Merge pull request #1219 from aveao/master

Ensure that a user is actually in an org when applying policies
This commit is contained in:
Daniel García 2020-11-07 23:29:12 +01:00 committed by GitHub
commit e25fc7083d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions

View File

@ -4,7 +4,7 @@ use crate::api::EmptyResult;
use crate::db::DbConn;
use crate::error::MapResult;
use super::Organization;
use super::{Organization, UserOrgStatus};
db_object! {
#[derive(Debug, Identifiable, Queryable, Insertable, Associations, AsChangeset)]
@ -134,6 +134,9 @@ impl OrgPolicy {
users_organizations::org_uuid.eq(org_policies::org_uuid)
.and(users_organizations::user_uuid.eq(user_uuid)))
)
.filter(
users_organizations::status.eq(UserOrgStatus::Confirmed as i32)
)
.select(org_policies::all_columns)
.load::<OrgPolicyDb>(conn)
.expect("Error loading org_policy")