nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

permissions validation

Browse Source
This commit is contained in:
Kyle Spearrin
2017-04-04 22:07:30 -04:00
parent 7d9a2cdd95
commit 382be7a90b
5 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Core/Services/Implementations/CipherService.cs
View File

@ -119,9 +119,9 @@ namespace Bit.Core.Services
throw new BadRequestException(nameof(cipher.Id));
}
if(organizationId == default(Guid))
if(cipher.OrganizationId.HasValue)
{
throw new BadRequestException(nameof(organizationId));
throw new BadRequestException("Already belongs to an organization.");
}
if(!cipher.UserId.HasValue || cipher.UserId.Value != movingUserId)
@ -134,8 +134,8 @@ namespace Bit.Core.Services
var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(movingUserId, subvaultIds,
organizationId);
var adminSubvaults = subvaultUserDetails.Where(s => s.Admin).Select(s => s.SubvaultId);
if(!adminSubvaults.Any())
var writeableSubvaults = subvaultUserDetails.Where(s => !s.ReadOnly).Select(s => s.SubvaultId);
if(!writeableSubvaults.Any())
{
throw new BadRequestException("No subvaults.");
}
@ -143,7 +143,7 @@ namespace Bit.Core.Services
cipher.UserId = null;
cipher.OrganizationId = organizationId;
cipher.RevisionDate = DateTime.UtcNow;
await _cipherRepository.ReplaceAsync(cipher, adminSubvaults);
await _cipherRepository.ReplaceAsync(cipher, writeableSubvaults);
// push
//await _pushService.PushSyncCipherUpdateAsync(cipher);