nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-03 00:52:49 -05:00
Code Activity

Fix logic, add comment

Browse Source
This commit is contained in:
Thomas Rittson
2023-10-09 14:29:48 +10:00
parent 1dad2af7c3
commit 343ab2d8a9
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controllers/CollectionsController.cs
View File

@ -159,7 +159,7 @@ public class CollectionsController : Controller
var authorized = FlexibleCollectionsIsEnabled() var authorized = FlexibleCollectionsIsEnabled()
? (await _authorizationService.AuthorizeAsync(User, collection, CollectionOperations.Create)).Succeeded ? (await _authorizationService.AuthorizeAsync(User, collection, CollectionOperations.Create)).Succeeded
: await CanCreateCollection(orgId, collection.Id) && await CanEditCollectionAsync(orgId, collection.Id); : await CanCreateCollection(orgId, collection.Id) || await CanEditCollectionAsync(orgId, collection.Id);
if (!authorized) if (!authorized)
{ {
throw new NotFoundException(); throw new NotFoundException();
@ -202,6 +202,8 @@ public class CollectionsController : Controller
[HttpPost("bulk-access")] [HttpPost("bulk-access")]
[RequireFeature(FeatureFlagKeys.BulkCollectionAccess)] [RequireFeature(FeatureFlagKeys.BulkCollectionAccess)]
// Also gated behind Flexible Collections flag because it only has new authorization logic.
// Could be removed if legacy authorization logic were implemented for many collections.
[RequireFeature(FeatureFlagKeys.FlexibleCollections)] [RequireFeature(FeatureFlagKeys.FlexibleCollections)]
public async Task PostBulkCollectionAccess([FromBody] BulkCollectionAccessRequestModel model) public async Task PostBulkCollectionAccess([FromBody] BulkCollectionAccessRequestModel model)
{ {