Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Code Issues Projects Releases Wiki Activity

Only return policy in TakeoverResponse if Owner

Browse Source
This commit is contained in:
Thomas Rittson 2021-02-05 16:22:30 +10:00
parent 204217a5e0
commit b20e6f5e85
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs
View File

@ -94,7 +94,7 @@ namespace Bit.Core.Models.Api.Response
KeyEncrypted = emergencyAccess.KeyEncrypted;
Kdf = grantor.Kdf;
KdfIterations = grantor.KdfIterations;
Policy = policy.Select<Policy, PolicyResponseModel>(policy => new PolicyResponseModel(policy));
Policy = policy?.Select<Policy, PolicyResponseModel>(policy => new PolicyResponseModel(policy));
}
public int KdfIterations { get; private set; }

8
src/Core/Services/Implementations/EmergencyAccessService.cs
View File

@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
@ -249,8 +250,11 @@ namespace Bit.Core.Services
}
var grantor = await _userRepository.GetByIdAsync(emergencyAccess.GrantorId);
var policy = await _policyRepository.GetManyByUserIdAsync(grantor.Id);
var grantorOrganizations = await _organizationUserRepository.GetManyByUserAsync(grantor.Id);
var isOrganizationOwner = grantorOrganizations.Any<OrganizationUser>(organization => organization.Type == OrganizationUserType.Owner);
var policy = isOrganizationOwner ? await _policyRepository.GetManyByUserIdAsync(grantor.Id) : null;
return (emergencyAccess, grantor, policy);
}