Resolves dani-garcia/bitwarden_rs#981

* a user without 2fa trying to join a 2fa org will fail, but user gets an email to enable 2fa * a user disabling 2fa will be removed from 2fa orgs; user gets an email for each org * an org enabling 2fa policy will remove users without 2fa; users get an email
2025-09-10 18:55:57 +03:00 · 2021-04-11 22:57:17 -04:00
parent b268c3dd1c
commit d75a80bd2d
8 changed files with 228 additions and 2 deletions
--- a/src/db/models/organization.rs
+++ b/src/db/models/organization.rs
@@ -2,7 +2,7 @@ use serde_json::Value;
 use std::cmp::Ordering;
 use num_traits::FromPrimitive;

-use super::{CollectionUser, User, OrgPolicy};
+use super::{CollectionUser, User, OrgPolicy, OrgPolicyType};

 db_object! {
    #[derive(Identifiable, Queryable, Insertable, AsChangeset)]
@@ -538,6 +538,25 @@ impl UserOrganization {
        }}
    }

+    pub fn find_by_user_and_policy(user_uuid: &str, policy_type: OrgPolicyType, conn: &DbConn) -> Vec<Self> {
+        db_run! { conn: {
+            users_organizations::table
+                .inner_join(
+                    org_policies::table.on(
+                        org_policies::org_uuid.eq(users_organizations::org_uuid)
+                            .and(users_organizations::user_uuid.eq(user_uuid))
+                            .and(org_policies::atype.eq(policy_type as i32))
+                            .and(org_policies::enabled.eq(true)))
+                )
+                .filter(
+                    users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
+                )
+                .select(users_organizations::all_columns)
+                .load::<UserOrganizationDb>(conn)
+                .unwrap_or_default().from_db()
+        }}
+    }
+
    pub fn find_by_cipher_and_org(cipher_uuid: &str, org_uuid: &str, conn: &DbConn) -> Vec<Self> {
        db_run! { conn: {
            users_organizations::table