delete_time']);

		if (isset($raw_credential['shared_key'])) {
			$credential->setSharedKey($raw_credential['shared_key']);
		}
		return parent::update($credential);
	}

	public function deleteCredential(Credential $credential) {
		return $this->delete($credential);
	}

	public function upd(Credential $credential) {
		$this->update($credential);
	}

	/**
	 * Finds a credential by the given guid
	 *
	 * @param $credential_guid
	 * @return Credential
	 */
	public function getCredentialByGUID($credential_guid, $user_id = null) {
		$q = 'SELECT * FROM `*PREFIX*passman_credentials` WHERE guid = ? ';
		$params = [$credential_guid];
		if ($user_id !== null) {
			$q .= ' and `user_id` = ? ';
			array_push($params, $user_id);
		}
		return $this->findEntity($q, $params);
	}
}
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`<?php`
			`/**`
			`* Nextcloud - passman`
			`*`
Add license header to files 2016-10-19 23:44:19 +08:00			`* @copyright Copyright (c) 2016, Sander Brand (brantje@gmail.com)`
			`* @copyright Copyright (c) 2016, Marcos Zuriaga Miguel (wolfi@wolfi.es)`
			`* @license GNU AGPL version 3 or any later version`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`*`
			`*/`
Add license header to files 2016-10-19 23:44:19 +08:00
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`namespace OCA\Passman\Db;`

			`use OCA\Passman\Utility\Utils;`
			`use OCP\IDBConnection;`
			`use OCP\AppFramework\Db\Mapper;`

			`class CredentialMapper extends Mapper {`
			`private $utils;`
Fixes 2017-01-03 05:06:55 +08:00
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`public function __construct(IDBConnection $db, Utils $utils) {`
			`parent::__construct($db, 'passman_credentials');`
			`$this->utils = $utils;`
			`}`


			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Obtains the credentials by vault id (not guid)`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`* @throws \OCP\AppFramework\Db\DoesNotExistException if not found`
			`* @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result`
Implement encryption class 2017-01-02 22:25:41 +08:00			`* @return Credential[]`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`*/`
Login to vault works 2016-09-12 02:47:29 +08:00			`public function getCredentialsByVaultId($vault_id, $user_id) {`
			$sql = 'SELECT * FROM `PREFIXpassman_credentials` ' .
Working credential list, dropdowns 2016-09-12 04:14:11 +08:00			'WHERE `user_id` = ? and vault_id = ?';
Login to vault works 2016-09-12 02:47:29 +08:00			`return $this->findEntities($sql, [$user_id, $vault_id]);`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`}`

Added partial test Fixed bug with null data in the mock datasets Edited mock data so there it's some expired credentials Added some phpdocs 2016-10-16 03:03:50 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Get a random credentail from a vault`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Added partial test Fixed bug with null data in the mock datasets Edited mock data so there it's some expired credentials Added some phpdocs 2016-10-16 03:03:50 +08:00			`* @param $vault_id`
			`* @param $user_id`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* @return Credential`
Added partial test Fixed bug with null data in the mock datasets Edited mock data so there it's some expired credentials Added some phpdocs 2016-10-16 03:03:50 +08:00			`*/`
Implement a challenge password 2016-10-01 02:43:20 +08:00			`public function getRandomCredentialByVaultId($vault_id, $user_id) {`
			$sql = 'SELECT * FROM `PREFIXpassman_credentials` ' .
Limit it to 20 credential for preformance reasons 2016-10-16 04:35:29 +08:00			'WHERE `user_id` = ? and vault_id = ? AND shared_key is NULL LIMIT 20';
Fix getRandomCredentialByVaultId for sqllite 2016-10-16 04:34:45 +08:00			`$entities = $this->findEntities($sql, [$user_id, $vault_id]);`
Fixes 2017-01-03 05:06:55 +08:00			`$count = count($entities) - 1;`
Fix getRandomCredentialByVaultId for sqllite 2016-10-16 04:34:45 +08:00			`$entities = array_splice($entities, rand(0, $count), 1);`
			`return $entities;`
Implement a challenge password 2016-10-01 02:43:20 +08:00			`}`

Added partial test Fixed bug with null data in the mock datasets Edited mock data so there it's some expired credentials Added some phpdocs 2016-10-16 03:03:50 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Get expired credentials`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Added partial test Fixed bug with null data in the mock datasets Edited mock data so there it's some expired credentials Added some phpdocs 2016-10-16 03:03:50 +08:00			`* @param $timestamp`
			`* @return Credential[]`
			`*/`
Fixes 2017-01-03 05:06:55 +08:00			`public function getExpiredCredentials($timestamp) {`
Expire passwords working, requires notifications app 2016-09-23 21:05:27 +08:00			$sql = 'SELECT * FROM `PREFIXpassman_credentials` ' .
			'WHERE `expire_time` > 0 AND `expire_time` < ?';
			`return $this->findEntities($sql, [$timestamp]);`
			`}`

Fixes 2017-01-03 05:06:55 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Get an credential by id.`
			`* Optional user id`
Fixes 2017-01-03 05:06:55 +08:00			`*`
			`* @param $credential_id`
			`* @param null $user_id`
			`* @return Credential`
			`*/`
			`public function getCredentialById($credential_id, $user_id = null) {`
Add support for activity app 2016-09-23 22:52:41 +08:00			$sql = 'SELECT * FROM `PREFIXpassman_credentials` ' .
Sharing API progress 2016-10-02 23:32:22 +08:00			'WHERE `id` = ?';
Fixes 2017-01-03 05:06:55 +08:00			`// If we want to check the owner, add it to the query`
Get shared items working 2016-10-03 01:29:06 +08:00			`$params = [$credential_id];`
Fixes 2017-01-03 05:06:55 +08:00			`if ($user_id !== null) {`
			$sql .= ' and `user_id` = ? ';
Get shared items working 2016-10-03 01:29:06 +08:00			`array_push($params, $user_id);`
			`}`
Fixes 2017-01-03 05:06:55 +08:00			`return $this->findEntity($sql, $params);`
Add support for activity app 2016-09-23 22:52:41 +08:00			`}`

Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Get credential label by id`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`* @param $credential_id`
			`* @return Credential`
			`*/`
Fixes 2017-01-03 05:06:55 +08:00			`public function getCredentialLabelById($credential_id) {`
Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			$sql = 'SELECT id, label FROM `PREFIXpassman_credentials` ' .
			'WHERE `id` = ? ';
Fixes 2017-01-03 05:06:55 +08:00			`return $this->findEntity($sql, [$credential_id]);`
Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			`}`

Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Save credential to the database.`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`* @param $raw_credential`
			`* @return Credential`
			`*/`
Fixes 2017-01-03 05:06:55 +08:00			`public function create($raw_credential) {`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`$credential = new Credential();`

			`$credential->setGuid($this->utils->GUID());`
			`$credential->setVaultId($raw_credential['vault_id']);`
			`$credential->setUserId($raw_credential['user_id']);`
			`$credential->setLabel($raw_credential['label']);`
			`$credential->setDescription($raw_credential['description']);`
			`$credential->setCreated($this->utils->getTime());`
			`$credential->setChanged($this->utils->getTime());`
			`$credential->setTags($raw_credential['tags']);`
			`$credential->setEmail($raw_credential['email']);`
			`$credential->setUsername($raw_credential['username']);`
			`$credential->setPassword($raw_credential['password']);`
			`$credential->setUrl($raw_credential['url']);`
Make use of icon groups 2017-10-29 19:32:28 +08:00			`$credential->setIcon($raw_credential['favicon']);`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`$credential->setRenewInterval($raw_credential['renew_interval']);`
			`$credential->setExpireTime($raw_credential['expire_time']);`
			`$credential->setDeleteTime($raw_credential['delete_time']);`
			`$credential->setFiles($raw_credential['files']);`
			`$credential->setCustomFields($raw_credential['custom_fields']);`
			`$credential->setOtp($raw_credential['otp']);`
			`$credential->setHidden($raw_credential['hidden']);`
Fixes 2017-01-03 05:06:55 +08:00			`if (isset($raw_credential['shared_key'])) {`
Check if shared_key exists Remove value set by php Replace DoesNotExistException with Exeption 2016-12-29 07:07:27 +08:00			`$credential->setSharedKey($raw_credential['shared_key']);`
			`}`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`return parent::insert($credential);`
			`}`

Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`/**`
Add missing phpdoc 2016-10-23 18:14:43 +08:00			`* Update a credential`
Fixes 2017-01-03 05:06:55 +08:00			`*`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`* @param $raw_credential array An array containing all the credential fields`
Add feature to move vaults to other account 2017-02-19 22:13:40 +08:00			`* @param $useRawUser bool`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`* @return Credential The updated credential`
			`*/`
Add feature to move vaults to other account 2017-02-19 22:13:40 +08:00			`public function updateCredential($raw_credential, $useRawUser) {`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`$original = $this->getCredentialByGUID($raw_credential['guid']);`
Add feature to move vaults to other account 2017-02-19 22:13:40 +08:00			`$uid = ($useRawUser) ? $raw_credential['user_id'] : $original->getUserId();`

Start with showing Credentials 2016-09-15 03:12:10 +08:00			`$credential = new Credential();`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`$credential->setId($original->getId());`
			`$credential->setGuid($original->getGuid());`
			`$credential->setVaultId($original->getVaultId());`
Add feature to move vaults to other account 2017-02-19 22:13:40 +08:00			`$credential->setUserId($uid);`
Start with showing Credentials 2016-09-15 03:12:10 +08:00			`$credential->setLabel($raw_credential['label']);`
			`$credential->setDescription($raw_credential['description']);`
Finished credential mapper tests Fixed some security flaws on the credential update method in the credential mapper class 2016-10-17 01:02:43 +08:00			`$credential->setCreated($original->getCreated());`
Start with showing Credentials 2016-09-15 03:12:10 +08:00			`$credential->setChanged($this->utils->getTime());`
			`$credential->setTags($raw_credential['tags']);`
			`$credential->setEmail($raw_credential['email']);`
			`$credential->setUsername($raw_credential['username']);`
			`$credential->setPassword($raw_credential['password']);`
			`$credential->setUrl($raw_credential['url']);`
Add icons to credentials 2017-08-13 20:23:23 +08:00			`$credential->setIcon($raw_credential['icon']);`
Start with showing Credentials 2016-09-15 03:12:10 +08:00			`$credential->setRenewInterval($raw_credential['renew_interval']);`
			`$credential->setExpireTime($raw_credential['expire_time']);`
			`$credential->setFiles($raw_credential['files']);`
			`$credential->setCustomFields($raw_credential['custom_fields']);`
			`$credential->setOtp($raw_credential['otp']);`
			`$credential->setHidden($raw_credential['hidden']);`
Filtering with tags work, add oc notificaton service 2016-09-16 20:01:25 +08:00			`$credential->setDeleteTime($raw_credential['delete_time']);`
Add feature to move vaults to other account 2017-02-19 22:13:40 +08:00
Fixes 2017-01-03 05:06:55 +08:00			`if (isset($raw_credential['shared_key'])) {`
Implement encryption class 2017-01-02 22:25:41 +08:00			`$credential->setSharedKey($raw_credential['shared_key']);`
			`}`
Start with showing Credentials 2016-09-15 03:12:10 +08:00			`return parent::update($credential);`
			`}`

Fixes 2017-01-03 05:06:55 +08:00			`public function deleteCredential(Credential $credential) {`
Remove comment Fix if statement Add return Add return Remove assignment 2016-10-08 20:49:59 +08:00			`return $this->delete($credential);`
Permanently delete (destroy) credentials 2016-09-24 03:30:07 +08:00			`}`

Fixes 2017-01-03 05:06:55 +08:00			`public function upd(Credential $credential) {`
Notification buttons working 2016-09-24 00:17:47 +08:00			`$this->update($credential);`
			`}`
Api endpoint logic to gather the ACL of a credential 2016-10-04 20:40:48 +08:00
Fixes 2017-01-03 05:06:55 +08:00			`/**`
			`* Finds a credential by the given guid`
			`*`
			`* @param $credential_guid`
			`* @return Credential`
			`*/`
			`public function getCredentialByGUID($credential_guid, $user_id = null) {`
			$q = 'SELECT * FROM `PREFIXpassman_credentials` WHERE guid = ? ';
Credentials use guids 2016-10-07 18:43:54 +08:00			`$params = [$credential_guid];`
Fixes 2017-01-03 05:06:55 +08:00			`if ($user_id !== null) {`
Credentials use guids 2016-10-07 18:43:54 +08:00			$q .= ' and `user_id` = ? ';
			`array_push($params, $user_id);`
			`}`
Fixes 2017-01-03 05:06:55 +08:00			`return $this->findEntity($q, $params);`
			`}`
Starting to work on login to vault 2016-09-12 01:45:20 +08:00			`}`