bitwarden_vault/cipher/cipher_client/admin/
get.rs1use bitwarden_api_api::models::CipherMiniDetailsResponseModelListResponseModel;
2use bitwarden_core::{ApiError, OrganizationId, key_management::KeyIds};
3use bitwarden_crypto::{CryptoError, KeyStore};
4use bitwarden_error::bitwarden_error;
5use thiserror::Error;
6#[cfg(feature = "wasm")]
7use wasm_bindgen::prelude::wasm_bindgen;
8
9use crate::{
10 VaultParseError,
11 cipher::cipher::{ListOrganizationCiphersResult, PartialCipher},
12 cipher_client::admin::CipherAdminClient,
13};
14
15#[allow(missing_docs)]
16#[bitwarden_error(flat)]
17#[derive(Debug, Error)]
18pub enum GetOrganizationCiphersAdminError {
19 #[error(transparent)]
20 Crypto(#[from] CryptoError),
21 #[error(transparent)]
22 VaultParse(#[from] VaultParseError),
23 #[error(transparent)]
24 Api(#[from] ApiError),
25}
26
27pub async fn list_org_ciphers(
29 org_id: OrganizationId,
30 include_member_items: bool,
31 api_client: &bitwarden_api_api::apis::ApiClient,
32 key_store: &KeyStore<KeyIds>,
33) -> Result<ListOrganizationCiphersResult, GetOrganizationCiphersAdminError> {
34 let api = api_client.ciphers_api();
35 let response: CipherMiniDetailsResponseModelListResponseModel = api
36 .get_organization_ciphers(Some(org_id.into()), Some(include_member_items))
37 .await
38 .map_err(ApiError::from)?;
39 let ciphers = response
40 .data
41 .into_iter()
42 .flatten()
43 .map(|model| model.merge_with_cipher(None))
44 .collect::<Result<Vec<_>, _>>()?;
45
46 let (list_views, _failures) = key_store.decrypt_list_with_failures(&ciphers);
47 Ok(ListOrganizationCiphersResult {
48 ciphers,
49 list_views,
50 })
51}
52
53#[cfg_attr(feature = "wasm", wasm_bindgen)]
54impl CipherAdminClient {
55 pub async fn list_org_ciphers(
56 &self,
57 org_id: OrganizationId,
58 include_member_items: bool,
59 ) -> Result<ListOrganizationCiphersResult, GetOrganizationCiphersAdminError> {
60 list_org_ciphers(
61 org_id,
62 include_member_items,
63 &self.client.internal.get_api_configurations().api_client,
64 self.client.internal.get_key_store(),
65 )
66 .await
67 }
68}
69
70#[cfg(test)]
71mod tests {
72 use bitwarden_api_api::{
73 apis::ApiClient,
74 models::{CipherMiniDetailsResponseModel, CipherMiniDetailsResponseModelListResponseModel},
75 };
76 use bitwarden_core::key_management::{KeyIds, SymmetricKeyId};
77 use bitwarden_crypto::{KeyStore, SymmetricCryptoKey};
78 use chrono::Utc;
79
80 use super::*;
81 use crate::{Cipher, CipherType, Login};
82
83 const TEST_ORG_ID: &str = "1bc9ac1e-f5aa-45f2-94bf-b181009709b8";
84 const TEST_CIPHER_ID_1: &str = "5faa9684-c793-4a2d-8a12-b33900187097";
85 const TEST_CIPHER_ID_2: &str = "6faa9684-c793-4a2d-8a12-b33900187098";
86
87 fn generate_test_cipher() -> Cipher {
88 Cipher {
89 id: TEST_CIPHER_ID_1.parse().ok(),
90 name: "2.pMS6/icTQABtulw52pq2lg==|XXbxKxDTh+mWiN1HjH2N1w==|Q6PkuT+KX/axrgN9ubD5Ajk2YNwxQkgs3WJM0S0wtG8=".parse().unwrap(),
91 r#type: CipherType::Login,
92 notes: Default::default(),
93 organization_id: Default::default(),
94 folder_id: Default::default(),
95 favorite: Default::default(),
96 reprompt: Default::default(),
97 fields: Default::default(),
98 collection_ids: Default::default(),
99 key: Default::default(),
100 login: Some(Login {
101 username: None,
102 password: None,
103 password_revision_date: None,
104 uris: None,
105 totp: None,
106 autofill_on_page_load: None,
107 fido2_credentials: None,
108 }),
109 identity: Default::default(),
110 card: Default::default(),
111 secure_note: Default::default(),
112 ssh_key: Default::default(),
113 organization_use_totp: Default::default(),
114 edit: Default::default(),
115 permissions: Default::default(),
116 view_password: Default::default(),
117 local_data: Default::default(),
118 attachments: Default::default(),
119 password_history: Default::default(),
120 creation_date: Default::default(),
121 deleted_date: Default::default(),
122 revision_date: Default::default(),
123 archived_date: Default::default(),
124 data: Default::default(),
125 }
126 }
127
128 fn mock_api_response(cipher: &Cipher) -> CipherMiniDetailsResponseModel {
129 CipherMiniDetailsResponseModel {
130 id: cipher.id.map(|id| id.into()),
131 name: Some(cipher.name.to_string()),
132 r#type: Some(cipher.r#type.into()),
133 login: cipher.login.clone().map(|l| Box::new(l.into())),
134 creation_date: Some(Utc::now().to_rfc3339()),
135 revision_date: Some(Utc::now().to_rfc3339()),
136 ..Default::default()
137 }
138 }
139
140 fn setup_key_store() -> KeyStore<KeyIds> {
141 let store: KeyStore<KeyIds> = KeyStore::default();
142 #[allow(deprecated)]
143 let _ = store.context_mut().set_symmetric_key(
144 SymmetricKeyId::User,
145 SymmetricCryptoKey::make_aes256_cbc_hmac_key(),
146 );
147 store
148 }
149
150 #[tokio::test]
151 async fn test_list_org_ciphers_all_success() {
152 let cipher_1 = generate_test_cipher();
153 let mut cipher_2 = generate_test_cipher();
154 cipher_2.id = TEST_CIPHER_ID_2.parse().ok();
155
156 let response_1 = mock_api_response(&cipher_1);
157 let response_2 = mock_api_response(&cipher_2);
158
159 let api_client = ApiClient::new_mocked(move |mock| {
160 mock.ciphers_api
161 .expect_get_organization_ciphers()
162 .returning(move |_org_id, _include_member_items| {
163 Ok(CipherMiniDetailsResponseModelListResponseModel {
164 object: None,
165 data: Some(vec![response_1.clone(), response_2.clone()]),
166 continuation_token: None,
167 })
168 });
169 });
170
171 let store = setup_key_store();
172 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), true, &api_client, &store)
173 .await
174 .unwrap();
175
176 assert_eq!(result.ciphers.len(), 2);
177 assert_eq!(result.list_views.len(), 2);
178 assert_eq!(result.ciphers[0].id, TEST_CIPHER_ID_1.parse().ok());
179 assert_eq!(result.ciphers[1].id, TEST_CIPHER_ID_2.parse().ok());
180 }
181
182 #[tokio::test]
183 async fn test_list_org_ciphers_with_failures() {
184 let cipher = generate_test_cipher();
185 let mut cipher_with_bad_key = generate_test_cipher();
186 cipher_with_bad_key.id = TEST_CIPHER_ID_2.parse().ok();
187
188 let response_good = mock_api_response(&cipher);
189 let mut response_bad = mock_api_response(&cipher_with_bad_key);
190 response_bad.key = Some("2.Gg8yCM4IIgykCZyq0O4+cA==|GJLBtfvSJTDJh/F7X4cJPkzI6ccnzJm5DYl3yxOW2iUn7DgkkmzoOe61sUhC5dgVdV0kFqsZPcQ0yehlN1DDsFIFtrb4x7LwzJNIkMgxNyg=|1rGkGJ8zcM5o5D0aIIwAyLsjMLrPsP3EWm3CctBO3Fw=".to_string());
192
193 let api_client = ApiClient::new_mocked(move |mock| {
194 mock.ciphers_api
195 .expect_get_organization_ciphers()
196 .returning(move |_org_id, _include_member_items| {
197 Ok(CipherMiniDetailsResponseModelListResponseModel {
198 object: None,
199 data: Some(vec![response_good.clone(), response_bad.clone()]),
200 continuation_token: None,
201 })
202 });
203 });
204
205 let store = setup_key_store();
206 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), true, &api_client, &store)
207 .await
208 .unwrap();
209
210 assert_eq!(result.ciphers.len(), 2);
212 assert_eq!(result.list_views.len(), 1);
214 }
215
216 #[tokio::test]
217 async fn test_list_org_ciphers_empty() {
218 let api_client = ApiClient::new_mocked(move |mock| {
219 mock.ciphers_api
220 .expect_get_organization_ciphers()
221 .returning(move |_org_id, _include_member_items| {
222 Ok(CipherMiniDetailsResponseModelListResponseModel {
223 object: None,
224 data: Some(vec![]),
225 continuation_token: None,
226 })
227 });
228 });
229
230 let store = setup_key_store();
231 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), false, &api_client, &store)
232 .await
233 .unwrap();
234
235 assert!(result.ciphers.is_empty());
236 assert!(result.list_views.is_empty());
237 }
238}