From 53a25b908a57d9a5634538e852e3b108d0aa20ce Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Tue, 11 Apr 2017 10:19:19 -0400
Subject: [PATCH] org enabeld check on user assets

---
 src/Sql/dbo/Functions/UserCanEditCipher.sql                   | 3 +++
 .../dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql    | 4 +++-
 .../dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql  | 4 +++-
 src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql  | 4 +++-
 .../CipherDetails_ReadByUserIdHasSubvault.sql                 | 3 +++
 .../Stored Procedures/CipherFullDetails_ReadByIdUserId.sql    | 4 +++-
 src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql       | 3 +++
 src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql | 1 +
 8 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/Sql/dbo/Functions/UserCanEditCipher.sql b/src/Sql/dbo/Functions/UserCanEditCipher.sql
index 21700c4021..c1c9b63cf8 100644
--- a/src/Sql/dbo/Functions/UserCanEditCipher.sql
+++ b/src/Sql/dbo/Functions/UserCanEditCipher.sql
@@ -14,10 +14,13 @@ BEGIN
             [dbo].[Cipher] C ON SC.[CipherId] = C.[Id]
         INNER JOIN
             [dbo].[OrganizationUser] OU ON OU.Id = SU.OrganizationUserId AND OU.OrganizationId = C.OrganizationId
+        INNER JOIN
+            [dbo].[Organization] O ON O.Id = C.OrganizationId
         WHERE
             C.[Id] = @CipherId
             AND OU.[UserId] = @UserId
             AND OU.[Status] = 2 -- 2 = Confirmed
+            AND O.[Enabled] = 1
     )
     SELECT
         @CanEdit = CASE WHEN COUNT(1) > 0 THEN 1 ELSE 0 END
diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql
index da6d32d030..92e1f4c186 100644
--- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql	
+++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql	
@@ -15,10 +15,12 @@ BEGIN
         [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
     LEFT JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
     WHERE
         C.Id = @Id
         AND (
             (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
-            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2 AND O.[Enabled] = 1) -- 2 = Confirmed
         )
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql
index 1f3d026df7..3fc19deef7 100644
--- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql	
+++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql	
@@ -15,10 +15,12 @@ BEGIN
         [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
     LEFT JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
     WHERE
         C.[Type] = @Type
         AND (
             (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
-            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2 AND O.[Enabled] = 1) -- 2 = Confirmed
         )
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql
index a7014ebf59..48e597b87d 100644
--- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql	
+++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql	
@@ -14,7 +14,9 @@ BEGIN
         [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
     LEFT JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
     WHERE
         (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
-        OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+        OR (OU.[UserId] = @UserId AND OU.[Status] = 2 AND O.[Enabled] = 1) -- 2 = Confirmed
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql
index 7a17fb1f77..9bb3099761 100644
--- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql	
+++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql	
@@ -14,7 +14,10 @@ BEGIN
         [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
     INNER JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    INNER JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
     WHERE
         OU.[UserId] = @UserId 
         AND OU.[Status] = 2 -- 2 = Confirmed
+        AND O.[Enabled] = 1
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Stored Procedures/CipherFullDetails_ReadByIdUserId.sql b/src/Sql/dbo/Stored Procedures/CipherFullDetails_ReadByIdUserId.sql
index 453997a476..a52dd8349c 100644
--- a/src/Sql/dbo/Stored Procedures/CipherFullDetails_ReadByIdUserId.sql	
+++ b/src/Sql/dbo/Stored Procedures/CipherFullDetails_ReadByIdUserId.sql	
@@ -19,10 +19,12 @@ BEGIN
         [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
     LEFT JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = C.[OrganizationId]
     WHERE
         C.Id = @Id
         AND (
             (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
-            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2 AND O.[Enabled] = 1) -- 2 = Confirmed
         )
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql b/src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql
index 7edccd32eb..079b62c6e1 100644
--- a/src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql	
+++ b/src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql	
@@ -12,7 +12,10 @@ BEGIN
         [SubvaultUser] SU ON SU.[SubvaultId] = S.[Id]
     INNER JOIN
         [OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    INNER JOIN
+        [Organization] O ON O.[Id] = OU.[OrganizationId]
     WHERE
         OU.[UserId] = @UserId
         AND OU.[Status] = 2 -- Confirmed
+        AND O.[Enabled] = 1
 END
\ No newline at end of file
diff --git a/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql b/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
index 5613cff75c..9c8794fdc3 100644
--- a/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
+++ b/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
@@ -4,6 +4,7 @@ SELECT
     OU.[UserId],
     OU.[OrganizationId],
     O.[Name],
+    O.[Enabled],
     OU.[Key],
     OU.[Status],
     OU.[Type]