/** * Estimates if user should be able to access entry. * It's possible, that found key share cannot unlock key * * @param Entry $entry * @return bool */ public function userCanAccessEntry(Entry $entry) { if (!$this->user) { return false; } return $entry->keyShares()->where('user_id', $this->user->id)->count() > 0; }
public function updated(Entry $entry) { if ($entry->isDirty('data')) { $this->log('Updated entry password.', $entry); } $this->log('Updated entry details.', $entry); }
private function getKey(Request $request, Entry $entry) { $userAndKey = $this->apiKey->extractKeyAndUser($request); $share = $entry->keyShares()->where('user_id', $userAndKey['user']->id)->firstOrFail(); if ($share) { $this->logger->log('entry', 'Accessed entry via API', $entry->id); return $entry->toArray() + ['password' => $this->sealer->unseal($entry->data, $share->public, $userAndKey['key'])]; } return null; }
/** * Execute the console command. * * @return mixed */ public function handle() { foreach (User::all() as $user) { if (!$user->rsaKey) { throw new \RuntimeException('user ' . $user->email . ' has no RSA key. Create it using key:generate:users'); } } if (!$this->filesystem->exists(config('app.backup_key'))) { $this->warn('Backup key does not exist. We recommend that you create one using key:generate:master'); } $entries = Entry::all(); foreach ($entries as $entry) { $list = $this->accessDecider->getUserListForEntry($entry); if ($list->count() == 0) { throw new \RuntimeException('Entry #' . $entry->id . ' has no access. Share it.'); } } foreach ($entries as $entry) { if ($entry->password != '') { continue; } echo $entry->id . '... '; $this->entryCrypt->encrypt($entry->password, $entry); echo ' encrypted!' . "\n"; } }
/** * Execute the console command. * * @return mixed */ public function handle() { $key = new PrivateKey($this->fs->get($this->argument('keyPath'))); $key->unlock(md5($this->ask('What is the master key secret?'))); $entry = Entry::where('id', $this->argument('id'))->first(); $masterShare = $entry->keyShares()->whereNull('user_id')->firstOrFail(); $this->output->writeln("Password:"); $this->output->writeln($this->sealer->unseal($entry->data, $masterShare->public, $key)); }
/** * @param Entry $entry * @return Collection */ public function getUserListForEntry(Entry $entry) { $list = collect([]); $list->push($entry->owner); $list->push($entry->project->owner); foreach ($entry->shares as $share) { $list->push($share->user); } foreach ($entry->teamShares()->with('team', 'team.users')->get() as $share) { $list->push($share->team->owner); $list = $list->merge($share->team->users); } foreach ($entry->project->teams()->with('users')->get() as $team) { $list->push($team->owner); $list = $list->merge($team->users); } return $list->unique('id'); }
/** * Register any other events for your application. * * @param \Illuminate\Contracts\Events\Dispatcher $events * @return void */ public function boot(DispatcherContract $events) { parent::boot($events); Event::subscribe('App\\Listeners\\Events\\AuthHistoryLogger'); Event::subscribe('App\\Listeners\\Events\\UserHistoryLogger'); Project::observe($this->app->make('App\\Events\\Observer\\ProjectObserver')); Entry::observe($this->app->make('App\\Events\\Observer\\EntryObserver')); Share::observe($this->app->make('App\\Events\\Observer\\ShareObserver')); Team::observe($this->app->make('App\\Events\\Observer\\TeamObserver')); EntryTag::observe($this->app->make('App\\Events\\Observer\\EntryTagObserver')); EntryTeam::observe($this->app->make('App\\Events\\Observer\\EntryTeamObserver')); ProjectTeam::observe($this->app->make('App\\Events\\Observer\\ProjectTeamObserver')); UserTeam::observe($this->app->make('App\\Events\\Observer\\UserTeamObserver')); }
/** * Store a newly created resource in storage. * * @return Response */ public function store() { $name = strtoupper(Input::get('name')); $color = Input::get('color'); $entryId = Input::get('entryId'); $validator = Validator::make(['color' => $color, 'entry_id' => $entryId, 'name' => $name], EntryTag::$rules); if ($validator->fails()) { return Response::make($validator->messages()->first(), 419); } $entry = Entry::findOrFail($entryId); if ($entry->tags->contains('name', $name)) { return Response::make('Tag already present.', 419); } $model = new EntryTag(); $model->user_id = Auth::user()->id; $model->name = $name; $model->color = $color; $model->entry_id = $entryId; if (!$model->save()) { abort(403); } return $model; }
/** * Store a newly created resource in storage. * * @param EntryCrypt $entryCrypt * @return Response */ public function store(EntryCrypt $entryCrypt) { $userId = Input::get('user_id'); $entryId = Input::get('id'); $validator = Validator::make(['user_id' => $userId, 'entry_id' => $entryId], Share::$rules); if ($validator->fails()) { return Response::make($validator->messages()->first(), 419); } if (KeyShare::where('user_id', $userId)->where('entry_id', $entryId)->count() > 0) { return Response::make('User can already access this key.', 419); } $entry = Entry::findOrFail($entryId); $model = new Share(); $model->user_by_id = Auth::user()->id; $model->user_id = $userId; $model->entry_id = $entryId; DB::transaction(function () use($model, $entryCrypt, $entry) { if (!$model->save()) { return Response::json(['flash' => 'Unauthorized.'], 403); } $entryCrypt->reencrypt($entry); }); return Share::with('user')->where('id', $model->id)->first(); }
public function deleted(Entry $entry) { if (!$entry->isPersonal()) { $this->log(sprintf('Deleted entry "%s" in project "%s".', $entry->name, $entry->project->name), $entry); } }
/** * @return Entry[] */ public function getPersonalKeys() { return Entry::with('tags')->where('entry.user_id', auth()->user()->id)->whereNull('entry.project_id')->get(); }
public function getAccess(Entry $entry) { $entry->load('keyShares', 'keyShares.user'); $list = collect([]); foreach ($entry->keyShares as $share) { $list->push($share->user); } return $list; }
/** * Return list of keys which belong to project * * @param Project $model * @return mixed */ public function getKeys(Project $model) { return Entry::with('tags')->where('entry.project_id', $model->id)->get(); }
/** * Get list of available passwords by domain * * @param Request $request * @return mixed */ public function getByDomain(Request $request) { $domain = $request->get('domain', null); if (is_null($domain)) { return []; } return Entry::where('url', 'like', '%' . $domain . '%')->with('tags')->whereHas('keyShares', function ($q) { $q->where('user_id', Auth::user()->id); })->get(); }