From de76f30e9dd1dfe71514cd5a2063fe40e606e6c9 Mon Sep 17 00:00:00 2001 From: Shaharyar Shamshi Date: Mon, 4 Nov 2024 12:05:53 +0530 Subject: [PATCH 1/3] fix the softdelete issue for the shared secret get by id --- .../secret-sharing/secret-sharing-dal.ts | 17 +++++++++++++++++ .../secret-sharing/secret-sharing-service.ts | 7 ++++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/backend/src/services/secret-sharing/secret-sharing-dal.ts b/backend/src/services/secret-sharing/secret-sharing-dal.ts index 5c690b2667..3acb3b6351 100644 --- a/backend/src/services/secret-sharing/secret-sharing-dal.ts +++ b/backend/src/services/secret-sharing/secret-sharing-dal.ts @@ -82,11 +82,28 @@ export const secretSharingDALFactory = (db: TDbClient) => { } }; + const softDeleteByIdentifier = async (identifier: string) => { + try { + await db(TableName.SecretSharing).where({ identifier }).update({ + encryptedValue: "", + iv: "", + tag: "" + }); + } catch (error) { + console.log(error); + throw new DatabaseError({ + error, + name: "Soft Delete Shared Secret By Identifier" + }); + } + }; + return { ...sharedSecretOrm, countAllUserOrgSharedSecrets, pruneExpiredSharedSecrets, softDeleteById, + softDeleteByIdentifier, findActiveSharedSecrets }; }; diff --git a/backend/src/services/secret-sharing/secret-sharing-service.ts b/backend/src/services/secret-sharing/secret-sharing-service.ts index 171ab54db5..6df6ba015e 100644 --- a/backend/src/services/secret-sharing/secret-sharing-service.ts +++ b/backend/src/services/secret-sharing/secret-sharing-service.ts @@ -211,9 +211,14 @@ export const secretSharingServiceFactory = ({ // all secrets pass through here, meaning we check if its expired first and then check if it needs verification // or can be safely sent to the client. + if (expiresAt !== null && expiresAt < new Date()) { // check lifetime expiry - await secretSharingDAL.softDeleteById(sharedSecretId); + if (isUuidV4(sharedSecretId)) { + await secretSharingDAL.softDeleteById(sharedSecretId); + } else { + await secretSharingDAL.softDeleteByIdentifier(Buffer.from(sharedSecretId, "base64url").toString("hex")); + } throw new ForbiddenRequestError({ message: "Access denied: Secret has expired by lifetime" }); From 9beb2ba37bfcff2844c88e0e2d151f519230c14f Mon Sep 17 00:00:00 2001 From: Shaharyar Shamshi Date: Mon, 4 Nov 2024 12:07:40 +0530 Subject: [PATCH 2/3] fix the softdelete issue for the shared secret get by id --- backend/src/services/secret-sharing/secret-sharing-dal.ts | 1 - backend/src/services/secret-sharing/secret-sharing-service.ts | 1 - 2 files changed, 2 deletions(-) diff --git a/backend/src/services/secret-sharing/secret-sharing-dal.ts b/backend/src/services/secret-sharing/secret-sharing-dal.ts index 3acb3b6351..19f4d83486 100644 --- a/backend/src/services/secret-sharing/secret-sharing-dal.ts +++ b/backend/src/services/secret-sharing/secret-sharing-dal.ts @@ -90,7 +90,6 @@ export const secretSharingDALFactory = (db: TDbClient) => { tag: "" }); } catch (error) { - console.log(error); throw new DatabaseError({ error, name: "Soft Delete Shared Secret By Identifier" diff --git a/backend/src/services/secret-sharing/secret-sharing-service.ts b/backend/src/services/secret-sharing/secret-sharing-service.ts index 6df6ba015e..4f1dd876e1 100644 --- a/backend/src/services/secret-sharing/secret-sharing-service.ts +++ b/backend/src/services/secret-sharing/secret-sharing-service.ts @@ -211,7 +211,6 @@ export const secretSharingServiceFactory = ({ // all secrets pass through here, meaning we check if its expired first and then check if it needs verification // or can be safely sent to the client. - if (expiresAt !== null && expiresAt < new Date()) { // check lifetime expiry if (isUuidV4(sharedSecretId)) { From ac61dc69529f924df7c4aea47cb2b1920c83417a Mon Sep 17 00:00:00 2001 From: Shaharyar Shamshi Date: Mon, 4 Nov 2024 12:17:13 +0530 Subject: [PATCH 3/3] fix the softdelete issue for the shared secret get by id --- .../src/services/secret-sharing/secret-sharing-service.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/backend/src/services/secret-sharing/secret-sharing-service.ts b/backend/src/services/secret-sharing/secret-sharing-service.ts index 4f1dd876e1..bdfb614697 100644 --- a/backend/src/services/secret-sharing/secret-sharing-service.ts +++ b/backend/src/services/secret-sharing/secret-sharing-service.ts @@ -225,7 +225,11 @@ export const secretSharingServiceFactory = ({ if (expiresAfterViews !== null && expiresAfterViews === 0) { // check view count expiry - await secretSharingDAL.softDeleteById(sharedSecretId); + if (isUuidV4(sharedSecretId)) { + await secretSharingDAL.softDeleteById(sharedSecretId); + } else { + await secretSharingDAL.softDeleteByIdentifier(Buffer.from(sharedSecretId, "base64url").toString("hex")); + } throw new ForbiddenRequestError({ message: "Access denied: Secret has expired by view count" });