bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-04 17:43:53 +00:00
Code Issues Releases Wiki Activity

[PM-25982] Restrict Ciphers being assigned to Default from Shared collections (#6382)

Browse Source 
* validate that any change in collection does not allow only shared ciphers to migrate to a default cipher

* refactor order of checks to avoid any unnecessary calls

* remove unneeded conditional
This commit is contained in:
Nick Krantz
2025-09-29 13:06:52 -05:00
committed by GitHub
parent f1af331a0c
commit 46958cc838
3 changed files with 54 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Api/Vault/Controllers/CiphersController.cs
View File

@@ -887,6 +887,9 @@ public class CiphersController : Controller
[HttpPost("bulk-collections")]
public async Task PostBulkCollections([FromBody] CipherBulkUpdateCollectionsRequestModel model)
{
var userId = _userService.GetProperUserId(User).Value;
await _cipherService.ValidateBulkCollectionAssignmentAsync(model.CollectionIds, model.CipherIds, userId);
if (!await CanModifyCipherCollectionsAsync(model.OrganizationId, model.CipherIds) ||
!await CanEditItemsInCollections(model.OrganizationId, model.CollectionIds))
{