diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index 3784e74e49..afd2d388d3 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -358,7 +358,7 @@ async fn get_org_collections_details(org_id: &str, headers: ManagerHeadersLoose, Vec::with_capacity(0) }; - let mut json_object = col.to_json(); + let mut json_object = col.to_json_details(&headers.user.uuid, None, &mut conn).await; json_object["assigned"] = json!(assigned); json_object["users"] = json!(users); json_object["groups"] = json!(groups); @@ -680,7 +680,7 @@ async fn get_org_collection_detail( let assigned = Collection::can_access_collection(&user_org, &collection.uuid, &mut conn).await; - let mut json_object = collection.to_json(); + let mut json_object = collection.to_json_details(&headers.user.uuid, None, &mut conn).await; json_object["assigned"] = json!(assigned); json_object["users"] = json!(users); json_object["groups"] = json!(groups); diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs index d39962cc8e..e59c1b05ca 100644 --- a/src/db/models/organization.rs +++ b/src/db/models/organization.rs @@ -504,6 +504,25 @@ impl UserOrganization { Vec::with_capacity(0) }; + let permissions = json!({ + // TODO: Add support for Custom User Roles + // See: https://bitwarden.com/help/article/user-types-access-control/#custom-role + "accessEventLogs": false, + "accessImportExport": false, + "accessReports": false, + "createNewCollections": false, + "editAnyCollection": false, + "deleteAnyCollection": false, + "editAssignedCollections": false, + "deleteAssignedCollections": false, + "manageGroups": false, + "managePolicies": false, + "manageSso": false, // Not supported + "manageUsers": false, + "manageResetPassword": false, + "manageScim": false // Not supported (Not AGPLv3 Licensed) + }); + json!({ "id": self.uuid, "userId": self.user_uuid, @@ -519,6 +538,13 @@ impl UserOrganization { "accessAll": self.access_all, "twoFactorEnabled": twofactor_enabled, "resetPasswordEnrolled": self.reset_password_key.is_some(), + "hasMasterPassword": !user.password_hash.is_empty(), + + "permissions": permissions, + + "ssoBound": false, // Not supported + "usesKeyConnector": false, // Not supported + "accessSecretsManager": false, // Not supported (Not AGPLv3 Licensed) "object": "organizationUserUserDetails", })