bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-25 20:53:16 +00:00
Code Issues Releases Wiki Activity

[AC-1139] Created AuthorizationServiceExtensions to have an extension method for AuthorizeAsync where the resource is null

Browse Source
This commit is contained in:
Rui Tome
2023-10-30 12:59:34 +00:00
parent 91de2d892e
commit 4642b7360e
4 changed files with 39 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Api/Controllers/CollectionsController.cs
View File

@@ -1,5 +1,6 @@
using Bit.Api.Models.Request;
using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Core;
using Bit.Core.Context;
@@ -520,7 +521,7 @@ public class CollectionsController : Controller
.GetManyByUserIdWithAccessAsync(_currentContext.UserId.Value, orgId);
var readAllAuthorized =
(await _authorizationService.AuthorizeAsync(User, null, CollectionOperations.ReadAll(orgId))).Succeeded;
(await _authorizationService.AuthorizeAsync(User, CollectionOperations.ReadAll(orgId))).Succeeded;
if (readAllAuthorized)
{
// The user can view all collections, but they may not always be assigned to all of them
@@ -547,7 +548,7 @@ public class CollectionsController : Controller
{
IEnumerable<Collection> orgCollections;
var readAllAuthorized = (await _authorizationService.AuthorizeAsync(User, null, CollectionOperations.ReadAll(orgId))).Succeeded;
var readAllAuthorized = (await _authorizationService.AuthorizeAsync(User, CollectionOperations.ReadAll(orgId))).Succeeded;
if (readAllAuthorized)
{
orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(orgId);