saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-08-30 14:34:48 +00:00
Code Activity

Allow non-Admin user to share to collection (fixes #157)

Browse source
This commit is contained in:
Miroslav Prasil 2018-08-28 23:13:41 +01:00
commit 5c7124ff95
1 changed files with 15 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/api/core/ciphers.rs
View file

@ -132,8 +132,8 @@ fn post_ciphers(data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn) ->
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }
fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, is_new_or_shared: bool, conn: &DbConn) -> EmptyResult { fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, new_or_shared_directly: bool, conn: &DbConn) -> EmptyResult {
if is_new_or_shared { if new_or_shared_directly { // Cipher is new or shared to Organization directly (not to Collection)
if let Some(org_id) = data.OrganizationId { if let Some(org_id) = data.OrganizationId {
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) { match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
None => err!("You don't have permission to add item to organization"), None => err!("You don't have permission to add item to organization"),
@ -147,6 +147,9 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
} else { } else {
cipher.user_uuid = Some(headers.user.uuid.clone()); cipher.user_uuid = Some(headers.user.uuid.clone());
} }
} else if let Some(org_uuid) = data.OrganizationId { // Shared to collection, but still belongs to Organization
cipher.organization_uuid = Some(org_uuid);
cipher.user_uuid = None;
} }
if let Some(ref folder_id) = data.FolderId { if let Some(ref folder_id) = data.FolderId {
@ -422,22 +425,28 @@ fn share_cipher_by_uuid(uuid: &str, data: ShareCipherData, headers: &Headers, co
None => err!("Cipher doesn't exist") None => err!("Cipher doesn't exist")
}; };
match data.Cipher.OrganizationId { match data.Cipher.OrganizationId.clone() {
None => err!("Organization id not provided"), None => err!("Organization id not provided"),
Some(_) => { Some(organization_uuid) => {
update_cipher_from_data(&mut cipher, data.Cipher, &headers, true, &conn)?; let mut shared_directly = true;
for uuid in &data.CollectionIds { for uuid in &data.CollectionIds {
match Collection::find_by_uuid(uuid, &conn) { match Collection::find_by_uuid(uuid, &conn) {
None => err!("Invalid collection ID provided"), None => err!("Invalid collection ID provided"),
Some(collection) => { Some(collection) => {
if collection.is_writable_by_user(&headers.user.uuid, &conn) { if collection.is_writable_by_user(&headers.user.uuid, &conn) {
CollectionCipher::save(&cipher.uuid.clone(), &collection.uuid, &conn); if collection.org_uuid == organization_uuid {
CollectionCipher::save(&cipher.uuid.clone(), &collection.uuid, &conn);
shared_directly = false;
} else {
err!("Collection does not belong to organization")
}
} else { } else {
err!("No rights to modify the collection") err!("No rights to modify the collection")
} }
} }
} }
} }
update_cipher_from_data(&mut cipher, data.Cipher, &headers, shared_directly, &conn)?;
Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn))) Ok(Json(cipher.to_json(&headers.host, &headers.user.uuid, &conn)))
} }