From af236122333fb82138f2ed22aecb4eb439b3fd45 Mon Sep 17 00:00:00 2001 From: matlink Date: Sat, 5 Aug 2023 21:08:16 +0200 Subject: [PATCH] Fix #3413: push to users acessing the collections using groups --- src/db/models/cipher.rs | 8 +++++++- src/db/models/organization.rs | 26 ++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs index f76490b4ab1..b072a7bc103 100644 --- a/src/db/models/cipher.rs +++ b/src/db/models/cipher.rs @@ -273,7 +273,13 @@ impl Cipher { if let Some(ref org_uuid) = self.organization_uuid { for user_org in UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await.iter() { User::update_uuid_revision(&user_org.user_uuid, conn).await; - user_uuids.push(user_org.user_uuid.clone()) + user_uuids.push(user_org.user_uuid.clone()); + } + for user_org in + UserOrganization::find_by_cipher_and_org_with_group(&self.uuid, org_uuid, conn).await.iter() + { + User::update_uuid_revision(&user_org.user_uuid, conn).await; + user_uuids.push(user_org.user_uuid.clone()); } } } diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs index 32ffc43731c..35112381479 100644 --- a/src/db/models/organization.rs +++ b/src/db/models/organization.rs @@ -750,6 +750,32 @@ impl UserOrganization { }} } + pub async fn find_by_cipher_and_org_with_group(cipher_uuid: &str, org_uuid: &str, conn: &mut DbConn) -> Vec { + db_run! { conn: { + users_organizations::table + .filter(users_organizations::org_uuid.eq(org_uuid)) + .inner_join(groups_users::table.on( + groups_users::users_organizations_uuid.eq(users_organizations::uuid) + )) + .left_join(collections_groups::table.on( + collections_groups::groups_uuid.eq(groups_users::groups_uuid) + )) + .left_join(groups::table.on(groups::uuid.eq(groups_users::groups_uuid))) + .left_join(ciphers_collections::table.on( + ciphers_collections::collection_uuid.eq(collections_groups::collections_uuid).and(ciphers_collections::cipher_uuid.eq(&cipher_uuid)) + + )) + .filter( + groups::access_all.eq(true).or( // AccessAll via groups + ciphers_collections::cipher_uuid.eq(&cipher_uuid) // ..or access to collection via group + ) + ) + .select(users_organizations::all_columns) + .distinct() + .load::(conn).expect("Error loading user organizations with groups").from_db() + }} + } + pub async fn user_has_ge_admin_access_to_cipher(user_uuid: &str, cipher_uuid: &str, conn: &mut DbConn) -> bool { db_run! { conn: { users_organizations::table