Merge pull request #3704 from BlackDex/remove-debug-code

Remove debug code during attachment download
2025-09-10 18:55:57 +03:00 · 2023-07-17 18:22:56 +02:00 · 2023-07-17 15:36:54 +02:00 · 2023-07-14 20:43:51 +02:00 · 2023-07-14 20:43:32 +02:00 · 2023-07-12 22:04:18 +02:00
5 changed files with 31 additions and 40 deletions
--- a/src/api/core/organizations.rs
+++ b/src/api/core/organizations.rs
@@ -6,8 +6,7 @@ use serde_json::Value;
 use crate::{
    api::{
        core::{log_event, CipherSyncData, CipherSyncType},
-        ApiResult, EmptyResult, JsonResult, JsonUpcase, JsonUpcaseVec, JsonVec, Notify, NumberOrString, PasswordData,
-        UpdateType,
+        EmptyResult, JsonResult, JsonUpcase, JsonUpcaseVec, JsonVec, Notify, NumberOrString, PasswordData, UpdateType,
    },
    auth::{decode_invite, AdminHeaders, Headers, ManagerHeaders, ManagerHeadersLoose, OwnerHeaders},
    db::{models::*, DbConn},
@@ -468,7 +467,11 @@ async fn post_organization_collection_update(
    }

    collection.name = data.Name;
-    collection.external_id = data.ExternalId;
+    collection.external_id = match data.ExternalId {
+        Some(external_id) if !external_id.trim().is_empty() => Some(external_id),
+        _ => None,
+    };
+
    collection.save(&mut conn).await?;

    log_event(
@@ -2222,29 +2225,22 @@ struct GroupRequest {
 }

 impl GroupRequest {
-    pub fn to_group(&self, organizations_uuid: &str) -> ApiResult<Group> {
-        match self.AccessAll {
-            Some(access_all_value) => Ok(Group::new(
-                organizations_uuid.to_owned(),
-                self.Name.clone(),
-                access_all_value,
-                self.ExternalId.clone(),
-            )),
-            _ => err!("Could not convert GroupRequest to Group, because AccessAll has no value!"),
-        }
+    pub fn to_group(&self, organizations_uuid: &str) -> Group {
+        Group::new(
+            String::from(organizations_uuid),
+            self.Name.clone(),
+            self.AccessAll.unwrap_or(false),
+            self.ExternalId.clone(),
+        )
    }

-    pub fn update_group(&self, mut group: Group) -> ApiResult<Group> {
-        match self.AccessAll {
-            Some(access_all_value) => {
-                group.name = self.Name.clone();
-                group.access_all = access_all_value;
-                group.set_external_id(self.ExternalId.clone());
+    pub fn update_group(&self, mut group: Group) -> Group {
+        group.name = self.Name.clone();
+        group.access_all = self.AccessAll.unwrap_or(false);
+        // Group Updates do not support changing the external_id
+        // These input fields are in a disabled state, and can only be updated/added via ldap_import

-                Ok(group)
-            }
-            _ => err!("Could not update group, because AccessAll has no value!"),
-        }
+        group
    }
 }

@@ -2305,7 +2301,7 @@ async fn post_groups(
    }

    let group_request = data.into_inner().data;
-    let group = group_request.to_group(org_id)?;
+    let group = group_request.to_group(org_id);

    log_event(
        EventType::GroupCreated as i32,
@@ -2339,7 +2335,7 @@ async fn put_group(
    };

    let group_request = data.into_inner().data;
-    let updated_group = group_request.update_group(group)?;
+    let updated_group = group_request.update_group(group);

    CollectionGroup::delete_all_by_group(group_id, &mut conn).await?;
    GroupUser::delete_all_by_group(group_id, &mut conn).await?;
--- a/src/api/web.rs
+++ b/src/api/web.rs
@@ -94,7 +94,7 @@ async fn web_files(p: PathBuf) -> Cached<Option<NamedFile>> {

 #[get("/attachments/<uuid>/<file_id>?<token>")]
 async fn attachments(uuid: SafeString, file_id: SafeString, token: String) -> Option<NamedFile> {
-    let Ok(claims) = dbg!(decode_file_download(&token)) else { return None };
+    let Ok(claims) = decode_file_download(&token) else { return None };
    if claims.sub != *uuid || claims.file_id != *file_id {
        return None;
    }
--- a/src/db/models/group.rs
+++ b/src/db/models/group.rs
@@ -94,18 +94,11 @@ impl Group {
    }

    pub fn set_external_id(&mut self, external_id: Option<String>) {
-        //Check if external id is empty. We don't want to have
-        //empty strings in the database
-        match external_id {
-            Some(external_id) => {
-                if external_id.is_empty() {
-                    self.external_id = None;
-                } else {
-                    self.external_id = Some(external_id)
-                }
-            }
-            None => self.external_id = None,
-        }
+        // Check if external_id is empty. We do not want to have empty strings in the database
+        self.external_id = match external_id {
+            Some(external_id) if !external_id.trim().is_empty() => Some(external_id),
+            _ => None,
+        };
    }
 }

--- a/src/db/models/organization.rs
+++ b/src/db/models/organization.rs
@@ -434,6 +434,7 @@ impl UserOrganization {
            "UserId": self.user_uuid,
            "Name": user.name,
            "Email": user.email,
+            "ExternalId": user.external_id,
            "Groups": groups,
            "Collections": collections,

@@ -441,7 +442,7 @@ impl UserOrganization {
            "Type": self.atype,
            "AccessAll": self.access_all,
            "TwoFactorEnabled": twofactor_enabled,
-            "ResetPasswordEnrolled":self.reset_password_key.is_some(),
+            "ResetPasswordEnrolled": self.reset_password_key.is_some(),

            "Object": "organizationUserUserDetails",
        })
@@ -804,7 +805,7 @@ impl OrganizationApiKey {
                let value = OrganizationApiKeyDb::to_db(self);
                diesel::insert_into(organization_api_key::table)
                    .values(&value)
-                    .on_conflict(organization_api_key::uuid)
+                    .on_conflict((organization_api_key::uuid, organization_api_key::org_uuid))
                    .do_update()
                    .set(&value)
                    .execute(conn)
--- a/src/util.rs
+++ b/src/util.rs
@@ -80,6 +80,7 @@ impl Fairing for AppHeaders {
                  https://app.simplelogin.io/api/ \
                  https://app.anonaddy.com/api/ \
                  https://api.fastmail.com/ \
+                  https://api.forwardemail.net \
                  ;\
                ",
                icon_service_csp = CONFIG._icon_service_csp(),
Author	SHA1	Message	Date
Daniel García	3dbfc484a5	Merge pull request #3704 from BlackDex/remove-debug-code Remove debug code during attachment download	2023-07-17 18:22:56 +02:00
BlackDex	4ec2507073	Remove debug code during attachment download There was some debug code during attachment downloads. This produces extra logs not needed or even wanted.	2023-07-17 15:36:54 +02:00
Daniel García	ab65d7989b	Merge pull request #3690 from BlackDex/fix-issue-3685 Fix some external_id issues	2023-07-14 20:43:51 +02:00
Daniel García	8707728cdb	Merge pull request #3686 from GeekCornerGH/feat/add-forwardemail-support feat: Add support for forwardemail	2023-07-14 20:43:32 +02:00
BlackDex	631d022e17	Fix some external_id issues - Do not update `externalId` on group updates Groups are only updated via the web-vault currently, and those do not send the `externalId` value, and thus we need to prevent updating it. - Refactored some other ExternalId functions - Prevent empty `externalId` on `Collections` - Return `externalId` for users Fixes #3685	2023-07-12 22:04:18 +02:00
GeekCorner	211f4492fa	feat: Add support for forwardemail	2023-07-12 10:50:41 +02:00
Daniel García	61f9081827	Merge pull request #3678 from BlackDex/fix-org-api-creation-postgres Fix Org API Key generation on PosgreSQL	2023-07-10 17:59:53 +02:00
BlackDex	a8e5384c4a	Fix Org API Key generation on PosgreSQL Using PostgreSQL creating or rotating the Org API Key failed because of some query mismatch. This PR fixes that. Fixes https://github.com/dani-garcia/vaultwarden/discussions/3671#discussioncomment-6400394	2023-07-10 15:29:06 +02:00