vividboarder
/
bitwarden_rs
mirror of https://github.com/ViViDboarder/bitwarden_rs.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fixed some errors asigning collections to users

This commit is contained in:
Daniel García 2018-05-11 20:08:02 +02:00
parent 8298795087
commit 032134aabc
3 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/api/core/organizations.rs
View File

@ -118,7 +118,7 @@ fn get_user_collections(headers: Headers, conn: DbConn) -> JsonResult {
fn get_org_collections(org_id: String, headers: Headers, conn: DbConn) -> JsonResult {
Ok(Json(json!({
"Data":
Collection::find_by_organization_and_user_uuid(&org_id, &headers.user.uuid, &conn)
Collection::find_by_organization(&org_id, &conn)
.iter()
.map(|collection| {
collection.to_json()
@ -371,7 +371,7 @@ fn get_user(org_id: String, user_id: String, headers: Headers, conn: DbConn) ->
None => err!("The specified user isn't member of the organization")
};
Ok(Json(user.to_json_details()))
Ok(Json(user.to_json_details(&conn)))
}
#[derive(Deserialize)]
@ -434,15 +434,15 @@ fn edit_user(org_id: String, user_id: String, data: Json<EditUserData>, headers:
user_to_edit.type_ = new_type;
// Delete all the odd collections
for c in Collection::find_by_organization_and_user_uuid(&org_id, &current_user.uuid, &conn) {
CollectionUsers::delete(&current_user.uuid, &c.uuid, &conn);
for c in Collection::find_by_organization_and_user_uuid(&org_id, &user_to_edit.user_uuid, &conn) {
CollectionUsers::delete(&user_to_edit.user_uuid, &c.uuid, &conn);
}
// If no accessAll, add the collections received
if !data.accessAll {
for collection in data.collections.iter() {
// TODO: Check that collection is in org
CollectionUsers::save(&current_user.uuid, &collection.id, collection.readOnly, &conn);
CollectionUsers::save(&user_to_edit.user_uuid, &collection.id, collection.readOnly, &conn);
}
}

15
src/db/models/collection.rs
View File

@ -87,6 +87,12 @@ impl Collection {
Self::find_by_user_uuid(user_uuid, conn).into_iter().filter(|c| c.org_uuid == org_uuid).collect()
}
pub fn find_by_organization(org_uuid: &str, conn: &DbConn) -> Vec<Self> {
collections::table
.filter(collections::org_uuid.eq(org_uuid))
.load::<Self>(&**conn).expect("Error loading collections")
}
pub fn find_by_uuid_and_user(uuid: &str, user_uuid: &str, conn: &DbConn) -> Option<Self> {
users_collections::table.inner_join(collections::table)
.filter(users_collections::collection_uuid.eq(uuid))
@ -111,6 +117,15 @@ pub struct CollectionUsers {
/// Database methods
impl CollectionUsers {
pub fn find_by_organization_and_user_uuid(org_uuid: &str, user_uuid: &str, conn: &DbConn) -> Vec<Self> {
users_collections::table
.filter(users_collections::user_uuid.eq(user_uuid))
.inner_join(collections::table.on(collections::uuid.eq(users_collections::collection_uuid)))
.filter(collections::org_uuid.eq(org_uuid))
.select(users_collections::all_columns)
.load::<Self>(&**conn).expect("Error loading users_collections")
}
pub fn save(user_uuid: &str, collection_uuid: &str, read_only:bool, conn: &DbConn) -> bool {
match diesel::replace_into(users_collections::table)
.values((

16
src/db/models/organization.rs
View File

@ -178,21 +178,29 @@ impl UserOrganization {
"Status": self.status,
"Type": self.type_,
"AccessAll": true,
"AccessAll": self.access_all,
"Object": "organizationUserUserDetails",
})
}
pub fn to_json_details(&self) -> JsonValue {
pub fn to_json_details(&self, conn: &DbConn) -> JsonValue {
let coll_uuids = if self.access_all {
vec![] // If we have complete access, no need to fill the array
} else {
use super::CollectionUsers;
let collections = CollectionUsers::find_by_organization_and_user_uuid(&self.org_uuid, &self.user_uuid, conn);
collections.iter().map(|c| json!({"Id": c.collection_uuid, "ReadOnly": c.read_only})).collect()
};
json!({
"Id": self.uuid,
"UserId": self.user_uuid,
"Status": self.status,
"Type": self.type_,
"AccessAll": true,
"Collections": [],
"AccessAll": self.access_all,
"Collections": coll_uuids,
"Object": "organizationUserDetails",
})