From daf2696a813fba07a704e9b552b5e5151f64bd4f Mon Sep 17 00:00:00 2001
From: Graham Walker <ghwtx@icloud.com>
Date: Wed, 5 Feb 2025 16:36:18 -0600
Subject: [PATCH] PM-16085 - Increase import limitations (#5275)

* PM-16261 move ImportCiphersAsync to the tools team and create services using CQRS design pattern

* PM-16261 fix renaming methods and add unit tests for succes and bad request exception

* PM-16261 clean up old code from test

* make import limits configurable via appsettings

* PM-16085 fix issue with appSettings converting to globalSettings for new cipher import limits
---
 src/Api/Tools/Controllers/ImportCiphersController.cs | 5 +++--
 src/Api/appsettings.json                             | 5 +++++
 src/Core/Settings/GlobalSettings.cs                  | 8 ++++++++
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/Api/Tools/Controllers/ImportCiphersController.cs b/src/Api/Tools/Controllers/ImportCiphersController.cs
index 4f4e76f6e395..c268500f710a 100644
--- a/src/Api/Tools/Controllers/ImportCiphersController.cs
+++ b/src/Api/Tools/Controllers/ImportCiphersController.cs
@@ -64,8 +64,9 @@ public async Task PostImport([FromQuery] string organizationId,
         [FromBody] ImportOrganizationCiphersRequestModel model)
     {
         if (!_globalSettings.SelfHosted &&
-            (model.Ciphers.Count() > 7000 || model.CollectionRelationships.Count() > 14000 ||
-                model.Collections.Count() > 2000))
+            (model.Ciphers.Count() > _globalSettings.ImportCiphersLimitation.CiphersLimit ||
+             model.CollectionRelationships.Count() > _globalSettings.ImportCiphersLimitation.CollectionRelationshipsLimit ||
+             model.Collections.Count() > _globalSettings.ImportCiphersLimitation.CollectionsLimit))
         {
             throw new BadRequestException("You cannot import this much data at once.");
         }
diff --git a/src/Api/appsettings.json b/src/Api/appsettings.json
index c04539a9fe52..98b210cb1ef1 100644
--- a/src/Api/appsettings.json
+++ b/src/Api/appsettings.json
@@ -56,6 +56,11 @@
       "publicKey": "SECRET",
       "privateKey": "SECRET"
     },
+    "importCiphersLimitation": {
+      "ciphersLimit": 40000,
+      "collectionRelationshipsLimit": 80000,
+      "collectionsLimit": 2000
+    },
     "bitPay": {
       "production": false,
       "token": "SECRET",
diff --git a/src/Core/Settings/GlobalSettings.cs b/src/Core/Settings/GlobalSettings.cs
index d039102eb960..a63a36c1c039 100644
--- a/src/Core/Settings/GlobalSettings.cs
+++ b/src/Core/Settings/GlobalSettings.cs
@@ -70,6 +70,7 @@ public virtual string LicenseDirectory
     public virtual YubicoSettings Yubico { get; set; } = new YubicoSettings();
     public virtual DuoSettings Duo { get; set; } = new DuoSettings();
     public virtual BraintreeSettings Braintree { get; set; } = new BraintreeSettings();
+    public virtual ImportCiphersLimitationSettings ImportCiphersLimitation { get; set; } = new ImportCiphersLimitationSettings();
     public virtual BitPaySettings BitPay { get; set; } = new BitPaySettings();
     public virtual AmazonSettings Amazon { get; set; } = new AmazonSettings();
     public virtual ServiceBusSettings ServiceBus { get; set; } = new ServiceBusSettings();
@@ -521,6 +522,13 @@ public class BraintreeSettings
         public string PrivateKey { get; set; }
     }
 
+    public class ImportCiphersLimitationSettings
+    {
+        public int CiphersLimit { get; set; }
+        public int CollectionRelationshipsLimit { get; set; }
+        public int CollectionsLimit { get; set; }
+    }
+
     public class BitPaySettings
     {
         public bool Production { get; set; }