Credentials use guids

2025-09-30 16:54:26 +08:00 · 2016-10-07 12:43:54 +02:00 · 2016-10-07 12:43:54 +02:00 · 8e80bb529a
commit 8e80bb529a
parent dfef59a002
8 changed files with 40 additions and 36 deletions
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@ -34,14 +34,14 @@ return [

 		//Credential
 		['name' => 'credential#createCredential', 'url' => '/api/v2/credentials', 'verb' => 'POST'],
-		['name' => 'credential#getCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'GET'],
-		['name' => 'credential#updateCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'PATCH'],
-		['name' => 'credential#deleteCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'DELETE'],
+		['name' => 'credential#getCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'GET'],
+		['name' => 'credential#updateCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'PATCH'],
+		['name' => 'credential#deleteCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'DELETE'],

 		//Revisions
 		['name' => 'credential#getRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision', 'verb' => 'GET'],
-		['name' => 'credential#deleteRevision', 'url' => '/api/v2/credentials/{credential_id}/revision/{revision_id}', 'verb' => 'DELETE'],
-		['name' => 'credential#updateRevision', 'url' => '/api/v2/credentials/{credential_id}/revision/{revision_id}', 'verb' => 'PATCH'],
+		['name' => 'credential#deleteRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision/{revision_id}', 'verb' => 'DELETE'],
+		['name' => 'credential#updateRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision/{revision_id}', 'verb' => 'PATCH'],

 		//File stuff
 		['name' => 'file#uploadFile', 'url' => '/api/v2/file', 'verb' => 'POST'],
--- a/controller/credentialcontroller.php
+++ b/controller/credentialcontroller.php
@ -96,21 +96,21 @@ class CredentialController extends ApiController {
 	/**
 	 * @NoAdminRequired
 	 */
-	public function getCredential($credential_id) {
-		return new JSONResponse($this->credentialService->getCredentialById($credential_id, $this->userId));
+	public function getCredential($credential_guid) {
+		return new JSONResponse($this->credentialService->getCredentialByGUID($credential_guid, $this->userId));
 	}

 	/**
 	 * @NoAdminRequired
 	 */
 	public function updateCredential($changed, $created,
-									 $credential_id, $custom_fields, $delete_time,
+									 $credential_id, $custom_fields, $delete_time, $credential_guid,
 									 $description, $email, $expire_time, $favicon, $files, $guid,
 									 $hidden, $label, $otp, $password, $renew_interval,
 									 $tags, $url, $username, $vault_id, $revision_created, $shared_key, $acl, $unshare_action, $set_share_key) {


-		$storedCredential = $this->credentialService->getCredentialById($credential_id, $this->userId);
+		$storedCredential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);

 		$credential = array(
 			'credential_id' => $credential_id,
@ -234,8 +234,8 @@ class CredentialController extends ApiController {
 	/**
 	 * @NoAdminRequired
 	 */
-	public function deleteCredential($credential_id) {
-		$credential = $this->credentialService->getCredentialById($credential_id, $this->userId);
+	public function deleteCredential($credential_guid) {
+		$credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
 		if ($credential) {
 			$result = $this->credentialService->deleteCredential($credential);
 			$this->activityService->add(
@ -288,18 +288,18 @@ class CredentialController extends ApiController {
 	/**
 	 * @NoAdminRequired
 	 */
-	public function updateRevision($credential_id, $revision_id, $credential_data){
+	public function updateRevision($credential_guid, $revision_id, $credential_data){
 		$revision = null;
 		try {
-			$credential = $this->credentialService->getCredentialById($credential_id, $this->userId);
+			$credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
 		} catch (DoesNotExistException $e) {
-			return new NotFoundResponse();
+			return new NotFoundJSONResponse();
 		}

 		try{
 			$revision = $this->credentialRevisionService->getRevision($revision_id);
 		} catch(DoesNotExistException $exception){
-			return new NotFoundResponse();
+			return new NotFoundJSONResponse();
 		}

 		$revision->setCredentialData($credential_data);
--- a/js/app/controllers/credential.js
+++ b/js/app/controllers/credential.js
@ -187,21 +187,21 @@ angular.module('passmanApp')
 				var _credential = angular.copy(credential);
 				$rootScope.$emit('app_menu', false);
 				SettingsService.setSetting('edit_credential', CredentialService.encryptCredential(_credential));
-				$location.path('/vault/' + $scope.active_vault.vault_id + '/edit/' + _credential.credential_id)
+				$location.path('/vault/' + $scope.active_vault.vault_id + '/edit/' + _credential.guid)
 			};

 			$scope.getRevisions = function (credential) {
 				var _credential = angular.copy(credential);
 				$rootScope.$emit('app_menu', false);
 				SettingsService.setSetting('revision_credential', CredentialService.encryptCredential(_credential));
-				$location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.credential_id + '/revisions')
+				$location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.guid + '/revisions')
 			};

 			$scope.shareCredential = function (credential) {
 				var _credential = angular.copy(credential);
 				$rootScope.$emit('app_menu', false);
 				SettingsService.setSetting('share_credential', CredentialService.encryptCredential(_credential));
-				$location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.credential_id + '/share')
+				$location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.guid + '/share')
 			};

 			var notification;
--- a/js/app/controllers/revision.js
+++ b/js/app/controllers/revision.js
@ -78,7 +78,7 @@ angular.module('passmanApp')
 			};

 			$scope.deleteRevision = function (revision) {
-				CredentialService.deleteRevision($scope.storedCredential.credential_id, revision.revision_id).then(function () {
+				CredentialService.deleteRevision($scope.storedCredential.guid, revision.revision_id).then(function () {
 					for (var i = 0; i < $scope.revisions.length; i++) {
 						if ($scope.revisions[i].revision_id == revision.revision_id) {
 							$scope.revisions.splice(i, 1);
--- a/js/app/controllers/share.js
+++ b/js/app/controllers/share.js
@ -188,7 +188,7 @@ angular.module('passmanApp')
 				_credential = CredentialService.encryptCredential(_credential, old_key)
 				CredentialService.updateCredential(_credential, true).then(function () {
 					NotificationService.showNotification('Credential unshared', 4000)
-					CredentialService.reencryptCredential(_credential.credential_id, old_key, new_key).progress(function(data){
+					CredentialService.reencryptCredential(_credential.guid, old_key, new_key).progress(function(data){
 						console.log(data);
 					}).then(function(data){
 						console.warn(data);
@ -267,7 +267,6 @@ angular.module('passmanApp')
 						var target_user = list[i];
 						if (target_user.hasOwnProperty('created')) {
 							console.log('Updating permissions')
-
 							var acl = {
 								user_id: target_user.userId,
 								permission: target_user.acl.getAccessLevel()
@ -317,7 +316,7 @@ angular.module('passmanApp')
 						var encryptedSharedCredential = angular.copy($scope.storedCredential);
 						var old_key = VaultService.getActiveVault().vaultKey;

-						CredentialService.reencryptCredential(encryptedSharedCredential.credential_id, old_key, key).progress(function(data){
+						CredentialService.reencryptCredential(encryptedSharedCredential.guid, old_key, key).progress(function(data){
 							console.log(data);
 						}).then(function(data){
 							console.log(data);
--- a/js/app/services/credentialservice.js
+++ b/js/app/services/credentialservice.js
@ -71,7 +71,7 @@ angular.module('passmanApp')
 				}
 				_credential.expire_time = new Date( angular.copy(credential.expire_time) ).getTime() / 1000;

-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential.credential_id);
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential.guid);
 				return $http.patch(queryUrl, _credential).then(function (response) {
 					if (response.data) {
 						return response.data;
@ -80,8 +80,8 @@ angular.module('passmanApp')
 					}
 				});
 			},
-			getCredential: function(id){
-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id);
+			getCredential: function(guid){
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid);
 				return $http.get(queryUrl).then(function (response) {
 					if (response.data) {
 						return response.data;
@ -90,8 +90,8 @@ angular.module('passmanApp')
 					}
 				});
 			},
-			destroyCredential: function(id){
-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id);
+			destroyCredential: function(guid){
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid);
 				return $http.delete(queryUrl).then(function (response) {
 					if (response.data) {
 						return response.data;
@ -129,8 +129,8 @@ angular.module('passmanApp')
 				}
 				return credential;
 			},
-			getRevisions:  function(id){
-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id + '/revision');
+			getRevisions:  function(guid){
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid + '/revision');
 				return $http.get(queryUrl).then(function (response) {
 					if (response.data) {
 						return response.data;
@ -142,7 +142,7 @@ angular.module('passmanApp')
 			updateRevision:  function(revision){
 				var _revision = angular.copy(revision);
 				_revision.credential_data = window.btoa(JSON.stringify(_revision.credential_data));
-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + revision.credential_data.credential_id + '/revision/' + revision.revision_id);
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + revision.credential_data.guid + '/revision/' + revision.revision_id);
 				return $http.patch(queryUrl, _revision).then(function (response) {
 					if (response.data) {
 						return response.data;
@ -151,8 +151,8 @@ angular.module('passmanApp')
 					}
 				});
 			},
-			deleteRevision:  function(credential_id, revision_id){
-				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential_id + '/revision/' + revision_id);
+			deleteRevision:  function(credential_guid, revision_id){
+				var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential_guid + '/revision/' + revision_id);
 				return $http.delete(queryUrl).then(function (response) {
 					if (response.data) {
 						return response.data;
--- a/lib/Db/CredentialMapper.php
+++ b/lib/Db/CredentialMapper.php
@ -140,8 +140,13 @@ class CredentialMapper extends Mapper {
     * @param $credential_guid
     * @return Credential
     */
-	public function getCredentialByGUID($credential_guid){
+	public function getCredentialByGUID($credential_guid, $user_id = null){
 	    $q = 'SELECT * FROM `*PREFIX*passman_credentials` WHERE guid = ? ';
-        return $this->findEntity($q, [$credential_guid]);
+		$params = [$credential_guid];
+		if ($user_id !== null){
+			$q .= ' and `user_id` = ? ';
+			array_push($params, $user_id);
+		}
+        return $this->findEntity($q, $params);
    }
 }
--- a/lib/Service/CredentialService.php
+++ b/lib/Service/CredentialService.php
@ -81,7 +81,7 @@ class CredentialService {
 		return $this->credentialMapper->getCredentialLabelById($credential_id);
 	}

-	public function getCredentialByGUID($credential_guid){
-	    return $this->credentialMapper->getCredentialByGUID($credential_guid);
+	public function getCredentialByGUID($credential_guid, $user_id = null){
+	    return $this->credentialMapper->getCredentialByGUID($credential_guid, $user_id);
    }
 }