user can edit responses and cipher partial updates

2025-07-02 16:42:50 -05:00 · 2017-03-24 16:15:50 -04:00
parent 84c5873cfd
commit 5029af33c5
17 changed files with 177 additions and 38 deletions
--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -173,6 +173,9 @@
    <Build Include="dbo\Stored Procedures\OrganizationUserUserDetails_ReadByOrganizationId.sql" />
    <Build Include="dbo\Stored Procedures\Subvault_ReadByOrganizationIdAdminUserId.sql" />
    <Build Include="dbo\User Defined Types\GuidIdArray.sql" />
-    <Build Include="dbo\Stored Procedures\SubvaultUser_ReadIsAdminByCipherIdUserId.sql" />
+    <Build Include="dbo\Stored Procedures\SubvaultUser_ReadCanEditByCipherIdUserId.sql" />
+    <Build Include="dbo\Stored Procedures\CipherFullDetails_ReadByIdUserId.sql" />
+    <Build Include="dbo\Functions\UserCanEditCipher.sql" />
+    <Build Include="dbo\Stored Procedures\Cipher_UpdatePartial.sql" />
  </ItemGroup>
 </Project>
--- a/Procedures/SubvaultUser_ReadIsAdminByCipherIdUserId.sql
+++ b/Procedures/SubvaultUser_ReadIsAdminByCipherIdUserId.sql
@ -1,13 +1,15 @@
-CREATE PROCEDURE [dbo].[SubvaultUser_ReadIsAdminByCipherIdUserId]
-    @UserId UNIQUEIDENTIFIER,
-    @CipherId AS UNIQUEIDENTIFIER
-AS
+CREATE FUNCTION [dbo].[UserCanEditCipher](@UserId UNIQUEIDENTIFIER, @CipherId UNIQUEIDENTIFIER)
+RETURNS BIT AS
 BEGIN
-    SET NOCOUNT ON
+    DECLARE @CanEdit BIT

    ;WITH [CTE] AS(
        SELECT
-            CASE WHEN OU.[Type] = 2 THEN SU.[Admin] ELSE 1 END AS [Admin] -- 2 = Regular User
+            CASE
+                WHEN OU.[Type] = 2 AND SU.[Admin] = 1 THEN 1 -- 2 = Regular User
+                WHEN SU.[ReadOnly] = 0 THEN 1
+                ELSE 0
+            END [CanEdit]
        FROM
            [dbo].[SubvaultUser] SU
        INNER JOIN
@ -22,9 +24,11 @@ BEGIN
            AND OU.[Status] = 2 -- 2 = Confirmed
    )
    SELECT
-        CASE WHEN COUNT(1) > 0 THEN 1 ELSE 0 END
+        @CanEdit = CASE WHEN COUNT(1) > 0 THEN 1 ELSE 0 END
    FROM
        [CTE]
    WHERE
-        [Admin] = 1
-END
+        [CanEdit] = 1
+
+    RETURN @CanEdit
+END
--- a/Procedures/CipherDetails_Update.sql
+++ b/Procedures/CipherDetails_Update.sql
@ -24,21 +24,5 @@ BEGIN
    WHERE
        [Id] = @Id

-    IF @FolderId IS NULL
-    BEGIN
-        EXEC [dbo].[FolderCipher_DeleteByUserId] @UserId, @Id
-    END
-    ELSE IF (SELECT COUNT(1) FROM [dbo].[FolderCipher] WHERE [FolderId] = @FolderId AND [CipherId] = @Id) = 0
-    BEGIN
-        EXEC [dbo].[FolderCipher_Create] @FolderId, @Id
-    END
-
-    IF @Favorite = 0
-    BEGIN
-        EXEC [dbo].[Favorite_Delete] @UserId, @Id
-    END
-    ELSE IF (SELECT COUNT(1) FROM [dbo].[Favorite] WHERE [UserId] = @UserId AND [CipherId] = @Id) = 0
-    BEGIN
-        EXEC [dbo].[Favorite_Create] @UserId, @Id
-    END
+    EXEC [dbo].[Cipher_UpdatePartial] @Id, @UserId, @FolderId, @Favorite
 END
--- a/Procedures/CipherFullDetails_ReadByIdUserId.sql
+++ b/Procedures/CipherFullDetails_ReadByIdUserId.sql
@ -0,0 +1,28 @@
+CREATE PROCEDURE [dbo].[CipherFullDetails_ReadByIdUserId]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT DISTINCT
+        C.*,
+        CASE 
+            WHEN C.[OrganizationId] IS NULL THEN 1 
+            ELSE [dbo].[UserCanEditCipher](@UserId, @Id)
+        END [Edit]
+    FROM
+        [dbo].[CipherDetails](@UserId) C
+    LEFT JOIN
+        [dbo].[SubvaultCipher] SC ON SC.[CipherId] = C.[Id]
+    LEFT JOIN
+        [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
+    LEFT JOIN
+        [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    WHERE
+        C.Id = @Id
+        AND (
+            (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+        )
+END
--- a/Procedures/Cipher_UpdatePartial.sql
+++ b/Procedures/Cipher_UpdatePartial.sql
@ -0,0 +1,27 @@
+CREATE PROCEDURE [dbo].[Cipher_UpdatePartial]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @FolderId UNIQUEIDENTIFIER,
+    @Favorite TINYINT
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    IF @FolderId IS NULL
+    BEGIN
+        EXEC [dbo].[FolderCipher_DeleteByUserId] @UserId, @Id
+    END
+    ELSE IF (SELECT COUNT(1) FROM [dbo].[FolderCipher] WHERE [FolderId] = @FolderId AND [CipherId] = @Id) = 0
+    BEGIN
+        EXEC [dbo].[FolderCipher_Create] @FolderId, @Id
+    END
+
+    IF @Favorite = 0
+    BEGIN
+        EXEC [dbo].[Favorite_Delete] @UserId, @Id
+    END
+    ELSE IF (SELECT COUNT(1) FROM [dbo].[Favorite] WHERE [UserId] = @UserId AND [CipherId] = @Id) = 0
+    BEGIN
+        EXEC [dbo].[Favorite_Create] @UserId, @Id
+    END
+END
--- a/Procedures/SubvaultUser_ReadCanEditByCipherIdUserId.sql
+++ b/Procedures/SubvaultUser_ReadCanEditByCipherIdUserId.sql
@ -0,0 +1,10 @@
+CREATE PROCEDURE [dbo].[SubvaultUser_ReadCanEditByCipherIdUserId]
+    @UserId UNIQUEIDENTIFIER,
+    @CipherId AS UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        [dbo].[UserCanEditCipher](@UserId, @CipherId)
+END