mirror of
https://github.com/bitwarden/server.git
synced 2024-12-25 17:27:45 +01:00
[AC-1105] allow users with manage groups permission to access collections (#2780)
This commit is contained in:
parent
24d227d075
commit
2f6e463012
@ -79,7 +79,7 @@ public class CollectionsController : Controller
|
||||
[HttpGet("details")]
|
||||
public async Task<ListResponseModel<CollectionAccessDetailsResponseModel>> GetManyWithDetails(Guid orgId)
|
||||
{
|
||||
if (!await ViewAtLeastOneCollectionAsync(orgId) && !await _currentContext.ManageUsers(orgId))
|
||||
if (!await ViewAtLeastOneCollectionAsync(orgId) && !await _currentContext.ManageUsers(orgId) && !await _currentContext.ManageGroups(orgId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
@ -97,7 +97,7 @@ public class CollectionService : ICollectionService
|
||||
|
||||
public async Task<IEnumerable<Collection>> GetOrganizationCollections(Guid organizationId)
|
||||
{
|
||||
if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.ManageUsers(organizationId))
|
||||
if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.ManageUsers(organizationId) && !await _currentContext.ManageGroups(organizationId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user