[GH-ISSUE #4844] Manager Role no long has ability to manage collection access #1998

New issue

Closed

opened 2026-03-03 02:14:10 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 02:14:10 +03:00

Owner

Originally created by @dwestness on GitHub (Aug 12, 2024).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/4844

Subject of the issue

Manager Role no longer has ability to manage collection access

Deployment environment

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.32.0
Web-vault version: v2024.6.2b
OS/Arch: linux/x86_64
Running within a container: true (Base: Debian)
Environment settings overridden: false
Uses a reverse proxy: true
IP Header check: true (X-Forwarded-For)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.46.0

Steps to reproduce

We recently noticed (after updating to version 1.32.0, but could have existed prior to this version unnoticed) that the Manager role no longer has the ability to view/manage the members of an existing collection. It does appear that this role does permit the creation of a new collection and the assignment of members during creation, but then loses all ability to view/manager post-creation as well.

Expected behaviour

Manager role would be able to view/manager collection members as described in the role description.

Actual behaviour

Each collection under an organization no longer as the "..." 3-dots menu to navigate to the access settings of the collection when signed in with a manager role for the organization

Originally created by @dwestness on GitHub (Aug 12, 2024). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/4844 ### Subject of the issue Manager Role no longer has ability to manage collection access ### Deployment environment ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.32.0 * Web-vault version: v2024.6.2b * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Environment settings overridden: false * Uses a reverse proxy: true * IP Header check: true (X-Forwarded-For) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.46.0 ### Steps to reproduce We recently noticed (after updating to version 1.32.0, but could have existed prior to this version unnoticed) that the Manager role no longer has the ability to view/manage the members of an existing collection. It does appear that this role does permit the creation of a new collection and the assignment of members during creation, but then loses all ability to view/manager post-creation as well. ### Expected behaviour Manager role would be able to view/manager collection members as described in the role description. ### Actual behaviour Each collection under an organization no longer as the "..." 3-dots menu to navigate to the access settings of the collection when signed in with a manager role for the organization

kerem closed this issue

2026-03-03 02:14:10 +03:00

kerem commented

2026-03-03 02:14:11 +03:00

Author

Owner

@stefan0xC commented on GitHub (Aug 13, 2024):

Thanks for the report. I believe that this is due to the ongoing deprecation of the Manager role (which Bitwarden has removed in v2024.7.x completely) and switching to a permission system (which we currently don't really have implemented). github.com/dani-garcia/vaultwarden@9eebbf3b9f/src/db/models/organization.rs (L348-L365)

In earlier versions not returning the correct permissions did not matter but apparently with v2024.6.x the Bitwarden web-vault does not take the Manager role into account anymore (while still having it).

@stefan0xC commented on GitHub (Aug 13, 2024): Thanks for the report. I believe that this is due to the [ongoing deprecation of the Manager role](https://bitwarden.com/help/user-types-access-control/#member-roles) (which Bitwarden has removed in `v2024.7.x` completely) and switching to a permission system (which we currently don't really have implemented). https://github.com/dani-garcia/vaultwarden/blob/9eebbf3b9f6ad6002353014148057049976be3d1/src/db/models/organization.rs#L348-L365 In earlier versions not returning the correct permissions did not matter but apparently with `v2024.6.x` the Bitwarden web-vault does not take the Manager role into account anymore (while still having it).

kerem commented

2026-03-03 02:14:11 +03:00

Author

Owner

@BlackDex commented on GitHub (Aug 14, 2024):

I'm looking into fixing this a.t.m. As this does make it a hard to manage Vaultwarden for some users i think.

@BlackDex commented on GitHub (Aug 14, 2024): I'm looking into fixing this a.t.m. As this does make it a hard to manage Vaultwarden for some users i think.

kerem commented

2026-03-03 02:14:11 +03:00

Author

Owner

@BlackDex commented on GitHub (Aug 14, 2024):

Ok, I think i have a fix ready for this issue via #4860

@BlackDex commented on GitHub (Aug 14, 2024): Ok, I think i have a fix ready for this issue via #4860

kerem referenced this issue

2026-03-03 09:25:34 +03:00

[PR #2001] [MERGED] Revert Debian images back to Buster. #3043

kerem referenced this issue

2026-03-03 09:25:46 +03:00