Startsida Utforska Hjälp
Registrera dig Logga in
Apq
/
vaultwarden
spegling av https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Filer Ärenden 0 Wiki
Bläddra i källkod

Fix #3413: push to users accessing the collections using groups (#3757)

* Fix #3413: push to users acessing the collections using groups

* Notify groups only when enabled
Matlink 1 år sedan
förälder
98b2178c7d
incheckning
a641b48884
2 ändrade filer med 36 tillägg och 1 borttagningar
Delad Vy Visa Diff Statistik
  1. 10 1
      src/db/models/cipher.rs
  2. 26 0
      src/db/models/organization.rs

+ 10 - 1
src/db/models/cipher.rs
Visa fil 

@@ -273,7 +273,16 @@ impl Cipher {
 
             None => {
 
                 // Belongs to Organization, need to update affected users
 
                 if let Some(ref org_uuid) = self.organization_uuid {
 
-                    for user_org in UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await.iter() {
 
+                    // users having access to the collection
 
+                    let mut collection_users =
 
+                        UserOrganization::find_by_cipher_and_org(&self.uuid, org_uuid, conn).await;
 
+                    if CONFIG.org_groups_enabled() {
 
+                        // members of a group having access to the collection
 
+                        let group_users =
 
+                            UserOrganization::find_by_cipher_and_org_with_group(&self.uuid, org_uuid, conn).await;
 
+                        collection_users.extend(group_users);
 
+                    }
 
+                    for user_org in collection_users {
 
                         User::update_uuid_revision(&user_org.user_uuid, conn).await;
 
                         user_uuids.push(user_org.user_uuid.clone())
 
                     }

+ 26 - 0
src/db/models/organization.rs
Visa fil 

@@ -768,6 +768,32 @@ impl UserOrganization {
 
         }}
 
     }
 
 
+    pub async fn find_by_cipher_and_org_with_group(cipher_uuid: &str, org_uuid: &str, conn: &mut DbConn) -> Vec<Self> {
 
+        db_run! { conn: {
 
+            users_organizations::table
 
+            .filter(users_organizations::org_uuid.eq(org_uuid))
 
+            .inner_join(groups_users::table.on(
 
+                groups_users::users_organizations_uuid.eq(users_organizations::uuid)
 
+            ))
 
+            .left_join(collections_groups::table.on(
 
+                collections_groups::groups_uuid.eq(groups_users::groups_uuid)
 
+            ))
 
+            .left_join(groups::table.on(groups::uuid.eq(groups_users::groups_uuid)))
 
+            .left_join(ciphers_collections::table.on(
 
+                    ciphers_collections::collection_uuid.eq(collections_groups::collections_uuid).and(ciphers_collections::cipher_uuid.eq(&cipher_uuid))
 
+
 
+                ))
 
+            .filter(
 
+                    groups::access_all.eq(true).or( // AccessAll via groups
 
+                        ciphers_collections::cipher_uuid.eq(&cipher_uuid) // ..or access to collection via group
 
+                    )
 
+                )
 
+                .select(users_organizations::all_columns)
 
+                .distinct()
 
+            .load::<UserOrganizationDb>(conn).expect("Error loading user organizations with groups").from_db()
 
+        }}
 
+    }
 
+
 
     pub async fn user_has_ge_admin_access_to_cipher(user_uuid: &str, cipher_uuid: &str, conn: &mut DbConn) -> bool {
 
         db_run! { conn: {
 
             users_organizations::table