mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-14 01:23:55 +01:00
Fixed purging organization vault
This commit is contained in:
parent
0136c793b4
commit
03fdf36bf9
1 changed files with 40 additions and 13 deletions
|
@ -870,8 +870,14 @@ fn move_cipher_selected_put(
|
||||||
move_cipher_selected(data, headers, conn, nt)
|
move_cipher_selected(data, headers, conn, nt)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/ciphers/purge", data = "<data>")]
|
#[derive(FromForm)]
|
||||||
fn delete_all(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
struct OrganizationId {
|
||||||
|
#[form(field = "organizationId")]
|
||||||
|
org_id: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[post("/ciphers/purge?<organization..>", data = "<data>")]
|
||||||
|
fn delete_all(organization: Option<Form<OrganizationId>>, data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn, nt: Notify) -> EmptyResult {
|
||||||
let data: PasswordData = data.into_inner().data;
|
let data: PasswordData = data.into_inner().data;
|
||||||
let password_hash = data.MasterPasswordHash;
|
let password_hash = data.MasterPasswordHash;
|
||||||
|
|
||||||
|
@ -881,6 +887,25 @@ fn delete_all(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn, nt
|
||||||
err!("Invalid password")
|
err!("Invalid password")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
match organization {
|
||||||
|
Some(org_data) => {
|
||||||
|
// Organization ID in query params, purging organization vault
|
||||||
|
match UserOrganization::find_by_user_and_org(&user.uuid, &org_data.org_id, &conn) {
|
||||||
|
None => err!("You don't have permission to purge the organization vault"),
|
||||||
|
Some(user_org) => {
|
||||||
|
if user_org.type_ == UserOrgType::Owner {
|
||||||
|
Cipher::delete_all_by_organization(&org_data.org_id, &conn)?;
|
||||||
|
Collection::delete_all_by_organization(&org_data.org_id, &conn)?;
|
||||||
|
nt.send_user_update(UpdateType::Vault, &user);
|
||||||
|
Ok(())
|
||||||
|
} else {
|
||||||
|
err!("You don't have permission to purge the organization vault");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
None => {
|
||||||
|
// No organization ID in query params, purging user vault
|
||||||
// Delete ciphers and their attachments
|
// Delete ciphers and their attachments
|
||||||
for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) {
|
for cipher in Cipher::find_owned_by_user(&user.uuid, &conn) {
|
||||||
cipher.delete(&conn)?;
|
cipher.delete(&conn)?;
|
||||||
|
@ -894,6 +919,8 @@ fn delete_all(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn, nt
|
||||||
user.update_revision(&conn)?;
|
user.update_revision(&conn)?;
|
||||||
nt.send_user_update(UpdateType::Vault, &user);
|
nt.send_user_update(UpdateType::Vault, &user);
|
||||||
Ok(())
|
Ok(())
|
||||||
|
},
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn _delete_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn, nt: &Notify) -> EmptyResult {
|
fn _delete_cipher_by_uuid(uuid: &str, headers: &Headers, conn: &DbConn, nt: &Notify) -> EmptyResult {
|
||||||
|
|
Loading…
Reference in a new issue