diff --git a/appinfo/routes.php b/appinfo/routes.php index 985637ff..453f13b1 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -34,14 +34,14 @@ return [ //Credential ['name' => 'credential#createCredential', 'url' => '/api/v2/credentials', 'verb' => 'POST'], - ['name' => 'credential#getCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'GET'], - ['name' => 'credential#updateCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'PATCH'], - ['name' => 'credential#deleteCredential', 'url' => '/api/v2/credentials/{credential_id}', 'verb' => 'DELETE'], + ['name' => 'credential#getCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'GET'], + ['name' => 'credential#updateCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'PATCH'], + ['name' => 'credential#deleteCredential', 'url' => '/api/v2/credentials/{credential_guid}', 'verb' => 'DELETE'], //Revisions ['name' => 'credential#getRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision', 'verb' => 'GET'], - ['name' => 'credential#deleteRevision', 'url' => '/api/v2/credentials/{credential_id}/revision/{revision_id}', 'verb' => 'DELETE'], - ['name' => 'credential#updateRevision', 'url' => '/api/v2/credentials/{credential_id}/revision/{revision_id}', 'verb' => 'PATCH'], + ['name' => 'credential#deleteRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision/{revision_id}', 'verb' => 'DELETE'], + ['name' => 'credential#updateRevision', 'url' => '/api/v2/credentials/{credential_guid}/revision/{revision_id}', 'verb' => 'PATCH'], //File stuff ['name' => 'file#uploadFile', 'url' => '/api/v2/file', 'verb' => 'POST'], diff --git a/controller/credentialcontroller.php b/controller/credentialcontroller.php index d13ffd80..555a3e9e 100644 --- a/controller/credentialcontroller.php +++ b/controller/credentialcontroller.php @@ -96,21 +96,21 @@ class CredentialController extends ApiController { /** * @NoAdminRequired */ - public function getCredential($credential_id) { - return new JSONResponse($this->credentialService->getCredentialById($credential_id, $this->userId)); + public function getCredential($credential_guid) { + return new JSONResponse($this->credentialService->getCredentialByGUID($credential_guid, $this->userId)); } /** * @NoAdminRequired */ public function updateCredential($changed, $created, - $credential_id, $custom_fields, $delete_time, + $credential_id, $custom_fields, $delete_time, $credential_guid, $description, $email, $expire_time, $favicon, $files, $guid, $hidden, $label, $otp, $password, $renew_interval, $tags, $url, $username, $vault_id, $revision_created, $shared_key, $acl, $unshare_action, $set_share_key) { - $storedCredential = $this->credentialService->getCredentialById($credential_id, $this->userId); + $storedCredential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); $credential = array( 'credential_id' => $credential_id, @@ -234,8 +234,8 @@ class CredentialController extends ApiController { /** * @NoAdminRequired */ - public function deleteCredential($credential_id) { - $credential = $this->credentialService->getCredentialById($credential_id, $this->userId); + public function deleteCredential($credential_guid) { + $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); if ($credential) { $result = $this->credentialService->deleteCredential($credential); $this->activityService->add( @@ -288,18 +288,18 @@ class CredentialController extends ApiController { /** * @NoAdminRequired */ - public function updateRevision($credential_id, $revision_id, $credential_data){ + public function updateRevision($credential_guid, $revision_id, $credential_data){ $revision = null; try { - $credential = $this->credentialService->getCredentialById($credential_id, $this->userId); + $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); } catch (DoesNotExistException $e) { - return new NotFoundResponse(); + return new NotFoundJSONResponse(); } try{ $revision = $this->credentialRevisionService->getRevision($revision_id); } catch(DoesNotExistException $exception){ - return new NotFoundResponse(); + return new NotFoundJSONResponse(); } $revision->setCredentialData($credential_data); diff --git a/js/app/controllers/credential.js b/js/app/controllers/credential.js index cae7591a..660375df 100644 --- a/js/app/controllers/credential.js +++ b/js/app/controllers/credential.js @@ -187,21 +187,21 @@ angular.module('passmanApp') var _credential = angular.copy(credential); $rootScope.$emit('app_menu', false); SettingsService.setSetting('edit_credential', CredentialService.encryptCredential(_credential)); - $location.path('/vault/' + $scope.active_vault.vault_id + '/edit/' + _credential.credential_id) + $location.path('/vault/' + $scope.active_vault.vault_id + '/edit/' + _credential.guid) }; $scope.getRevisions = function (credential) { var _credential = angular.copy(credential); $rootScope.$emit('app_menu', false); SettingsService.setSetting('revision_credential', CredentialService.encryptCredential(_credential)); - $location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.credential_id + '/revisions') + $location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.guid + '/revisions') }; $scope.shareCredential = function (credential) { var _credential = angular.copy(credential); $rootScope.$emit('app_menu', false); SettingsService.setSetting('share_credential', CredentialService.encryptCredential(_credential)); - $location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.credential_id + '/share') + $location.path('/vault/' + $scope.active_vault.vault_id + '/' + _credential.guid + '/share') }; var notification; diff --git a/js/app/controllers/revision.js b/js/app/controllers/revision.js index deefce4c..8b67199d 100644 --- a/js/app/controllers/revision.js +++ b/js/app/controllers/revision.js @@ -78,7 +78,7 @@ angular.module('passmanApp') }; $scope.deleteRevision = function (revision) { - CredentialService.deleteRevision($scope.storedCredential.credential_id, revision.revision_id).then(function () { + CredentialService.deleteRevision($scope.storedCredential.guid, revision.revision_id).then(function () { for (var i = 0; i < $scope.revisions.length; i++) { if ($scope.revisions[i].revision_id == revision.revision_id) { $scope.revisions.splice(i, 1); diff --git a/js/app/controllers/share.js b/js/app/controllers/share.js index 2fba2211..8328b2d9 100644 --- a/js/app/controllers/share.js +++ b/js/app/controllers/share.js @@ -188,7 +188,7 @@ angular.module('passmanApp') _credential = CredentialService.encryptCredential(_credential, old_key) CredentialService.updateCredential(_credential, true).then(function () { NotificationService.showNotification('Credential unshared', 4000) - CredentialService.reencryptCredential(_credential.credential_id, old_key, new_key).progress(function(data){ + CredentialService.reencryptCredential(_credential.guid, old_key, new_key).progress(function(data){ console.log(data); }).then(function(data){ console.warn(data); @@ -267,7 +267,6 @@ angular.module('passmanApp') var target_user = list[i]; if (target_user.hasOwnProperty('created')) { console.log('Updating permissions') - var acl = { user_id: target_user.userId, permission: target_user.acl.getAccessLevel() @@ -317,7 +316,7 @@ angular.module('passmanApp') var encryptedSharedCredential = angular.copy($scope.storedCredential); var old_key = VaultService.getActiveVault().vaultKey; - CredentialService.reencryptCredential(encryptedSharedCredential.credential_id, old_key, key).progress(function(data){ + CredentialService.reencryptCredential(encryptedSharedCredential.guid, old_key, key).progress(function(data){ console.log(data); }).then(function(data){ console.log(data); diff --git a/js/app/services/credentialservice.js b/js/app/services/credentialservice.js index 2869280d..503bb7d1 100644 --- a/js/app/services/credentialservice.js +++ b/js/app/services/credentialservice.js @@ -71,7 +71,7 @@ angular.module('passmanApp') } _credential.expire_time = new Date( angular.copy(credential.expire_time) ).getTime() / 1000; - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential.credential_id); + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential.guid); return $http.patch(queryUrl, _credential).then(function (response) { if (response.data) { return response.data; @@ -80,8 +80,8 @@ angular.module('passmanApp') } }); }, - getCredential: function(id){ - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id); + getCredential: function(guid){ + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid); return $http.get(queryUrl).then(function (response) { if (response.data) { return response.data; @@ -90,8 +90,8 @@ angular.module('passmanApp') } }); }, - destroyCredential: function(id){ - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id); + destroyCredential: function(guid){ + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid); return $http.delete(queryUrl).then(function (response) { if (response.data) { return response.data; @@ -129,8 +129,8 @@ angular.module('passmanApp') } return credential; }, - getRevisions: function(id){ - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + id + '/revision'); + getRevisions: function(guid){ + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + guid + '/revision'); return $http.get(queryUrl).then(function (response) { if (response.data) { return response.data; @@ -142,7 +142,7 @@ angular.module('passmanApp') updateRevision: function(revision){ var _revision = angular.copy(revision); _revision.credential_data = window.btoa(JSON.stringify(_revision.credential_data)); - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + revision.credential_data.credential_id + '/revision/' + revision.revision_id); + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + revision.credential_data.guid + '/revision/' + revision.revision_id); return $http.patch(queryUrl, _revision).then(function (response) { if (response.data) { return response.data; @@ -151,8 +151,8 @@ angular.module('passmanApp') } }); }, - deleteRevision: function(credential_id, revision_id){ - var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential_id + '/revision/' + revision_id); + deleteRevision: function(credential_guid, revision_id){ + var queryUrl = OC.generateUrl('apps/passman/api/v2/credentials/' + credential_guid + '/revision/' + revision_id); return $http.delete(queryUrl).then(function (response) { if (response.data) { return response.data; diff --git a/lib/Db/CredentialMapper.php b/lib/Db/CredentialMapper.php index 8bb35c29..8557bf55 100644 --- a/lib/Db/CredentialMapper.php +++ b/lib/Db/CredentialMapper.php @@ -140,8 +140,13 @@ class CredentialMapper extends Mapper { * @param $credential_guid * @return Credential */ - public function getCredentialByGUID($credential_guid){ + public function getCredentialByGUID($credential_guid, $user_id = null){ $q = 'SELECT * FROM `*PREFIX*passman_credentials` WHERE guid = ? '; - return $this->findEntity($q, [$credential_guid]); + $params = [$credential_guid]; + if ($user_id !== null){ + $q .= ' and `user_id` = ? '; + array_push($params, $user_id); + } + return $this->findEntity($q, $params); } } \ No newline at end of file diff --git a/lib/Service/CredentialService.php b/lib/Service/CredentialService.php index d0c920b7..80dc1960 100644 --- a/lib/Service/CredentialService.php +++ b/lib/Service/CredentialService.php @@ -81,7 +81,7 @@ class CredentialService { return $this->credentialMapper->getCredentialLabelById($credential_id); } - public function getCredentialByGUID($credential_guid){ - return $this->credentialMapper->getCredentialByGUID($credential_guid); + public function getCredentialByGUID($credential_guid, $user_id = null){ + return $this->credentialMapper->getCredentialByGUID($credential_guid, $user_id); } } \ No newline at end of file