Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-26 12:55:17 +01:00
Code Issues Projects Releases Wiki Activity

[SM-504] Fix service account not accessing secrets (#2709)

Browse Source
This commit is contained in:
Oscar Hinton 2023-02-22 11:21:07 +01:00 committed by GitHub
parent 7365ca0925
commit 9cddb769fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/Core/Context/CurrentContext.cs
View File

@ -35,6 +35,7 @@ public class CurrentContext : ICurrentContext
public virtual string ClientId { get; set; }
public virtual Version ClientVersion { get; set; }
public virtual ClientType ClientType { get; set; }
public virtual Guid? ServiceAccountOrganizationId { get; set; }
public CurrentContext(IProviderUserRepository providerUserRepository)
{
@ -146,6 +147,11 @@ public class CurrentContext : ICurrentContext
ClientType = c;
}
if (ClientType == ClientType.ServiceAccount)
{
ServiceAccountOrganizationId = new Guid(GetClaimValue(claimsDict, Claims.Organization));
}
DeviceIdentifier = GetClaimValue(claimsDict, Claims.Device);
Organizations = GetOrganizations(claimsDict, orgApi);
@ -445,6 +451,11 @@ public class CurrentContext : ICurrentContext
public bool AccessSecretsManager(Guid orgId)
{
if (ServiceAccountOrganizationId.HasValue && ServiceAccountOrganizationId.Value == orgId)
{
return true;
}
return Organizations?.Any(o => o.Id == orgId && o.AccessSecretsManager) ?? false;
}