premium and enc key checks

This commit is contained in:
Kyle Spearrin 2018-05-18 10:55:50 -04:00
parent 33f0f5eae0
commit fc5043f07e
3 changed files with 40 additions and 10 deletions

View File

@ -3,7 +3,9 @@ import * as fs from 'fs';
import * as path from 'path';
import { CipherService } from 'jslib/abstractions/cipher.service';
import { FolderService } from 'jslib/services/folder.service';
import { CryptoService } from 'jslib/abstractions/crypto.service';
import { FolderService } from 'jslib/abstractions/folder.service';
import { TokenService } from 'jslib/abstractions/token.service';
import { Response } from '../models/response';
import { StringResponse } from '../models/response/stringResponse';
@ -14,7 +16,8 @@ import { Folder } from '../models/folder';
import { CliUtils } from '../utils';
export class CreateCommand {
constructor(private cipherService: CipherService, private folderService: FolderService) { }
constructor(private cipherService: CipherService, private folderService: FolderService,
private tokenService: TokenService, private cryptoService: CryptoService) { }
async run(object: string, requestJson: string, cmd: program.Command): Promise<Response> {
let req: any = null;
@ -69,14 +72,22 @@ export class CreateCommand {
return Response.badRequest('Cannot find file at ' + filePath);
}
// TODO: premium and key check
const itemId = cmd.itemid.toLowerCase();
const cipher = await this.cipherService.get(itemId);
if (cipher == null) {
return Response.notFound();
}
if (cipher.organizationId == null && !this.tokenService.getPremium()) {
return Response.error('A premium membership is required to use this feature.');
}
const encKey = await this.cryptoService.getEncKey();
if (encKey == null) {
return Response.error('You must update your encryption key before you can use this feature. ' +
'See https://help.bitwarden.com/article/update-encryption-key/');
}
try {
const fileBuf = fs.readFileSync(filePath);
await this.cipherService.saveAttachmentRawWithServer(cipher, path.basename(filePath),

View File

@ -2,11 +2,13 @@ import * as program from 'commander';
import { CipherService } from 'jslib/abstractions/cipher.service';
import { FolderService } from 'jslib/abstractions/folder.service';
import { TokenService } from 'jslib/abstractions/token.service';
import { Response } from '../models/response';
export class DeleteCommand {
constructor(private cipherService: CipherService, private folderService: FolderService) { }
constructor(private cipherService: CipherService, private folderService: FolderService,
private tokenService: TokenService) { }
async run(object: string, id: string, cmd: program.Command): Promise<Response> {
if (id != null) {
@ -59,6 +61,10 @@ export class DeleteCommand {
return Response.error('Attachment `' + id + '` was not found.');
}
if (cipher.organizationId == null && !this.tokenService.getPremium()) {
return Response.error('A premium membership is required to use this feature.');
}
try {
await this.cipherService.deleteAttachmentWithServer(cipher.id, attachments[0].id);
return Response.success();

View File

@ -8,6 +8,7 @@ import { CipherService } from 'jslib/abstractions/cipher.service';
import { CollectionService } from 'jslib/abstractions/collection.service';
import { CryptoService } from 'jslib/abstractions/crypto.service';
import { FolderService } from 'jslib/abstractions/folder.service';
import { TokenService } from 'jslib/abstractions/token.service';
import { TotpService } from 'jslib/abstractions/totp.service';
import { CipherView } from 'jslib/models/view/cipherView';
@ -37,7 +38,8 @@ import { CliUtils } from '../utils';
export class GetCommand {
constructor(private cipherService: CipherService, private folderService: FolderService,
private collectionService: CollectionService, private totpService: TotpService,
private auditService: AuditService, private cryptoService: CryptoService) { }
private auditService: AuditService, private cryptoService: CryptoService,
private tokenService: TokenService) { }
async run(object: string, id: string, cmd: program.Command): Promise<Response> {
if (id != null) {
@ -153,8 +155,6 @@ export class GetCommand {
}
private async getTotp(id: string) {
// TODO: premium check
const cipherResponse = await this.getCipher(id);
if (!cipherResponse.success) {
return cipherResponse;
@ -174,6 +174,14 @@ export class GetCommand {
return Response.error('Couldn\'t generate TOTP code.');
}
if (!this.tokenService.getPremium()) {
const originalCipher = await this.cipherService.get(id);
if (originalCipher == null || originalCipher.organizationId == null ||
!originalCipher.organizationUseTotp) {
return Response.error('A premium membership is required to use this feature.');
}
}
const res = new StringResponse(totp);
return Response.success(res);
}
@ -194,8 +202,6 @@ export class GetCommand {
return Response.badRequest('--itemid <itemid> required.');
}
// TODO: Premium check
const itemId = cmd.itemid.toLowerCase();
const cipherResponse = await this.getCipher(itemId);
if (!cipherResponse.success) {
@ -216,6 +222,13 @@ export class GetCommand {
return Response.multipleResults(attachments.map((a) => a.id));
}
if (!this.tokenService.getPremium()) {
const originalCipher = await this.cipherService.get(cipher.id);
if (originalCipher == null || originalCipher.organizationId == null) {
return Response.error('A premium membership is required to use this feature.');
}
}
const response = await fet.default(new fet.Request(attachments[0].url, { headers: { cache: 'no-cache' } }));
if (response.status !== 200) {
return Response.error('A ' + response.status + ' error occurred while downloading the attachment.');