vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 8bed867798f59447b940fbf6c0b1a9d5e45056ad
parent fcef2fa1f1f33edaeefd3d852eb3f8489b96c495
Author: Miroslav Prasil <miroslav@prasil.info>
Date:   Fri, 11 May 2018 23:53:37 +0100

Also list shared ciphers in find_by_user

Diffstat:
Msrc/api/core/ciphers.rs | 2+-
Msrc/db/models/cipher.rs | 28++++++++++++++++++++++++++--
2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs @@ -503,7 +503,7 @@ fn delete_all(data: Json<PasswordData>, headers: Headers, conn: DbConn) -> Empty } // Delete ciphers and their attachments - for cipher in Cipher::find_by_user(&user.uuid, &conn) { + for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) { _delete_cipher(cipher, &conn); } diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs @@ -223,10 +223,34 @@ impl Cipher { .first::<Self>(&**conn).ok() } + // Find all ciphers accesible to user pub fn find_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> { ciphers::table - .filter(ciphers::user_uuid.eq(user_uuid)) - .load::<Self>(&**conn).expect("Error loading ciphers") + .left_join(users_organizations::table.on( + ciphers::organization_uuid.eq(users_organizations::org_uuid.nullable()).and( + users_organizations::user_uuid.eq(user_uuid) + ) + )) + .left_join(ciphers_collections::table) + .left_join(users_collections::table.on( + ciphers_collections::collection_uuid.eq(users_collections::collection_uuid) + )) + .filter(ciphers::user_uuid.eq(user_uuid).or( // Cipher owner + users_organizations::access_all.eq(true).or( // access_all in Organization + users_organizations::type_.le(UserOrgType::Admin as i32).or( // Org admin or owner + users_collections::user_uuid.eq(user_uuid) // Access to Collection + ) + ) + )) + .select(ciphers::all_columns) + .load::<Self>(&**conn).expect("Error loading ciphers") + } + + // Find all ciphers directly owned by user + pub fn find_owned_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> { + ciphers::table + .filter(ciphers::user_uuid.eq(user_uuid)) + .load::<Self>(&**conn).expect("Error loading ciphers") } pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {