Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-16 04:12:53 +01:00
Fixed issue #908
The organization uuid is most of the time within the uri path as a parameter. But sometimes it only is there as a query value. This fix checks both, and returns the uuid when possible.
Dieser Commit ist enthalten in:
Ursprung
669b101e6a
Commit
baac8d9627
1 geänderte Dateien mit 50 neuen und 51 gelöschten Zeilen
47
src/auth.rs
47
src/auth.rs
|
@ -307,6 +307,25 @@ pub struct OrgHeaders {
|
||||||
pub org_user_type: UserOrgType,
|
pub org_user_type: UserOrgType,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// org_id is usually the second param ("/organizations/<org_id>")
|
||||||
|
// But there are cases where it is located in a query value.
|
||||||
|
// First check the param, if this is not a valid uuid, we will try the query value.
|
||||||
|
fn get_org_id(request: &Request) -> Option<String> {
|
||||||
|
if let Some(Ok(org_id)) = request.get_param::<String>(1) {
|
||||||
|
if uuid::Uuid::parse_str(&org_id).is_ok() {
|
||||||
|
return Some(org_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if let Some(Ok(org_id)) = request.get_query_value::<String>("organizationId") {
|
||||||
|
if uuid::Uuid::parse_str(&org_id).is_ok() {
|
||||||
|
return Some(org_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
None
|
||||||
|
}
|
||||||
|
|
||||||
impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
|
impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
|
||||||
type Error = &'static str;
|
type Error = &'static str;
|
||||||
|
|
||||||
|
@ -315,28 +334,8 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
|
||||||
Outcome::Forward(_) => Outcome::Forward(()),
|
Outcome::Forward(_) => Outcome::Forward(()),
|
||||||
Outcome::Failure(f) => Outcome::Failure(f),
|
Outcome::Failure(f) => Outcome::Failure(f),
|
||||||
Outcome::Success(headers) => {
|
Outcome::Success(headers) => {
|
||||||
// org_id is usually the second param ("/organizations/<org_id>")
|
match get_org_id(request) {
|
||||||
// But there are cases where it is located in a query value.
|
Some(org_id) => {
|
||||||
// First check the param, if this is not a valid uuid, we will try the query value.
|
|
||||||
let query_org_id = match request.get_query_value::<String>("organizationId") {
|
|
||||||
Some(Ok(query_org_id)) => { query_org_id }
|
|
||||||
_ => { "".into() }
|
|
||||||
};
|
|
||||||
let param_org_id = match request.get_param::<String>(1) {
|
|
||||||
Some(Ok(param_org_id)) => { param_org_id }
|
|
||||||
_ => { "".into() }
|
|
||||||
};
|
|
||||||
|
|
||||||
let org_uuid: _ = match uuid::Uuid::parse_str(¶m_org_id) {
|
|
||||||
Ok(uuid) => uuid,
|
|
||||||
_ => match uuid::Uuid::parse_str(&query_org_id) {
|
|
||||||
Ok(uuid) => uuid,
|
|
||||||
_ => err_handler!("Error getting the organization id"),
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
let org_id: &str = &org_uuid.to_string();
|
|
||||||
if !org_id.is_empty() {
|
|
||||||
let conn = match request.guard::<DbConn>() {
|
let conn = match request.guard::<DbConn>() {
|
||||||
Outcome::Success(conn) => conn,
|
Outcome::Success(conn) => conn,
|
||||||
_ => err_handler!("Error getting DB"),
|
_ => err_handler!("Error getting DB"),
|
||||||
|
@ -367,8 +366,8 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
} else {
|
},
|
||||||
err_handler!("Error getting the organization id")
|
_ => err_handler!("Error getting the organization id"),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Laden …
In neuem Issue referenzieren