mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-01-21 01:12:28 -05:00
Support Org Export for v2022.11 clients
Since v2022.9.x the org export uses a different endpoint. But, since v2022.11.x this endpoint will return a different format. See: https://github.com/bitwarden/clients/pull/3641 and https://github.com/bitwarden/server/pull/2316 To support both version in the case of users having an older client either web-vault or cli this PR checks the version and responds using the correct format. If no version can be determined it will use the new format as a default.
This commit is contained in:
parent
f60a6929a9
commit
c9ec389b24
4 changed files with 61 additions and 21 deletions
7
Cargo.lock
generated
7
Cargo.lock
generated
|
@ -2466,6 +2466,12 @@ dependencies = [
|
||||||
"libc",
|
"libc",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "semver"
|
||||||
|
version = "1.0.14"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde"
|
name = "serde"
|
||||||
version = "1.0.147"
|
version = "1.0.147"
|
||||||
|
@ -3201,6 +3207,7 @@ dependencies = [
|
||||||
"ring",
|
"ring",
|
||||||
"rmpv",
|
"rmpv",
|
||||||
"rocket",
|
"rocket",
|
||||||
|
"semver",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"syslog",
|
"syslog",
|
||||||
|
|
|
@ -142,6 +142,9 @@ governor = "0.5.0"
|
||||||
# Capture CTRL+C
|
# Capture CTRL+C
|
||||||
ctrlc = { version = "3.2.3", features = ["termination"] }
|
ctrlc = { version = "3.2.3", features = ["termination"] }
|
||||||
|
|
||||||
|
# Check client versions for specific features.
|
||||||
|
semver = "1.0.14"
|
||||||
|
|
||||||
# Allow overriding the default memory allocator
|
# Allow overriding the default memory allocator
|
||||||
# Mainly used for the musl builds, since the default musl malloc is very slow
|
# Mainly used for the musl builds, since the default musl malloc is very slow
|
||||||
mimalloc = { version = "0.1.30", features = ["secure"], default-features = false, optional = true }
|
mimalloc = { version = "0.1.30", features = ["secure"], default-features = false, optional = true }
|
||||||
|
|
|
@ -273,19 +273,15 @@ async fn get_user_collections(headers: Headers, mut conn: DbConn) -> Json<Value>
|
||||||
|
|
||||||
#[get("/organizations/<org_id>/collections")]
|
#[get("/organizations/<org_id>/collections")]
|
||||||
async fn get_org_collections(org_id: String, _headers: ManagerHeadersLoose, mut conn: DbConn) -> Json<Value> {
|
async fn get_org_collections(org_id: String, _headers: ManagerHeadersLoose, mut conn: DbConn) -> Json<Value> {
|
||||||
Json(_get_org_collections(&org_id, &mut conn).await)
|
Json(json!({
|
||||||
|
"Data": _get_org_collections(&org_id, &mut conn).await,
|
||||||
|
"Object": "list",
|
||||||
|
"ContinuationToken": null,
|
||||||
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn _get_org_collections(org_id: &str, conn: &mut DbConn) -> Value {
|
async fn _get_org_collections(org_id: &str, conn: &mut DbConn) -> Value {
|
||||||
json!({
|
Collection::find_by_organization(org_id, conn).await.iter().map(Collection::to_json).collect::<Value>()
|
||||||
"Data":
|
|
||||||
Collection::find_by_organization(org_id, conn).await
|
|
||||||
.iter()
|
|
||||||
.map(Collection::to_json)
|
|
||||||
.collect::<Value>(),
|
|
||||||
"Object": "list",
|
|
||||||
"ContinuationToken": null,
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/organizations/<org_id>/collections", data = "<data>")]
|
#[post("/organizations/<org_id>/collections", data = "<data>")]
|
||||||
|
@ -550,7 +546,11 @@ struct OrgIdData {
|
||||||
|
|
||||||
#[get("/ciphers/organization-details?<data..>")]
|
#[get("/ciphers/organization-details?<data..>")]
|
||||||
async fn get_org_details(data: OrgIdData, headers: Headers, mut conn: DbConn) -> Json<Value> {
|
async fn get_org_details(data: OrgIdData, headers: Headers, mut conn: DbConn) -> Json<Value> {
|
||||||
Json(_get_org_details(&data.organization_id, &headers.host, &headers.user.uuid, &mut conn).await)
|
Json(json!({
|
||||||
|
"Data": _get_org_details(&data.organization_id, &headers.host, &headers.user.uuid, &mut conn).await,
|
||||||
|
"Object": "list",
|
||||||
|
"ContinuationToken": null,
|
||||||
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn _get_org_details(org_id: &str, host: &str, user_uuid: &str, conn: &mut DbConn) -> Value {
|
async fn _get_org_details(org_id: &str, host: &str, user_uuid: &str, conn: &mut DbConn) -> Value {
|
||||||
|
@ -561,12 +561,7 @@ async fn _get_org_details(org_id: &str, host: &str, user_uuid: &str, conn: &mut
|
||||||
for c in ciphers {
|
for c in ciphers {
|
||||||
ciphers_json.push(c.to_json(host, user_uuid, Some(&cipher_sync_data), conn).await);
|
ciphers_json.push(c.to_json(host, user_uuid, Some(&cipher_sync_data), conn).await);
|
||||||
}
|
}
|
||||||
|
json!(ciphers_json)
|
||||||
json!({
|
|
||||||
"Data": ciphers_json,
|
|
||||||
"Object": "list",
|
|
||||||
"ContinuationToken": null,
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/organizations/<org_id>/users")]
|
#[get("/organizations/<org_id>/users")]
|
||||||
|
@ -2079,9 +2074,41 @@ async fn delete_group_user(
|
||||||
// Else the export will be just an empty JSON file.
|
// Else the export will be just an empty JSON file.
|
||||||
#[get("/organizations/<org_id>/export")]
|
#[get("/organizations/<org_id>/export")]
|
||||||
async fn get_org_export(org_id: String, headers: AdminHeaders, mut conn: DbConn) -> Json<Value> {
|
async fn get_org_export(org_id: String, headers: AdminHeaders, mut conn: DbConn) -> Json<Value> {
|
||||||
|
use semver::{Version, VersionReq};
|
||||||
|
|
||||||
|
// Since version v2022.11.0 the format of the export is different.
|
||||||
|
// Also, this endpoint was created since v2022.9.0.
|
||||||
|
// Therefore, we will check for any version smaller then 2022.11.0 and return a different response.
|
||||||
|
// If we can't determine the version, we will use the latest default v2022.11.0 and higher.
|
||||||
|
// https://github.com/bitwarden/server/blob/8a6f780d55cf0768e1869f1f097452328791983e/src/Api/Controllers/OrganizationExportController.cs#L44-L45
|
||||||
|
let use_list_response_model = if let Some(client_version) = headers.client_version {
|
||||||
|
let ver_match = VersionReq::parse("<2022.11.0").unwrap();
|
||||||
|
let client_version = Version::parse(&client_version).unwrap();
|
||||||
|
ver_match.matches(&client_version)
|
||||||
|
} else {
|
||||||
|
false
|
||||||
|
};
|
||||||
|
|
||||||
// Also both main keys here need to be lowercase, else the export will fail.
|
// Also both main keys here need to be lowercase, else the export will fail.
|
||||||
|
if use_list_response_model {
|
||||||
|
// Backwards compatible pre v2022.11.0 response
|
||||||
|
Json(json!({
|
||||||
|
"collections": {
|
||||||
|
"data": convert_json_key_lcase_first(_get_org_collections(&org_id, &mut conn).await),
|
||||||
|
"object": "list",
|
||||||
|
"continuationToken": null,
|
||||||
|
},
|
||||||
|
"ciphers": {
|
||||||
|
"data": convert_json_key_lcase_first(_get_org_details(&org_id, &headers.host, &headers.user.uuid, &mut conn).await),
|
||||||
|
"object": "list",
|
||||||
|
"continuationToken": null,
|
||||||
|
}
|
||||||
|
}))
|
||||||
|
} else {
|
||||||
|
// v2022.11.0 and newer response
|
||||||
Json(json!({
|
Json(json!({
|
||||||
"collections": convert_json_key_lcase_first(_get_org_collections(&org_id, &mut conn).await),
|
"collections": convert_json_key_lcase_first(_get_org_collections(&org_id, &mut conn).await),
|
||||||
"ciphers": convert_json_key_lcase_first(_get_org_details(&org_id, &headers.host, &headers.user.uuid, &mut conn).await),
|
"ciphers": convert_json_key_lcase_first(_get_org_details(&org_id, &headers.host, &headers.user.uuid, &mut conn).await),
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -481,6 +481,7 @@ pub struct AdminHeaders {
|
||||||
pub device: Device,
|
pub device: Device,
|
||||||
pub user: User,
|
pub user: User,
|
||||||
pub org_user_type: UserOrgType,
|
pub org_user_type: UserOrgType,
|
||||||
|
pub client_version: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[rocket::async_trait]
|
#[rocket::async_trait]
|
||||||
|
@ -489,12 +490,14 @@ impl<'r> FromRequest<'r> for AdminHeaders {
|
||||||
|
|
||||||
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||||||
let headers = try_outcome!(OrgHeaders::from_request(request).await);
|
let headers = try_outcome!(OrgHeaders::from_request(request).await);
|
||||||
|
let client_version = request.headers().get_one("Bitwarden-Client-Version").map(String::from);
|
||||||
if headers.org_user_type >= UserOrgType::Admin {
|
if headers.org_user_type >= UserOrgType::Admin {
|
||||||
Outcome::Success(Self {
|
Outcome::Success(Self {
|
||||||
host: headers.host,
|
host: headers.host,
|
||||||
device: headers.device,
|
device: headers.device,
|
||||||
user: headers.user,
|
user: headers.user,
|
||||||
org_user_type: headers.org_user_type,
|
org_user_type: headers.org_user_type,
|
||||||
|
client_version,
|
||||||
})
|
})
|
||||||
} else {
|
} else {
|
||||||
err_handler!("You need to be Admin or Owner to call this endpoint")
|
err_handler!("You need to be Admin or Owner to call this endpoint")
|
||||||
|
|
Loading…
Add table
Reference in a new issue