Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2025-01-30 09:58:57 +01:00
Allow all manager to create collections again (#5488)
* Allow all manager to create collections again This commit checks if the member is a manager or better, and if so allows it to createCollections. We actually check if it is less then a Manager, since the `limitCollectionCreation` should be set to false to allow it and true to prevent. This should fix an issue discussed in #5484 Signed-off-by: BlackDex <black.dex@gmail.com> * Fix some small issues Signed-off-by: BlackDex <black.dex@gmail.com> --------- Signed-off-by: BlackDex <black.dex@gmail.com>
Dieser Commit ist enthalten in:
Mathijs van Veluw
GitHub
Ursprung
663f88e717
Commit
3c29f82974
3 geänderte Dateien mit 19 neuen und 15 gelöschten Zeilen
|
|
@ -485,7 +485,7 @@ async fn post_organization_collections(
|
||||||
CollectionUser::save(&headers.membership.user_uuid, &collection.uuid, false, false, false, &mut conn).await?;
|
CollectionUser::save(&headers.membership.user_uuid, &collection.uuid, false, false, false, &mut conn).await?;
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(Json(collection.to_json()))
|
Ok(Json(collection.to_json_details(&headers.membership.user_uuid, None, &mut conn).await))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[put("/organizations/<org_id>/collections/<col_id>", data = "<data>")]
|
#[put("/organizations/<org_id>/collections/<col_id>", data = "<data>")]
|
||||||
|
|
@ -722,18 +722,19 @@ async fn get_org_collection_detail(
|
||||||
.map(|m| (m.uuid, m.atype))
|
.map(|m| (m.uuid, m.atype))
|
||||||
.collect();
|
.collect();
|
||||||
|
|
||||||
let users: Vec<Value> =
|
let users: Vec<Value> = CollectionUser::find_by_org_and_coll_swap_user_uuid_with_member_uuid(
|
||||||
CollectionUser::find_by_collection_swap_user_uuid_with_member_uuid(&collection.uuid, &mut conn)
|
&org_id,
|
||||||
.await
|
&collection.uuid,
|
||||||
.iter()
|
&mut conn,
|
||||||
.map(|collection_member| {
|
)
|
||||||
collection_member.to_json_details_for_member(
|
.await
|
||||||
*membership_type
|
.iter()
|
||||||
.get(&collection_member.membership_uuid)
|
.map(|collection_member| {
|
||||||
.unwrap_or(&(MembershipType::User as i32)),
|
collection_member.to_json_details_for_member(
|
||||||
)
|
*membership_type.get(&collection_member.membership_uuid).unwrap_or(&(MembershipType::User as i32)),
|
||||||
})
|
)
|
||||||
.collect();
|
})
|
||||||
|
.collect();
|
||||||
|
|
||||||
let assigned = Collection::can_access_collection(&member, &collection.uuid, &mut conn).await;
|
let assigned = Collection::can_access_collection(&member, &collection.uuid, &mut conn).await;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -589,6 +589,7 @@ impl CollectionUser {
|
||||||
.inner_join(collections::table.on(collections::uuid.eq(users_collections::collection_uuid)))
|
.inner_join(collections::table.on(collections::uuid.eq(users_collections::collection_uuid)))
|
||||||
.filter(collections::org_uuid.eq(org_uuid))
|
.filter(collections::org_uuid.eq(org_uuid))
|
||||||
.inner_join(users_organizations::table.on(users_organizations::user_uuid.eq(users_collections::user_uuid)))
|
.inner_join(users_organizations::table.on(users_organizations::user_uuid.eq(users_collections::user_uuid)))
|
||||||
|
.filter(users_organizations::org_uuid.eq(org_uuid))
|
||||||
.select((users_organizations::uuid, users_collections::collection_uuid, users_collections::read_only, users_collections::hide_passwords, users_collections::manage))
|
.select((users_organizations::uuid, users_collections::collection_uuid, users_collections::read_only, users_collections::hide_passwords, users_collections::manage))
|
||||||
.load::<CollectionUserDb>(conn)
|
.load::<CollectionUserDb>(conn)
|
||||||
.expect("Error loading users_collections")
|
.expect("Error loading users_collections")
|
||||||
|
|
@ -685,13 +686,15 @@ impl CollectionUser {
|
||||||
}}
|
}}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn find_by_collection_swap_user_uuid_with_member_uuid(
|
pub async fn find_by_org_and_coll_swap_user_uuid_with_member_uuid(
|
||||||
|
org_uuid: &OrganizationId,
|
||||||
collection_uuid: &CollectionId,
|
collection_uuid: &CollectionId,
|
||||||
conn: &mut DbConn,
|
conn: &mut DbConn,
|
||||||
) -> Vec<CollectionMembership> {
|
) -> Vec<CollectionMembership> {
|
||||||
let col_users = db_run! { conn: {
|
let col_users = db_run! { conn: {
|
||||||
users_collections::table
|
users_collections::table
|
||||||
.filter(users_collections::collection_uuid.eq(collection_uuid))
|
.filter(users_collections::collection_uuid.eq(collection_uuid))
|
||||||
|
.filter(users_organizations::org_uuid.eq(org_uuid))
|
||||||
.inner_join(users_organizations::table.on(users_organizations::user_uuid.eq(users_collections::user_uuid)))
|
.inner_join(users_organizations::table.on(users_organizations::user_uuid.eq(users_collections::user_uuid)))
|
||||||
.select((users_organizations::uuid, users_collections::collection_uuid, users_collections::read_only, users_collections::hide_passwords, users_collections::manage))
|
.select((users_organizations::uuid, users_collections::collection_uuid, users_collections::read_only, users_collections::hide_passwords, users_collections::manage))
|
||||||
.load::<CollectionUserDb>(conn)
|
.load::<CollectionUserDb>(conn)
|
||||||
|
|
|
||||||
|
|
@ -464,7 +464,7 @@ impl Membership {
|
||||||
"familySponsorshipValidUntil": null,
|
"familySponsorshipValidUntil": null,
|
||||||
"familySponsorshipToDelete": null,
|
"familySponsorshipToDelete": null,
|
||||||
"accessSecretsManager": false,
|
"accessSecretsManager": false,
|
||||||
"limitCollectionCreation": true,
|
"limitCollectionCreation": self.atype < MembershipType::Manager, // If less then a manager return true, to limit collection creations
|
||||||
"limitCollectionCreationDeletion": true,
|
"limitCollectionCreationDeletion": true,
|
||||||
"limitCollectionDeletion": true,
|
"limitCollectionDeletion": true,
|
||||||
"allowAdminAccessToAllCollectionItems": true,
|
"allowAdminAccessToAllCollectionItems": true,
|
||||||
|
|
|
||||||
Laden …
Tabelle hinzufügen
In neuem Issue referenzieren