[GH-ISSUE #163] As an org admin, assigning myself (or other admin) to a collection results in an error #80

New issue

Closed

opened 2026-03-03 01:24:39 +03:00 by kerem · 4 comments

kerem commented 2026-03-03 01:24:39 +03:00

Owner

Copy link

Originally created by @janost on GitHub (Aug 30, 2018).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/163

Reproduction steps:

• Using the latest docker container.
• Log in to the web UI as user who is an organization admin.
• Select organization, click on the Manage tab, select People.
• Click on yourself or another organization admin.
• Under "Access Control" assign the user to any collection or select "This user can access and modify all items".
• Click "Save".

Expected result:
The request succeeds and the edited user gains access to the selected collections.

Actual result:
Red error message pops up saying "Only Owners can grant Admin or Owner type".

Background:
Failing request is:
PUT https:///api/organizations/<ORG_ID>/users/<USER_ID>

Originally created by @janost on GitHub (Aug 30, 2018). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/163 Reproduction steps: - Using the latest docker container. - Log in to the web UI as user who is an organization admin. - Select organization, click on the Manage tab, select People. - Click on yourself or another organization admin. - Under "Access Control" assign the user to any collection or select "This user can access and modify all items". - Click "Save". Expected result: The request succeeds and the edited user gains access to the selected collections. Actual result: Red error message pops up saying "Only Owners can grant Admin or Owner type". Background: Failing request is: PUT https://<HOSTNAME>/api/organizations/<ORG_ID>/users/<USER_ID>

kerem 2026-03-03 01:24:39 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-03-03 01:24:40 +03:00

Author

Owner

Copy link

@mprasil commented on GitHub (Aug 30, 2018):

Thanks for reporting this. Have you tested this in upstream to see how that works there? I'm not sure how to handle this as granting admin ability to edit himself and other admins essentially gives him owner-level privileges.

<!-- gh-comment-id:417263263 --> @mprasil commented on GitHub (Aug 30, 2018): Thanks for reporting this. Have you tested this in upstream to see how that works there? I'm not sure how to handle this as granting admin ability to edit himself and other admins essentially gives him owner-level privileges.

kerem commented 2026-03-03 01:24:40 +03:00

Author

Owner

Copy link

@janost commented on GitHub (Aug 30, 2018):

I just tested this upstream.
As an organization admin, I was able to edit my own access to collections using the procedure I described in the issue. Unfortunately I can't test if I can edit other admins, because I only have a free account on upstream.

<!-- gh-comment-id:417273930 --> @janost commented on GitHub (Aug 30, 2018): I just tested this upstream. As an organization admin, I was able to edit my own access to collections using the procedure I described in the issue. Unfortunately I can't test if I can edit other admins, because I only have a free account on upstream.

kerem commented 2026-03-03 01:24:40 +03:00

Author

Owner

Copy link

@mprasil commented on GitHub (Aug 30, 2018):

Thanks for that. I guess it's safe to assume, that it would work for other admin accounts.

<!-- gh-comment-id:417278967 --> @mprasil commented on GitHub (Aug 30, 2018): Thanks for that. I guess it's safe to assume, that it would work for other admin accounts.

kerem commented 2026-03-03 01:24:40 +03:00

Author

Owner

Copy link

@mprasil commented on GitHub (Sep 4, 2018):

Submitted PR #170 that should also resolve this issue.

<!-- gh-comment-id:418332955 --> @mprasil commented on GitHub (Sep 4, 2018): Submitted PR #170 that should also resolve this issue.

kerem referenced this issue 2026-03-03 02:19:59 +03:00

[PR #89] [MERGED] Add confirmed check to the OrgHeaders request guard #2604

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#80

No description provided.