saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-08-24 11:43:19 +00:00
Code Activity

improve comments for get_org_collections_details

Browse source
This commit is contained in:
Stefan Melmuk 2024-01-05 04:46:29 +01:00 committed by Matlink
commit 92d2df99f9
1 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/api/core/organizations.rs
View file

@ -320,13 +320,16 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
None => err!("User is not part of organization"), None => err!("User is not part of organization"),
}; };
// get all collection memberships for the current organization
let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await; let coll_users = CollectionUser::find_by_organization(org_id, &mut conn).await;
// check if current user has full access to the organization (either directly or via any group)
let has_full_access_via_group = let has_full_access_via_group =
CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await; CONFIG.org_groups_enabled() && GroupUser::has_full_access_by_member(org_id, &user_org.uuid, &mut conn).await;
let has_full_access = user_org.access_all || has_full_access_via_group; let has_full_access = user_org.access_all || has_full_access_via_group;
for col in Collection::find_by_organization(org_id, &mut conn).await { for col in Collection::find_by_organization(org_id, &mut conn).await {
// get the group details for the given collection
let groups: Vec<Value> = if CONFIG.org_groups_enabled() { let groups: Vec<Value> = if CONFIG.org_groups_enabled() {
CollectionGroup::find_by_collection(&col.uuid, &mut conn) CollectionGroup::find_by_collection(&col.uuid, &mut conn)
.await .await
@ -336,18 +339,18 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose,
}) })
.collect() .collect()
} else { } else {
// The Bitwarden clients seem to call this API regardless of whether groups are enabled,
// so just act as if there are no groups.
Vec::with_capacity(0) Vec::with_capacity(0)
}; };
// assigned indicates whether the current user has access to the given collection
let mut assigned = has_full_access; let mut assigned = has_full_access;
// get the users assigned directly to the given collection
let users: Vec<Value> = coll_users let users: Vec<Value> = coll_users
.iter() .iter()
.filter(|collection_user| collection_user.collection_uuid == col.uuid) .filter(|collection_user| collection_user.collection_uuid == col.uuid)
.map(|collection_user| { .map(|collection_user| {
// Remember `user_uuid` is swapped here with the `user_org.uuid` with a join during the `CollectionUser::find_by_organization` call. // check if the current user is assigned to this collection directly
// We check here if the current user is assigned to this collection or not.
if collection_user.user_uuid == user_org.uuid { if collection_user.user_uuid == user_org.uuid {
assigned = true; assigned = true;
} }