Fix collections not editable by managers

Since a newer version of the web-vault we use manager were not able to create sub collections anymore. This was because of some missing details in the response of some json objects. This commit fixes this by using the `to_json_details` instead of the `to_json` Fixes #5066 Fixes #5044
6 months ago · 0cc865efdb
2 changed files with 28 additions and 2 deletions
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@ -358,7 +358,7 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
            Vec::with_capacity(0)
        };

-        let mut json_object = col.to_json();
+        let mut json_object = col.to_json_details(&headers.user.uuid, None, &mut conn).await;
        json_object["assigned"] = json!(assigned);
        json_object["users"] = json!(users);
        json_object["groups"] = json!(groups);
@ -680,7 +680,7 @@ async fn get_org_collection_detail(

            let assigned = Collection::can_access_collection(&user_org, &collection.uuid, &mut conn).await;

-            let mut json_object = collection.to_json();
+            let mut json_object = collection.to_json_details(&headers.user.uuid, None, &mut conn).await;
            json_object["assigned"] = json!(assigned);
            json_object["users"] = json!(users);
            json_object["groups"] = json!(groups);
--- a/src/db/models/organization.rs
+++ b/src/db/models/organization.rs
@ -504,6 +504,25 @@ impl UserOrganization {
            Vec::with_capacity(0)
        };

+        let permissions = json!({
+            // TODO: Add support for Custom User Roles
+            // See: https://bitwarden.com/help/article/user-types-access-control/#custom-role
+            "accessEventLogs": false,
+            "accessImportExport": false,
+            "accessReports": false,
+            "createNewCollections": false,
+            "editAnyCollection": false,
+            "deleteAnyCollection": false,
+            "editAssignedCollections": false,
+            "deleteAssignedCollections": false,
+            "manageGroups": false,
+            "managePolicies": false,
+            "manageSso": false, // Not supported
+            "manageUsers": false,
+            "manageResetPassword": false,
+            "manageScim": false // Not supported (Not AGPLv3 Licensed)
+        });
+
        json!({
            "id": self.uuid,
            "userId": self.user_uuid,
@ -519,6 +538,13 @@ impl UserOrganization {
            "accessAll": self.access_all,
            "twoFactorEnabled": twofactor_enabled,
            "resetPasswordEnrolled": self.reset_password_key.is_some(),
+            "hasMasterPassword": !user.password_hash.is_empty(),
+
+            "permissions": permissions,
+
+            "ssoBound": false, // Not supported
+            "usesKeyConnector": false, // Not supported
+            "accessSecretsManager": false, // Not supported (Not AGPLv3 Licensed)

            "object": "organizationUserUserDetails",
        })