topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix(groups): query full access via group only when necessary 

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
pull/3754/head
Matlink 1 year ago
parent
e314c4e417
commit
4d9ff9a136
1 changed files with 1 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/api/core/organizations.rs

4
src/api/core/organizations.rs
View File

@ -324,9 +324,7 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await;
// check if current user has full access to the organization (either directly or via any group)
let has_full_access_via_group =
CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await;
let has_full_access_to_org = user_org.access_all || has_full_access_via_group;
let has_full_access_to_org = user_org.access_all || (CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await);
for col in Collection::find_by_organization(org_id, &mut conn).await {
// assigned indicates whether the current user has access to the given collection

Write Preview
Loading…
Cancel
Save