Skip to content

Commit

Permalink
Fix issue related to user allowed folder by definition
Browse files Browse the repository at this point in the history
  • Loading branch information
@nilsteampassnet
nilsteampassnet committed Oct 31, 2024
1 parent 4ae7911 commit ddbb2d3
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 33 deletions.
2 changes: 1 addition & 1 deletion includes/config/include.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@

define('TP_VERSION', '3.1.2');
define("UPGRADE_MIN_DATE", "1727110744");
define('TP_VERSION_MINOR', '144');
define('TP_VERSION_MINOR', '145');
define('TP_TOOL_NAME', 'Teampass');
define('TP_ONE_DAY_SECONDS', 86400);
define('TP_ONE_WEEK_SECONDS', 604800);
Expand Down
30 changes: 15 additions & 15 deletions includes/tables_integrity.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,23 +9,23 @@
},
{
"table_name": "background_subtasks",
"structure_hash": "54f2e975e46967ae42ae5402f68f6748db047a9b7c6cd4beffb2d18155a9acf3"
"structure_hash": "7b4eb36d263132dd07e87cb27bc8018dfaeb83a74ac4c155cf1d365c49dceb98"
},
{
"table_name": "background_tasks",
"structure_hash": "089fe901b3cf7c5a47654279604bca68f3772ae970eac1adfdb75881b072fe20"
"structure_hash": "e772b139800353e3f4e6fb4988b58358ece6100a6e955889e01c5760a18496dd"
},
{
"table_name": "background_tasks_logs",
"structure_hash": "5a0edc7835ab2ee6a3c2ab8ec665d0ea3c3c20915467548b0b504f72071eb57f"
"structure_hash": "a4391b91f150d47503717bf9510bec04987b186aa5674d3752acd896c1368ab8"
},
{
"table_name": "cache",
"structure_hash": "a42189363fa630ce50aa709ac271020e710dc46949eb102ef33fba59a9bb625a"
"structure_hash": "70ef1f32b6b6ad9a64f05f02f48098203bcbd1d25bbc3888b942435ca0a902ac"
},
{
"table_name": "cache_tree",
"structure_hash": "54a46ee10114cbd70f1199a88dd51c6a25d668919e709283bc915b3d0d6e85c8"
"structure_hash": "f69f988e3080f317ed64751f79e14f31fcaaf6518ee5f7bc661d21d28b83ea5b"
},
{
"table_name": "categories",
Expand Down Expand Up @@ -57,15 +57,15 @@
},
{
"table_name": "items",
"structure_hash": "5e157cc138f056349dca650057ca2ba8eea21fedc5b3f2a29cde43cd20378e10"
"structure_hash": "818e6bf8129bdd6954fbbf7bd700b664b0ef41083f4141a70f30569899858ad3"
},
{
"table_name": "items_change",
"structure_hash": "1560c119b0aa9a2e983fbf56ad584da6fd8e35517fdbd9c1144e6144a35512dd"
},
{
"table_name": "items_edition",
"structure_hash": "6136a16c129449448ebfc7266ca42e86f020b3892e1c4aa869c2255176bd284e"
"structure_hash": "e47ac1d0a60dfc921f85bb618e0fa18cc80955f51da6c82ca90e9e7813a83981"
},
{
"table_name": "items_otp",
Expand Down Expand Up @@ -97,19 +97,19 @@
},
{
"table_name": "log_items",
"structure_hash": "d8bb457689d7e5e6343c0fa83c4d934323c4109f2eade8f3e365d6db031fd41f"
"structure_hash": "f29ee1e97b386ffe1ec9ad461f43592c86033c26d676df325dfab1638072807a"
},
{
"table_name": "log_system",
"structure_hash": "4b3ccbfe4abc5e9c60d84833483a9a7e2f29a3c8b29bb6d34b42df441430d0f4"
"structure_hash": "81d0d2379faa884c71ca8a31544c9136a47d322ddf547efea6e8871cdf626e04"
},
{
"table_name": "misc",
"structure_hash": "d3f4410ec4c37c578fb9486f889c7c714e6434d956d5d44c9049fb33d994bf0b"
"structure_hash": "f15d8b74690ff1b8518540d990c9c6650c7ca4dfef7fd5e10e84c0e80025b765"
},
{
"table_name": "nested_tree",
"structure_hash": "bd4056f24f5dc53535872c6b6821c03ab3191ea9ce0680c6050ae01fa2cd751d"
"structure_hash": "4ef87432650c25446c9c2b6c23c662b9876e48cf46c981cdc3f6a722a7a58cf4"
},
{
"table_name": "notification",
Expand Down Expand Up @@ -145,7 +145,7 @@
},
{
"table_name": "restriction_to_roles",
"structure_hash": "abb09363fe79997ed4e9d8563cb70da357cd9ba06322b91ede72554b883a2e52"
"structure_hash": "c4f0c0258dd10a4350b068d1ac298ee292a45b75f0fafb136a191dafece8f891"
},
{
"table_name": "rights",
Expand All @@ -169,7 +169,7 @@
},
{
"table_name": "sharekeys_items",
"structure_hash": "6b6d714ea462093c90d2ae16970cc7b3753c130611fca3830fa03c6a4dca44da"
"structure_hash": "b2ee750c2361cac5ca5cfc3d98de03ea080b69a3f90306ed56c929206dfa30ba"
},
{
"table_name": "sharekeys_logs",
Expand All @@ -185,15 +185,15 @@
},
{
"table_name": "tags",
"structure_hash": "827feb17a9599367ff539b5223ef2d696738aaa9a4029a3bb2dd2a2a75ccdcf9"
"structure_hash": "e0dd91554725bb2084ecd15154008bc34575bacf2b03d8cdb69960a46e8fe99d"
},
{
"table_name": "templates",
"structure_hash": "c5e9a2f81ee9afd61aae7ec79ea28ceb1773c5c48fb847bf61c0bf546b287266"
},
{
"table_name": "tokens",
"structure_hash": "33d70cb41a8742d39628d926bc175f9eb23343c128998f7116c99ae7b0c542a9"
"structure_hash": "75fbcb4913406a504a7d4f7c4af941469840aaa26db1a9bf3689a05774787d6c"
},
{
"table_name": "user_requests",
Expand Down
29 changes: 16 additions & 13 deletions pages/items.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3197,8 +3197,10 @@ function(data) {
);
return false;
}
if (debugJavascript === true) console.log('RETURNED DATA');
if (debugJavascript === true) console.log(data);
if (debugJavascript === true) {
console.log('RETURNED DATA');
console.log(data);
}
if (data.error === true) {
toastr.remove();
toastr.error(
Expand Down Expand Up @@ -3259,7 +3261,7 @@ function(data) {
// Close edit form and reopen folders-tree-card with refreshed item.
$('.form-item, #form-item-attachments-zone').addClass('hidden');
$('#folders-tree-card').removeClass('hidden');
item_id = store.get('teampassItem').id !== '' ? store.get('teampassItem').id : data.item_id;
item_id = store.get('teampassItem').id !== '' ? store.get('teampassItem').id : data.item_id;
Details(item_id, 'show', true);
}
}
Expand Down Expand Up @@ -4850,7 +4852,6 @@ function(teampassItem) {
}
);

//$('#items-list-container');
if (actionType === 'show') {
// Prepare Views
$('.item-details-card, #item-details-card-categories').removeClass('hidden');
Expand Down Expand Up @@ -4878,7 +4879,7 @@ function(teampassItem) {
$('#items-list-container').removeClass('col-md-7').addClass('hidden');
$('#items-details-container').removeClass('col-md-5').addClass('col-md-12');
}

// Show item details
$('#items-details-container').removeClass('hidden');

Expand Down Expand Up @@ -4984,7 +4985,6 @@ function(teampassItem) {
if (debugJavascript === true) console.log('onChange:', contents, $editable);
userDidAChange = true;
if (debugJavascript === true) console.log('User did a change on #form-item-suggestion-description > ' + userDidAChange);
//$('#form-item-suggestion-description').attr('data-change-ongoing', true);;
}
}
}
Expand Down Expand Up @@ -5346,10 +5346,10 @@ function(teampassItem) {
.attr('data-next-item-id', dataItemKey.next('.list-item-row').attr('data-item-id'))
.removeClass('hidden');
}
*/
if (debugJavascript === true) {
//console.log("PREV: " + dataItemKey.attr('data-item-key') + " - NEXT: " + $('#list-item-row_'+data.id).next('.list-item-row').attr('data-item-id'));
console.log("PREV: " + dataItemKey.attr('data-item-key') + " - NEXT: " + $('#list-item-row_'+data.id).next('.list-item-row').attr('data-item-id'));
}
*/

// Inform user
toastr.remove();
Expand Down Expand Up @@ -5510,8 +5510,10 @@ function(data) {
$.when(
getPrivilegesOnItem(selectedFolderId, 1)
).then(function(retData) {
console.log('getPrivilegesOnItem 3')
console.log(retData)
if (debugJavascript === true) {
console.log('getPrivilegesOnItem 3');
console.log(retData);
}
if (retData.error === true) {
toastr.remove();
toastr.error(
Expand Down Expand Up @@ -5655,9 +5657,10 @@ function(data) {
);
e.clearSelection();
});

console.log("-------------");
console.log(data);
if (debugJavascript === true) {
console.log("-------------");
console.log(data);
}

// Prepare recursive call to get new OTP code
var replayDelayInMilliseconds = data.otp_expires_in*1000;
Expand Down
18 changes: 15 additions & 3 deletions sources/items.queries.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4055,6 +4055,13 @@
array_push($arrTmp, 0);
}
}
} else {
// Ensure to give access Right if allowed folder
if (in_array($inputData['id'], $session->get('user-accessible_folders')) === true) {
array_push($arrTmp, 50);
} else {
array_push($arrTmp, 0);
}
}
}
// 3.0.0.0 - changed MIN to MAX
Expand Down Expand Up @@ -4446,11 +4453,11 @@
// ----- END CASE 6 -----
} elseif (
(int) $record['perso'] !== 1
&& (int) $session->get('user-read_only') === 1
&& in_array($record['tree_id'], $session->get('user-allowed_folders_by_definition'))
) {
// Case 7 - Is user readonly?
// Case 7 - Is folder allowed by definition for this user?
// Allow limited rights
$right = 10;
$right = 70;
// ---
// ----- END CASE 7 -----
} elseif (
Expand Down Expand Up @@ -7458,6 +7465,11 @@ function getCurrentAccessRights(int $userId, int $itemId, int $treeId): array
if (in_array($treeId, $session->get('user-read_only_folders'))) {
return getAccessResponse(false, true, false, false);
}

// Check if the folder is in the user's allowed folders list defined by admin
if (in_array($treeId, $session->get('user-allowed_folders_by_definition'))) {
return getAccessResponse(false, true, true, true);
}

// Check if the folder is personal to the user
foreach ($visibleFolders as $folder) {
Expand Down
2 changes: 1 addition & 1 deletion sources/main.functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -452,7 +452,6 @@ function identUser(
array $SETTINGS,
object $tree
) {

$session = SessionManager::getSession();
// Init
$session->set('user-accessible_folders', []);
Expand All @@ -476,6 +475,7 @@ function identUser(
$noAccessFolders = convertToArray($noAccessFolders);
$userRoles = convertToArray($userRoles);
$allowedFolders = convertToArray($allowedFolders);
$session->set('user-allowed_folders_by_definition', $allowedFolders);

// Get list of folders depending on Roles
$arrays = identUserGetFoldersFromRoles(
Expand Down

0 comments on commit ddbb2d3

Please sign in to comment.