JSON Response updates and small fixes

Updated several json response models. Also fixed a few small bugs. ciphers.rs: - post_ciphers_create: * Prevent cipher creation to organization without a collection. - update_cipher_from_data: * ~~Fixed removal of user_uuid which prevent user-owned shared-cipher to be not editable anymore when set to read-only.~~ * Cleanup the json_data by removing the `Response` key/values from several objects. - delete_all: * Do not delete all Collections during the Purge of an Organization (same as upstream). cipher.rs: - Cipher::to_json: * Updated json response to match upstream. * Return empty json object if there is no type_data instead of values which should not be set for the type_data. organizations.rs: * Added two new endpoints to prevent Javascript errors regarding tax organization.rs: - Organization::to_json: * Updated response model to match upstream - UserOrganization::to_json: * Updated response model to match upstream collection.rs: - Collection::{to_json, to_json_details}: * Updated the json response model, and added a detailed version used during the sync - hide_passwords_for_user: * Added this function to return if the passwords should be hidden or not for the user at the specific collection (used by `to_json_details`) Update 1: Some small changes after comments from @jjlin. Update 2: Fixed vault purge by user to make sure the cipher is not part of an organization. Resolves #971 Closes #990, Closes #991
2025-09-10 10:45:57 +03:00 · 2021-01-31 21:46:37 +01:00
parent 4628e4519d
commit 7dff8c01dd
5 changed files with 166 additions and 43 deletions
--- a/src/db/models/organization.rs
+++ b/src/db/models/organization.rs
@@ -147,9 +147,10 @@ impl Organization {
    pub fn to_json(&self) -> Value {
        json!({
            "Id": self.uuid,
+            "Identifier": null, // not supported by us
            "Name": self.name,
-            "Seats": 10,
-            "MaxCollections": 10,
+            "Seats": 10, // The value doesn't matter, we don't check server-side
+            "MaxCollections": 10, // The value doesn't matter, we don't check server-side
            "MaxStorageGb": 10, // The value doesn't matter, we don't check server-side
            "Use2fa": true,
            "UseDirectory": false,
@@ -157,6 +158,9 @@ impl Organization {
            "UseGroups": false,
            "UseTotp": true,
            "UsePolicies": true,
+            "UseSso": false, // We do not support SSO
+            "SelfHost": true,
+            "UseApi": false, // not supported by us

            "BusinessName": null,
            "BusinessAddress1": null,
@@ -274,9 +278,10 @@ impl UserOrganization {

        json!({
            "Id": self.org_uuid,
+            "Identifier": null, // not supported by us
            "Name": org.name,
-            "Seats": 10,
-            "MaxCollections": 10,
+            "Seats": 10, // The value doesn't matter, we don't check server-side
+            "MaxCollections": 10, // The value doesn't matter, we don't check server-side
            "UsersGetPremium": true,

            "Use2fa": true,
@@ -285,8 +290,30 @@ impl UserOrganization {
            "UseGroups": false,
            "UseTotp": true,
            "UsePolicies": true,
-            "UseApi": false,
+            "UseApi": false, // not supported by us
            "SelfHost": true,
+            "SsoBound": false, // We do not support SSO
+            "UseSso": false, // We do not support SSO
+            // TODO: Add support for Business Portal
+            // Upstream is moving Policies and SSO management outside of the web-vault to /portal
+            // For now they still have that code also in the web-vault, but they will remove it at some point.
+            // https://github.com/bitwarden/server/tree/master/bitwarden_license/src/
+            "UseBusinessPortal": false, // Disable BusinessPortal Button
+
+            // TODO: Add support for Custom User Roles
+            // See: https://bitwarden.com/help/article/user-types-access-control/#custom-role
+            // "Permissions": {
+            //     "AccessBusinessPortal": false,
+            //     "AccessEventLogs": false,
+            //     "AccessImportExport": false,
+            //     "AccessReports": false,
+            //     "ManageAllCollections": false,
+            //     "ManageAssignedCollections": false,
+            //     "ManageGroups": false,
+            //     "ManagePolicies": false,
+            //     "ManageSso": false,
+            //     "ManageUsers": false
+            // },

            "MaxStorageGb": 10, // The value doesn't matter, we don't check server-side