summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Melmuk <[email protected]>2024-09-18 19:00:10 +0200
committerGitHub <[email protected]>2024-09-18 19:00:10 +0200
commit1031c2e2863414ff7a1bedb33f458ebed19859bf (patch)
tree6da44fa9125ad6419bcd16ee4f1915558e7761b4
parent1bf85201e728f9d60d688b846203c1ed45e575ab (diff)
downloadvaultwarden-1031c2e2863414ff7a1bedb33f458ebed19859bf.tar.gz
vaultwarden-1031c2e2863414ff7a1bedb33f458ebed19859bf.zip
fix 2fa policy check on registration (#4956)
-rw-r--r--src/api/core/accounts.rs2
-rw-r--r--src/db/models/org_policy.rs8
2 files changed, 6 insertions, 4 deletions
diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
index cc9cd6ce..fc33619d 100644
--- a/src/api/core/accounts.rs
+++ b/src/api/core/accounts.rs
@@ -112,7 +112,7 @@ async fn is_email_2fa_required(org_user_uuid: Option<String>, conn: &mut DbConn)
return true;
}
if org_user_uuid.is_some() {
- return OrgPolicy::is_enabled_by_org(&org_user_uuid.unwrap(), OrgPolicyType::TwoFactorAuthentication, conn)
+ return OrgPolicy::is_enabled_for_member(&org_user_uuid.unwrap(), OrgPolicyType::TwoFactorAuthentication, conn)
.await;
}
false
diff --git a/src/db/models/org_policy.rs b/src/db/models/org_policy.rs
index d1e8aa0f..23e583b4 100644
--- a/src/db/models/org_policy.rs
+++ b/src/db/models/org_policy.rs
@@ -342,9 +342,11 @@ impl OrgPolicy {
false
}
- pub async fn is_enabled_by_org(org_uuid: &str, policy_type: OrgPolicyType, conn: &mut DbConn) -> bool {
- if let Some(policy) = OrgPolicy::find_by_org_and_type(org_uuid, policy_type, conn).await {
- return policy.enabled;
+ pub async fn is_enabled_for_member(org_user_uuid: &str, policy_type: OrgPolicyType, conn: &mut DbConn) -> bool {
+ if let Some(membership) = UserOrganization::find_by_uuid(org_user_uuid, conn).await {
+ if let Some(policy) = OrgPolicy::find_by_org_and_type(&membership.org_uuid, policy_type, conn).await {
+ return policy.enabled;
+ }
}
false
}