Stefan Melmuk
3 months ago
No known key found for this signature in database
GPG Key ID: 817020C608FE9C09
1 changed files with
5 additions and
7 deletions
-
src/api/core/organizations.rs
|
|
|
@ -1818,19 +1818,17 @@ async fn list_policies(org_id: OrganizationId, _headers: AdminHeaders, mut conn: |
|
|
|
|
|
|
|
#[get("/organizations/<org_id>/policies/token?<token>")] |
|
|
|
async fn list_policies_token(org_id: OrganizationId, token: &str, mut conn: DbConn) -> JsonResult { |
|
|
|
// web-vault 2024.6.2 seems to send these values and cause logs to output errors
|
|
|
|
// Catch this and prevent errors in the logs
|
|
|
|
// TODO: CleanUp after 2024.6.x is not used anymore.
|
|
|
|
if org_id.as_ref() == "undefined" && token == "undefined" || org_id.as_ref() == FAKE_ADMIN_UUID { |
|
|
|
return Ok(Json(json!({}))); |
|
|
|
} |
|
|
|
|
|
|
|
let invite = decode_invite(token)?; |
|
|
|
|
|
|
|
if invite.org_id != org_id { |
|
|
|
err!("Token doesn't match request organization"); |
|
|
|
} |
|
|
|
|
|
|
|
// exit early when we have been invited via /admin panel
|
|
|
|
if org_id.as_ref() == FAKE_ADMIN_UUID { |
|
|
|
return Ok(Json(json!({}))); |
|
|
|
} |
|
|
|
|
|
|
|
// TODO: We receive the invite token as ?token=<>, validate it contains the org id
|
|
|
|
let policies = OrgPolicy::find_by_org(&org_id, &mut conn).await; |
|
|
|
let policies_json: Vec<Value> = policies.iter().map(OrgPolicy::to_json).collect(); |
|
|
|
|
