1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-22 05:10:29 +01:00
vaultwarden/src/db/models
Matlink 7c3cad197c
Fix #3624: fix manager permission within groups (#3754)
* Fix #3624: fix manager permission within groups

* Query returns UUID only

* Fix issue when user is manager and in a group having access to all collections

* optimize condition check

* fix(groups): renaming and optimizations

* fix: wrong organization group membership detection

* Simplify group membership check

Co-authored-by: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com>

* Remove unused statement

* improve check if the user has access via groups

instead of returning the two lists of member ids and later checking if
they contain the uuid of the current user, we really only care if
the current user has full access via a group or if they have
access to a given collection via a group

* improve comments for get_org_collections_details

* small refactor to make it easier to review

* fix(groups): query full access via group only when necessary

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>

* chore(fmt): apply rustfmt

---------

Co-authored-by: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com>
Co-authored-by: Stefan Melmuk <stefan.melmuk@gmail.com>
Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2024-03-17 22:11:34 +01:00
..
attachment.rs Improve JWT key initialization and avoid saving public key (#4085) 2024-03-17 15:11:20 +01:00
auth_request.rs Fix Login With Device without MasterPassword 2023-09-01 21:03:50 +02:00
cipher.rs prevent side effects if groups are disabled (#4265) 2024-01-25 22:02:07 +01:00
collection.rs prevent side effects if groups are disabled (#4265) 2024-01-25 22:02:07 +01:00
device.rs register missing push devices at login (#3792) 2024-01-30 19:14:25 +01:00
emergency_access.rs Cleanups and Fixes for Emergency Access 2022-12-02 09:44:23 +01:00
event.rs Some Admin Interface updates 2023-02-28 20:43:22 +01:00
favorite.rs Update to diesel2 2022-10-23 00:49:23 +02:00
folder.rs Update to diesel2 2022-10-23 00:49:23 +02:00
group.rs Fix #3624: fix manager permission within groups (#3754) 2024-03-17 22:11:34 +01:00
mod.rs Implement login-with-device 2023-08-13 17:54:18 +02:00
org_policy.rs check if reset policy is enabled 2023-04-06 22:34:05 +02:00
organization.rs enforce 2FA policy on removal of second factor and login (#3803) 2024-01-01 19:41:40 +01:00
send.rs Improve file limit handling (#4242) 2024-01-27 02:43:26 +01:00
two_factor.rs Change timestamp data type. (#4355) 2024-03-17 22:04:37 +01:00
two_factor_incomplete.rs Update to diesel2 2022-10-23 00:49:23 +02:00
user.rs Fix External ID not set during DC Sync 2023-10-21 13:54:48 +02:00