diff --git a/src/Api/Vault/Controllers/CiphersController.cs b/src/Api/Vault/Controllers/CiphersController.cs index 1bf20f4c57..aef4f7819e 100644 --- a/src/Api/Vault/Controllers/CiphersController.cs +++ b/src/Api/Vault/Controllers/CiphersController.cs @@ -9,6 +9,7 @@ using Bit.Core; using Bit.Core.AdminConsole.Services; using Bit.Core.Context; using Bit.Core.Entities; +using Bit.Core.Enums; using Bit.Core.Exceptions; using Bit.Core.Repositories; using Bit.Core.Services; @@ -17,6 +18,7 @@ using Bit.Core.Tools.Services; using Bit.Core.Utilities; using Bit.Core.Vault.Entities; using Bit.Core.Vault.Models.Data; +using Bit.Core.Vault.Queries; using Bit.Core.Vault.Repositories; using Bit.Core.Vault.Services; using Microsoft.AspNetCore.Authorization; @@ -41,10 +43,14 @@ public class CiphersController : Controller private readonly GlobalSettings _globalSettings; private readonly Version _cipherKeyEncryptionMinimumVersion = new Version(Constants.CipherKeyEncryptionMinimumVersion); private readonly IFeatureService _featureService; + private readonly IOrganizationCiphersQuery _organizationCiphersQuery; private bool UseFlexibleCollections => _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections); + private bool UseFlexibleCollectionsV1 => + _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1); + public CiphersController( ICipherRepository cipherRepository, ICollectionCipherRepository collectionCipherRepository, @@ -55,7 +61,8 @@ public class CiphersController : Controller ICurrentContext currentContext, ILogger logger, GlobalSettings globalSettings, - IFeatureService featureService) + IFeatureService featureService, + IOrganizationCiphersQuery organizationCiphersQuery) { _cipherRepository = cipherRepository; _collectionCipherRepository = collectionCipherRepository; @@ -67,6 +74,7 @@ public class CiphersController : Controller _logger = logger; _globalSettings = globalSettings; _featureService = featureService; + _organizationCiphersQuery = organizationCiphersQuery; } [HttpGet("{id}")] @@ -230,26 +238,152 @@ public class CiphersController : Controller } [HttpGet("organization-details")] - public async Task> GetOrganizationCollections( - string organizationId) + public async Task> GetOrganizationCiphers(Guid organizationId) { - var userId = _userService.GetProperUserId(User).Value; - var orgIdGuid = new Guid(organizationId); + // Flexible Collections Logic + if (UseFlexibleCollectionsV1) + { + return await GetAllOrganizationCiphersAsync(organizationId); + } - (IEnumerable orgCiphers, Dictionary> collectionCiphersGroupDict) = await _cipherService.GetOrganizationCiphers(userId, orgIdGuid); + // Pre-Flexible Collections Logic + var userId = _userService.GetProperUserId(User).Value; + + (IEnumerable orgCiphers, Dictionary> collectionCiphersGroupDict) = await _cipherService.GetOrganizationCiphers(userId, organizationId); var responses = orgCiphers.Select(c => new CipherMiniDetailsResponseModel(c, _globalSettings, collectionCiphersGroupDict, c.OrganizationUseTotp)); - var providerId = await _currentContext.ProviderIdForOrg(orgIdGuid); + var providerId = await _currentContext.ProviderIdForOrg(organizationId); if (providerId.HasValue) { - await _providerService.LogProviderAccessToOrganizationAsync(orgIdGuid); + await _providerService.LogProviderAccessToOrganizationAsync(organizationId); } return new ListResponseModel(responses); } + [HttpGet("organization-details/assigned")] + public async Task> GetAssignedOrganizationCiphers(Guid organizationId) + { + if (!UseFlexibleCollectionsV1) + { + throw new FeatureUnavailableException(); + } + + if (!await CanAccessOrganizationCiphersAsync(organizationId) || !_currentContext.UserId.HasValue) + { + throw new NotFoundException(); + } + + var ciphers = await _organizationCiphersQuery.GetOrganizationCiphersForUser(organizationId, _currentContext.UserId.Value); + + if (await CanAccessUnassignedCiphersAsync(organizationId)) + { + var unassignedCiphers = await _organizationCiphersQuery.GetUnassignedOrganizationCiphers(organizationId); + ciphers = ciphers.Concat(unassignedCiphers.Select(c => new CipherDetailsWithCollections(c, null) + { + // Users that can access unassigned ciphers can also edit them + Edit = true, + ViewPassword = true, + })); + } + + var responses = ciphers.Select(c => new CipherDetailsResponseModel(c, _globalSettings)); + + return new ListResponseModel(responses); + } + + /// + /// Returns all ciphers belonging to the organization if the user has access to All ciphers. + /// + /// + private async Task> GetAllOrganizationCiphersAsync(Guid organizationId) + { + if (!await CanAccessAllCiphersAsync(organizationId)) + { + throw new NotFoundException(); + } + + var allOrganizationCiphers = await _organizationCiphersQuery.GetAllOrganizationCiphers(organizationId); + + var allOrganizationCipherResponses = + allOrganizationCiphers.Select(c => + new CipherMiniDetailsResponseModel(c, _globalSettings, c.OrganizationUseTotp) + ); + + return new ListResponseModel(allOrganizationCipherResponses); + } + + /// + /// TODO: Move this to its own authorization handler or equivalent service - AC-2062 + /// + private async Task CanAccessAllCiphersAsync(Guid organizationId) + { + var org = _currentContext.GetOrganization(organizationId); + + if (org is + { Type: OrganizationUserType.Owner or OrganizationUserType.Admin } or + { Permissions.AccessImportExport: true }) + { + return true; + } + + // Provider users can access all ciphers in V1 (to change later) + if (await _currentContext.ProviderUserForOrgAsync(organizationId)) + { + return true; + } + + return false; + } + + /// + /// TODO: Move this to its own authorization handler or equivalent service - AC-2062 + /// + private async Task CanAccessOrganizationCiphersAsync(Guid organizationId) + { + var org = _currentContext.GetOrganization(organizationId); + + // The user has a relationship with the organization; + // they can access its ciphers in collections they've been assigned + if (org is not null) + { + return true; + } + + // Provider users can still access organization ciphers in V1 (to change later) + if (await _currentContext.ProviderUserForOrgAsync(organizationId)) + { + return true; + } + + return false; + } + + /// + /// TODO: Move this to its own authorization handler or equivalent service - AC-2062 + /// + private async Task CanAccessUnassignedCiphersAsync(Guid organizationId) + { + var org = _currentContext.GetOrganization(organizationId); + + if (org is + { Type: OrganizationUserType.Owner or OrganizationUserType.Admin } or + { Permissions.EditAnyCollection: true }) + { + return true; + } + + // Provider users can access all ciphers in V1 (to change later) + if (await _currentContext.ProviderUserForOrgAsync(organizationId)) + { + return true; + } + + return false; + } + [HttpPut("{id}/partial")] [HttpPost("{id}/partial")] public async Task PutPartial(Guid id, [FromBody] CipherPartialRequestModel model) diff --git a/src/Api/Vault/Models/Response/CipherResponseModel.cs b/src/Api/Vault/Models/Response/CipherResponseModel.cs index ab79cc3600..aa86b17f52 100644 --- a/src/Api/Vault/Models/Response/CipherResponseModel.cs +++ b/src/Api/Vault/Models/Response/CipherResponseModel.cs @@ -127,6 +127,12 @@ public class CipherDetailsResponseModel : CipherResponseModel CollectionIds = collectionCiphers?.Select(c => c.CollectionId) ?? new List(); } + public CipherDetailsResponseModel(CipherDetailsWithCollections cipher, GlobalSettings globalSettings, string obj = "cipherDetails") + : base(cipher, globalSettings, obj) + { + CollectionIds = cipher.CollectionIds ?? new List(); + } + public IEnumerable CollectionIds { get; set; } } @@ -146,5 +152,12 @@ public class CipherMiniDetailsResponseModel : CipherMiniResponseModel } } + public CipherMiniDetailsResponseModel(CipherOrganizationDetailsWithCollections cipher, + GlobalSettings globalSettings, bool orgUseTotp, string obj = "cipherMiniDetails") + : base(cipher, globalSettings, orgUseTotp, obj) + { + CollectionIds = cipher.CollectionIds ?? new List(); + } + public IEnumerable CollectionIds { get; set; } } diff --git a/src/Core/Vault/Models/Data/CipherDetails.cs b/src/Core/Vault/Models/Data/CipherDetails.cs index dfb3169494..a1b6e7ea09 100644 --- a/src/Core/Vault/Models/Data/CipherDetails.cs +++ b/src/Core/Vault/Models/Data/CipherDetails.cs @@ -1,4 +1,6 @@ -namespace Bit.Core.Vault.Models.Data; +using Bit.Core.Entities; + +namespace Bit.Core.Vault.Models.Data; public class CipherDetails : CipherOrganizationDetails { @@ -7,3 +9,57 @@ public class CipherDetails : CipherOrganizationDetails public bool Edit { get; set; } public bool ViewPassword { get; set; } } + +public class CipherDetailsWithCollections : CipherDetails +{ + public CipherDetailsWithCollections( + CipherDetails cipher, + Dictionary> collectionCiphersGroupDict) + { + Id = cipher.Id; + UserId = cipher.UserId; + OrganizationId = cipher.OrganizationId; + Type = cipher.Type; + Data = cipher.Data; + Favorites = cipher.Favorites; + Folders = cipher.Folders; + Attachments = cipher.Attachments; + CreationDate = cipher.CreationDate; + RevisionDate = cipher.RevisionDate; + DeletedDate = cipher.DeletedDate; + Reprompt = cipher.Reprompt; + Key = cipher.Key; + FolderId = cipher.FolderId; + Favorite = cipher.Favorite; + Edit = cipher.Edit; + ViewPassword = cipher.ViewPassword; + + CollectionIds = collectionCiphersGroupDict.TryGetValue(Id, out var value) + ? value.Select(cc => cc.CollectionId) + : Array.Empty(); + } + + public CipherDetailsWithCollections(CipherOrganizationDetails cipher, Dictionary> collectionCiphersGroupDict) + { + Id = cipher.Id; + UserId = cipher.UserId; + OrganizationId = cipher.OrganizationId; + Type = cipher.Type; + Data = cipher.Data; + Favorites = cipher.Favorites; + Folders = cipher.Folders; + Attachments = cipher.Attachments; + CreationDate = cipher.CreationDate; + RevisionDate = cipher.RevisionDate; + DeletedDate = cipher.DeletedDate; + Reprompt = cipher.Reprompt; + Key = cipher.Key; + OrganizationUseTotp = cipher.OrganizationUseTotp; + + CollectionIds = collectionCiphersGroupDict != null && collectionCiphersGroupDict.TryGetValue(Id, out var value) + ? value.Select(cc => cc.CollectionId) + : Array.Empty(); + } + + public IEnumerable CollectionIds { get; set; } +} diff --git a/src/Core/Vault/Models/Data/CipherOrganizationDetails.cs b/src/Core/Vault/Models/Data/CipherOrganizationDetails.cs index d1571b7448..9cdb588236 100644 --- a/src/Core/Vault/Models/Data/CipherOrganizationDetails.cs +++ b/src/Core/Vault/Models/Data/CipherOrganizationDetails.cs @@ -1,4 +1,5 @@ -using Bit.Core.Vault.Entities; +using Bit.Core.Entities; +using Bit.Core.Vault.Entities; namespace Bit.Core.Vault.Models.Data; @@ -6,3 +7,31 @@ public class CipherOrganizationDetails : Cipher { public bool OrganizationUseTotp { get; set; } } + +public class CipherOrganizationDetailsWithCollections : CipherOrganizationDetails +{ + public CipherOrganizationDetailsWithCollections( + CipherOrganizationDetails cipher, + Dictionary> collectionCiphersGroupDict) + { + Id = cipher.Id; + UserId = cipher.UserId; + OrganizationId = cipher.OrganizationId; + Type = cipher.Type; + Data = cipher.Data; + Favorites = cipher.Favorites; + Folders = cipher.Folders; + Attachments = cipher.Attachments; + CreationDate = cipher.CreationDate; + RevisionDate = cipher.RevisionDate; + DeletedDate = cipher.DeletedDate; + Reprompt = cipher.Reprompt; + Key = cipher.Key; + OrganizationUseTotp = cipher.OrganizationUseTotp; + + CollectionIds = collectionCiphersGroupDict.TryGetValue(Id, out var value) + ? value.Select(cc => cc.CollectionId) + : Array.Empty(); + } + public IEnumerable CollectionIds { get; set; } +} diff --git a/src/Core/Vault/Queries/IOrganizationCiphersQuery.cs b/src/Core/Vault/Queries/IOrganizationCiphersQuery.cs new file mode 100644 index 0000000000..680743088e --- /dev/null +++ b/src/Core/Vault/Queries/IOrganizationCiphersQuery.cs @@ -0,0 +1,30 @@ +using Bit.Core.Exceptions; +using Bit.Core.Vault.Models.Data; + +namespace Bit.Core.Vault.Queries; + +/// +/// Helper queries for retrieving cipher details belonging to an organization including collection information. +/// +/// It does not perform any internal authorization checks. +public interface IOrganizationCiphersQuery +{ + /// + /// Returns ciphers belonging to the organization that the user has been assigned to via collections. + /// + /// + public Task> GetOrganizationCiphersForUser(Guid organizationId, Guid userId); + + /// + /// Returns all ciphers belonging to the organization. + /// + /// + /// + public Task> GetAllOrganizationCiphers(Guid organizationId); + + /// + /// Returns ciphers belonging to the organization that are not assigned to any collection. + /// + /// + Task> GetUnassignedOrganizationCiphers(Guid organizationId); +} diff --git a/src/Core/Vault/Queries/OrganizationCiphersQuery.cs b/src/Core/Vault/Queries/OrganizationCiphersQuery.cs new file mode 100644 index 0000000000..feed098088 --- /dev/null +++ b/src/Core/Vault/Queries/OrganizationCiphersQuery.cs @@ -0,0 +1,79 @@ +using Bit.Core.Exceptions; +using Bit.Core.Repositories; +using Bit.Core.Services; +using Bit.Core.Vault.Models.Data; +using Bit.Core.Vault.Repositories; + +namespace Bit.Core.Vault.Queries; + +public class OrganizationCiphersQuery : IOrganizationCiphersQuery +{ + private readonly ICipherRepository _cipherRepository; + private readonly ICollectionCipherRepository _collectionCipherRepository; + private readonly IFeatureService _featureService; + + private bool FlexibleCollectionsV1Enabled => _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1); + + public OrganizationCiphersQuery(ICipherRepository cipherRepository, ICollectionCipherRepository collectionCipherRepository, IFeatureService featureService) + { + _cipherRepository = cipherRepository; + _collectionCipherRepository = collectionCipherRepository; + _featureService = featureService; + } + + /// + /// Returns ciphers belonging to the organization that the user has been assigned to via collections. + /// + public async Task> GetOrganizationCiphersForUser(Guid organizationId, Guid userId) + { + if (!FlexibleCollectionsV1Enabled) + { + // Flexible collections is OFF, should not be using this query + throw new FeatureUnavailableException("Flexible collections is OFF when it should be ON."); + } + + var ciphers = await _cipherRepository.GetManyByUserIdAsync(userId, useFlexibleCollections: true, withOrganizations: true); + var orgCiphers = ciphers.Where(c => c.OrganizationId == organizationId).ToList(); + var orgCipherIds = orgCiphers.Select(c => c.Id); + + var collectionCiphers = await _collectionCipherRepository.GetManyByOrganizationIdAsync(organizationId); + var collectionCiphersGroupDict = collectionCiphers + .Where(c => orgCipherIds.Contains(c.CipherId)) + .GroupBy(c => c.CipherId).ToDictionary(s => s.Key); + + return orgCiphers.Select(c => new CipherDetailsWithCollections(c, collectionCiphersGroupDict)); + } + + /// + /// Returns all ciphers belonging to the organization. + /// + /// + public async Task> GetAllOrganizationCiphers(Guid organizationId) + { + if (!FlexibleCollectionsV1Enabled) + { + // Flexible collections is OFF, should not be using this query + throw new FeatureUnavailableException("Flexible collections is OFF when it should be ON."); + } + + var orgCiphers = await _cipherRepository.GetManyOrganizationDetailsByOrganizationIdAsync(organizationId); + var collectionCiphers = await _collectionCipherRepository.GetManyByOrganizationIdAsync(organizationId); + var collectionCiphersGroupDict = collectionCiphers.GroupBy(c => c.CipherId).ToDictionary(s => s.Key); + + return orgCiphers.Select(c => new CipherOrganizationDetailsWithCollections(c, collectionCiphersGroupDict)); + } + + /// + /// Returns ciphers belonging to the organization that are not assigned to any collection. + /// + public async Task> GetUnassignedOrganizationCiphers(Guid organizationId) + { + if (!FlexibleCollectionsV1Enabled) + { + // Flexible collections is OFF, should not be using this query + throw new FeatureUnavailableException("Flexible collections is OFF when it should be ON."); + } + + return await _cipherRepository.GetManyUnassignedOrganizationDetailsByOrganizationIdAsync(organizationId); + } +} diff --git a/src/Core/Vault/Repositories/ICipherRepository.cs b/src/Core/Vault/Repositories/ICipherRepository.cs index ae3b72ad0f..f801f6f6f7 100644 --- a/src/Core/Vault/Repositories/ICipherRepository.cs +++ b/src/Core/Vault/Repositories/ICipherRepository.cs @@ -15,6 +15,7 @@ public interface ICipherRepository : IRepository Task GetCanEditByIdAsync(Guid userId, Guid cipherId); Task> GetManyByUserIdAsync(Guid userId, bool useFlexibleCollections, bool withOrganizations = true); Task> GetManyByOrganizationIdAsync(Guid organizationId); + Task> GetManyUnassignedOrganizationDetailsByOrganizationIdAsync(Guid organizationId); Task CreateAsync(Cipher cipher, IEnumerable collectionIds); Task CreateAsync(CipherDetails cipher); Task CreateAsync(CipherDetails cipher, IEnumerable collectionIds); diff --git a/src/Core/Vault/VaultServiceCollectionExtensions.cs b/src/Core/Vault/VaultServiceCollectionExtensions.cs new file mode 100644 index 0000000000..5296f47e3e --- /dev/null +++ b/src/Core/Vault/VaultServiceCollectionExtensions.cs @@ -0,0 +1,19 @@ +using Bit.Core.Vault.Queries; +using Microsoft.Extensions.DependencyInjection; + +namespace Bit.Core.Vault; + +public static class VaultServiceCollectionExtensions +{ + public static IServiceCollection AddVaultServices(this IServiceCollection services) + { + services.AddVaultQueries(); + + return services; + } + + private static void AddVaultQueries(this IServiceCollection services) + { + services.AddScoped(); + } +} diff --git a/src/Infrastructure.Dapper/Vault/Repositories/CipherRepository.cs b/src/Infrastructure.Dapper/Vault/Repositories/CipherRepository.cs index f0bc4c1760..5bfcac7b5e 100644 --- a/src/Infrastructure.Dapper/Vault/Repositories/CipherRepository.cs +++ b/src/Infrastructure.Dapper/Vault/Repositories/CipherRepository.cs @@ -122,6 +122,19 @@ public class CipherRepository : Repository, ICipherRepository } } + public async Task> GetManyUnassignedOrganizationDetailsByOrganizationIdAsync(Guid organizationId) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var results = await connection.QueryAsync( + $"[{Schema}].[CipherOrganizationDetails_ReadUnassignedByOrganizationId]", + new { OrganizationId = organizationId }, + commandType: CommandType.StoredProcedure); + + return results.ToList(); + } + } + public async Task CreateAsync(Cipher cipher, IEnumerable collectionIds) { cipher.SetNewId(); diff --git a/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs b/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs index f24fa29e60..b199fd06ef 100644 --- a/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs +++ b/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs @@ -349,6 +349,17 @@ public class CipherRepository : Repository> GetManyUnassignedOrganizationDetailsByOrganizationIdAsync(Guid organizationId) + { + using (var scope = ServiceScopeFactory.CreateScope()) + { + var dbContext = GetDatabaseContext(scope); + var query = new CipherOrganizationDetailsReadByOrganizationIdQuery(organizationId, true); + var data = await query.Run(dbContext).ToListAsync(); + return data; + } + } + public async Task> GetManyByUserIdAsync(Guid userId, bool useFlexibleCollections, bool withOrganizations = true) { using (var scope = ServiceScopeFactory.CreateScope()) diff --git a/src/Infrastructure.EntityFramework/Vault/Repositories/Queries/CipherOrganizationDetailsReadByOrganizationIdQuery.cs b/src/Infrastructure.EntityFramework/Vault/Repositories/Queries/CipherOrganizationDetailsReadByOrganizationIdQuery.cs index e00752a3c5..0a39e52957 100644 --- a/src/Infrastructure.EntityFramework/Vault/Repositories/Queries/CipherOrganizationDetailsReadByOrganizationIdQuery.cs +++ b/src/Infrastructure.EntityFramework/Vault/Repositories/Queries/CipherOrganizationDetailsReadByOrganizationIdQuery.cs @@ -6,10 +6,17 @@ namespace Bit.Infrastructure.EntityFramework.Repositories.Vault.Queries; public class CipherOrganizationDetailsReadByOrganizationIdQuery : IQuery { private readonly Guid _organizationId; + private readonly bool _unassignedOnly; - public CipherOrganizationDetailsReadByOrganizationIdQuery(Guid organizationId) + /// + /// Query for retrieving ciphers organization details by organization id + /// + /// The id of the organization to query + /// Only include ciphers that are not assigned to any collection + public CipherOrganizationDetailsReadByOrganizationIdQuery(Guid organizationId, bool unassignedOnly = false) { _organizationId = organizationId; + _unassignedOnly = unassignedOnly; } public virtual IQueryable Run(DatabaseContext dbContext) { @@ -33,6 +40,18 @@ public class CipherOrganizationDetailsReadByOrganizationIdQuery : IQuery !collectionCipherIds.Contains(c.Id)); + } + return query; } } diff --git a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs index cfa1226e6d..8c07fadf90 100644 --- a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs +++ b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs @@ -30,6 +30,7 @@ using Bit.Core.Settings; using Bit.Core.Tokens; using Bit.Core.Tools.Services; using Bit.Core.Utilities; +using Bit.Core.Vault; using Bit.Core.Vault.Services; using Bit.Infrastructure.Dapper; using Bit.Infrastructure.EntityFramework; @@ -144,6 +145,7 @@ public static class ServiceCollectionExtensions services.AddScoped(); services.AddLoginServices(); services.AddScoped(); + services.AddVaultServices(); } public static void AddTokenizers(this IServiceCollection services) diff --git a/src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherOrganizationDetails_ReadUnassignedByOrganizationId.sql b/src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherOrganizationDetails_ReadUnassignedByOrganizationId.sql new file mode 100644 index 0000000000..95df8cd5bd --- /dev/null +++ b/src/Sql/Vault/dbo/Stored Procedures/Cipher/CipherOrganizationDetails_ReadUnassignedByOrganizationId.sql @@ -0,0 +1,26 @@ +CREATE PROCEDURE [dbo].[CipherOrganizationDetails_ReadUnassignedByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + C.*, + CASE + WHEN O.[UseTotp] = 1 THEN 1 + ELSE 0 + END [OrganizationUseTotp] + FROM + [dbo].[CipherView] C + LEFT JOIN + [dbo].[OrganizationView] O ON O.[Id] = C.[OrganizationId] + LEFT JOIN + [dbo].[CollectionCipher] CC ON C.[Id] = CC.[CipherId] + LEFT JOIN + [dbo].[Collection] S ON S.[Id] = CC.[CollectionId] + AND S.[OrganizationId] = C.[OrganizationId] + WHERE + C.[UserId] IS NULL + AND C.[OrganizationId] = @OrganizationId + AND CC.[CipherId] IS NULL +END diff --git a/util/Migrator/DbScripts/2024-02-08_00_AddUnassignedCiphersQuery.sql b/util/Migrator/DbScripts/2024-02-08_00_AddUnassignedCiphersQuery.sql new file mode 100644 index 0000000000..05daad6b05 --- /dev/null +++ b/util/Migrator/DbScripts/2024-02-08_00_AddUnassignedCiphersQuery.sql @@ -0,0 +1,27 @@ +CREATE OR ALTER PROCEDURE [dbo].[CipherOrganizationDetails_ReadUnassignedByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + C.*, + CASE + WHEN O.[UseTotp] = 1 THEN 1 + ELSE 0 + END [OrganizationUseTotp] + FROM + [dbo].[CipherView] C + LEFT JOIN + [dbo].[OrganizationView] O ON O.[Id] = C.[OrganizationId] + LEFT JOIN + [dbo].[CollectionCipher] CC ON C.[Id] = CC.[CipherId] + LEFT JOIN + [dbo].[Collection] S ON S.[Id] = CC.[CollectionId] + AND S.[OrganizationId] = C.[OrganizationId] + WHERE + C.[UserId] IS NULL + AND C.[OrganizationId] = @OrganizationId + AND CC.[CipherId] IS NULL +END +GO