Merge pull request #1219 from aveao/master - vw_small

commit e25fc7083de6703af23f576c5d469600c7036254
parent b5f9fe4d3bb57cada7fa01371efc3978a5937173
Author: Daniel García <dani-garcia@users.noreply.github.com>
Date:   Sat,  7 Nov 2020 23:29:12 +0100

Merge pull request #1219 from aveao/master

Ensure that a user is actually in an org when applying policies
Diffstat:
M src/db/models/org_policy.rs  | 5 ++++-

1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/db/models/org_policy.rs b/src/db/models/org_policy.rs
@@ -4,7 +4,7 @@ use crate::api::EmptyResult;
 use crate::db::DbConn;
 use crate::error::MapResult;
 
-use super::Organization;
+use super::{Organization, UserOrgStatus};
 
 db_object! {
     #[derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset)]
@@ -134,6 +134,9 @@ impl OrgPolicy {
                         users_organizations::org_uuid.eq(org_policies::org_uuid)
                             .and(users_organizations::user_uuid.eq(user_uuid)))
                 )
+                .filter(
+                    users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
+                )
                 .select(org_policies::all_columns)
                 .load::<OrgPolicyDb>(conn)
                 .expect("Error loading org_policy")

	vw_small Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
	git clone https://git.philomathiclife.com/repos/vw_small
	Log \| Files \| Refs \| README