vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit c29d342c21b16729256709e30f7c6989a70f1d0c
parent fcef2fa1f1f33edaeefd3d852eb3f8489b96c495
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Sun, 13 May 2018 15:09:45 +0200

Merge pull request #14 from mprasil/shared_cipher

Also list shared ciphers in find_by_user
Diffstat:

Msrc/api/core/accounts.rs | 2+-


Msrc/api/core/ciphers.rs | 2+-


Msrc/db/models/cipher.rs | 29+++++++++++++++++++++++++++--


3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
@@ -168,7 +168,7 @@ fn delete_account(data: Json<PasswordData>, headers: Headers, conn: DbConn) -> E
     }
 
     // Delete ciphers and their attachments
-    for cipher in Cipher::find_by_user(&user.uuid, &conn) {
+    for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) {
         for a in Attachment::find_by_cipher(&cipher.uuid, &conn) { a.delete(&conn); }
 
         cipher.delete(&conn);
diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs
@@ -503,7 +503,7 @@ fn delete_all(data: Json<PasswordData>, headers: Headers, conn: DbConn) -> Empty
     }
 
     // Delete ciphers and their attachments
-    for cipher in Cipher::find_by_user(&user.uuid, &conn) {
+    for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) {
         _delete_cipher(cipher, &conn);
     }
 
diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs
@@ -223,10 +223,35 @@ impl Cipher {
             .first::<Self>(&**conn).ok()
     }
 
+    // Find all ciphers accesible to user
     pub fn find_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> {
         ciphers::table
-            .filter(ciphers::user_uuid.eq(user_uuid))
-            .load::<Self>(&**conn).expect("Error loading ciphers")
+        .left_join(users_organizations::table.on(
+            ciphers::organization_uuid.eq(users_organizations::org_uuid.nullable()).and(
+                users_organizations::user_uuid.eq(user_uuid)
+            )
+        ))
+        .left_join(ciphers_collections::table)
+        .left_join(users_collections::table.on(
+            ciphers_collections::collection_uuid.eq(users_collections::collection_uuid)
+        ))
+        .filter(ciphers::user_uuid.eq(user_uuid).or( // Cipher owner
+            users_organizations::access_all.eq(true).or( // access_all in Organization
+                users_organizations::type_.le(UserOrgType::Admin as i32).or( // Org admin or owner
+                    users_collections::user_uuid.eq(user_uuid) // Access to Collection
+                )
+            )
+        ))
+        .select(ciphers::all_columns)
+        .distinct()
+        .load::<Self>(&**conn).expect("Error loading ciphers")
+    }
+
+    // Find all ciphers directly owned by user
+    pub fn find_owned_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> {
+        ciphers::table
+        .filter(ciphers::user_uuid.eq(user_uuid))
+        .load::<Self>(&**conn).expect("Error loading ciphers")
     }
 
     pub fn find_by_org(org_uuid: &str, conn: &DbConn) -> Vec<Self> {