[GH-ISSUE #157] User type 'User' cannot share password with collection #78

New issue

Closed

opened 2026-03-03 01:24:37 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 01:24:37 +03:00

Owner

Originally created by @syserr0r on GitHub (Aug 28, 2018).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/157

A user who has access to the collection (and not 'Readonly') cannot share a password with that collection -- when attempting to do so the following error is shown:

The only work-around is to set the user type to 'Admin' (or 'Owner'), however this allows access to all collections regardless of the explicit collection permissions

Originally created by @syserr0r on GitHub (Aug 28, 2018). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/157 A user who has access to the collection (and not 'Readonly') cannot share a password with that collection -- when attempting to do so the following error is shown: ![image](https://user-images.githubusercontent.com/2324422/44736330-d5256d80-aae6-11e8-970a-ca98cee358ce.png) The only work-around is to set the user type to 'Admin' (or 'Owner'), however this allows access to all collections regardless of the explicit collection permissions

kerem

2026-03-03 01:24:37 +03:00

closed this issue
added the
bug
label

kerem commented

2026-03-03 01:24:38 +03:00

Author

Owner

@syserr0r commented on GitHub (Aug 28, 2018):

The issue seems to be the has_full_access() check here:
github.com/dani-garcia/bitwarden_rs@781056152a/src/api/core/ciphers.rs (L140-L145)

@syserr0r commented on GitHub (Aug 28, 2018): The issue seems to be the `has_full_access()` check here: https://github.com/dani-garcia/bitwarden_rs/blob/781056152a4b8e5b6bc70031aafd65bf9d59fd1c/src/api/core/ciphers.rs#L140-L145

kerem commented

2026-03-03 01:24:39 +03:00

Author

Owner

@mprasil commented on GitHub (Aug 28, 2018):

Yeah we seem to call the function from here:
github.com/dani-garcia/bitwarden_rs@781056152a/src/api/core/ciphers.rs (L425-L440)

We do check the collection access later, so in this case we might need to somehow relay the information to the function we call, that user doesn't need write access to the entire organization as we will add it to collection later. (and maybe we should do that part first, that way if the collection stuff fails for whatever reason, we won't add the cipher to the organization direct for user that might not have the rights)

@mprasil commented on GitHub (Aug 28, 2018): Yeah we seem to call the function from here: https://github.com/dani-garcia/bitwarden_rs/blob/781056152a4b8e5b6bc70031aafd65bf9d59fd1c/src/api/core/ciphers.rs#L425-L440 We do check the collection access later, so in this case we might need to somehow relay the information to the function we call, that user doesn't need write access to the entire organization as we will add it to collection later. (and maybe we should do that part first, that way if the collection stuff fails for whatever reason, we won't add the cipher to the organization direct for user that might not have the rights)

kerem commented

2026-03-03 01:24:39 +03:00

Author

Owner

@durd commented on GitHub (Jul 22, 2019):

Sorry to reopen this, we are experiencing this issue aswell, albeit it with a different error but same meaning. I do get the same error when trying to remove the item from a collection, not sure if that is intended even if I have write access.

Edit: simple User in above case.

We are running 2.10.1 from docker bitwardenrs/server:latest on Debian 10.

@durd commented on GitHub (Jul 22, 2019): Sorry to reopen this, we are experiencing this issue aswell, albeit it with a different error but same meaning. I do get the same error when trying to remove the item from a collection, not sure if that is intended even if I have write access. Edit: simple User in above case. We are running 2.10.1 from docker bitwardenrs/server:latest on Debian 10. ![Screenshot 2019-07-22 at 17 25 49](https://user-images.githubusercontent.com/8933824/61645705-8311ab80-aca7-11e9-9673-5560b1e885ad.png)