vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit 79b4ddcae8d6f00af6db1d04c478637744ef3622
parent 0cb58add54a85993ba9ff3665df170dfce04972e
Author: Daniel GarcĂ­a <dani1861994@hotmail.com>
Date:   Fri,  4 May 2018 20:10:35 +0200

Added read_only bit to users_collections

Diffstat:

Amigrations/2018-04-27-155151_create_users_ciphers/down.sql | 0


Mmigrations/2018-04-27-155151_create_users_ciphers/up.sql | 5+++--


Msrc/api/core/organizations.rs | 14+++++---------


Msrc/db/models/collection.rs | 6++++--


Msrc/db/schema.rs | 22++++++++++++----------


5 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/migrations/2018-04-27-155151_create_users_ciphers/down.sql b/migrations/2018-04-27-155151_create_users_ciphers/down.sql
diff --git a/migrations/2018-04-27-155151_create_users_ciphers/up.sql b/migrations/2018-04-27-155151_create_users_ciphers/up.sql
@@ -29,4 +29,6 @@ INSERT INTO folders_ciphers (cipher_uuid, folder_uuid)
 SELECT uuid, folder_uuid FROM oldCiphers WHERE folder_uuid IS NOT NULL;
 
 
-DROP TABLE oldCiphers;
-\ No newline at end of file
+DROP TABLE oldCiphers;
+
+ALTER TABLE users_collections ADD COLUMN read_only BOOLEAN NOT NULL DEFAULT 0; -- False
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -150,7 +150,7 @@ fn post_organization_collections(org_id: String, headers: Headers, data: Json<Ne
     collection.save(&conn);
 
     if !org_user.access_all {
-        CollectionUsers::save(&headers.user.uuid, &collection.uuid, &conn);
+        CollectionUsers::save(&headers.user.uuid, &collection.uuid, false, &conn);
     }
 
     Ok(Json(collection.to_json()))
@@ -308,10 +308,8 @@ fn send_invite(org_id: String, data: Json<InviteData>, headers: Headers, conn: D
                 // If no accessAll, add the collections received
                 if !data.accessAll {
                     for collection in data.collections.iter() {
-                        // TODO: Check that collection is in org
-                        // TODO: Save the readOnly bit
-                        
-                        CollectionUsers::save(&headers.user.uuid, &collection.id, &conn);
+                        // TODO: Check that collection is in org                      
+                        CollectionUsers::save(&headers.user.uuid, &collection.id, collection.readOnly, &conn);
                     }
                 }
 
@@ -443,10 +441,8 @@ fn edit_user(org_id: String, user_id: String, data: Json<EditUserData>, headers:
     // If no accessAll, add the collections received
     if !data.accessAll {
         for collection in data.collections.iter() {
-            // TODO: Check that collection is in org
-            // TODO: Save the readOnly bit
-            
-            CollectionUsers::save(&current_user.uuid, &collection.id, &conn);
+            // TODO: Check that collection is in org            
+            CollectionUsers::save(&current_user.uuid, &collection.id, collection.readOnly, &conn);
         }
     }
 
diff --git a/src/db/models/collection.rs b/src/db/models/collection.rs
@@ -106,15 +106,17 @@ use super::User;
 pub struct CollectionUsers {
     pub user_uuid: String,
     pub collection_uuid: String,
+    pub read_only: bool,
 }
 
 /// Database methods
 impl CollectionUsers {
-    pub fn save(user_uuid: &str, collection_uuid: &str, conn: &DbConn) -> bool {
+    pub fn save(user_uuid: &str, collection_uuid: &str, read_only:bool, conn: &DbConn) -> bool {
         match diesel::replace_into(users_collections::table)
             .values((
                 users_collections::user_uuid.eq(user_uuid),
-                users_collections::collection_uuid.eq(collection_uuid)
+                users_collections::collection_uuid.eq(collection_uuid),
+                users_collections::read_only.eq(read_only),
             )).execute(&**conn) {
             Ok(1) => true, // One row inserted
             _ => false,
diff --git a/src/db/schema.rs b/src/db/schema.rs
@@ -57,6 +57,13 @@ table! {
 }
 
 table! {
+    folders_ciphers (cipher_uuid, folder_uuid) {
+        cipher_uuid -> Text,
+        folder_uuid -> Text,
+    }
+}
+
+table! {
     organizations (uuid) {
         uuid -> Text,
         name -> Text,
@@ -90,6 +97,7 @@ table! {
     users_collections (user_uuid, collection_uuid) {
         user_uuid -> Text,
         collection_uuid -> Text,
+        read_only -> Bool,
     }
 }
 
@@ -106,24 +114,18 @@ table! {
     }
 }
 
-table! {
-    folders_ciphers (cipher_uuid, folder_uuid) {
-        cipher_uuid -> Text,
-        folder_uuid -> Text,
-    }
-}
-
 joinable!(attachments -> ciphers (cipher_uuid));
+joinable!(ciphers -> organizations (organization_uuid));
 joinable!(ciphers -> users (user_uuid));
 joinable!(collections -> organizations (org_uuid));
 joinable!(devices -> users (user_uuid));
 joinable!(folders -> users (user_uuid));
+joinable!(folders_ciphers -> ciphers (cipher_uuid));
+joinable!(folders_ciphers -> folders (folder_uuid));
 joinable!(users_collections -> collections (collection_uuid));
 joinable!(users_collections -> users (user_uuid));
 joinable!(users_organizations -> organizations (org_uuid));
 joinable!(users_organizations -> users (user_uuid));
-joinable!(folders_ciphers -> ciphers (cipher_uuid));
-joinable!(folders_ciphers -> folders (folder_uuid));
 
 allow_tables_to_appear_in_same_query!(
     attachments,
@@ -131,9 +133,9 @@ allow_tables_to_appear_in_same_query!(
     collections,
     devices,
     folders,
+    folders_ciphers,
     organizations,
     users,
     users_collections,
     users_organizations,
-    folders_ciphers,
 );