[PM-18085] Add Manage property to UserCipherDetails (#5390)

* Add Manage permission to UserCipherDetails and CipherDetails_ReadByIdUserId

* Add Manage property to CipherDetails and UserCipherDetailsQuery

* Add integration test for CipherRepository Manage permission rules

* Update CipherDetails_ReadWithoutOrganizationsByUserId to include Manage permission

* Refactor UserCipherDetailsQuery to include detailed permission and organization properties

* Refactor CipherRepositoryTests to improve test organization and readability

- Split large test method into smaller, focused methods
- Added helper methods for creating test data and performing assertions
- Improved test coverage for cipher permissions in different scenarios
- Maintained existing test logic while enhancing code structure

* Refactor CipherRepositoryTests to consolidate cipher permission tests

- Removed redundant helper methods for permission assertions
- Simplified test methods for GetCipherPermissionsForOrganizationAsync, GetManyByUserIdAsync, and GetByIdAsync
- Maintained existing test coverage for cipher manage permissions
- Improved code readability and reduced code duplication

* Add integration test for CipherRepository group collection manage permissions

- Added new test method GetCipherPermissionsForOrganizationAsync_ManageProperty_RespectsCollectionGroupRules
- Implemented helper method CreateCipherInOrganizationCollectionWithGroup to support group-based collection permission testing
- Verified manage permissions are correctly applied based on group collection access settings

* Add @Manage parameter to Cipher stored procedures

- Updated CipherDetails_Create, CipherDetails_CreateWithCollections, and CipherDetails_Update stored procedures
- Added @Manage parameter with comment "-- not used"
- Included new stored procedure implementations in migration script
- Consistent with previous work on adding Manage property to cipher details

* Update UserCipherDetails functions to reorder Manage and ViewPassword columns

* Reorder Manage and ViewPassword properties in cipher details queries

* Bump date in migration script

src/Core/Vault/Models/Data/CipherDetails.cs

@@ -8,6 +8,7 @@ public class CipherDetails : CipherOrganizationDetails
     public bool Favorite { get; set; }
     public bool Edit { get; set; }
     public bool ViewPassword { get; set; }
+    public bool Manage { get; set; }
 
     public CipherDetails() { }
 
@@ -53,6 +54,7 @@ public class CipherDetailsWithCollections : CipherDetails
         Favorite = cipher.Favorite;
         Edit = cipher.Edit;
         ViewPassword = cipher.ViewPassword;
+        Manage = cipher.Manage;
 
         CollectionIds = collectionCiphersGroupDict.TryGetValue(Id, out var value)
             ? value.Select(cc => cc.CollectionId)

src/Infrastructure.EntityFramework/Repositories/Queries/UserCipherDetailsQuery.cs

@@ -50,11 +50,49 @@ public class UserCipherDetailsQuery : IQuery<CipherDetails>
 
                     where (cu == null ? (Guid?)null : cu.CollectionId) != null || (cg == null ? (Guid?)null : cg.CollectionId) != null
 
-                    select c;
+                    select new
+                    {
+                        c.Id,
+                        c.UserId,
+                        c.OrganizationId,
+                        c.Type,
+                        c.Data,
+                        c.Attachments,
+                        c.CreationDate,
+                        c.RevisionDate,
+                        c.DeletedDate,
+                        c.Favorites,
+                        c.Folders,
+                        Edit = cu == null ? (cg != null && cg.ReadOnly == false) : cu.ReadOnly == false,
+                        ViewPassword = cu == null ? (cg != null && cg.HidePasswords == false) : cu.HidePasswords == false,
+                        Manage = cu == null ? (cg != null && cg.Manage == true) : cu.Manage == true,
+                        OrganizationUseTotp = o.UseTotp,
+                        c.Reprompt,
+                        c.Key
+                    };
 
         var query2 = from c in dbContext.Ciphers
                      where c.UserId == _userId
-                     select c;
+                     select new
+                     {
+                         c.Id,
+                         c.UserId,
+                         c.OrganizationId,
+                         c.Type,
+                         c.Data,
+                         c.Attachments,
+                         c.CreationDate,
+                         c.RevisionDate,
+                         c.DeletedDate,
+                         c.Favorites,
+                         c.Folders,
+                         Edit = true,
+                         ViewPassword = true,
+                         Manage = true,
+                         OrganizationUseTotp = false,
+                         c.Reprompt,
+                         c.Key
+                     };
 
         var union = query.Union(query2).Select(c => new CipherDetails
         {
@@ -68,11 +106,12 @@ public class UserCipherDetailsQuery : IQuery<CipherDetails>
             RevisionDate = c.RevisionDate,
             DeletedDate = c.DeletedDate,
             Favorite = _userId.HasValue && c.Favorites != null && c.Favorites.ToLowerInvariant().Contains($"\"{_userId}\":true"),
-            FolderId = GetFolderId(_userId, c),
-            Edit = true,
+            FolderId = GetFolderId(_userId, new Cipher { Id = c.Id, Folders = c.Folders }),
+            Edit = c.Edit,
             Reprompt = c.Reprompt,
-            ViewPassword = true,
-            OrganizationUseTotp = false,
+            ViewPassword = c.ViewPassword,
+            Manage = c.Manage,
+            OrganizationUseTotp = c.OrganizationUseTotp,
             Key = c.Key
         });
         return union;

src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs

@@ -432,6 +432,7 @@ public class CipherRepository : Repository<Core.Vault.Entities.Cipher, Cipher, G
                                         Edit = true,
                                         Reprompt = c.Reprompt,
                                         ViewPassword = true,
+                                        Manage = true,
                                         OrganizationUseTotp = false,
                                         Key = c.Key
                                     };

src/Sql/Vault/dbo/Functions/UserCipherDetails.sql

@@ -23,6 +23,11 @@ SELECT
     	THEN 1
     	ELSE 0
     END [ViewPassword],
+    CASE
+        WHEN COALESCE(CU.[Manage], CG.[Manage], 0) = 1
+        THEN 1
+        ELSE 0
+    END [Manage],
     CASE
         WHEN O.[UseTotp] = 1
         THEN 1
@@ -54,6 +59,7 @@ SELECT
     *,
     1 [Edit],
     1 [ViewPassword],
+    1 [Manage],
     0 [OrganizationUseTotp]
 FROM
     [dbo].[CipherDetails](@UserId)

src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherDetails_Create.sql

@@ -13,6 +13,7 @@
     @Favorite BIT,
     @Edit BIT, -- not used
     @ViewPassword BIT, -- not used
+    @Manage BIT, -- not used
     @OrganizationUseTotp BIT, -- not used
     @DeletedDate DATETIME2(7),
     @Reprompt TINYINT,
@@ -63,4 +64,4 @@ BEGIN
     BEGIN
         EXEC [dbo].[User_BumpAccountRevisionDate] @UserId
     END
-END
+END

src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherDetails_CreateWithCollections.sql

@@ -13,6 +13,7 @@
     @Favorite BIT,
     @Edit BIT, -- not used
     @ViewPassword BIT, -- not used
+    @Manage BIT, -- not used
     @OrganizationUseTotp BIT, -- not used
     @DeletedDate DATETIME2(7),
     @Reprompt TINYINT,
@@ -23,9 +24,9 @@ BEGIN
     SET NOCOUNT ON
 
     EXEC [dbo].[CipherDetails_Create] @Id, @UserId, @OrganizationId, @Type, @Data, @Favorites, @Folders,
-        @Attachments, @CreationDate, @RevisionDate, @FolderId, @Favorite, @Edit, @ViewPassword,
+        @Attachments, @CreationDate, @RevisionDate, @FolderId, @Favorite, @Edit, @ViewPassword, @Manage,
         @OrganizationUseTotp, @DeletedDate, @Reprompt, @Key
 
     DECLARE @UpdateCollectionsSuccess INT
     EXEC @UpdateCollectionsSuccess = [dbo].[Cipher_UpdateCollections] @Id, @UserId, @OrganizationId, @CollectionIds
-END
+END

src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherDetails_ReadByIdUserId.sql

@@ -21,7 +21,8 @@ SELECT
         [Key],
         [OrganizationUseTotp],
         MAX ([Edit]) AS [Edit],
-        MAX ([ViewPassword]) AS [ViewPassword]
+        MAX ([ViewPassword]) AS [ViewPassword],
+        MAX ([Manage]) AS [Manage]
     FROM
         [dbo].[UserCipherDetails](@UserId)
     WHERE

src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherDetails_ReadWithoutOrganizationsByUserId.sql

@@ -8,6 +8,7 @@ BEGIN
         *,
         1 [Edit],
         1 [ViewPassword],
+        1 [Manage],
         0 [OrganizationUseTotp]
     FROM
         [dbo].[CipherDetails](@UserId)

src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherDetails_Update.sql

@@ -13,6 +13,7 @@
     @Favorite BIT,
     @Edit BIT, -- not used
     @ViewPassword BIT, -- not used
+    @Manage BIT, -- not used
     @OrganizationUseTotp BIT, -- not used
     @DeletedDate DATETIME2(2),
     @Reprompt TINYINT,
@@ -31,7 +32,7 @@ BEGIN
         [OrganizationId] = @OrganizationId,
         [Type] = @Type,
         [Data] = @Data,
-        [Folders] = 
+        [Folders] =
             CASE
             WHEN @FolderId IS NOT NULL AND [Folders] IS NULL THEN
                 CONCAT('{', @UserIdKey, ':"', @FolderId, '"', '}')
@@ -66,4 +67,4 @@ BEGIN
     BEGIN
         EXEC [dbo].[User_BumpAccountRevisionDate] @UserId
     END
-END
+END