diff options
author | Daniel GarcĂa <[email protected]> | 2023-03-06 21:13:34 +0100 |
---|---|---|
committer | GitHub <[email protected]> | 2023-03-06 21:13:34 +0100 |
commit | a13a5bd1d8c3fea3fce80eba6e8c3aa8880855dd (patch) | |
tree | ab7c5cffde452e2f999643a35ecf2bb7371bb630 | |
parent | 3b34b429f3bfbac551d28926d57138abe66f87c3 (diff) | |
parent | 10c5476d311ed22b53f5ec1ddcdc1f991aa757ac (diff) | |
download | vaultwarden-a13a5bd1d8c3fea3fce80eba6e8c3aa8880855dd.tar.gz vaultwarden-a13a5bd1d8c3fea3fce80eba6e8c3aa8880855dd.zip |
Merge pull request #3315 from BlackDex/issue-3311
Fix web-vault Member UI show/edit/save
-rw-r--r-- | src/api/core/organizations.rs | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index 1353e61b..c79902a9 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -748,8 +748,6 @@ struct GetOrgUserData { include_groups: Option<bool>, } -// includeCollections -// includeGroups #[get("/organizations/<org_id>/users?<data..>")] async fn get_org_users( data: GetOrgUserData, @@ -1229,14 +1227,25 @@ async fn _confirm_invite( save_result } -#[get("/organizations/<org_id>/users/<org_user_id>")] -async fn get_user(org_id: String, org_user_id: String, _headers: AdminHeaders, mut conn: DbConn) -> JsonResult { +#[get("/organizations/<org_id>/users/<org_user_id>?<data..>")] +async fn get_user( + org_id: String, + org_user_id: String, + data: GetOrgUserData, + _headers: AdminHeaders, + mut conn: DbConn, +) -> JsonResult { let user = match UserOrganization::find_by_uuid_and_org(&org_user_id, &org_id, &mut conn).await { Some(user) => user, None => err!("The specified user isn't a member of the organization"), }; - Ok(Json(user.to_json_details(&mut conn).await)) + // In this case, when groups are requested we also need to include collections. + // Else these will not be shown in the interface, and could lead to missing collections when saved. + let include_groups = data.include_groups.unwrap_or(false); + Ok(Json( + user.to_json_user_details(data.include_collections.unwrap_or(include_groups), include_groups, &mut conn).await, + )) } #[derive(Deserialize)] @@ -1244,6 +1253,7 @@ async fn get_user(org_id: String, org_user_id: String, _headers: AdminHeaders, m struct EditUserData { Type: NumberOrString, Collections: Option<Vec<CollectionData>>, + Groups: Option<Vec<String>>, AccessAll: bool, } @@ -1342,6 +1352,13 @@ async fn edit_user( } } + GroupUser::delete_all_by_user(&user_to_edit.uuid, &mut conn).await?; + + for group in data.Groups.iter().flatten() { + let mut group_entry = GroupUser::new(String::from(group), user_to_edit.uuid.clone()); + group_entry.save(&mut conn).await?; + } + log_event( EventType::OrganizationUserUpdated as i32, &user_to_edit.uuid, |