From fa364c3f2ce47ab78f970d1fa27ffe6c11d0545d Mon Sep 17 00:00:00 2001
From: Ave <ave@ave.zone>
Date: Sun, 8 Nov 2020 01:14:17 +0300
Subject: [PATCH] Ensure that a user is actually in an org when applying
 policies

---
 src/db/models/org_policy.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/db/models/org_policy.rs b/src/db/models/org_policy.rs
index 0004b04..98b01a3 100644
--- a/src/db/models/org_policy.rs
+++ b/src/db/models/org_policy.rs
@@ -4,7 +4,7 @@ use crate::api::EmptyResult;
 use crate::db::DbConn;
 use crate::error::MapResult;
 
-use super::Organization;
+use super::{Organization, UserOrgStatus};
 
 db_object! {
     #[derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset)]
@@ -134,6 +134,9 @@ impl OrgPolicy {
                         users_organizations::org_uuid.eq(org_policies::org_uuid)
                             .and(users_organizations::user_uuid.eq(user_uuid)))
                 )
+                .filter(
+                    users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
+                )
                 .select(org_policies::all_columns)
                 .load::<OrgPolicyDb>(conn)
                 .expect("Error loading org_policy")