@ -5,35 +5,37 @@ use super::{
Attachment , CollectionCipher , FolderCipher , Organization , User , UserOrgStatus , UserOrgType , UserOrganization ,
Attachment , CollectionCipher , FolderCipher , Organization , User , UserOrgStatus , UserOrgType , UserOrganization ,
} ;
} ;
#[ derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset) ]
db_object ! {
#[ table_name = " ciphers " ]
#[ derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset) ]
#[ changeset_options(treat_none_as_null= " true " ) ]
#[ table_name = " ciphers " ]
#[ belongs_to(User, foreign_key = " user_uuid " ) ]
#[ changeset_options(treat_none_as_null= " true " ) ]
#[ belongs_to(Organization, foreign_key = " organization_uuid " ) ]
#[ belongs_to(User, foreign_key = " user_uuid " ) ]
#[ primary_key(uuid) ]
#[ belongs_to(Organization, foreign_key = " organization_uuid " ) ]
pub struct Cipher {
#[ primary_key(uuid) ]
pub uuid : String ,
pub struct Cipher {
pub created_at : NaiveDateTime ,
pub uuid : String ,
pub updated_at : NaiveDateTime ,
pub created_at : NaiveDateTime ,
pub updated_at : NaiveDateTime ,
pub user_uuid : Option < String > ,
pub organization_uuid : Option < String > ,
pub user_uuid : Option < String > ,
pub organization_uuid : Option < String > ,
/*
Login = 1 ,
/*
SecureNote = 2 ,
Login = 1 ,
Card = 3 ,
SecureNote = 2 ,
Identity = 4
Card = 3 ,
* /
Identity = 4
pub atype : i32 ,
* /
pub name : String ,
pub atype : i32 ,
pub notes : Option < String > ,
pub name : String ,
pub fields : Option < String > ,
pub notes : Option < String > ,
pub fields : Option < String > ,
pub data : String ,
pub data : String ,
pub password_history : Option < String > ,
pub deleted_at : Option < NaiveDateTime > ,
pub password_history : Option < String > ,
pub deleted_at : Option < NaiveDateTime > ,
}
}
}
/// Local methods
/// Local methods
@ -62,9 +64,7 @@ impl Cipher {
}
}
}
}
use crate ::db ::schema ::* ;
use crate ::db ::DbConn ;
use crate ::db ::DbConn ;
use diesel ::prelude ::* ;
use crate ::api ::EmptyResult ;
use crate ::api ::EmptyResult ;
use crate ::error ::MapResult ;
use crate ::error ::MapResult ;
@ -81,7 +81,7 @@ impl Cipher {
let password_history_json = self . password_history . as_ref ( ) . and_then ( | s | serde_json ::from_str ( s ) . ok ( ) ) . unwrap_or ( Value ::Null ) ;
let password_history_json = self . password_history . as_ref ( ) . and_then ( | s | serde_json ::from_str ( s ) . ok ( ) ) . unwrap_or ( Value ::Null ) ;
let ( read_only , hide_passwords ) =
let ( read_only , hide_passwords ) =
match self . get_access_restrictions ( & user_uuid , & conn ) {
match self . get_access_restrictions ( & user_uuid , conn ) {
Some ( ( ro , hp ) ) = > ( ro , hp ) ,
Some ( ( ro , hp ) ) = > ( ro , hp ) ,
None = > {
None = > {
error ! ( "Cipher ownership assertion failure" ) ;
error ! ( "Cipher ownership assertion failure" ) ;
@ -125,14 +125,14 @@ impl Cipher {
"Type" : self . atype ,
"Type" : self . atype ,
"RevisionDate" : format_date ( & self . updated_at ) ,
"RevisionDate" : format_date ( & self . updated_at ) ,
"DeletedDate" : self . deleted_at . map_or ( Value ::Null , | d | Value ::String ( format_date ( & d ) ) ) ,
"DeletedDate" : self . deleted_at . map_or ( Value ::Null , | d | Value ::String ( format_date ( & d ) ) ) ,
"FolderId" : self . get_folder_uuid ( & user_uuid , & conn ) ,
"FolderId" : self . get_folder_uuid ( & user_uuid , conn ) ,
"Favorite" : self . is_favorite ( & user_uuid , & conn ) ,
"Favorite" : self . is_favorite ( & user_uuid , conn ) ,
"OrganizationId" : self . organization_uuid ,
"OrganizationId" : self . organization_uuid ,
"Attachments" : attachments_json ,
"Attachments" : attachments_json ,
"OrganizationUseTotp" : true ,
"OrganizationUseTotp" : true ,
// This field is specific to the cipherDetails type.
// This field is specific to the cipherDetails type.
"CollectionIds" : self . get_collections ( user_uuid , & conn ) ,
"CollectionIds" : self . get_collections ( user_uuid , conn ) ,
"Name" : self . name ,
"Name" : self . name ,
"Notes" : self . notes ,
"Notes" : self . notes ,
@ -183,41 +183,42 @@ impl Cipher {
user_uuids
user_uuids
}
}
#[ cfg(feature = " postgresql " ) ]
pub fn save ( & mut self , conn : & DbConn ) -> EmptyResult {
self . update_users_revision ( conn ) ;
self . updated_at = Utc ::now ( ) . naive_utc ( ) ;
diesel ::insert_into ( ciphers ::table )
. values ( & * self )
. on_conflict ( ciphers ::uuid )
. do_update ( )
. set ( & * self )
. execute ( & * * conn )
. map_res ( "Error saving cipher" )
}
#[ cfg(not(feature = " postgresql " )) ]
pub fn save ( & mut self , conn : & DbConn ) -> EmptyResult {
pub fn save ( & mut self , conn : & DbConn ) -> EmptyResult {
self . update_users_revision ( conn ) ;
self . update_users_revision ( conn ) ;
self . updated_at = Utc ::now ( ) . naive_utc ( ) ;
self . updated_at = Utc ::now ( ) . naive_utc ( ) ;
diesel ::replace_into ( ciphers ::table )
db_run ! { conn :
. values ( & * self )
sqlite , mysql {
. execute ( & * * conn )
diesel ::replace_into ( ciphers ::table )
. map_res ( "Error saving cipher" )
. values ( CipherDb ::to_db ( self ) )
. execute ( conn )
. map_res ( "Error saving cipher" )
}
postgresql {
let value = CipherDb ::to_db ( self ) ;
diesel ::insert_into ( ciphers ::table )
. values ( & value )
. on_conflict ( ciphers ::uuid )
. do_update ( )
. set ( & value )
. execute ( conn )
. map_res ( "Error saving cipher" )
}
}
}
}
pub fn delete ( & self , conn : & DbConn ) -> EmptyResult {
pub fn delete ( & self , conn : & DbConn ) -> EmptyResult {
self . update_users_revision ( conn ) ;
self . update_users_revision ( conn ) ;
FolderCipher ::delete_all_by_cipher ( & self . uuid , & conn ) ? ;
FolderCipher ::delete_all_by_cipher ( & self . uuid , conn ) ? ;
CollectionCipher ::delete_all_by_cipher ( & self . uuid , & conn ) ? ;
CollectionCipher ::delete_all_by_cipher ( & self . uuid , conn ) ? ;
Attachment ::delete_all_by_cipher ( & self . uuid , & conn ) ? ;
Attachment ::delete_all_by_cipher ( & self . uuid , conn ) ? ;
diesel ::delete ( ciphers ::table . filter ( ciphers ::uuid . eq ( & self . uuid ) ) )
db_run ! { conn : {
. execute ( & * * conn )
diesel ::delete ( ciphers ::table . filter ( ciphers ::uuid . eq ( & self . uuid ) ) )
. map_res ( "Error deleting cipher" )
. execute ( conn )
. map_res ( "Error deleting cipher" )
} }
}
}
pub fn delete_all_by_organization ( org_uuid : & str , conn : & DbConn ) -> EmptyResult {
pub fn delete_all_by_organization ( org_uuid : & str , conn : & DbConn ) -> EmptyResult {
@ -235,28 +236,28 @@ impl Cipher {
}
}
pub fn move_to_folder ( & self , folder_uuid : Option < String > , user_uuid : & str , conn : & DbConn ) -> EmptyResult {
pub fn move_to_folder ( & self , folder_uuid : Option < String > , user_uuid : & str , conn : & DbConn ) -> EmptyResult {
User ::update_uuid_revision ( user_uuid , & conn ) ;
User ::update_uuid_revision ( user_uuid , conn ) ;
match ( self . get_folder_uuid ( & user_uuid , & conn ) , folder_uuid ) {
match ( self . get_folder_uuid ( & user_uuid , conn ) , folder_uuid ) {
// No changes
// No changes
( None , None ) = > Ok ( ( ) ) ,
( None , None ) = > Ok ( ( ) ) ,
( Some ( ref old ) , Some ( ref new ) ) if old = = new = > Ok ( ( ) ) ,
( Some ( ref old ) , Some ( ref new ) ) if old = = new = > Ok ( ( ) ) ,
// Add to folder
// Add to folder
( None , Some ( new ) ) = > FolderCipher ::new ( & new , & self . uuid ) . save ( & conn ) ,
( None , Some ( new ) ) = > FolderCipher ::new ( & new , & self . uuid ) . save ( conn ) ,
// Remove from folder
// Remove from folder
( Some ( old ) , None ) = > match FolderCipher ::find_by_folder_and_cipher ( & old , & self . uuid , & conn ) {
( Some ( old ) , None ) = > match FolderCipher ::find_by_folder_and_cipher ( & old , & self . uuid , conn ) {
Some ( old ) = > old . delete ( & conn ) ,
Some ( old ) = > old . delete ( conn ) ,
None = > err ! ( "Couldn't move from previous folder" ) ,
None = > err ! ( "Couldn't move from previous folder" ) ,
} ,
} ,
// Move to another folder
// Move to another folder
( Some ( old ) , Some ( new ) ) = > {
( Some ( old ) , Some ( new ) ) = > {
if let Some ( old ) = FolderCipher ::find_by_folder_and_cipher ( & old , & self . uuid , & conn ) {
if let Some ( old ) = FolderCipher ::find_by_folder_and_cipher ( & old , & self . uuid , conn ) {
old . delete ( & conn ) ? ;
old . delete ( conn ) ? ;
}
}
FolderCipher ::new ( & new , & self . uuid ) . save ( & conn )
FolderCipher ::new ( & new , & self . uuid ) . save ( conn )
}
}
}
}
}
}
@ -269,7 +270,7 @@ impl Cipher {
/// Returns whether this cipher is owned by an org in which the user has full access.
/// Returns whether this cipher is owned by an org in which the user has full access.
pub fn is_in_full_access_org ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
pub fn is_in_full_access_org ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
if let Some ( ref org_uuid ) = self . organization_uuid {
if let Some ( ref org_uuid ) = self . organization_uuid {
if let Some ( user_org ) = UserOrganization ::find_by_user_and_org ( & user_uuid , & org_uuid , & conn ) {
if let Some ( user_org ) = UserOrganization ::find_by_user_and_org ( & user_uuid , & org_uuid , conn ) {
return user_org . has_full_access ( ) ;
return user_org . has_full_access ( ) ;
}
}
}
}
@ -290,38 +291,40 @@ impl Cipher {
return Some ( ( false , false ) ) ;
return Some ( ( false , false ) ) ;
}
}
// Check whether this cipher is in any collections accessible to the
db_run ! { conn : {
// user. If so, retrieve the access flags for each collection.
// Check whether this cipher is in any collections accessible to the
let query = ciphers ::table
// user. If so, retrieve the access flags for each collection.
. filter ( ciphers ::uuid . eq ( & self . uuid ) )
let query = ciphers ::table
. inner_join ( ciphers_collections ::table . on (
. filter ( ciphers ::uuid . eq ( & self . uuid ) )
ciphers ::uuid . eq ( ciphers_collections ::cipher_uuid ) ) )
. inner_join ( ciphers_collections ::table . on (
. inner_join ( users_collections ::table . on (
ciphers ::uuid . eq ( ciphers_collections ::cipher_uuid ) ) )
ciphers_collections ::collection_uuid . eq ( users_collections ::collection_uuid )
. inner_join ( users_collections ::table . on (
. and ( users_collections ::user_uuid . eq ( user_uuid ) ) ) )
ciphers_collections ::collection_uuid . eq ( users_collections ::collection_uuid )
. select ( ( users_collections ::read_only , users_collections ::hide_passwords ) ) ;
. and ( users_collections ::user_uuid . eq ( user_uuid ) ) ) )
. select ( ( users_collections ::read_only , users_collections ::hide_passwords ) ) ;
// There's an edge case where a cipher can be in multiple collections
// with inconsistent access flags. For example, a cipher could be in
// There's an edge case where a cipher can be in multiple collections
// one collection where the user has read-only access, but also in
// with inconsistent access flags. For example, a cipher could be in
// another collection where the user has read/write access. To handle
// one collection where the user has read-only access, but also in
// this, we do a boolean OR of all values in each of the `read_only`
// another collection where the user has read/write access. To handle
// and `hide_passwords` columns. This could ideally be done as part
// this, we do a boolean OR of all values in each of the `read_only`
// of the query, but Diesel doesn't support a max() or bool_or()
// and `hide_passwords` columns. This could ideally be done as part
// function on booleans and this behavior isn't portable anyway.
// of the query, but Diesel doesn't support a max() or bool_or()
if let Some ( vec ) = query . load ::< ( bool , bool ) > ( & * * conn ) . ok ( ) {
// function on booleans and this behavior isn't portable anyway.
let mut read_only = false ;
if let Some ( vec ) = query . load ::< ( bool , bool ) > ( conn ) . ok ( ) {
let mut hide_passwords = false ;
let mut read_only = false ;
for ( ro , hp ) in vec . iter ( ) {
let mut hide_passwords = false ;
read_only | = ro ;
for ( ro , hp ) in vec . iter ( ) {
hide_passwords | = hp ;
read_only | = ro ;
}
hide_passwords | = hp ;
}
Some ( ( read_only , hide_passwords ) )
Some ( ( read_only , hide_passwords ) )
} else {
} else {
// This cipher isn't in any collections accessible to the user.
// This cipher isn't in any collections accessible to the user.
None
None
}
}
} }
}
}
pub fn is_write_accessible_to_user ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
pub fn is_write_accessible_to_user ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
@ -337,12 +340,14 @@ impl Cipher {
// Returns whether this cipher is a favorite of the specified user.
// Returns whether this cipher is a favorite of the specified user.
pub fn is_favorite ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
pub fn is_favorite ( & self , user_uuid : & str , conn : & DbConn ) -> bool {
let query = favorites ::table
db_run ! { conn : {
. filter ( favorites ::user_uuid . eq ( user_uuid ) )
let query = favorites ::table
. filter ( favorites ::cipher_uuid . eq ( & self . uuid ) )
. filter ( favorites ::user_uuid . eq ( user_uuid ) )
. count ( ) ;
. filter ( favorites ::cipher_uuid . eq ( & self . uuid ) )
. count ( ) ;
query . first ::< i64 > ( & * * conn ) . ok ( ) . unwrap_or ( 0 ) ! = 0
query . first ::< i64 > ( conn ) . ok ( ) . unwrap_or ( 0 ) ! = 0
} }
}
}
// Updates whether this cipher is a favorite of the specified user.
// Updates whether this cipher is a favorite of the specified user.
@ -356,23 +361,27 @@ impl Cipher {
match ( old , new ) {
match ( old , new ) {
( false , true ) = > {
( false , true ) = > {
User ::update_uuid_revision ( user_uuid , & conn ) ;
User ::update_uuid_revision ( user_uuid , & conn ) ;
diesel ::insert_into ( favorites ::table )
db_run ! { conn : {
. values ( (
diesel ::insert_into ( favorites ::table )
favorites ::user_uuid . eq ( user_uuid ) ,
. values ( (
favorites ::cipher_uuid . eq ( & self . uuid ) ,
favorites ::user_uuid . eq ( user_uuid ) ,
) )
favorites ::cipher_uuid . eq ( & self . uuid ) ,
. execute ( & * * conn )
) )
. map_res ( "Error adding favorite" )
. execute ( conn )
. map_res ( "Error adding favorite" )
} }
}
}
( true , false ) = > {
( true , false ) = > {
User ::update_uuid_revision ( user_uuid , & conn ) ;
User ::update_uuid_revision ( user_uuid , & conn ) ;
diesel ::delete (
db_run ! { conn : {
favorites ::table
diesel ::delete (
. filter ( favorites ::user_uuid . eq ( user_uuid ) )
favorites ::table
. filter ( favorites ::cipher_uuid . eq ( & self . uuid ) )
. filter ( favorites ::user_uuid . eq ( user_uuid ) )
)
. filter ( favorites ::cipher_uuid . eq ( & self . uuid ) )
. execute ( & * * conn )
)
. map_res ( "Error removing favorite" )
. execute ( conn )
. map_res ( "Error removing favorite" )
} }
}
}
// Otherwise, the favorite status is already what it should be.
// Otherwise, the favorite status is already what it should be.
_ = > Ok ( ( ) )
_ = > Ok ( ( ) )
@ -380,112 +389,131 @@ impl Cipher {
}
}
pub fn get_folder_uuid ( & self , user_uuid : & str , conn : & DbConn ) -> Option < String > {
pub fn get_folder_uuid ( & self , user_uuid : & str , conn : & DbConn ) -> Option < String > {
folders_ciphers ::table
db_run ! { conn : {
. inner_join ( folders ::table )
folders_ciphers ::table
. filter ( folders ::user_uuid . eq ( & user_uuid ) )
. inner_join ( folders ::table )
. filter ( folders_ciphers ::cipher_uuid . eq ( & self . uuid ) )
. filter ( folders ::user_uuid . eq ( & user_uuid ) )
. select ( folders_ciphers ::folder_uuid )
. filter ( folders_ciphers ::cipher_uuid . eq ( & self . uuid ) )
. first ::< String > ( & * * conn )
. select ( folders_ciphers ::folder_uuid )
. ok ( )
. first ::< String > ( conn )
. ok ( )
} }
}
}
pub fn find_by_uuid ( uuid : & str , conn : & DbConn ) -> Option < Self > {
pub fn find_by_uuid ( uuid : & str , conn : & DbConn ) -> Option < Self > {
ciphers ::table
db_run ! { conn : {
. filter ( ciphers ::uuid . eq ( uuid ) )
ciphers ::table
. first ::< Self > ( & * * conn )
. filter ( ciphers ::uuid . eq ( uuid ) )
. ok ( )
. first ::< CipherDb > ( conn )
. ok ( )
. from_db ( )
} }
}
}
// Find all ciphers accessible to user
// Find all ciphers accessible to user
pub fn find_by_user ( user_uuid : & str , conn : & DbConn ) -> Vec < Self > {
pub fn find_by_user ( user_uuid : & str , conn : & DbConn ) -> Vec < Self > {
ciphers ::table
db_run ! { conn : {
. left_join ( users_organizations ::table . on (
ciphers ::table
ciphers ::organization_uuid . eq ( users_organizations ::org_uuid . nullable ( ) ) . and (
. left_join ( users_organizations ::table . on (
users_organizations ::user_uuid . eq ( user_uuid ) . and (
ciphers ::organization_uuid . eq ( users_organizations ::org_uuid . nullable ( ) ) . and (
users_organizations ::status . eq ( UserOrgStatus ::Confirmed as i32 )
users_organizations ::user_uuid . eq ( user_uuid ) . and (
)
users_organizations ::status . eq ( UserOrgStatus ::Confirmed as i32 )
)
)
) )
. left_join ( ciphers_collections ::table . on (
ciphers ::uuid . eq ( ciphers_collections ::cipher_uuid )
) )
. left_join ( users_collections ::table . on (
ciphers_collections ::collection_uuid . eq ( users_collections ::collection_uuid )
) )
. filter ( ciphers ::user_uuid . eq ( user_uuid ) . or ( // Cipher owner
users_organizations ::access_all . eq ( true ) . or ( // access_all in Organization
users_organizations ::atype . le ( UserOrgType ::Admin as i32 ) . or ( // Org admin or owner
users_collections ::user_uuid . eq ( user_uuid ) . and ( // Access to Collection
users_organizations ::status . eq ( UserOrgStatus ::Confirmed as i32 )
)
)
)
) )
)
. left_join ( ciphers_collections ::table . on (
) )
ciphers ::uuid . eq ( ciphers_collections ::cipher_uuid )
. select ( ciphers ::all_columns )
) )
. distinct ( )
. left_join ( users_collections ::table . on (
. load ::< Self > ( & * * conn ) . expect ( "Error loading ciphers" )
ciphers_collections ::collection_uuid . eq ( users_collections ::collection_uuid )
) )
. filter ( ciphers ::user_uuid . eq ( user_uuid ) . or ( // Cipher owner
users_organizations ::access_all . eq ( true ) . or ( // access_all in Organization
users_organizations ::atype . le ( UserOrgType ::Admin as i32 ) . or ( // Org admin or owner
users_collections ::user_uuid . eq ( user_uuid ) . and ( // Access to Collection
users_organizations ::status . eq ( UserOrgStatus ::Confirmed as i32 )
)
)
)
) )
. select ( ciphers ::all_columns )
. distinct ( )
. load ::< CipherDb > ( conn ) . expect ( "Error loading ciphers" ) . from_db ( )
} }
}
}
// Find all ciphers directly owned by user
// Find all ciphers directly owned by user
pub fn find_owned_by_user ( user_uuid : & str , conn : & DbConn ) -> Vec < Self > {
pub fn find_owned_by_user ( user_uuid : & str , conn : & DbConn ) -> Vec < Self > {
ciphers ::table
db_run ! { conn : {
. filter ( ciphers ::user_uuid . eq ( user_uuid ) )
ciphers ::table
. load ::< Self > ( & * * conn ) . expect ( "Error loading ciphers" )
. filter ( ciphers ::user_uuid . eq ( user_uuid ) )
. load ::< CipherDb > ( conn ) . expect ( "Error loading ciphers" ) . from_db ( )
} }
}
}
pub fn count_owned_by_user ( user_uuid : & str , conn : & DbConn ) -> i64 {
pub fn count_owned_by_user ( user_uuid : & str , conn : & DbConn ) -> i64 {
ciphers ::table
db_run ! { conn : {
. filter ( ciphers ::user_uuid . eq ( user_uuid ) )
ciphers ::table
. count ( )
. filter ( ciphers ::user_uuid . eq ( user_uuid ) )
. first ::< i64 > ( & * * conn )
. count ( )
. ok ( )
. first ::< i64 > ( conn )
. unwrap_or ( 0 )
. ok ( )
. unwrap_or ( 0 )
} }
}
}
pub fn find_by_org ( org_uuid : & str , conn : & DbConn ) -> Vec < Self > {
pub fn find_by_org ( org_uuid : & str , conn : & DbConn ) -> Vec < Self > {
ciphers ::table
db_run ! { conn : {
. filter ( ciphers ::organization_uuid . eq ( org_uuid ) )
ciphers ::table
. load ::< Self > ( & * * conn ) . expect ( "Error loading ciphers" )
. filter ( ciphers ::organization_uuid . eq ( org_uuid ) )
. load ::< CipherDb > ( conn ) . expect ( "Error loading ciphers" ) . from_db ( )
} }
}
}
pub fn count_by_org ( org_uuid : & str , conn : & DbConn ) -> i64 {
pub fn count_by_org ( org_uuid : & str , conn : & DbConn ) -> i64 {
ciphers ::table
db_run ! { conn : {
. filter ( ciphers ::organization_uuid . eq ( org_uuid ) )
ciphers ::table
. count ( )
. filter ( ciphers ::organization_uuid . eq ( org_uuid ) )
. first ::< i64 > ( & * * conn )
. count ( )
. ok ( )
. first ::< i64 > ( conn )
. unwrap_or ( 0 )
. ok ( )
. unwrap_or ( 0 )
} }
}
}
pub fn find_by_folder ( folder_uuid : & str , conn : & DbConn ) -> Vec < Self > {
pub fn find_by_folder ( folder_uuid : & str , conn : & DbConn ) -> Vec < Self > {
folders_ciphers ::table . inner_join ( ciphers ::table )
db_run ! { conn : {
. filter ( folders_ciphers ::folder_uuid . eq ( folder_uuid ) )
folders_ciphers ::table . inner_join ( ciphers ::table )
. select ( ciphers ::all_columns )
. filter ( folders_ciphers ::folder_uuid . eq ( folder_uuid ) )
. load ::< Self > ( & * * conn ) . expect ( "Error loading ciphers" )
. select ( ciphers ::all_columns )
. load ::< CipherDb > ( conn ) . expect ( "Error loading ciphers" ) . from_db ( )
} }
}
}
pub fn get_collections ( & self , user_id : & str , conn : & DbConn ) -> Vec < String > {
pub fn get_collections ( & self , user_id : & str , conn : & DbConn ) -> Vec < String > {
ciphers_collections ::table
db_run ! { conn : {
. inner_join ( collections ::table . on (
ciphers_collections ::table
collections ::uuid . eq ( ciphers_collections ::collection_uuid )
. inner_join ( collections ::table . on (
) )
collections ::uuid . eq ( ciphers_collections ::collection_uuid )
. inner_join ( users_organizations ::table . on (
) )
users_organizations ::org_uuid . eq ( collections ::org_uuid ) . and (
. inner_join ( users_organizations ::table . on (
users_organizations ::user_uuid . eq ( user_id )
users_organizations ::org_uuid . eq ( collections ::org_uuid ) . and (
)
users_organizations ::user_uuid . eq ( user_id )
) )
)
. left_join ( users_collections ::table . on (
) )
users_collections ::collection_uuid . eq ( ciphers_collections ::collection_uuid ) . and (
. left_join ( users_collections ::table . on (
users_collections ::user_uuid . eq ( user_id )
users_collections ::collection_uuid . eq ( ciphers_collections ::collection_uuid ) . and (
)
users_collections ::user_uuid . eq ( user_id )
) )
)
. filter ( ciphers_collections ::cipher_uuid . eq ( & self . uuid ) )
) )
. filter ( users_collections ::user_uuid . eq ( user_id ) . or ( // User has access to collection
. filter ( ciphers_collections ::cipher_uuid . eq ( & self . uuid ) )
users_organizations ::access_all . eq ( true ) . or ( // User has access all
. filter ( users_collections ::user_uuid . eq ( user_id ) . or ( // User has access to collection
users_organizations ::atype . le ( UserOrgType ::Admin as i32 ) // User is admin or owner
users_organizations ::access_all . eq ( true ) . or ( // User has access all
)
users_organizations ::atype . le ( UserOrgType ::Admin as i32 ) // User is admin or owner
) )
)
. select ( ciphers_collections ::collection_uuid )
) )
. load ::< String > ( & * * conn ) . unwrap_or_default ( )
. select ( ciphers_collections ::collection_uuid )
. load ::< String > ( conn ) . unwrap_or_default ( )
} }
}
}
}
}