bitwarden_vault/cipher/cipher_client/admin/
get.rs1use bitwarden_api_api::models::CipherMiniDetailsResponseModelListResponseModel;
2use bitwarden_core::{ApiError, OrganizationId, key_management::KeyIds};
3use bitwarden_crypto::{CryptoError, KeyStore};
4use bitwarden_error::bitwarden_error;
5use thiserror::Error;
6#[cfg(feature = "wasm")]
7use wasm_bindgen::prelude::wasm_bindgen;
8
9use crate::{
10 VaultParseError,
11 cipher::cipher::{ListOrganizationCiphersResult, PartialCipher},
12 cipher_client::admin::CipherAdminClient,
13};
14
15#[allow(missing_docs)]
16#[bitwarden_error(flat)]
17#[derive(Debug, Error)]
18pub enum GetOrganizationCiphersAdminError {
19 #[error(transparent)]
20 Crypto(#[from] CryptoError),
21 #[error(transparent)]
22 VaultParse(#[from] VaultParseError),
23 #[error(transparent)]
24 Api(#[from] ApiError),
25}
26
27pub async fn list_org_ciphers(
29 org_id: OrganizationId,
30 include_member_items: bool,
31 api_client: &bitwarden_api_api::apis::ApiClient,
32 key_store: &KeyStore<KeyIds>,
33) -> Result<ListOrganizationCiphersResult, GetOrganizationCiphersAdminError> {
34 let api = api_client.ciphers_api();
35 let response: CipherMiniDetailsResponseModelListResponseModel = api
36 .get_organization_ciphers(Some(org_id.into()), Some(include_member_items))
37 .await
38 .map_err(ApiError::from)?;
39 let ciphers = response
40 .data
41 .into_iter()
42 .flatten()
43 .map(|model| model.merge_with_cipher(None))
44 .collect::<Result<Vec<_>, _>>()?;
45
46 let (list_views, _failures) = key_store.decrypt_list_with_failures(&ciphers);
47 Ok(ListOrganizationCiphersResult {
48 ciphers,
49 list_views,
50 })
51}
52
53#[cfg_attr(feature = "wasm", wasm_bindgen)]
54impl CipherAdminClient {
55 pub async fn list_org_ciphers(
56 &self,
57 org_id: OrganizationId,
58 include_member_items: bool,
59 ) -> Result<ListOrganizationCiphersResult, GetOrganizationCiphersAdminError> {
60 list_org_ciphers(
61 org_id,
62 include_member_items,
63 &self.client.internal.get_api_configurations().api_client,
64 self.client.internal.get_key_store(),
65 )
66 .await
67 }
68}
69
70#[cfg(test)]
71mod tests {
72 use bitwarden_api_api::{
73 apis::ApiClient,
74 models::{CipherMiniDetailsResponseModel, CipherMiniDetailsResponseModelListResponseModel},
75 };
76 use bitwarden_core::key_management::{KeyIds, SymmetricKeyId};
77 use bitwarden_crypto::{KeyStore, PrimitiveEncryptable, SymmetricCryptoKey};
78 use chrono::Utc;
79
80 use super::*;
81 use crate::{Cipher, CipherType, Login};
82
83 const TEST_ORG_ID: &str = "1bc9ac1e-f5aa-45f2-94bf-b181009709b8";
84 const TEST_CIPHER_ID_1: &str = "5faa9684-c793-4a2d-8a12-b33900187097";
85 const TEST_CIPHER_ID_2: &str = "6faa9684-c793-4a2d-8a12-b33900187098";
86
87 fn generate_test_cipher(store: &KeyStore<KeyIds>) -> Cipher {
88 let mut ctx = store.context();
89 Cipher {
90 id: TEST_CIPHER_ID_1.parse().ok(),
91 name: "Test cipher"
92 .encrypt(&mut ctx, SymmetricKeyId::User)
93 .unwrap(),
94 r#type: CipherType::Login,
95 notes: Default::default(),
96 organization_id: Default::default(),
97 folder_id: Default::default(),
98 favorite: Default::default(),
99 reprompt: Default::default(),
100 fields: Default::default(),
101 collection_ids: Default::default(),
102 key: Default::default(),
103 login: Some(Login {
104 username: None,
105 password: None,
106 password_revision_date: None,
107 uris: None,
108 totp: None,
109 autofill_on_page_load: None,
110 fido2_credentials: None,
111 }),
112 identity: Default::default(),
113 card: Default::default(),
114 secure_note: Default::default(),
115 ssh_key: Default::default(),
116 organization_use_totp: Default::default(),
117 edit: Default::default(),
118 permissions: Default::default(),
119 view_password: Default::default(),
120 local_data: Default::default(),
121 attachments: Default::default(),
122 password_history: Default::default(),
123 creation_date: Default::default(),
124 deleted_date: Default::default(),
125 revision_date: Default::default(),
126 archived_date: Default::default(),
127 data: Default::default(),
128 }
129 }
130
131 fn mock_api_response(cipher: &Cipher) -> CipherMiniDetailsResponseModel {
132 CipherMiniDetailsResponseModel {
133 id: cipher.id.map(|id| id.into()),
134 name: Some(cipher.name.to_string()),
135 r#type: Some(cipher.r#type.into()),
136 login: cipher.login.clone().map(|l| Box::new(l.into())),
137 creation_date: Some(Utc::now().to_rfc3339()),
138 revision_date: Some(Utc::now().to_rfc3339()),
139 ..Default::default()
140 }
141 }
142
143 fn setup_key_store() -> KeyStore<KeyIds> {
144 let store: KeyStore<KeyIds> = KeyStore::default();
145 #[allow(deprecated)]
146 let _ = store.context_mut().set_symmetric_key(
147 SymmetricKeyId::User,
148 SymmetricCryptoKey::make_aes256_cbc_hmac_key(),
149 );
150 store
151 }
152
153 #[tokio::test]
154 async fn test_list_org_ciphers_all_success() {
155 let store = setup_key_store();
156 let cipher_1 = generate_test_cipher(&store);
157 let mut cipher_2 = generate_test_cipher(&store);
158 cipher_2.id = TEST_CIPHER_ID_2.parse().ok();
159
160 let response_1 = mock_api_response(&cipher_1);
161 let response_2 = mock_api_response(&cipher_2);
162
163 let api_client = ApiClient::new_mocked(move |mock| {
164 mock.ciphers_api
165 .expect_get_organization_ciphers()
166 .returning(move |_org_id, _include_member_items| {
167 Ok(CipherMiniDetailsResponseModelListResponseModel {
168 object: None,
169 data: Some(vec![response_1.clone(), response_2.clone()]),
170 continuation_token: None,
171 })
172 });
173 });
174 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), true, &api_client, &store)
175 .await
176 .unwrap();
177
178 assert_eq!(result.ciphers.len(), 2);
179 assert_eq!(result.list_views.len(), 2);
180 assert_eq!(result.ciphers[0].id, TEST_CIPHER_ID_1.parse().ok());
181 assert_eq!(result.ciphers[1].id, TEST_CIPHER_ID_2.parse().ok());
182 }
183
184 #[tokio::test]
185 async fn test_list_org_ciphers_with_failures() {
186 let store = setup_key_store();
187 let cipher = generate_test_cipher(&store);
188 let mut cipher_with_bad_key = generate_test_cipher(&store);
189 cipher_with_bad_key.id = TEST_CIPHER_ID_2.parse().ok();
190
191 let response_good = mock_api_response(&cipher);
192 let mut response_bad = mock_api_response(&cipher_with_bad_key);
193 response_bad.key = Some("2.Gg8yCM4IIgykCZyq0O4+cA==|GJLBtfvSJTDJh/F7X4cJPkzI6ccnzJm5DYl3yxOW2iUn7DgkkmzoOe61sUhC5dgVdV0kFqsZPcQ0yehlN1DDsFIFtrb4x7LwzJNIkMgxNyg=|1rGkGJ8zcM5o5D0aIIwAyLsjMLrPsP3EWm3CctBO3Fw=".to_string());
195
196 let api_client = ApiClient::new_mocked(move |mock| {
197 mock.ciphers_api
198 .expect_get_organization_ciphers()
199 .returning(move |_org_id, _include_member_items| {
200 Ok(CipherMiniDetailsResponseModelListResponseModel {
201 object: None,
202 data: Some(vec![response_good.clone(), response_bad.clone()]),
203 continuation_token: None,
204 })
205 });
206 });
207 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), true, &api_client, &store)
208 .await
209 .unwrap();
210
211 assert_eq!(result.ciphers.len(), 2);
213 assert_eq!(result.list_views.len(), 1);
215 }
216
217 #[tokio::test]
218 async fn test_list_org_ciphers_empty() {
219 let api_client = ApiClient::new_mocked(move |mock| {
220 mock.ciphers_api
221 .expect_get_organization_ciphers()
222 .returning(move |_org_id, _include_member_items| {
223 Ok(CipherMiniDetailsResponseModelListResponseModel {
224 object: None,
225 data: Some(vec![]),
226 continuation_token: None,
227 })
228 });
229 });
230
231 let store = setup_key_store();
232 let result = list_org_ciphers(TEST_ORG_ID.parse().unwrap(), false, &api_client, &store)
233 .await
234 .unwrap();
235
236 assert!(result.ciphers.is_empty());
237 assert!(result.list_views.is_empty());
238 }
239}