1
0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-08 20:12:34 +01:00

Ensure that a user is actually in an org when applying policies

This commit is contained in:
Ave 2020-11-08 01:14:17 +03:00
parent b5f9fe4d3b
commit fa364c3f2c
No known key found for this signature in database
GPG Key ID: 398DD7BD03276F6D

View File

@ -4,7 +4,7 @@ use crate::api::EmptyResult;
use crate::db::DbConn;
use crate::error::MapResult;
use super::Organization;
use super::{Organization, UserOrgStatus};
db_object! {
#[derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset)]
@ -134,6 +134,9 @@ impl OrgPolicy {
users_organizations::org_uuid.eq(org_policies::org_uuid)
.and(users_organizations::user_uuid.eq(user_uuid)))
)
.filter(
users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
)
.select(org_policies::all_columns)
.load::<OrgPolicyDb>(conn)
.expect("Error loading org_policy")