topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

More cipher optimization/cleanup

pull/1042/head
Jeremy Lin 5 years ago
parent
35868dd72c
commit
f9a73a9bbe
2 changed files with 22 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 48
      src/db/models/cipher.rs
  2. 7
      src/db/models/organization.rs

48
src/db/models/cipher.rs
View File

@ -270,26 +270,13 @@ impl Cipher {
/// Returns whether this cipher is owned by an org in which the user has full access. /// Returns whether this cipher is owned by an org in which the user has full access.
pub fn is_in_full_access_org(&self, user_uuid: &str, conn: &DbConn) -> bool { pub fn is_in_full_access_org(&self, user_uuid: &str, conn: &DbConn) -> bool {
if self.organization_uuid.is_none() { if let Some(ref org_uuid) = self.organization_uuid {
return false; if let Some(user_org) = UserOrganization::find_by_user_and_org(&user_uuid, &org_uuid, &conn) {
return user_org.has_full_access();
}
} }
let org_uuid = self.organization_uuid.as_ref().unwrap();
let rows = users_organizations::table
.filter(users_organizations::user_uuid.eq(user_uuid))
.filter(users_organizations::org_uuid.eq(org_uuid))
.filter(users_organizations::status.eq(UserOrgStatus::Confirmed as i32))
.filter(
// The user is an org admin or higher.
users_organizations::atype.le(UserOrgType::Admin as i32)
// The user was granted full access to the org by an org owner/admin.
.or(users_organizations::access_all.eq(true))
)
.count()
.first(&**conn)
.ok()
.unwrap_or(0);
rows != 0 false
} }
/// Returns the user's access restrictions to this cipher. A return value /// Returns the user's access restrictions to this cipher. A return value
@ -324,21 +311,18 @@ impl Cipher {
// and `hide_passwords` columns. This could ideally be done as part // and `hide_passwords` columns. This could ideally be done as part
// of the query, but Diesel doesn't support a max() or bool_or() // of the query, but Diesel doesn't support a max() or bool_or()
// function on booleans and this behavior isn't portable anyway. // function on booleans and this behavior isn't portable anyway.
match query.load::<(bool, bool)>(&**conn).ok() { if let Some(vec) = query.load::<(bool, bool)>(&**conn).ok() {
Some(vec) => { let mut read_only = false;
let mut read_only = false; let mut hide_passwords = false;
let mut hide_passwords = false; for (ro, hp) in vec.iter() {
for (ro, hp) in vec.iter() { read_only |= ro;
read_only |= ro; hide_passwords |= hp;
hide_passwords |= hp;
}
Some((read_only, hide_passwords))
},
None => {
// This cipher isn't in any collections accessible to the user.
None
} }
Some((read_only, hide_passwords))
} else {
// This cipher isn't in any collections accessible to the user.
None
} }
} }

7
src/db/models/organization.rs
View File

@ -393,8 +393,13 @@ impl UserOrganization {
Ok(()) Ok(())
} }
pub fn has_status(self, status: UserOrgStatus) -> bool {
self.status == status as i32
}
pub fn has_full_access(self) -> bool { pub fn has_full_access(self) -> bool {
self.access_all || self.atype >= UserOrgType::Admin (self.access_all || self.atype >= UserOrgType::Admin) &&
self.has_status(UserOrgStatus::Confirmed)
} }
pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> { pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {

Write Preview
Loading…
Cancel
Save