Merge pull request #743 from Hinton/feature/hide-passwords

Add support collection access, hide passwords
2025-07-01 08:02:49 -05:00 · 2020-06-11 14:24:04 -04:00
parent f695b1e7fc 24a458416e
commit 5b3f81f47e
30 changed files with 1057 additions and 36 deletions
--- a/src/Core/Models/Api/Request/SelectionReadOnlyRequestModel.cs
+++ b/src/Core/Models/Api/Request/SelectionReadOnlyRequestModel.cs
@ -11,13 +11,15 @@ namespace Bit.Core.Models.Api
        [Required]
        public string Id { get; set; }
        public bool ReadOnly { get; set; }
+        public bool HidePasswords { get; set; }

        public SelectionReadOnly ToSelectionReadOnly()
        {
            return new SelectionReadOnly
            {
                Id = new Guid(Id),
-                ReadOnly = ReadOnly
+                ReadOnly = ReadOnly,
+                HidePasswords = HidePasswords,
            };
        }
    }
--- a/src/Core/Models/Api/Response/CipherResponseModel.cs
+++ b/src/Core/Models/Api/Response/CipherResponseModel.cs
@ -89,11 +89,13 @@ namespace Bit.Core.Models.Api
            FolderId = cipher.FolderId?.ToString();
            Favorite = cipher.Favorite;
            Edit = cipher.Edit;
+            ViewPassword = cipher.ViewPassword;
        }

        public string FolderId { get; set; }
        public bool Favorite { get; set; }
        public bool Edit { get; set; }
+        public bool ViewPassword { get; set; }
    }

    public class CipherDetailsResponseModel : CipherResponseModel
--- a/src/Core/Models/Api/Response/CollectionResponseModel.cs
+++ b/src/Core/Models/Api/Response/CollectionResponseModel.cs
@ -34,9 +34,11 @@ namespace Bit.Core.Models.Api
            : base(collectionDetails, "collectionDetails")
        {
            ReadOnly = collectionDetails.ReadOnly;
+            HidePasswords = collectionDetails.HidePasswords;
        }

        public bool ReadOnly { get; set; }
+        public bool HidePasswords { get; set; }
    }

    public class CollectionGroupDetailsResponseModel : CollectionResponseModel
--- a/src/Core/Models/Api/Response/SelectionReadOnlyResponseModel.cs
+++ b/src/Core/Models/Api/Response/SelectionReadOnlyResponseModel.cs
@ -14,9 +14,11 @@ namespace Bit.Core.Models.Api

            Id = selection.Id.ToString();
            ReadOnly = selection.ReadOnly;
+            HidePasswords = selection.HidePasswords;
        }

        public string Id { get; set; }
        public bool ReadOnly { get; set; }
+        public bool HidePasswords { get; set; }
    }
 }
--- a/src/Core/Models/Data/CipherDetails.cs
+++ b/src/Core/Models/Data/CipherDetails.cs
@ -7,5 +7,6 @@ namespace Core.Models.Data
        public Guid? FolderId { get; set; }
        public bool Favorite { get; set; }
        public bool Edit { get; set; }
+        public bool ViewPassword { get; set; }
    }
 }
--- a/src/Core/Models/Data/CollectionDetails.cs
+++ b/src/Core/Models/Data/CollectionDetails.cs
@ -5,5 +5,6 @@ namespace Bit.Core.Models.Data
    public class CollectionDetails : Collection
    {
        public bool ReadOnly { get; set; }
+        public bool HidePasswords { get; set; }
    }
 }
--- a/src/Core/Models/Data/SelectionReadOnly.cs
+++ b/src/Core/Models/Data/SelectionReadOnly.cs
@ -6,5 +6,6 @@ namespace Bit.Core.Models.Data
    {
        public Guid Id { get; set; }
        public bool ReadOnly { get; set; }
+        public bool HidePasswords { get; set; }
    }
 }
--- a/src/Core/Utilities/CoreHelpers.cs
+++ b/src/Core/Utilities/CoreHelpers.cs
@ -125,6 +125,8 @@ namespace Bit.Core.Utilities
            table.Columns.Add(idColumn);
            var readOnlyColumn = new DataColumn("ReadOnly", typeof(bool));
            table.Columns.Add(readOnlyColumn);
+            var hidePasswordsColumn = new DataColumn("HidePasswords", typeof(bool));
+            table.Columns.Add(hidePasswordsColumn);

            if (values != null)
            {
@ -133,6 +135,7 @@ namespace Bit.Core.Utilities
                    var row = table.NewRow();
                    row[idColumn] = value.Id;
                    row[readOnlyColumn] = value.ReadOnly;
+                    row[hidePasswordsColumn] = value.HidePasswords;
                    table.Rows.Add(row);
                }
            }
--- a/src/Sql/dbo/Functions/UserCipherDetails.sql
+++ b/src/Sql/dbo/Functions/UserCipherDetails.sql
@ -17,12 +17,19 @@ SELECT
    CASE
        WHEN
            OU.[AccessAll] = 1
-            OR CU.[ReadOnly] = 0
            OR G.[AccessAll] = 1
-            OR CG.[ReadOnly] = 0
+            OR COALESCE(CU.[ReadOnly], CG.[ReadOnly], 0) = 0
        THEN 1
        ELSE 0
    END [Edit],
+    CASE
+        WHEN
+            OU.[AccessAll] = 1
+            OR G.[AccessAll] = 1
+            OR COALESCE(CU.[HidePasswords], CG.[HidePasswords], 0) = 0
+        THEN 1
+        ELSE 0
+    END [ViewPassword],
    CASE
        WHEN O.[UseTotp] = 1
        THEN 1
@ -55,6 +62,7 @@ UNION ALL
 SELECT
    *,
    1 [Edit],
+    1 [ViewPassword],
    0 [OrganizationUseTotp]
 FROM
    [dbo].[CipherDetails](@UserId)
--- a/src/Sql/dbo/Functions/UserCollectionDetails.sql
+++ b/src/Sql/dbo/Functions/UserCollectionDetails.sql
@ -7,11 +7,18 @@ SELECT
        WHEN
            OU.[AccessAll] = 1
            OR G.[AccessAll] = 1
-            OR CU.[ReadOnly] = 0
-            OR CG.[ReadOnly] = 0
+            OR COALESCE(CU.[ReadOnly], CG.[ReadOnly], 0) = 0
        THEN 0
        ELSE 1
-    END [ReadOnly]
+    END [ReadOnly],
+    CASE
+        WHEN
+            OU.[AccessAll] = 1
+            OR G.[AccessAll] = 1
+            OR COALESCE(CU.[HidePasswords], CG.[HidePasswords], 0) = 0
+        THEN 0
+        ELSE 1
+    END [HidePasswords]
 FROM
    [dbo].[CollectionView] C
 INNER JOIN
--- a/Procedures/CipherDetails_Create.sql
+++ b/Procedures/CipherDetails_Create.sql
@ -12,6 +12,7 @@
    @FolderId UNIQUEIDENTIFIER,
    @Favorite BIT,
    @Edit BIT, -- not used
+    @ViewPassword BIT, -- not used
    @OrganizationUseTotp BIT, -- not used
    @DeletedDate DATETIME2(7)
 AS
--- a/Procedures/CipherDetails_CreateWithCollections.sql
+++ b/Procedures/CipherDetails_CreateWithCollections.sql
@ -12,6 +12,7 @@
    @FolderId UNIQUEIDENTIFIER,
    @Favorite BIT,
    @Edit BIT, -- not used
+    @ViewPassword BIT, -- not used
    @OrganizationUseTotp BIT, -- not used
    @DeletedDate DATETIME2(7),
    @CollectionIds AS [dbo].[GuidIdArray] READONLY
@ -20,7 +21,8 @@ BEGIN
    SET NOCOUNT ON

    EXEC [dbo].[CipherDetails_Create] @Id, @UserId, @OrganizationId, @Type, @Data, @Favorites, @Folders,
-        @Attachments, @CreationDate, @RevisionDate, @FolderId, @Favorite, @Edit, @OrganizationUseTotp, @DeletedDate
+        @Attachments, @CreationDate, @RevisionDate, @FolderId, @Favorite, @Edit, @ViewPassword,
+        @OrganizationUseTotp, @DeletedDate

    DECLARE @UpdateCollectionsSuccess INT
    EXEC @UpdateCollectionsSuccess = [dbo].[Cipher_UpdateCollections] @Id, @UserId, @OrganizationId, @CollectionIds
--- a/Procedures/CipherDetails_Update.sql
+++ b/Procedures/CipherDetails_Update.sql
@ -12,6 +12,7 @@
    @FolderId UNIQUEIDENTIFIER,
    @Favorite BIT,
    @Edit BIT, -- not used
+    @ViewPassword BIT, -- not used
    @OrganizationUseTotp BIT, -- not used
    @DeletedDate DATETIME2(2)
 AS
--- a/Procedures/CollectionUser_ReadByCollectionId.sql
+++ b/Procedures/CollectionUser_ReadByCollectionId.sql
@ -6,7 +6,8 @@ BEGIN

    SELECT
        [OrganizationUserId] [Id],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        [dbo].[CollectionUser]
    WHERE
--- a/Procedures/CollectionUser_UpdateUsers.sql
+++ b/Procedures/CollectionUser_UpdateUsers.sql
@ -18,14 +18,18 @@ BEGIN
    UPDATE
        [Target]
    SET
-        [Target].[ReadOnly] = [Source].[ReadOnly]
+        [Target].[ReadOnly] = [Source].[ReadOnly],
+        [Target].[HidePasswords] = [Source].[HidePasswords]
    FROM
        [dbo].[CollectionUser] [Target]
    INNER JOIN
        @Users [Source] ON [Source].[Id] = [Target].[OrganizationUserId]
    WHERE
        [Target].[CollectionId] = @CollectionId
-        AND [Target].[ReadOnly] != [Source].[ReadOnly]
+        AND (
+            [Target].[ReadOnly] != [Source].[ReadOnly]
+            OR [Target].[HidePasswords] != [Source].[HidePasswords]
+        )

    -- Insert
    INSERT INTO
@ -33,7 +37,8 @@ BEGIN
    SELECT
        @CollectionId,
        [Source].[Id],
-        [Source].[ReadOnly]
+        [Source].[ReadOnly],
+        [Source].[HidePasswords]
    FROM
        @Users [Source]
    INNER JOIN
--- a/Procedures/Collection_CreateWithGroups.sql
+++ b/Procedures/Collection_CreateWithGroups.sql
@ -24,12 +24,14 @@ BEGIN
    (
        [CollectionId],
        [GroupId],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    )
    SELECT
        @Id,
        [Id],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        @Groups
    WHERE
--- a/Procedures/Collection_ReadWithGroupsById.sql
+++ b/Procedures/Collection_ReadWithGroupsById.sql
@ -8,7 +8,8 @@ BEGIN

    SELECT
        [GroupId] [Id],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        [dbo].[CollectionGroup]
    WHERE
--- a/Procedures/Collection_ReadWithGroupsByIdUserId.sql
+++ b/Procedures/Collection_ReadWithGroupsByIdUserId.sql
@ -9,7 +9,8 @@ BEGIN

    SELECT
        [GroupId] [Id],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        [dbo].[CollectionGroup]
    WHERE
--- a/Procedures/Collection_UpdateWithGroups.sql
+++ b/Procedures/Collection_UpdateWithGroups.sql
@ -33,10 +33,15 @@ BEGIN
        (
            @Id,
            [Source].[Id],
-            [Source].[ReadOnly]
+            [Source].[ReadOnly],
+            [Source].[HidePasswords]
        )
-    WHEN MATCHED AND [Target].[ReadOnly] != [Source].[ReadOnly] THEN
-        UPDATE SET [Target].[ReadOnly] = [Source].[ReadOnly]
+    WHEN MATCHED AND (
+        [Target].[ReadOnly] != [Source].[ReadOnly]
+        OR [Target].[HidePasswords] != [Source].[HidePasswords]
+    ) THEN
+        UPDATE SET [Target].[ReadOnly] = [Source].[ReadOnly],
+                   [Target].[HidePasswords] = [Source].[HidePasswords]
    WHEN NOT MATCHED BY SOURCE
    AND [Target].[CollectionId] = @Id THEN
        DELETE
--- a/Procedures/Group_CreateWithCollections.sql
+++ b/Procedures/Group_CreateWithCollections.sql
@ -25,12 +25,14 @@ BEGIN
    (
        [CollectionId],
        [GroupId],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    )
    SELECT
        [Id],
        @Id,
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        @Collections
    WHERE
--- a/Procedures/Group_ReadWithCollectionsById.sql
+++ b/Procedures/Group_ReadWithCollectionsById.sql
@ -8,7 +8,8 @@ BEGIN

    SELECT
        [CollectionId] [Id],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        [dbo].[CollectionGroup]
    WHERE
--- a/Procedures/Group_UpdateWithCollections.sql
+++ b/Procedures/Group_UpdateWithCollections.sql
@ -34,10 +34,15 @@ BEGIN
        (
            [Source].[Id],
            @Id,
-            [Source].[ReadOnly]
+            [Source].[ReadOnly],
+            [Source].[HidePasswords]
        )
-    WHEN MATCHED AND [Target].[ReadOnly] != [Source].[ReadOnly] THEN
-        UPDATE SET [Target].[ReadOnly] = [Source].[ReadOnly]
+    WHEN MATCHED AND (
+        [Target].[ReadOnly] != [Source].[ReadOnly]
+        OR [Target].[HidePasswords] != [Source].[HidePasswords]
+    ) THEN
+        UPDATE SET [Target].[ReadOnly] = [Source].[ReadOnly],
+                   [Target].[HidePasswords] = [Source].[HidePasswords]
    WHEN NOT MATCHED BY SOURCE
    AND [Target].[GroupId] = @Id THEN
        DELETE
--- a/Procedures/OrganizationUserUserDetails_ReadWithCollectionsById.sql
+++ b/Procedures/OrganizationUserUserDetails_ReadWithCollectionsById.sql
@ -8,7 +8,8 @@ BEGIN

    SELECT
        CU.[CollectionId] Id,
-        CU.[ReadOnly]
+        CU.[ReadOnly],
+        CU.[HidePasswords]
    FROM
        [dbo].[OrganizationUser] OU
    INNER JOIN
--- a/Procedures/OrganizationUser_CreateWithCollections.sql
+++ b/Procedures/OrganizationUser_CreateWithCollections.sql
@ -29,12 +29,14 @@ BEGIN
    (
        [CollectionId],
        [OrganizationUserId],
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    )
    SELECT
        [Id],
        @Id,
-        [ReadOnly]
+        [ReadOnly],
+        [HidePasswords]
    FROM
        @Collections
    WHERE
--- a/Procedures/OrganizationUser_ReadWithCollectionsById.sql
+++ b/Procedures/OrganizationUser_ReadWithCollectionsById.sql
@ -8,7 +8,8 @@ BEGIN

    SELECT
        CU.[CollectionId] Id,
-        CU.[ReadOnly]
+        CU.[ReadOnly],
+        CU.[HidePasswords]
    FROM
        [dbo].[OrganizationUser] OU
    INNER JOIN
--- a/Procedures/OrganizationUser_UpdateWithCollections.sql
+++ b/Procedures/OrganizationUser_UpdateWithCollections.sql
@ -21,14 +21,18 @@ BEGIN
    UPDATE
        [Target]
    SET
-        [Target].[ReadOnly] = [Source].[ReadOnly]
+        [Target].[ReadOnly] = [Source].[ReadOnly],
+        [Target].[HidePasswords] = [Source].[HidePasswords]
    FROM
        [dbo].[CollectionUser] AS [Target]
    INNER JOIN
        @Collections AS [Source] ON [Source].[Id] = [Target].[CollectionId]
    WHERE
        [Target].[OrganizationUserId] = @Id
-        AND [Target].[ReadOnly] != [Source].[ReadOnly]
+        AND (
+            [Target].[ReadOnly] != [Source].[ReadOnly]
+            OR [Target].[HidePasswords] != [Source].[HidePasswords]
+        )

    -- Insert
    INSERT INTO
@ -36,7 +40,8 @@ BEGIN
    SELECT
        [Source].[Id],
        @Id,
-        [Source].[ReadOnly]
+        [Source].[ReadOnly],
+        [Source].[HidePasswords]
    FROM
        @Collections AS [Source]
    INNER JOIN
--- a/src/Sql/dbo/Tables/CollectionGroup.sql
+++ b/src/Sql/dbo/Tables/CollectionGroup.sql
@ -1,7 +1,8 @@
 CREATE TABLE [dbo].[CollectionGroup] (
-    [CollectionId] UNIQUEIDENTIFIER NOT NULL,
-    [GroupId]      UNIQUEIDENTIFIER NOT NULL,
-    [ReadOnly]     BIT              NOT NULL,
+    [CollectionId]  UNIQUEIDENTIFIER NOT NULL,
+    [GroupId]       UNIQUEIDENTIFIER NOT NULL,
+    [ReadOnly]      BIT              NOT NULL,
+    [HidePasswords] BIT              NOT NULL,
    CONSTRAINT [PK_CollectionGroup] PRIMARY KEY CLUSTERED ([CollectionId] ASC, [GroupId] ASC),
    CONSTRAINT [FK_CollectionGroup_Collection] FOREIGN KEY ([CollectionId]) REFERENCES [dbo].[Collection] ([Id]),
    CONSTRAINT [FK_CollectionGroup_Group] FOREIGN KEY ([GroupId]) REFERENCES [dbo].[Group] ([Id]) ON DELETE CASCADE
--- a/src/Sql/dbo/Tables/CollectionUser.sql
+++ b/src/Sql/dbo/Tables/CollectionUser.sql
@ -2,6 +2,7 @@
    [CollectionId]       UNIQUEIDENTIFIER NOT NULL,
    [OrganizationUserId] UNIQUEIDENTIFIER NOT NULL,
    [ReadOnly]           BIT              NOT NULL,
+    [HidePasswords]      BIT              NOT NULL,
    CONSTRAINT [PK_CollectionUser] PRIMARY KEY CLUSTERED ([CollectionId] ASC, [OrganizationUserId] ASC),
    CONSTRAINT [FK_CollectionUser_Collection] FOREIGN KEY ([CollectionId]) REFERENCES [dbo].[Collection] ([Id]) ON DELETE CASCADE,
    CONSTRAINT [FK_CollectionUser_OrganizationUser] FOREIGN KEY ([OrganizationUserId]) REFERENCES [dbo].[OrganizationUser] ([Id])
--- a/Types/SelectionReadOnlyArray.sql
+++ b/Types/SelectionReadOnlyArray.sql
@ -1,4 +1,5 @@
 CREATE TYPE [dbo].[SelectionReadOnlyArray] AS TABLE (
-    [Id]       UNIQUEIDENTIFIER NOT NULL,
-    [ReadOnly] BIT              NOT NULL);
+    [Id]            UNIQUEIDENTIFIER NOT NULL,
+    [ReadOnly]      BIT              NOT NULL,
+    [HidePasswords] BIT              NOT NULL);