Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-27 03:41:30 +01:00
Code Issues Projects Releases Wiki Activity

PM-17954 changing import permissions around based on requirements (#5385)

Browse Source 
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
This commit is contained in:
Graham Walker 2025-02-13 12:43:34 -06:00 committed by GitHub
parent 6cb00ebc8e
commit 465549b812
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/Api/Tools/Controllers/ImportCiphersController.cs
View File

@ -96,12 +96,6 @@ public class ImportCiphersController : Controller
return true;
}
//Users allowed to import if they CanCreate Collections
if (!(await _authorizationService.AuthorizeAsync(User, collections, BulkCollectionOperations.Create)).Succeeded)
{
return false;
}
//Calling Repository instead of Service as we want to get all the collections, regardless of permission
//Permissions check will be done later on AuthorizationService
var orgCollectionIds =
@ -118,6 +112,12 @@ public class ImportCiphersController : Controller
return false;
};
//Users allowed to import if they CanCreate Collections
if (!(await _authorizationService.AuthorizeAsync(User, collections, BulkCollectionOperations.Create)).Succeeded)
{
return false;
}
return true;
}
}