mirror of
https://github.com/nextcloud/passman.git
synced 2024-09-20 14:56:21 +08:00
delete credentials before vault is deleted from backend
This commit is contained in:
binsky
parent
aa0a586cb4
commit
cef5bce47b
|
|
@ -37,12 +37,12 @@ class CredentialController extends ApiController {
|
|||
|
||||
public function __construct($AppName,
|
||||
IRequest $request,
|
||||
$userId,
|
||||
CredentialService $credentialService,
|
||||
ActivityService $activityService,
|
||||
CredentialRevisionService $credentialRevisionService,
|
||||
ShareService $sharingService,
|
||||
SettingsService $settings
|
||||
$userId,
|
||||
CredentialService $credentialService,
|
||||
ActivityService $activityService,
|
||||
CredentialRevisionService $credentialRevisionService,
|
||||
ShareService $sharingService,
|
||||
SettingsService $settings
|
||||
|
||||
) {
|
||||
parent::__construct(
|
||||
|
|
@ -275,32 +275,13 @@ class CredentialController extends ApiController {
|
|||
if ($credential instanceof Credential) {
|
||||
$result = $this->credentialService->deleteCredential($credential);
|
||||
//print_r($credential);
|
||||
$this->deleteCredentialParts($credential);
|
||||
$this->credentialService->deleteCredentialParts($credential, $this->userId);
|
||||
} else {
|
||||
$result = false;
|
||||
}
|
||||
return new JSONResponse($result);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete leftovers from a credential
|
||||
* @param Credential $credential
|
||||
* @throws \Exception
|
||||
*/
|
||||
private function deleteCredentialParts(Credential $credential) {
|
||||
$this->activityService->add(
|
||||
'item_destroyed_self', array($credential->getLabel()),
|
||||
'', array(),
|
||||
'', $this->userId, Activity::TYPE_ITEM_ACTION);
|
||||
$this->sharingService->unshareCredential($credential->getGuid());
|
||||
foreach ($this->credentialRevisionService->getRevisions($credential->getId()) as $revision) {
|
||||
$id = $revision['revision_id'];
|
||||
if (isset($id)) {
|
||||
$this->credentialRevisionService->deleteRevision($id, $this->userId);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @NoAdminRequired
|
||||
* @NoCSRFRequired
|
||||
|
|
|
|||
|
|
@ -11,16 +11,17 @@
|
|||
|
||||
namespace OCA\Passman\Controller;
|
||||
|
||||
use OCA\Passman\Service\DeleteVaultRequestService;
|
||||
use OCA\Passman\Service\EncryptService;
|
||||
use OCA\Passman\Service\SettingsService;
|
||||
use OCA\Passman\Utility\NotFoundJSONResponse;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\IRequest;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\AppFramework\ApiController;
|
||||
use OCA\Passman\Service\VaultService;
|
||||
use OCA\Passman\Db\Credential;
|
||||
use OCA\Passman\Service\CredentialService;
|
||||
use OCA\Passman\Service\DeleteVaultRequestService;
|
||||
use OCA\Passman\Service\FileService;
|
||||
use OCA\Passman\Service\SettingsService;
|
||||
use OCA\Passman\Service\VaultService;
|
||||
use OCA\Passman\Utility\NotFoundJSONResponse;
|
||||
use OCP\AppFramework\ApiController;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\IRequest;
|
||||
|
||||
|
||||
class VaultController extends ApiController {
|
||||
|
|
@ -28,15 +29,17 @@ class VaultController extends ApiController {
|
|||
private $vaultService;
|
||||
private $credentialService;
|
||||
private $settings;
|
||||
private $fileService;
|
||||
private $deleteVaultRequestService;
|
||||
|
||||
public function __construct($AppName,
|
||||
IRequest $request,
|
||||
$UserId,
|
||||
VaultService $vaultService,
|
||||
CredentialService $credentialService,
|
||||
DeleteVaultRequestService $deleteVaultRequestService,
|
||||
SettingsService $settings) {
|
||||
IRequest $request,
|
||||
$UserId,
|
||||
VaultService $vaultService,
|
||||
CredentialService $credentialService,
|
||||
DeleteVaultRequestService $deleteVaultRequestService,
|
||||
SettingsService $settings,
|
||||
FileService $fileService) {
|
||||
parent::__construct(
|
||||
$AppName,
|
||||
$request,
|
||||
|
|
@ -48,6 +51,7 @@ class VaultController extends ApiController {
|
|||
$this->credentialService = $credentialService;
|
||||
$this->deleteVaultRequestService = $deleteVaultRequestService;
|
||||
$this->settings = $settings;
|
||||
$this->fileService = $fileService;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -63,7 +67,7 @@ class VaultController extends ApiController {
|
|||
foreach ($vaults as $vault) {
|
||||
$credential = $this->credentialService->getRandomCredentialByVaultId($vault->getId(), $this->userId);
|
||||
$secret_field = $protected_credential_fields[array_rand($protected_credential_fields)];
|
||||
if(isset($credential)) {
|
||||
if (isset($credential)) {
|
||||
array_push($result, array(
|
||||
'vault_id' => $vault->getId(),
|
||||
'guid' => $vault->getGuid(),
|
||||
|
|
@ -164,8 +168,36 @@ class VaultController extends ApiController {
|
|||
* @NoAdminRequired
|
||||
* @NoCSRFRequired
|
||||
*/
|
||||
public function delete($vault_guid) {
|
||||
public function delete($vault_guid, $credential_guids, $file_ids) {
|
||||
try {
|
||||
$this->vaultService->getByGuid($vault_guid, $this->userId);
|
||||
} catch (\Exception $e) {
|
||||
return new NotFoundJSONResponse();
|
||||
}
|
||||
|
||||
if ($credential_guids != null && !empty($credential_guids)) {
|
||||
foreach ($credential_guids as $credential_guid) {
|
||||
try {
|
||||
$credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
|
||||
} catch (\Exception $e) {
|
||||
continue;
|
||||
}
|
||||
if ($credential instanceof Credential) {
|
||||
$this->credentialService->deleteCredential($credential);
|
||||
$this->credentialService->deleteCredentialParts($credential, $this->userId);
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($file_ids != null && !empty($file_ids)) {
|
||||
foreach ($file_ids as $file_id) {
|
||||
try {
|
||||
$this->fileService->deleteFile($file_id, $this->userId);
|
||||
} catch (\Exception $e) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
$this->vaultService->deleteVault($vault_guid, $this->userId);
|
||||
return new JSONResponse(array('ok' => true));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@
|
|||
|
||||
namespace OCA\Passman\Service;
|
||||
|
||||
use OCA\Passman\Activity;
|
||||
use OCA\Passman\Db\Credential;
|
||||
use OCA\Passman\Db\CredentialMapper;
|
||||
use OCA\Passman\Db\SharingACL;
|
||||
|
|
@ -37,15 +38,25 @@ class CredentialService {
|
|||
|
||||
private CredentialMapper $credentialMapper;
|
||||
private SharingACLMapper $sharingACL;
|
||||
private ActivityService $activityService;
|
||||
private ShareService $shareService;
|
||||
private EncryptService $encryptService;
|
||||
private CredentialRevisionService $credentialRevisionService;
|
||||
private $server_key;
|
||||
|
||||
public function __construct(CredentialMapper $credentialMapper, SharingACLMapper $sharingACL, ShareService $shareService, EncryptService $encryptService, IConfig $config) {
|
||||
public function __construct(CredentialMapper $credentialMapper,
|
||||
SharingACLMapper $sharingACL,
|
||||
ActivityService $activityService,
|
||||
ShareService $shareService,
|
||||
EncryptService $encryptService,
|
||||
CredentialRevisionService $credentialRevisionService,
|
||||
IConfig $config) {
|
||||
$this->credentialMapper = $credentialMapper;
|
||||
$this->sharingACL = $sharingACL;
|
||||
$this->activityService = $activityService;
|
||||
$this->shareService = $shareService;
|
||||
$this->encryptService = $encryptService;
|
||||
$this->credentialRevisionService = $credentialRevisionService;
|
||||
$this->server_key = $config->getSystemValue('passwordsalt', '');
|
||||
}
|
||||
|
||||
|
|
@ -99,6 +110,25 @@ class CredentialService {
|
|||
return $this->credentialMapper->deleteCredential($credential);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete leftovers from a credential
|
||||
* @param Credential $credential
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function deleteCredentialParts(Credential $credential, $userId) {
|
||||
$this->activityService->add(
|
||||
'item_destroyed_self', array($credential->getLabel()),
|
||||
'', array(),
|
||||
'', $userId, Activity::TYPE_ITEM_ACTION);
|
||||
$this->shareService->unshareCredential($credential->getGuid());
|
||||
foreach ($this->credentialRevisionService->getRevisions($credential->getId()) as $revision) {
|
||||
$id = $revision['revision_id'];
|
||||
if (isset($id)) {
|
||||
$this->credentialRevisionService->deleteRevision($id, $userId);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get credentials by vault id
|
||||
*
|
||||
|
|
|
|||
Loading…
Reference in a new issue