[AC-2447] Update PutCollection to return Unavailable cipher when last Can Manage Access is Removed (#4074)

* update CiphersController to return a unavailable value to the client so it can determine if the user removed the final Can Manage access of an item
2025-06-30 15:42:48 -05:00 · 2024-05-21 11:31:22 -04:00
parent f2242186d0
commit 87865e8f5c
3 changed files with 133 additions and 0 deletions
--- a/src/Api/Vault/Controllers/CiphersController.cs
+++ b/src/Api/Vault/Controllers/CiphersController.cs
@ -619,9 +619,39 @@ public class CiphersController : Controller

        var updatedCipher = await GetByIdAsync(id, userId);
        var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id, UseFlexibleCollections);
+
        return new CipherDetailsResponseModel(updatedCipher, _globalSettings, collectionCiphers);
    }

+    [HttpPut("{id}/collections_v2")]
+    [HttpPost("{id}/collections_v2")]
+    public async Task<OptionalCipherDetailsResponseModel> PutCollections_vNext(Guid id, [FromBody] CipherCollectionsRequestModel model)
+    {
+        var userId = _userService.GetProperUserId(User).Value;
+        var cipher = await GetByIdAsync(id, userId);
+        if (cipher == null || !cipher.OrganizationId.HasValue ||
+            !await _currentContext.OrganizationUser(cipher.OrganizationId.Value))
+        {
+            throw new NotFoundException();
+        }
+
+        await _cipherService.SaveCollectionsAsync(cipher,
+            model.CollectionIds.Select(c => new Guid(c)), userId, false);
+
+        var updatedCipher = await GetByIdAsync(id, userId);
+        var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id, UseFlexibleCollections);
+        // If a user removes the last Can Manage access of a cipher, the "updatedCipher" will return null
+        // We will be returning an "Unavailable" property so the client knows the user can no longer access this
+        var response = new OptionalCipherDetailsResponseModel()
+        {
+            Unavailable = updatedCipher is null,
+            Cipher = updatedCipher is null
+                ? null
+                : new CipherDetailsResponseModel(updatedCipher, _globalSettings, collectionCiphers)
+        };
+        return response;
+    }
+
    [HttpPut("{id}/collections-admin")]
    [HttpPost("{id}/collections-admin")]
    public async Task PutCollectionsAdmin(string id, [FromBody] CipherCollectionsRequestModel model)
--- a/src/Api/Vault/Models/Response/OptionalCipherDetailsResponseModel.cs
+++ b/src/Api/Vault/Models/Response/OptionalCipherDetailsResponseModel.cs
@ -0,0 +1,13 @@
+using Bit.Api.Vault.Models.Response;
+using Bit.Core.Models.Api;
+
+public class OptionalCipherDetailsResponseModel : ResponseModel
+{
+    public bool Unavailable { get; set; }
+
+    public CipherDetailsResponseModel? Cipher { get; set; }
+
+    public OptionalCipherDetailsResponseModel()
+        : base("optionalCipherDetails")
+    { }
+}