1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-10 13:03:55 +00:00

Resolve borrowing issues

This commit is contained in:
Stephen 2025-05-07 07:20:06 -04:00
parent 12c772b197
commit bfc6410ccb

View file

@ -86,7 +86,7 @@ pub fn routes() -> Vec<Route> {
post_collections_update,
post_collections_admin,
put_collections_admin,
bulk_collections
post_bulk_collections
]
}
@ -771,20 +771,11 @@ async fn post_bulk_collections(
headers: Headers,
mut conn: DbConn,
nt: Notify<'_>,
) -> JsonResult {
) -> EmptyResult {
let data: BulkCollectionsData = data.into_inner();
let Some(org) = Organization::find_by_uuid(&data.organization_id, &mut conn).await else {
err!("Organization doesn't exist")
};
if !org.is_admin(&headers.user.uuid, &mut conn).await {
err!("You don't have permission to add item to organization")
}
let mut ciphers = Vec::with_capacity(data.cipher_ids.len());
for cipher_id in data.cipher_ids {
let Some(cipher) = Cipher::find_by_uuid(&cipher_id, &mut conn).await else {
for cipher in &data.cipher_ids {
let Some(cipher) = Cipher::find_by_uuid(cipher, &mut conn).await else {
err!("Cipher doesn't exist")
};
@ -792,25 +783,43 @@ async fn post_bulk_collections(
err!("Cipher is not write accessible")
}
ciphers.push(cipher);
}
for collection_id in data.collection_ids {
let Some(collection) = Collection::find_by_uuid_and_org(&collection_id, &data.organization_id, &mut conn).await else {
err!("Collection doesn't exist")
};
if collection.is_writable_by_user(&headers.user.uuid, &mut conn).await {
for cipher in &ciphers {
if data.remove_collections {
CollectionCipher::delete(&cipher.uuid, &collection.uuid, &mut conn).await?;
} else {
CollectionCipher::save(&cipher.uuid, &collection.uuid, &mut conn).await?;
for collection in &data.collection_ids {
match Collection::find_by_uuid_and_org(collection, &data.organization_id, &mut conn).await {
None => err!("Invalid collection ID provided"),
Some(collection) => {
if collection.is_writable_by_user(&headers.user.uuid, &mut conn).await {
if data.remove_collections {
CollectionCipher::delete(&cipher.uuid, &collection.uuid, &mut conn).await?;
} else {
CollectionCipher::save(&cipher.uuid, &collection.uuid, &mut conn).await?;
}
} else {
err!("No rights to modify the collection")
}
}
}
} else {
err!("No rights to modify the collection")
}
nt.send_cipher_update(
UpdateType::SyncCipherUpdate,
&cipher,
&cipher.update_users_revision(&mut conn).await,
&headers.device.uuid,
Some(data.collection_ids.clone()),
&mut conn,
)
.await;
log_event(
EventType::CipherUpdatedCollections as i32,
&cipher.uuid,
&cipher.organization_uuid.clone().unwrap(),
&headers.user.uuid,
headers.device.atype,
&headers.ip.ip,
&mut conn,
)
.await;
}
Ok(())