Mirrors/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-13 13:47:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

improve access to collections via groups (#4441)

Browse Source 
* refactor get_org_collections_details

* improve access to collection check

* fix get_org_collection_detail too
This commit is contained in:
Stefan Melmuk
2024-04-27 22:09:00 +02:00
committed by GitHub
parent 84a7c7da5d
commit 9dcc738f85
3 changed files with 23 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/auth.rs
View File

@ -689,7 +689,7 @@ impl<'r> FromRequest<'r> for ManagerHeaders {
_ => err_handler!("Error getting DB"),
};
if !can_access_collection(&headers.org_user, &col_id, &mut conn).await {
if !Collection::can_access_collection(&headers.org_user, &col_id, &mut conn).await {
err_handler!("The current user isn't a manager for this collection")
}
}
@ -762,10 +762,6 @@ impl From<ManagerHeadersLoose> for Headers {
}
}
}
async fn can_access_collection(org_user: &UserOrganization, col_id: &str, conn: &mut DbConn) -> bool {
org_user.has_full_access()
|| Collection::has_access_by_collection_and_user_uuid(col_id, &org_user.user_uuid, conn).await
}
impl ManagerHeaders {
pub async fn from_loose(
@ -777,7 +773,7 @@ impl ManagerHeaders {
if uuid::Uuid::parse_str(col_id).is_err() {
err!("Collection Id is malformed!");
}
if !can_access_collection(&h.org_user, col_id, conn).await {
if !Collection::can_access_collection(&h.org_user, col_id, conn).await {
err!("You don't have access to all collections!");
}
}