[PM-3808] [Storage v2] Add old client/new server backward compatibili…

…ty (#3262) * [PM-3807] feat: add discoverable property to fido2key * [PM-3807] feat: remove standalone Fido2Key * [PM-3807] chore: clean up unusued constant * [PM-3808] feat: add fido2 compatibility check before saving ciphers * Resolved merge conflicts. * Setting minimum version for QA. --------- Co-authored-by: Todd Martin <[email protected]>
bitwarden · Oct 2, 2023 · 5330174 · 5330174
1 parent bc1c106
commit 5330174
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/src/Api/Vault/Controllers/CiphersController.cs b/src/Api/Vault/Controllers/CiphersController.cs
@@ -27,6 +27,8 @@ namespace Bit.Api.Vault.Controllers;
 [Authorize("Application")]
 public class CiphersController : Controller
 {
+    private static readonly Version _fido2KeyCipherMinimumVersion = new Version(Constants.Fido2KeyCipherMinimumVersion);
+
     private readonly ICipherRepository _cipherRepository;
     private readonly ICollectionCipherRepository _collectionCipherRepository;
     private readonly ICipherService _cipherService;
@@ -189,6 +191,14 @@ public async Task<CipherResponseModel> Put(Guid id, [FromBody] CipherRequestMode
                 "then try again.");
         }
 
+        // Temporary protection against old clients overwriting and deleting Fido2Keys
+        // Response model used to re-use logic for parsing 'data' property
+        var cipherModel = new CipherResponseModel(cipher, _globalSettings);
+        if (cipherModel.Login?.Fido2Keys != null && _currentContext.ClientVersion < _fido2KeyCipherMinimumVersion)
+        {
+            throw new BadRequestException("Please update your client to edit this item.");
+        }
+
         await _cipherService.SaveDetailsAsync(model.ToCipherDetails(cipher), userId, model.LastKnownRevisionDate, collectionIds);
 
         var response = new CipherResponseModel(cipher, _globalSettings);

diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs
@@ -20,6 +20,8 @@ public static class Constants
     /// </summary>
     public const int OrganizationSelfHostSubscriptionGracePeriodDays = 60;
 
+    public const string Fido2KeyCipherMinimumVersion = "2023.9.1";
+
     public const string CipherKeyEncryptionMinimumVersion = "2023.9.2";
 }