1
0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-08 20:12:34 +01:00

Send access check fixes

Adjust checks for max access count, expiration date, and deletion date.
The date checks aren't that important, but the access count check
currently allows one more access than it should.
This commit is contained in:
Jeremy Lin 2021-03-14 23:20:49 -07:00
parent 7436b454db
commit 00d56d7295

View File

@ -197,18 +197,18 @@ fn post_access(access_id: String, data: JsonUpcase<SendAccessData>, conn: DbConn
}; };
if let Some(max_access_count) = send.max_access_count { if let Some(max_access_count) = send.max_access_count {
if send.access_count > max_access_count { if send.access_count >= max_access_count {
err_code!("Max access count reached", 404); err_code!("Max access count reached", 404);
} }
} }
if let Some(expiration) = send.expiration_date { if let Some(expiration) = send.expiration_date {
if Utc::now().naive_utc() > expiration { if Utc::now().naive_utc() >= expiration {
err_code!("Send has expired", 404) err_code!("Send has expired", 404)
} }
} }
if Utc::now().naive_utc() > send.deletion_date { if Utc::now().naive_utc() >= send.deletion_date {
err_code!("Send has been deleted", 404) err_code!("Send has been deleted", 404)
} }
@ -248,18 +248,18 @@ fn post_access_file(
}; };
if let Some(max_access_count) = send.max_access_count { if let Some(max_access_count) = send.max_access_count {
if send.access_count > max_access_count { if send.access_count >= max_access_count {
err_code!("Max access count reached", 404); err_code!("Max access count reached", 404);
} }
} }
if let Some(expiration) = send.expiration_date { if let Some(expiration) = send.expiration_date {
if Utc::now().naive_utc() > expiration { if Utc::now().naive_utc() >= expiration {
err_code!("Send has expired", 404) err_code!("Send has expired", 404)
} }
} }
if Utc::now().naive_utc() > send.deletion_date { if Utc::now().naive_utc() >= send.deletion_date {
err_code!("Send has been deleted", 404) err_code!("Send has been deleted", 404)
} }