vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 1a888b535564f30cab873f0725898db6f9bde792
parent d5ed2ce6df073ce49340748e2d200b951de3f2c9
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Thu,  9 Sep 2021 20:30:13 +0200

Merge branch 'jjlin-personal-ownership-imports' into main

Diffstat:
Msrc/api/core/ciphers.rs | 10++++++----
1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs @@ -248,7 +248,7 @@ fn post_ciphers_create(data: JsonUpcase<ShareCipherData>, headers: Headers, conn // This check is usually only needed in update_cipher_from_data(), but we // need it here as well to avoid creating an empty cipher in the call to // cipher.save() below. - enforce_personal_ownership_policy(&data.Cipher, &headers, &conn)?; + enforce_personal_ownership_policy(Some(&data.Cipher), &headers, &conn)?; let mut cipher = Cipher::new(data.Cipher.Type, data.Cipher.Name.clone()); cipher.user_uuid = Some(headers.user.uuid.clone()); @@ -289,8 +289,8 @@ fn post_ciphers(data: JsonUpcase<CipherData>, headers: Headers, conn: DbConn, nt /// allowed to delete or share such ciphers to an org, however. /// /// Ref: https://bitwarden.com/help/article/policies/#personal-ownership -fn enforce_personal_ownership_policy(data: &CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult { - if data.OrganizationId.is_none() { +fn enforce_personal_ownership_policy(data: Option<&CipherData>, headers: &Headers, conn: &DbConn) -> EmptyResult { + if data.is_none() || data.unwrap().OrganizationId.is_none() { let user_uuid = &headers.user.uuid; let policy_type = OrgPolicyType::PersonalOwnership; if OrgPolicy::is_applicable_to_user(user_uuid, policy_type, conn) { @@ -309,7 +309,7 @@ pub fn update_cipher_from_data( nt: &Notify, ut: UpdateType, ) -> EmptyResult { - enforce_personal_ownership_policy(&data, headers, conn)?; + enforce_personal_ownership_policy(Some(&data), headers, conn)?; // Check that the client isn't updating an existing cipher with stale data. if let Some(dt) = data.LastKnownRevisionDate { @@ -458,6 +458,8 @@ struct RelationsData { #[post("/ciphers/import", data = "<data>")] fn post_ciphers_import(data: JsonUpcase<ImportData>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult { + enforce_personal_ownership_policy(None, &headers, &conn)?; + let data: ImportData = data.into_inner().data; // Read and create the folders