bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2025-12-05 23:53:21 +00:00
Code Issues Releases Wiki Activity

Don't check user group filter for deleted users

Browse Source
This commit is contained in:
Chad Scharf
2021-03-05 15:49:57 -05:00
parent 7096fc830b
commit 2ab37b45cf
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/services/azure-directory.service.ts
View File

@@ -90,7 +90,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
continue;
}
const entry = this.buildUser(user);
if (await this.filterOutUserResult(setFilter, entry)) {
if (await this.filterOutUserResult(setFilter, entry, true)) {
continue;
}
@@ -147,7 +147,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
if (!entry.disabled && !entry.deleted) {
continue;
}
if (await this.filterOutUserResult(setFilter, entry)) {
if (await this.filterOutUserResult(setFilter, entry, false)) {
continue;
}
@@ -257,7 +257,8 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
return [userSetType, set];
}
private async filterOutUserResult(setFilter: [UserSetType, Set<string>], user: UserEntry): Promise<boolean> {
private async filterOutUserResult(setFilter: [UserSetType, Set<string>], user: UserEntry,
checkGroupsFilter: boolean): Promise<boolean> {
if (setFilter == null) {
return false;
}
@@ -273,6 +274,10 @@ export class AzureDirectoryService extends BaseDirectoryService implements IDire
return this.filterOutResult([userSetTypeExclude, setFilter[1]], user.email);
}
// We need to *not* call the /checkMemberGroups method for deleted users, it will always fail
if (!checkGroupsFilter) {
return false;
}
const memberGroups = await this.client.api(`/users/${user.externalId}/checkMemberGroups`).post({
groupIds: Array.from(setFilter[1]),
});