vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

access control on orgs pages

This commit is contained in:
Kyle Spearrin 2017-03-27 21:55:39 -04:00
parent 77ddc83a04
commit 35e0f27f52
5 changed files with 47 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/app/config.js
View File

@ -232,12 +232,26 @@ angular
event.preventDefault();
$state.go('backend.user.vault');
return;
}
if (!authService.isAuthenticated()) {
event.preventDefault();
authService.logOut();
$state.go('frontend.login.info');
return;
}
// user is guaranteed to be authenticated becuase of previous check
if (toState.name.indexOf('backend.org.') > -1 && toParams.orgId) {
authService.getUserProfile().then(function (profile) {
var orgs = profile.organizations;
if (!orgs || !(toParams.orgId in orgs) || orgs[toParams.orgId].status !== 2 ||
orgs[toParams.orgId].type === 2) {
event.preventDefault();
$state.go('backend.user.vault');
}
});
}
});
});

9
src/app/global/sideNavController.js
View File

@ -7,16 +7,11 @@ angular
if ($state.includes('backend.org')) {
authService.getUserProfile().then(function (userProfile) {
if (!userProfile.organizations || !userProfile.organizations.length) {
if (!userProfile.organizations || !($state.params.orgId in userProfile.organizations)) {
return;
}
for (var i = 0; i < userProfile.organizations.length; i++) {
if (userProfile.organizations[i].id === $state.params.orgId) {
$scope.orgProfile = userProfile.organizations[i];
break;
}
}
$scope.orgProfile = userProfile.organizations[$state.params.orgId];
});
}
});

12
src/app/services/authService.js
View File

@ -93,15 +93,15 @@ angular
};
if (profile.Organizations) {
var orgs = [];
var orgs = {};
for (var i = 0; i < profile.Organizations.length; i++) {
orgs.push({
orgs[profile.Organizations[i].Id] = {
id: profile.Organizations[i].Id,
name: profile.Organizations[i].Name,
key: profile.Organizations[i].Key,
status: profile.Organizations[i].Status,
type: profile.Organizations[i].Type
});
};
}
_userProfile.organizations = orgs;
@ -118,8 +118,8 @@ angular
_service.addProfileOrganization = function (org) {
return _service.getUserProfile().then(function (profile) {
if (profile) {
if (!profile.Organizations) {
profile.Organizations = [];
if (!profile.organizations) {
profile.organizations = {};
}
var o = {
@ -129,7 +129,7 @@ angular
status: 2, // 2 = Confirmed
type: 0 // 0 = Owner
};
profile.organizations.push(o);
profile.organizations[o.id] = o;
_userProfile = profile;
cryptoService.addOrgKey(o.id, o.key);

11
src/app/services/cryptoService.js
View File

@ -33,17 +33,20 @@ angular
var orgKeysb64 = {},
_orgKeys = {},
setKey = false;
for (var i = 0; i < orgKeysCt.length; i++) {
for (var orgId in orgKeysCt) {
if (orgKeysCt.hasOwnProperty(orgId)) {
try {
var orgKey = _service.rsaDecrypt(orgKeysCt[i].key, privateKey);
_orgKeys[orgKeysCt[i].id] = orgKey;
orgKeysb64[orgKeysCt[i].id] = forge.util.encode64(orgKey);
var orgKey = _service.rsaDecrypt(orgKeysCt[orgId].key, privateKey);
_orgKeys[orgId] = orgKey;
orgKeysb64[orgId] = forge.util.encode64(orgKey);
setKey = true;
}
catch (e) {
console.log('Cannot set org key ' + i + '. Decryption failed.');
}
}
}
if (setKey) {
$sessionStorage.orgKeys = orgKeysb64;

11
src/app/vault/vaultShareController.js
View File

@ -24,17 +24,22 @@
return authService.getUserProfile();
}).then(function (profile) {
if (profile && profile.organizations) {
var orgs = [];
for (var i = 0; i < profile.organizations.length; i++) {
var orgs = [],
setFirstOrg = false;
for (var i in profile.organizations) {
if (profile.organizations.hasOwnProperty(i)) {
orgs.push({
id: profile.organizations[i].id,
name: profile.organizations[i].name
});
if (i === 0) {
if (!setFirstOrg) {
setFirstOrg = true;
$scope.model.organizationId = profile.organizations[i].id;
}
}
}
$scope.organizations = orgs;