nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-27 14:16:19 -05:00
Code

Add validation in CollectionsController to prevent deletion of DefaultUserCollection type

Browse Source 
* Implemented a check to return a BadRequestObjectResult if an attempt is made to delete a collection of type DefaultUserCollection.
This commit is contained in:
Rui Tome 2025-06-16 13:15:12 +01:00
parent bcb90f2913
commit 308e8f4d72
No known key found for this signature in database
GPG Key ID: 526239D96A8EC066
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Api/Public/Controllers/CollectionsController.cs
View File

@ -2,6 +2,7 @@
using Bit.Api.Models.Public.Request; using Bit.Api.Models.Public.Request;
using Bit.Api.Models.Public.Response; using Bit.Api.Models.Public.Response;
using Bit.Core.Context; using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces; using Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
using Bit.Core.Repositories; using Bit.Core.Repositories;
using Bit.Core.Services; using Bit.Core.Services;
@ -116,6 +117,12 @@ public class CollectionsController : Controller
{ {
return new NotFoundResult(); return new NotFoundResult();
} }
if (collection.Type == CollectionType.DefaultUserCollection)
{
return new BadRequestObjectResult(new ErrorResponseModel("You cannot delete a collection with the type as DefaultUserCollection."));
}
await _collectionRepository.DeleteAsync(collection); await _collectionRepository.DeleteAsync(collection);
return new OkResult(); return new OkResult();
} }