From ff33534c07ba05184fbb2adf562334ac56686c55 Mon Sep 17 00:00:00 2001 From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> Date: Wed, 13 Nov 2024 19:19:19 +0100 Subject: [PATCH] don't infer manage permission for groups (#5190) the web-vault v2024.6.2 currently cannot deal with manage permission so instead of relying on the org user type this should just default to false --- src/api/core/organizations.rs | 8 ++++---- src/db/models/group.rs | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index 402e76174c..96ff9805d8 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -2305,14 +2305,14 @@ async fn _restore_organization_user( } #[get("/organizations//groups")] -async fn get_groups(org_id: &str, headers: ManagerHeadersLoose, mut conn: DbConn) -> JsonResult { +async fn get_groups(org_id: &str, _headers: ManagerHeadersLoose, mut conn: DbConn) -> JsonResult { let groups: Vec = if CONFIG.org_groups_enabled() { // Group::find_by_organization(&org_id, &mut conn).await.iter().map(Group::to_json).collect::() let groups = Group::find_by_organization(org_id, &mut conn).await; let mut groups_json = Vec::with_capacity(groups.len()); for g in groups { - groups_json.push(g.to_json_details(&headers.org_user.atype, &mut conn).await) + groups_json.push(g.to_json_details(&mut conn).await) } groups_json } else { @@ -2500,7 +2500,7 @@ async fn add_update_group( } #[get("/organizations/<_org_id>/groups//details")] -async fn get_group_details(_org_id: &str, group_id: &str, headers: AdminHeaders, mut conn: DbConn) -> JsonResult { +async fn get_group_details(_org_id: &str, group_id: &str, _headers: AdminHeaders, mut conn: DbConn) -> JsonResult { if !CONFIG.org_groups_enabled() { err!("Group support is disabled"); } @@ -2510,7 +2510,7 @@ async fn get_group_details(_org_id: &str, group_id: &str, headers: AdminHeaders, _ => err!("Group could not be found!"), }; - Ok(Json(group.to_json_details(&(headers.org_user_type as i32), &mut conn).await)) + Ok(Json(group.to_json_details(&mut conn).await)) } #[post("/organizations//groups//delete")] diff --git a/src/db/models/group.rs b/src/db/models/group.rs index 66ad338a51..e226512d15 100644 --- a/src/db/models/group.rs +++ b/src/db/models/group.rs @@ -1,4 +1,4 @@ -use super::{User, UserOrgType, UserOrganization}; +use super::{User, UserOrganization}; use crate::api::EmptyResult; use crate::db::DbConn; use crate::error::MapResult; @@ -73,7 +73,7 @@ impl Group { }) } - pub async fn to_json_details(&self, user_org_type: &i32, conn: &mut DbConn) -> Value { + pub async fn to_json_details(&self, conn: &mut DbConn) -> Value { let collections_groups: Vec = CollectionGroup::find_by_group(&self.uuid, conn) .await .iter() @@ -82,7 +82,7 @@ impl Group { "id": entry.collections_uuid, "readOnly": entry.read_only, "hidePasswords": entry.hide_passwords, - "manage": *user_org_type >= UserOrgType::Admin || (*user_org_type == UserOrgType::Manager && !entry.read_only && !entry.hide_passwords) + "manage": false }) }) .collect();