nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

read collection that are write only

Browse Source
This commit is contained in:
Kyle Spearrin
2017-08-30 15:57:17 -04:00
parent ff22e00ec5
commit 5bda2ef32f
6 changed files with 60 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
util/Setup/DbScripts/2017-08-30_00_CollectionWriteOnly.sql Normal file
View File

@ -0,0 +1,46 @@
IF OBJECT_ID('[dbo].[Collection_ReadByUserId]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[Collection_ReadByUserId]
END
GO
CREATE PROCEDURE [dbo].[Collection_ReadByUserId]
@UserId UNIQUEIDENTIFIER,
@WriteOnly BIT
AS
BEGIN
SET NOCOUNT ON
SELECT
C.*
FROM
[dbo].[CollectionView] C
INNER JOIN
[dbo].[OrganizationUser] OU ON C.[OrganizationId] = OU.[OrganizationId]
INNER JOIN
[dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
LEFT JOIN
[dbo].[CollectionUser] CU ON OU.[AccessAll] = 0 AND CU.[CollectionId] = C.[Id] AND CU.[OrganizationUserId] = [OU].[Id]
LEFT JOIN
[dbo].[GroupUser] GU ON CU.[CollectionId] IS NULL AND OU.[AccessAll] = 0 AND GU.[OrganizationUserId] = OU.[Id]
LEFT JOIN
[dbo].[Group] G ON G.[Id] = GU.[GroupId]
LEFT JOIN
[dbo].[CollectionGroup] CG ON G.[AccessAll] = 0 AND CG.[CollectionId] = C.[Id] AND CG.[GroupId] = GU.[GroupId]
WHERE
OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (
OU.[AccessAll] = 1
OR CU.[CollectionId] IS NOT NULL
OR G.[AccessAll] = 1
OR CG.[CollectionId] IS NOT NULL
)
AND (
@WriteOnly = 0
OR CU.[ReadOnly] = 0
OR CG.[ReadOnly] = 0
)
END
GO

1
util/Setup/Setup.csproj
View File

@ -7,6 +7,7 @@
</PropertyGroup>
<ItemGroup>
<EmbeddedResource Include="DbScripts\2017-08-30_00_CollectionWriteOnly.sql" />
<EmbeddedResource Include="DbScripts\2017-08-22_00_LicenseCheckScripts.sql" />
<EmbeddedResource Include="DbScripts\2017-08-19_00_InitialSetup.sql" />
</ItemGroup>