Beispiel #1
0
        public async Task PostPurge([FromBody] CipherPurgeRequestModel model, string organizationId = null)
        {
            var user = await _userService.GetUserByPrincipalAsync(User);

            if (user == null)
            {
                throw new UnauthorizedAccessException();
            }

            if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
            {
                ModelState.AddModelError("MasterPasswordHash", "Invalid password.");
                await Task.Delay(2000);

                throw new BadRequestException(ModelState);
            }

            if (string.IsNullOrWhiteSpace(organizationId))
            {
                await _cipherRepository.DeleteByUserIdAsync(user.Id);
            }
            else
            {
                var orgId = new Guid(organizationId);
                if (!_currentContext.OrganizationAdmin(orgId))
                {
                    throw new NotFoundException();
                }
                await _cipherService.PurgeAsync(orgId);
            }
        }
Beispiel #2
0
        public async Task PostPurge([FromBody] SecretVerificationRequestModel model, string organizationId = null)
        {
            var user = await _userService.GetUserByPrincipalAsync(User);

            if (user == null)
            {
                throw new UnauthorizedAccessException();
            }

            if (!await _userService.VerifySecretAsync(user, model.Secret))
            {
                ModelState.AddModelError(string.Empty, "User verification failed.");
                await Task.Delay(2000);

                throw new BadRequestException(ModelState);
            }

            if (string.IsNullOrWhiteSpace(organizationId))
            {
                await _cipherRepository.DeleteByUserIdAsync(user.Id);
            }
            else
            {
                var orgId = new Guid(organizationId);
                if (!await _currentContext.EditAnyCollection(orgId))
                {
                    throw new NotFoundException();
                }
                await _cipherService.PurgeAsync(orgId);
            }
        }