starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-12-10 01:10:09 +03:00
Code Issues 429 Packages Projects Releases 10 Wiki Activity

Org managers can't create or manage collections #1618

New Issue
Closed
opened 2025-10-09 17:22:45 +03:00 by OVERLORD · 5 comments
OVERLORD commented 2025-10-09 17:22:45 +03:00
Owner
Copy Link

Originally created by @jjlin on GitHub.

According to https://bitwarden.com/help/article/user-types-access-control/#user-types, org managers should be able to:

  • Only administer a collection it is associated with by an Owner or Admin
  • Access and manage assigned collections in an organization
  • Create new collections and modify the assigned collections
  • Set user access for assigned collections

Attempting to create a new collection via the web vault results in

Screenshot 2020-09-12 003122

and log messages

[2020-09-12 00:29:38.993][request][INFO] POST /api/organizations/3c8806a6-2359-4c6c-b769-3fe52dab91bb/collections
[2020-09-12 00:29:38.995][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint
[2020-09-12 00:29:38.995][response][INFO] POST /api/organizations/<org_id>/collections (post_organization_collections) => 401 Unauthorized

Attempting to manage an existing collection via the web vault results in the Your login session has expired UI message, and log messages

[2020-09-12 00:31:57.174][request][INFO] GET /api/organizations/3c8806a6-2359-4c6c-b769-3fe52dab91bb/collections/320a942c-d232-4273-96e5-d2c872f8d1d8/details
[2020-09-12 00:31:57.175][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint
[2020-09-12 00:31:57.175][response][INFO] GET /api/organizations/<org_id>/collections/<coll_id>/details (get_org_collection_detail) => 401 Unauthorized

(This issue was first reported at https://bitwardenrs.discourse.group/t/manager-can-not-create-a-collection/287.)

Originally created by @jjlin on GitHub. According to https://bitwarden.com/help/article/user-types-access-control/#user-types, org managers should be able to: * Only administer a collection it is associated with by an Owner or Admin * Access and manage assigned collections in an organization * Create new collections and modify the assigned collections * Set user access for assigned collections Attempting to create a new collection via the web vault results in ![Screenshot 2020-09-12 003122](https://user-images.githubusercontent.com/203380/92990264-cae92880-f48f-11ea-9aad-ab26a8d761cd.png) and log messages ``` [2020-09-12 00:29:38.993][request][INFO] POST /api/organizations/3c8806a6-2359-4c6c-b769-3fe52dab91bb/collections [2020-09-12 00:29:38.995][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint [2020-09-12 00:29:38.995][response][INFO] POST /api/organizations/<org_id>/collections (post_organization_collections) => 401 Unauthorized ``` Attempting to manage an existing collection via the web vault results in the `Your login session has expired` UI message, and log messages ``` [2020-09-12 00:31:57.174][request][INFO] GET /api/organizations/3c8806a6-2359-4c6c-b769-3fe52dab91bb/collections/320a942c-d232-4273-96e5-d2c872f8d1d8/details [2020-09-12 00:31:57.175][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint [2020-09-12 00:31:57.175][response][INFO] GET /api/organizations/<org_id>/collections/<coll_id>/details (get_org_collection_detail) => 401 Unauthorized ``` (This issue was first reported at https://bitwardenrs.discourse.group/t/manager-can-not-create-a-collection/287.)
OVERLORD added the low prioritybugenhancement labels 2025-10-09 17:22:45 +03:00
OVERLORD commented 2025-10-09 17:22:48 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

@blacklist-arcc, and i don't think there actually is a workaround at this point

@BlackDex commented on GitHub: @blacklist-arcc, and i don't think there actually is a workaround at this point
OVERLORD commented 2025-10-09 17:22:48 +03:00
Author
Owner
Copy Link

@FLX-0x00 commented on GitHub:

We are facing with the same issue. Is there any workaround?

@FLX-0x00 commented on GitHub: We are facing with the same issue. Is there any workaround?
OVERLORD commented 2025-10-09 17:22:50 +03:00
Author
Owner
Copy Link

@FLX-0x00 commented on GitHub:

We will test this in our staging environment. Feedback in the next business days

@FLX-0x00 commented on GitHub: We will test this in our staging environment. Feedback in the next business days
OVERLORD commented 2025-10-09 17:22:50 +03:00
Author
Owner
Copy Link

@matlink commented on GitHub:

@jjlin @blacklist-arcc @BlackDex I've made a push request, trying to implement this. What I have tested is working so far (collection creation, managing users in it, delete managed collections).

@matlink commented on GitHub: @jjlin @blacklist-arcc @BlackDex I've made a push request, trying to implement this. What I have tested is working so far (collection creation, managing users in it, delete managed collections).
OVERLORD commented 2025-10-09 17:22:50 +03:00
Author
Owner
Copy Link

@matlink commented on GitHub:

@BlackDex Any progress on it? It is not really a low priority for us :(

@matlink commented on GitHub: @BlackDex Any progress on it? It is not really a low priority for us :(
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
bug
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
troubleshooting
wontfix
No Label bug enhancement low priority
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#1618
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?