Skip to content

Commit

Permalink
Fix dani-garcia#3413: push to users acessing the collections using gr…
Browse files Browse the repository at this point in the history
…oups
  • Loading branch information
matlink committed Aug 5, 2023
1 parent 3dbfc48 commit af23612
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 1 deletion.
8 changes: 7 additions & 1 deletion src/db/models/cipher.rs
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,13 @@ impl Cipher {
if let Some(ref org_uuid) = self.organization_uuid {
for user_org in UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await.iter() {
User::update_uuid_revision(&user_org.user_uuid, conn).await;
user_uuids.push(user_org.user_uuid.clone())
user_uuids.push(user_org.user_uuid.clone());
}
for user_org in
UserOrganization::find_by_cipher_and_org_with_group(&self.uuid, org_uuid, conn).await.iter()
{
User::update_uuid_revision(&user_org.user_uuid, conn).await;
user_uuids.push(user_org.user_uuid.clone());
}
}
}
Expand Down
26 changes: 26 additions & 0 deletions src/db/models/organization.rs
Original file line number Diff line number Diff line change
Expand Up @@ -750,6 +750,32 @@ impl UserOrganization {
}}
}

pub async fn find_by_cipher_and_org_with_group(cipher_uuid: &str, org_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
db_run! { conn: {
users_organizations::table
.filter(users_organizations::org_uuid.eq(org_uuid))
.inner_join(groups_users::table.on(
groups_users::users_organizations_uuid.eq(users_organizations::uuid)
))
.left_join(collections_groups::table.on(
collections_groups::groups_uuid.eq(groups_users::groups_uuid)
))
.left_join(groups::table.on(groups::uuid.eq(groups_users::groups_uuid)))
.left_join(ciphers_collections::table.on(
ciphers_collections::collection_uuid.eq(collections_groups::collections_uuid).and(ciphers_collections::cipher_uuid.eq(&cipher_uuid))

))
.filter(
groups::access_all.eq(true).or( // AccessAll via groups
ciphers_collections::cipher_uuid.eq(&cipher_uuid) // ..or access to collection via group
)
)
.select(users_organizations::all_columns)
.distinct()
.load::<UserOrganizationDb>(conn).expect("Error loading user organizations with groups").from_db()
}}
}

pub async fn user_has_ge_admin_access_to_cipher(user_uuid: &str, cipher_uuid: &str, conn: &mut DbConn) -> bool {
db_run! { conn: {
users_organizations::table
Expand Down

0 comments on commit af23612

Please sign in to comment.