From 1031c2e2863414ff7a1bedb33f458ebed19859bf Mon Sep 17 00:00:00 2001 From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> Date: Wed, 18 Sep 2024 19:00:10 +0200 Subject: [PATCH] fix 2fa policy check on registration (#4956) --- src/api/core/accounts.rs | 2 +- src/db/models/org_policy.rs | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index cc9cd6ce..fc33619d 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -112,7 +112,7 @@ async fn is_email_2fa_required(org_user_uuid: Option, conn: &mut DbConn) return true; } if org_user_uuid.is_some() { - return OrgPolicy::is_enabled_by_org(&org_user_uuid.unwrap(), OrgPolicyType::TwoFactorAuthentication, conn) + return OrgPolicy::is_enabled_for_member(&org_user_uuid.unwrap(), OrgPolicyType::TwoFactorAuthentication, conn) .await; } false diff --git a/src/db/models/org_policy.rs b/src/db/models/org_policy.rs index d1e8aa0f..23e583b4 100644 --- a/src/db/models/org_policy.rs +++ b/src/db/models/org_policy.rs @@ -342,9 +342,11 @@ impl OrgPolicy { false } - pub async fn is_enabled_by_org(org_uuid: &str, policy_type: OrgPolicyType, conn: &mut DbConn) -> bool { - if let Some(policy) = OrgPolicy::find_by_org_and_type(org_uuid, policy_type, conn).await { - return policy.enabled; + pub async fn is_enabled_for_member(org_user_uuid: &str, policy_type: OrgPolicyType, conn: &mut DbConn) -> bool { + if let Some(membership) = UserOrganization::find_by_uuid(org_user_uuid, conn).await { + if let Some(policy) = OrgPolicy::find_by_org_and_type(&membership.org_uuid, policy_type, conn).await { + return policy.enabled; + } } false }