nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-03 00:52:49 -05:00
Code Activity

[SM-670] Add permission context to project lists. (#2822)

Browse Source 
* Attach permission context to project lists.

* restrict service-account actions

* Fix project permission details

* Add getters and setters

* dotnet format

* Fix admin create unassigned secret (#2872)
This commit is contained in:
Thomas Avery
2023-04-26 13:09:25 -05:00
committed by GitHub
parent 9cbd0ac799
commit 20d3b4b4e8
30 changed files with 183 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Api/SecretsManager/Controllers/AccessPoliciesController.cs
View File

@ -249,14 +249,8 @@ public class AccessPoliciesController : Controller
}
var (accessClient, userId) = await GetAccessClientTypeAsync(project.OrganizationId);
var hasAccess = accessClient switch
{
AccessClientType.NoAccessCheck => true,
AccessClientType.User => await _projectRepository.UserHasWriteAccessToProject(project.Id, userId),
_ => false,
};
if (!hasAccess)
var access = await _projectRepository.AccessToProjectAsync(project.Id, userId, accessClient);
if (!access.Write || accessClient == AccessClientType.ServiceAccount)
{
throw new NotFoundException();
}