public async Task PostPurge([FromBody] CipherPurgeRequestModel model, string organizationId = null) { var user = await _userService.GetUserByPrincipalAsync(User); if (user == null) { throw new UnauthorizedAccessException(); } if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash)) { ModelState.AddModelError("MasterPasswordHash", "Invalid password."); await Task.Delay(2000); throw new BadRequestException(ModelState); } if (string.IsNullOrWhiteSpace(organizationId)) { await _cipherRepository.DeleteByUserIdAsync(user.Id); } else { var orgId = new Guid(organizationId); if (!_currentContext.OrganizationAdmin(orgId)) { throw new NotFoundException(); } await _cipherService.PurgeAsync(orgId); } }
public async Task PostPurge([FromBody] SecretVerificationRequestModel model, string organizationId = null) { var user = await _userService.GetUserByPrincipalAsync(User); if (user == null) { throw new UnauthorizedAccessException(); } if (!await _userService.VerifySecretAsync(user, model.Secret)) { ModelState.AddModelError(string.Empty, "User verification failed."); await Task.Delay(2000); throw new BadRequestException(ModelState); } if (string.IsNullOrWhiteSpace(organizationId)) { await _cipherRepository.DeleteByUserIdAsync(user.Id); } else { var orgId = new Guid(organizationId); if (!await _currentContext.EditAnyCollection(orgId)) { throw new NotFoundException(); } await _cipherService.PurgeAsync(orgId); } }