aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel García <[email protected]>2020-03-20 10:51:17 +0100
committerDaniel García <[email protected]>2020-03-20 10:51:17 +0100
commit94341f9f3f273eaa14b058c310f39dd6536f84cb (patch)
treef982ac8cf8342576f8333fd3fe937ebfd453486a
parentff19fb3426da8813b2a50532efa49a0c4a682777 (diff)
downloadvaultwarden-94341f9f3f273eaa14b058c310f39dd6536f84cb.tar.gz
vaultwarden-94341f9f3f273eaa14b058c310f39dd6536f84cb.zip
Fix token error while accepting invite1.14.1
-rw-r--r--src/api/core/organizations.rs25
1 files changed, 25 insertions, 0 deletions
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
index f54d947c..5c11b265 100644
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@@ -47,6 +47,7 @@ pub fn routes() -> Vec<Route> {
post_delete_user,
post_org_import,
list_policies,
+ list_policies_token,
get_policy,
put_policy,
]
@@ -911,6 +912,30 @@ fn list_policies(org_id: String, _headers: AdminHeaders, conn: DbConn) -> JsonRe
})))
}
+#[get("/organizations/<org_id>/policies/token?<token>")]
+fn list_policies_token(org_id: String, token: String, conn: DbConn) -> JsonResult {
+ let invite = crate::auth::decode_invite(&token)?;
+
+ let invite_org_id = match invite.org_id {
+ Some(invite_org_id) => invite_org_id,
+ None => err!("Invalid token"),
+ };
+
+ if invite_org_id != org_id {
+ err!("Token doesn't match request organization");
+ }
+
+ // TODO: We receive the invite token as ?token=<>, validate it contains the org id
+ let policies = OrgPolicy::find_by_org(&org_id, &conn);
+ let policies_json: Vec<Value> = policies.iter().map(OrgPolicy::to_json).collect();
+
+ Ok(Json(json!({
+ "Data": policies_json,
+ "Object": "list",
+ "ContinuationToken": null
+ })))
+}
+
#[get("/organizations/<org_id>/policies/<pol_type>")]
fn get_policy(org_id: String, pol_type: i32, _headers: AdminHeaders, conn: DbConn) -> JsonResult {
let pol_type_enum = match OrgPolicyType::from_i32(pol_type) {