mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-11-24 13:55:40 +03:00
* Fix #3413: push to users acessing the collections using groups * Notify groups only when enabled
This commit is contained in:
parent
98b2178c7d
commit
a641b48884
2 changed files with 36 additions and 1 deletions
|
@ -273,7 +273,16 @@ impl Cipher {
|
||||||
None => {
|
None => {
|
||||||
// Belongs to Organization, need to update affected users
|
// Belongs to Organization, need to update affected users
|
||||||
if let Some(ref org_uuid) = self.organization_uuid {
|
if let Some(ref org_uuid) = self.organization_uuid {
|
||||||
for user_org in UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await.iter() {
|
// users having access to the collection
|
||||||
|
let mut collection_users =
|
||||||
|
UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await;
|
||||||
|
if CONFIG.org_groups_enabled() {
|
||||||
|
// members of a group having access to the collection
|
||||||
|
let group_users =
|
||||||
|
UserOrganization::find_by_cipher_and_org_with_group(&self.uuid, org_uuid, conn).await;
|
||||||
|
collection_users.extend(group_users);
|
||||||
|
}
|
||||||
|
for user_org in collection_users {
|
||||||
User::update_uuid_revision(&user_org.user_uuid, conn).await;
|
User::update_uuid_revision(&user_org.user_uuid, conn).await;
|
||||||
user_uuids.push(user_org.user_uuid.clone())
|
user_uuids.push(user_org.user_uuid.clone())
|
||||||
}
|
}
|
||||||
|
|
|
@ -768,6 +768,32 @@ impl UserOrganization {
|
||||||
}}
|
}}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn find_by_cipher_and_org_with_group(cipher_uuid: &str, org_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
|
||||||
|
db_run! { conn: {
|
||||||
|
users_organizations::table
|
||||||
|
.filter(users_organizations::org_uuid.eq(org_uuid))
|
||||||
|
.inner_join(groups_users::table.on(
|
||||||
|
groups_users::users_organizations_uuid.eq(users_organizations::uuid)
|
||||||
|
))
|
||||||
|
.left_join(collections_groups::table.on(
|
||||||
|
collections_groups::groups_uuid.eq(groups_users::groups_uuid)
|
||||||
|
))
|
||||||
|
.left_join(groups::table.on(groups::uuid.eq(groups_users::groups_uuid)))
|
||||||
|
.left_join(ciphers_collections::table.on(
|
||||||
|
ciphers_collections::collection_uuid.eq(collections_groups::collections_uuid).and(ciphers_collections::cipher_uuid.eq(&cipher_uuid))
|
||||||
|
|
||||||
|
))
|
||||||
|
.filter(
|
||||||
|
groups::access_all.eq(true).or( // AccessAll via groups
|
||||||
|
ciphers_collections::cipher_uuid.eq(&cipher_uuid) // ..or access to collection via group
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.select(users_organizations::all_columns)
|
||||||
|
.distinct()
|
||||||
|
.load::<UserOrganizationDb>(conn).expect("Error loading user organizations with groups").from_db()
|
||||||
|
}}
|
||||||
|
}
|
||||||
|
|
||||||
pub async fn user_has_ge_admin_access_to_cipher(user_uuid: &str, cipher_uuid: &str, conn: &mut DbConn) -> bool {
|
pub async fn user_has_ge_admin_access_to_cipher(user_uuid: &str, cipher_uuid: &str, conn: &mut DbConn) -> bool {
|
||||||
db_run! { conn: {
|
db_run! { conn: {
|
||||||
users_organizations::table
|
users_organizations::table
|
||||||
|
|
Loading…
Reference in a new issue