bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-17 00:33:23 +00:00
Code Issues Releases Wiki Activity

[AC-1443] Update manager permission to only see collections they have access to (#3071)

Browse Source 
* [AC-1443] Changed CurrentContext.ViewAllCollections to only check if the user can edit or delete any collection

* [AC-1443] Renamed ICollectionService.GetOrganizationCollections to GetOrganizationCollectionsAsync

* [AC-1443] Changed CollectionService.GetOrganizationCollectionsAsync to first check CurrentContext.ViewAssignedCollections instead
Added unit tests

* [AC-1443] Added new unit test to check for Exception when user does not have permission
This commit is contained in:
Rui Tomé
2023-08-08 16:54:10 +01:00
committed by GitHub
parent 5275f22f12
commit 95b7652ca9
7 changed files with 63 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/Controllers/OrganizationExportController.cs
View File

@@ -40,7 +40,7 @@ public class OrganizationExportController : Controller
{
var userId = _userService.GetProperUserId(User).Value;
IEnumerable<Collection> orgCollections = await _collectionService.GetOrganizationCollections(organizationId);
IEnumerable<Collection> orgCollections = await _collectionService.GetOrganizationCollectionsAsync(organizationId);
(IEnumerable<CipherOrganizationDetails> orgCiphers, Dictionary<Guid, IGrouping<Guid, CollectionCipher>> collectionCiphersGroupDict) = await _cipherService.GetOrganizationCiphers(userId, organizationId);
if (_currentContext.ClientVersion == null || _currentContext.ClientVersion >= new Version("2023.1.0"))