コード例 #1
0
ファイル: Access.php プロジェクト: vaidasm/vault
 /**
  * Estimates if user should be able to access entry.
  * It's possible, that found key share cannot unlock key
  *
  * @param Entry $entry
  * @return bool
  */
 public function userCanAccessEntry(Entry $entry)
 {
     if (!$this->user) {
         return false;
     }
     return $entry->keyShares()->where('user_id', $this->user->id)->count() > 0;
 }
コード例 #2
0
ファイル: EntryObserver.php プロジェクト: vaidasm/vault
 public function updated(Entry $entry)
 {
     if ($entry->isDirty('data')) {
         $this->log('Updated entry password.', $entry);
     }
     $this->log('Updated entry details.', $entry);
 }
コード例 #3
0
ファイル: DeployKeyController.php プロジェクト: vaidasm/vault
 private function getKey(Request $request, Entry $entry)
 {
     $userAndKey = $this->apiKey->extractKeyAndUser($request);
     $share = $entry->keyShares()->where('user_id', $userAndKey['user']->id)->firstOrFail();
     if ($share) {
         $this->logger->log('entry', 'Accessed entry via API', $entry->id);
         return $entry->toArray() + ['password' => $this->sealer->unseal($entry->data, $share->public, $userAndKey['key'])];
     }
     return null;
 }
コード例 #4
0
ファイル: MigrateOld.php プロジェクト: vaulthq/vault
 /**
  * Execute the console command.
  *
  * @return mixed
  */
 public function handle()
 {
     foreach (User::all() as $user) {
         if (!$user->rsaKey) {
             throw new \RuntimeException('user ' . $user->email . ' has no RSA key. Create it using key:generate:users');
         }
     }
     if (!$this->filesystem->exists(config('app.backup_key'))) {
         $this->warn('Backup key does not exist. We recommend that you create one using key:generate:master');
     }
     $entries = Entry::all();
     foreach ($entries as $entry) {
         $list = $this->accessDecider->getUserListForEntry($entry);
         if ($list->count() == 0) {
             throw new \RuntimeException('Entry #' . $entry->id . ' has no access. Share it.');
         }
     }
     foreach ($entries as $entry) {
         if ($entry->password != '') {
             continue;
         }
         echo $entry->id . '... ';
         $this->entryCrypt->encrypt($entry->password, $entry);
         echo ' encrypted!' . "\n";
     }
 }
コード例 #5
0
ファイル: KeyCheckCommand.php プロジェクト: vaulthq/vault
 /**
  * Execute the console command.
  *
  * @return mixed
  */
 public function handle()
 {
     $key = new PrivateKey($this->fs->get($this->argument('keyPath')));
     $key->unlock(md5($this->ask('What is the master key secret?')));
     $entry = Entry::where('id', $this->argument('id'))->first();
     $masterShare = $entry->keyShares()->whereNull('user_id')->firstOrFail();
     $this->output->writeln("Password:");
     $this->output->writeln($this->sealer->unseal($entry->data, $masterShare->public, $key));
 }
コード例 #6
0
ファイル: AccessDecider.php プロジェクト: vaidasm/vault
 /**
  * @param Entry $entry
  * @return Collection
  */
 public function getUserListForEntry(Entry $entry)
 {
     $list = collect([]);
     $list->push($entry->owner);
     $list->push($entry->project->owner);
     foreach ($entry->shares as $share) {
         $list->push($share->user);
     }
     foreach ($entry->teamShares()->with('team', 'team.users')->get() as $share) {
         $list->push($share->team->owner);
         $list = $list->merge($share->team->users);
     }
     foreach ($entry->project->teams()->with('users')->get() as $team) {
         $list->push($team->owner);
         $list = $list->merge($team->users);
     }
     return $list->unique('id');
 }
コード例 #7
0
 /**
  * Register any other events for your application.
  *
  * @param  \Illuminate\Contracts\Events\Dispatcher  $events
  * @return void
  */
 public function boot(DispatcherContract $events)
 {
     parent::boot($events);
     Event::subscribe('App\\Listeners\\Events\\AuthHistoryLogger');
     Event::subscribe('App\\Listeners\\Events\\UserHistoryLogger');
     Project::observe($this->app->make('App\\Events\\Observer\\ProjectObserver'));
     Entry::observe($this->app->make('App\\Events\\Observer\\EntryObserver'));
     Share::observe($this->app->make('App\\Events\\Observer\\ShareObserver'));
     Team::observe($this->app->make('App\\Events\\Observer\\TeamObserver'));
     EntryTag::observe($this->app->make('App\\Events\\Observer\\EntryTagObserver'));
     EntryTeam::observe($this->app->make('App\\Events\\Observer\\EntryTeamObserver'));
     ProjectTeam::observe($this->app->make('App\\Events\\Observer\\ProjectTeamObserver'));
     UserTeam::observe($this->app->make('App\\Events\\Observer\\UserTeamObserver'));
 }
コード例 #8
0
ファイル: EntryTagController.php プロジェクト: vaidasm/vault
 /**
  * Store a newly created resource in storage.
  *
  * @return Response
  */
 public function store()
 {
     $name = strtoupper(Input::get('name'));
     $color = Input::get('color');
     $entryId = Input::get('entryId');
     $validator = Validator::make(['color' => $color, 'entry_id' => $entryId, 'name' => $name], EntryTag::$rules);
     if ($validator->fails()) {
         return Response::make($validator->messages()->first(), 419);
     }
     $entry = Entry::findOrFail($entryId);
     if ($entry->tags->contains('name', $name)) {
         return Response::make('Tag already present.', 419);
     }
     $model = new EntryTag();
     $model->user_id = Auth::user()->id;
     $model->name = $name;
     $model->color = $color;
     $model->entry_id = $entryId;
     if (!$model->save()) {
         abort(403);
     }
     return $model;
 }
コード例 #9
0
ファイル: ShareController.php プロジェクト: vaidasm/vault
 /**
  * Store a newly created resource in storage.
  *
  * @param EntryCrypt $entryCrypt
  * @return Response
  */
 public function store(EntryCrypt $entryCrypt)
 {
     $userId = Input::get('user_id');
     $entryId = Input::get('id');
     $validator = Validator::make(['user_id' => $userId, 'entry_id' => $entryId], Share::$rules);
     if ($validator->fails()) {
         return Response::make($validator->messages()->first(), 419);
     }
     if (KeyShare::where('user_id', $userId)->where('entry_id', $entryId)->count() > 0) {
         return Response::make('User can already access this key.', 419);
     }
     $entry = Entry::findOrFail($entryId);
     $model = new Share();
     $model->user_by_id = Auth::user()->id;
     $model->user_id = $userId;
     $model->entry_id = $entryId;
     DB::transaction(function () use($model, $entryCrypt, $entry) {
         if (!$model->save()) {
             return Response::json(['flash' => 'Unauthorized.'], 403);
         }
         $entryCrypt->reencrypt($entry);
     });
     return Share::with('user')->where('id', $model->id)->first();
 }
コード例 #10
0
ファイル: EntryObserver.php プロジェクト: vaulthq/vault
 public function deleted(Entry $entry)
 {
     if (!$entry->isPersonal()) {
         $this->log(sprintf('Deleted entry "%s" in project "%s".', $entry->name, $entry->project->name), $entry);
     }
 }
コード例 #11
0
ファイル: ProjectController.php プロジェクト: vaulthq/vault
 /**
  * @return Entry[]
  */
 public function getPersonalKeys()
 {
     return Entry::with('tags')->where('entry.user_id', auth()->user()->id)->whereNull('entry.project_id')->get();
 }
コード例 #12
0
ファイル: EntryController.php プロジェクト: vaidasm/vault
 public function getAccess(Entry $entry)
 {
     $entry->load('keyShares', 'keyShares.user');
     $list = collect([]);
     foreach ($entry->keyShares as $share) {
         $list->push($share->user);
     }
     return $list;
 }
コード例 #13
0
ファイル: ProjectController.php プロジェクト: vaidasm/vault
 /**
  * Return list of keys which belong to project
  *
  * @param Project $model
  * @return mixed
  */
 public function getKeys(Project $model)
 {
     return Entry::with('tags')->where('entry.project_id', $model->id)->get();
 }
コード例 #14
0
ファイル: EntryController.php プロジェクト: vaulthq/vault
 /**
  * Get list of available passwords by domain
  *
  * @param Request $request
  * @return mixed
  */
 public function getByDomain(Request $request)
 {
     $domain = $request->get('domain', null);
     if (is_null($domain)) {
         return [];
     }
     return Entry::where('url', 'like', '%' . $domain . '%')->with('tags')->whereHas('keyShares', function ($q) {
         $q->where('user_id', Auth::user()->id);
     })->get();
 }