mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-11-26 09:06:37 +01:00
Prevent accepted user from seeing ciphers until confirmed (fixes #196)
This commit is contained in:
parent
3cb911a52f
commit
044cf19913
1 changed files with 3 additions and 1 deletions
|
@ -318,7 +318,9 @@ impl Cipher {
|
|||
.filter(ciphers::user_uuid.eq(user_uuid).or( // Cipher owner
|
||||
users_organizations::access_all.eq(true).or( // access_all in Organization
|
||||
users_organizations::type_.le(UserOrgType::Admin as i32).or( // Org admin or owner
|
||||
users_collections::user_uuid.eq(user_uuid) // Access to Collection
|
||||
users_collections::user_uuid.eq(user_uuid).and( // Access to Collection
|
||||
users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
|
||||
)
|
||||
)
|
||||
)
|
||||
))
|
||||
|
|
Loading…
Reference in a new issue