nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 21:18:13 -05:00
Code

[AC-1889] Fix ManageGroups custom permission not getting all collections (#3514)

Browse Source
This commit is contained in:
Thomas Rittson 2023-12-12 08:26:10 +10:00 committed by GitHub
parent e6ce9ff0ce
commit ce6768114b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/Api/Controllers/CollectionsController.cs
View File

@ -165,7 +165,23 @@ public class CollectionsController : Controller
} }
// Old pre-flexible collections logic follows // Old pre-flexible collections logic follows
var orgCollections = await _collectionService.GetOrganizationCollectionsAsync(orgId); IEnumerable<Collection> orgCollections = null;
if (await _currentContext.ManageGroups(orgId))
{
// ManageGroups users need to see all collections to manage other users' collection access.
// This is not added to collectionService.GetOrganizationCollectionsAsync as that may have
// unintended consequences on other logic that also uses that method.
// This is a quick fix but it will be properly fixed by permission changes in Flexible Collections.
// Get all collections for organization
orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(orgId);
}
else
{
// Returns all collections or collections the user is assigned to, depending on permissions
orgCollections = await _collectionService.GetOrganizationCollectionsAsync(orgId);
}
var responses = orgCollections.Select(c => new CollectionResponseModel(c)); var responses = orgCollections.Select(c => new CollectionResponseModel(c));
return new ListResponseModel<CollectionResponseModel>(responses); return new ListResponseModel<CollectionResponseModel>(responses);
} }