mirror of
https://github.com/bitwarden/server.git
synced 2024-11-25 12:45:18 +01:00
[PM-2730] Add missing hide-passwords permission to api models (#3125)
* Add missing hide-passwords permission to api models * Update src/Api/Auth/Models/Public/AssociationWithPermissionsBaseModel.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * Rename ToSelectionReadOnly to ToCollectionAccessSelection * Remove Required attribute which would break backwards compatability * Update src/Api/Auth/Models/Public/Request/AssociationWithPermissionsRequestModel.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> --------- Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
This commit is contained in:
parent
a480bd16e4
commit
03cbc7983b
@ -110,7 +110,7 @@ public class GroupsController : Controller
|
||||
public async Task<IActionResult> Post([FromBody] GroupCreateUpdateRequestModel model)
|
||||
{
|
||||
var group = model.ToGroup(_currentContext.OrganizationId.Value);
|
||||
var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
|
||||
var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
|
||||
var organization = await _organizationRepository.GetByIdAsync(_currentContext.OrganizationId.Value);
|
||||
await _createGroupCommand.CreateGroupAsync(group, organization, associations);
|
||||
var response = new GroupResponseModel(group, associations);
|
||||
@ -139,7 +139,7 @@ public class GroupsController : Controller
|
||||
}
|
||||
|
||||
var updatedGroup = model.ToGroup(existingGroup);
|
||||
var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
|
||||
var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
|
||||
var organization = await _organizationRepository.GetByIdAsync(_currentContext.OrganizationId.Value);
|
||||
await _updateGroupCommand.UpdateGroupAsync(updatedGroup, organization, associations);
|
||||
var response = new GroupResponseModel(updatedGroup, associations);
|
||||
|
@ -119,7 +119,7 @@ public class MembersController : Controller
|
||||
[ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
|
||||
public async Task<IActionResult> Post([FromBody] MemberCreateRequestModel model)
|
||||
{
|
||||
var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
|
||||
var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
|
||||
var invite = new OrganizationUserInvite
|
||||
{
|
||||
Emails = new List<string> { model.Email },
|
||||
@ -154,7 +154,7 @@ public class MembersController : Controller
|
||||
return new NotFoundResult();
|
||||
}
|
||||
var updatedUser = model.ToOrganizationUser(existingUser);
|
||||
var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
|
||||
var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
|
||||
await _organizationService.SaveUserAsync(updatedUser, null, associations, model.Groups);
|
||||
MemberResponseModel response = null;
|
||||
if (existingUser.UserId.HasValue)
|
||||
|
@ -15,4 +15,9 @@ public abstract class AssociationWithPermissionsBaseModel
|
||||
/// </summary>
|
||||
[Required]
|
||||
public bool? ReadOnly { get; set; }
|
||||
/// <summary>
|
||||
/// When true, the hide passwords permission will not allow the user or group to view passwords.
|
||||
/// This prevents easy copy-and-paste of hidden items, however it may not completely prevent user access.
|
||||
/// </summary>
|
||||
public bool? HidePasswords { get; set; }
|
||||
}
|
||||
|
@ -4,12 +4,13 @@ namespace Bit.Api.AdminConsole.Public.Models.Request;
|
||||
|
||||
public class AssociationWithPermissionsRequestModel : AssociationWithPermissionsBaseModel
|
||||
{
|
||||
public CollectionAccessSelection ToSelectionReadOnly()
|
||||
public CollectionAccessSelection ToCollectionAccessSelection()
|
||||
{
|
||||
return new CollectionAccessSelection
|
||||
{
|
||||
Id = Id.Value,
|
||||
ReadOnly = ReadOnly.Value
|
||||
ReadOnly = ReadOnly.Value,
|
||||
HidePasswords = HidePasswords.GetValueOrDefault()
|
||||
};
|
||||
}
|
||||
}
|
||||
|
@ -12,5 +12,6 @@ public class AssociationWithPermissionsResponseModel : AssociationWithPermission
|
||||
}
|
||||
Id = selection.Id;
|
||||
ReadOnly = selection.ReadOnly;
|
||||
HidePasswords = selection.HidePasswords;
|
||||
}
|
||||
}
|
||||
|
@ -89,7 +89,7 @@ public class CollectionsController : Controller
|
||||
return new NotFoundResult();
|
||||
}
|
||||
var updatedCollection = model.ToCollection(existingCollection);
|
||||
var associations = model.Groups?.Select(c => c.ToSelectionReadOnly());
|
||||
var associations = model.Groups?.Select(c => c.ToCollectionAccessSelection());
|
||||
await _collectionService.SaveAsync(updatedCollection, associations);
|
||||
var response = new CollectionResponseModel(updatedCollection, associations);
|
||||
return new JsonResult(response);
|
||||
|
Loading…
Reference in New Issue
Block a user