github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-24 09:03:15 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

[PR #4812] [MERGED] make access_all optional #3363

New Issue
Closed
opened 2025-11-07 08:10:01 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-07 08:10:01 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/4812
Author: @stefan0xC
Created: 8/1/2024
Status: Merged
Merged: 8/1/2024
Merged by: @dani-garcia

Base: mainHead: access-all-optional

📝 Commits (2)

  • 0faebb6 make access_all optional
  • 56d93d1 use #[serde(default)] instead of unwrapping

📊 Changes

1 file changed (+8 additions, -10 deletions)

View changed files

📝 src/api/core/organizations.rs (+8 -10)

📄 Description

As noted here https://github.com/dani-garcia/vaultwarden/issues/4775#issuecomment-2251024214 the access_all flag has been removed in the newer web-vaults resulting in an error when editing a user:

[2024-08-01 13:29:25.313][vaultwarden::api::core::organizations::_][WARN] Data guard `Json < EditUserData >` failed: Parse("{\"collections\":[{\"id\":\"64256828-6251-4bef-8dee-2128b63f520a\",\"readOnly\":true,\"hidePasswords\":false,\"manage\":false}],\"groups\":[],\"permissions\":{\"response\":null},\"type\":0}", Error("missing field `accessAll`", line: 1, column: 169)).

Note: Since newer web-vaults don't have the access_all flag anymore, it will be removed if you update a user with that permission. Due to the new view admins/owners will also not see all items in the password manager anymore, but only to items in collections they have explicit view access to (either directly or via a group).

This is purely a fix to make it compatible with newer versions of the web-vault (web-v2024.6.3 and later). Bitwarden stated that they will deprecate "the Access all existing and future collections permission" and change "all users that had this permission the Can manage permission for all existing collections" when migrating existing users to the new collection management system. This does not (currently) apply to Vaultwarden as we have not implemented this yet. They also removed the Manager role, so I'm not sure if that's the appropriate course of action, giving all users with access_all the ability to manage who has access to collections... 😬

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/4812 **Author:** [@stefan0xC](https://github.com/stefan0xC) **Created:** 8/1/2024 **Status:** ✅ Merged **Merged:** 8/1/2024 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `access-all-optional` --- ### 📝 Commits (2) - [`0faebb6`](https://github.com/dani-garcia/vaultwarden/commit/0faebb69b48dc5135e010c5efb6185046b044710) make access_all optional - [`56d93d1`](https://github.com/dani-garcia/vaultwarden/commit/56d93d154b69ec53f4cda7ebc682640d8ae0cf91) use #[serde(default)] instead of unwrapping ### 📊 Changes **1 file changed** (+8 additions, -10 deletions) <details> <summary>View changed files</summary> 📝 `src/api/core/organizations.rs` (+8 -10) </details> ### 📄 Description As noted here https://github.com/dani-garcia/vaultwarden/issues/4775#issuecomment-2251024214 the `access_all` flag has been removed in the newer web-vaults resulting in an error when editing a user: ``` [2024-08-01 13:29:25.313][vaultwarden::api::core::organizations::_][WARN] Data guard `Json < EditUserData >` failed: Parse("{\"collections\":[{\"id\":\"64256828-6251-4bef-8dee-2128b63f520a\",\"readOnly\":true,\"hidePasswords\":false,\"manage\":false}],\"groups\":[],\"permissions\":{\"response\":null},\"type\":0}", Error("missing field `accessAll`", line: 1, column: 169)). ``` Note: Since newer web-vaults don't have the `access_all` flag anymore, it will be removed if you update a user with that permission. Due to the new view admins/owners will also not see all items in the password manager anymore, but only to items in collections they have explicit view access to (either directly or via a group). This is purely a fix to make it compatible with newer versions of the web-vault (`web-v2024.6.3` and later). [Bitwarden stated that](https://bitwarden.com/help/user-types-access-control/#member-roles) they will deprecate "the **Access all existing and future collections** permission" and change "all users that had this permission the **Can manage** permission for all existing collections" when migrating existing users to the new collection management system. This does not (currently) apply to Vaultwarden as we have not implemented this yet. They also removed the Manager role, so I'm not sure if that's the appropriate course of action, giving all users with access_all the ability to manage who has access to collections... :grimacing: --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-07 08:10:01 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#3363
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?