diff options
| author | binsky <timo@binsky.org> | 2021-10-22 21:10:31 +0300 |
|---|---|---|
| committer | binsky <timo@binsky.org> | 2021-10-22 21:10:31 +0300 |
| commit | 761c21da0e4e4738aae036a2a81cb1867b29ed60 (patch) | |
| tree | 0d5e463528d681a5b78cb37dd94e4593636484a0 | |
| parent | cef5bce47b59d42768018298d3069ea63a579a19 (diff) | |
add dedicated method to delete vault contents before vault deletion
Signed-off-by: binsky <timo@binsky.org>
| -rw-r--r-- | appinfo/routes.php | 3 | ||||
| -rw-r--r-- | controller/vaultcontroller.php | 28 | ||||
| -rw-r--r-- | js/app/controllers/settings.js | 71 | ||||
| -rw-r--r-- | js/app/services/vaultservice.js | 27 |
4 files changed, 67 insertions, 62 deletions
diff --git a/appinfo/routes.php b/appinfo/routes.php index 37fb1fbe..f46968ef 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -28,6 +28,7 @@ return [ ['name' => 'vault#create', 'url' => '/api/v2/vaults', 'verb' => 'POST'], ['name' => 'vault#get', 'url' => '/api/v2/vaults/{vault_guid}', 'verb' => 'GET'], ['name' => 'vault#update', 'url' => '/api/v2/vaults/{vault_guid}', 'verb' => 'PATCH'], + ['name' => 'vault#deleteVaultContent', 'url' => '/api/v2/vaults/delete-vault-content', 'verb' => 'POST'], ['name' => 'vault#delete', 'url' => '/api/v2/vaults/{vault_guid}', 'verb' => 'DELETE'], //@TODO make frontend use PATCH ['name' => 'vault#updateSharingKeys', 'url' => '/api/v2/vaults/{vault_guid}/sharing-keys', 'verb' => 'POST'], @@ -99,4 +100,4 @@ return [ ['name' => 'admin#listRequests', 'url' => '/admin/delete-requests', 'verb' => 'GET'], ['name' => 'admin#acceptRequestDeletion', 'url' => '/admin/accept-delete-request', 'verb' => 'POST'], ] -];
\ No newline at end of file +]; diff --git a/controller/vaultcontroller.php b/controller/vaultcontroller.php index c9499786..05cce250 100644 --- a/controller/vaultcontroller.php +++ b/controller/vaultcontroller.php @@ -168,28 +168,22 @@ class VaultController extends ApiController { * @NoAdminRequired * @NoCSRFRequired */ - public function delete($vault_guid, $credential_guids, $file_ids) { - try { - $this->vaultService->getByGuid($vault_guid, $this->userId); - } catch (\Exception $e) { - return new NotFoundJSONResponse(); - } - + public function deleteVaultContent($credential_guids, $file_ids) { if ($credential_guids != null && !empty($credential_guids)) { - foreach ($credential_guids as $credential_guid) { + foreach (json_decode($credential_guids) as $credential_guid) { try { $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); + if ($credential instanceof Credential) { + $this->credentialService->deleteCredentiaL($credential); + $this->credentialService->deleteCredentialParts($credential, $this->userId); + } } catch (\Exception $e) { continue; } - if ($credential instanceof Credential) { - $this->credentialService->deleteCredential($credential); - $this->credentialService->deleteCredentialParts($credential, $this->userId); - } } } if ($file_ids != null && !empty($file_ids)) { - foreach ($file_ids as $file_id) { + foreach (json_decode($file_ids) as $file_id) { try { $this->fileService->deleteFile($file_id, $this->userId); } catch (\Exception $e) { @@ -197,6 +191,14 @@ class VaultController extends ApiController { } } } + return new JSONResponse(array('ok' => true, 'guids' => $credential_guids)); + } + + /** + * @NoAdminRequired + * @NoCSRFRequired + */ + public function delete($vault_guid) { $this->vaultService->deleteVault($vault_guid, $this->userId); return new JSONResponse(array('ok' => true)); } diff --git a/js/app/controllers/settings.js b/js/app/controllers/settings.js index 9fa1f155..31d4a0a8 100644 --- a/js/app/controllers/settings.js +++ b/js/app/controllers/settings.js @@ -87,7 +87,9 @@ }); var btn_txt = $translate.instant('bookmarklet.text'); - var http = location.protocol, slashes = http.concat("//"), host = slashes.concat(window.location.hostname + ":" + window.location.port), complete = host + location.pathname; + var http = location.protocol, slashes = http.concat("//"), + host = slashes.concat(window.location.hostname + ":" + window.location.port), + complete = host + location.pathname; $scope.bookmarklet = $sce.trustAsHtml("<a class=\"button\" href=\"javascript:(function(){var a=window,b=document,c=encodeURIComponent,e=c(document.title),d=a.open('" + complete + "/bookmarklet?url='+c(b.location)+'&title='+e,'bkmk_popup','left='+((a.screenX||a.screenLeft)+10)+',top='+((a.screenY||a.screenTop)+10)+',height=750px,width=475px,resizable=0,alwaysRaised=1');a.setTimeout(function(){d.focus()},300);})();\">" + btn_txt + "</a>"); @@ -271,43 +273,36 @@ $scope.confirm_vault_delete = false; $scope.delete_vault_password = ''; - $scope.delete_vault = function() { - if ($scope.confirm_vault_delete && $scope.delete_vault_password === VaultService.getActiveVault().vaultKey) { - getCurrentVaultCredentials(function(vault) { - var credentials = vault.credentials; - $scope.remove_pw = { - percent: 0, - done: 0, - total: vault.credentials.length, - }; - var deleteCredential = function(index) { - $scope.translationData = { - password: credentials[index].label, - }; - CredentialService.destroyCredential(credentials[index].guid).then(function() { - var percent = index / vault.credentials.length * 100; - $scope.remove_pw = { - percent: percent, - done: index, - total: vault.credentials.length, - }; - if (index === credentials.length - 1) { - VaultService.deleteVault(vault).then(function() { - SettingsService.setSetting('defaultVaultPass', false); - SettingsService.setSetting('defaultVault', null); - $rootScope.$broadcast('logout'); - $location.path('/'); - }); - return; - } - deleteCredential(index + 1); - }); - }; - deleteCredential(0); - }); - } - - }; + $scope.delete_vault = function () { + if ($scope.confirm_vault_delete && $scope.delete_vault_password === VaultService.getActiveVault().vaultKey) { + getCurrentVaultCredentials(function (vault) { + var credentials = vault.credentials; + $scope.remove_pw = { + percent: 0, + done: 0, + total: vault.credentials.length, + }; + + var credential_guids = []; + var file_ids = []; + for (const credential of credentials) { + credential_guids.push(credential.guid); + var decryptedFiles = JSON.parse(EncryptService.decryptString(angular.copy(credential.files), VaultService.getActiveVault().vaultKey)); + for (const file of decryptedFiles) { + file_ids.push(file.file_id); + } + } + + VaultService.deleteVault(vault, credential_guids, file_ids).then(function () { + SettingsService.setSetting('defaultVaultPass', false); + SettingsService.setSetting('defaultVault', null); + $rootScope.$broadcast('logout'); + $location.path('/'); + }); + }); + } + + }; $rootScope.$on('logout', function () { $scope.active_vault = null; diff --git a/js/app/services/vaultservice.js b/js/app/services/vaultservice.js index 767466b5..79809b6e 100644 --- a/js/app/services/vaultservice.js +++ b/js/app/services/vaultservice.js @@ -66,7 +66,7 @@ return false; } else { _activeVault.vault_settings[key] = value; - this.updateVault(_activeVault); + this.updateVault(_activeVault); } }, @@ -122,21 +122,28 @@ } }); }, - deleteVault: function (vault) { + deleteVault: function (vault, credential_guids, file_ids) { var queryUrl = OC.generateUrl('apps/passman/api/v2/vaults/' + vault.guid); - return $http.delete(queryUrl).then(function (response) { - if (response.data) { - return response.data; - } else { - return response; - } + var deleteContentUrl = OC.generateUrl('apps/passman/api/v2/vaults/delete-vault-content'); + var data = { + "credential_guids": JSON.stringify(credential_guids), + "file_ids": JSON.stringify(file_ids) + }; + return $http.post(deleteContentUrl, data).then(function () { + return $http.delete(queryUrl).then(function (response) { + if (response.data) { + return response.data; + } else { + return response; + } + }); }); }, clearVaultService: function () { - _activeVault=null; + _activeVault = null; } }; return service; }]); -}());
\ No newline at end of file +}()); |