Ps 976 moving of read only organization collection items to different folder not possible (#2257)

* PS-976 - update PutPartial endpoint to return cipher info, update Cipher_Move sproc to allow users to update a cipher's folder even if they don't have edit permissions * PS-976- fix formatting errors * PS-976 - per cr feedback updated EF query to match cipher_move sproc update, and updated cipher tests to align with existing tests
2025-06-30 15:42:48 -05:00 · 2022-10-25 12:23:49 -07:00
parent b5d5e6f65a
commit b938abab65
5 changed files with 92 additions and 5 deletions
--- a/util/Migrator/DbScripts/2022-09-08_00_CipherMovePermissions.sql
+++ b/util/Migrator/DbScripts/2022-09-08_00_CipherMovePermissions.sql
@ -0,0 +1,39 @@
+-- Remove check for Edit permission. User should be able to move the cipher to a different folder even if they don't have Edit permissions
+
+ALTER PROCEDURE [dbo].[Cipher_Move]
+    @Ids AS [dbo].[GuidIdArray] READONLY,
+    @FolderId AS UNIQUEIDENTIFIER,
+    @UserId AS UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    DECLARE @UserIdKey VARCHAR(50) = CONCAT('"', @UserId, '"')
+    DECLARE @UserIdPath VARCHAR(50) = CONCAT('$.', @UserIdKey)
+
+    ;WITH [IdsToMoveCTE] AS (
+        SELECT
+            [Id]
+        FROM
+            [dbo].[UserCipherDetails](@UserId)
+        WHERE
+            [Id] IN (SELECT * FROM @Ids)
+    )
+    UPDATE
+        [dbo].[Cipher]
+    SET
+        [Folders] = 
+            CASE
+            WHEN @FolderId IS NOT NULL AND [Folders] IS NULL THEN
+                CONCAT('{', @UserIdKey, ':"', @FolderId, '"', '}')
+            WHEN @FolderId IS NOT NULL THEN
+                JSON_MODIFY([Folders], @UserIdPath, CAST(@FolderId AS VARCHAR(50)))
+            ELSE
+                JSON_MODIFY([Folders], @UserIdPath, NULL)
+            END
+    WHERE
+        [Id] IN (SELECT * FROM [IdsToMoveCTE])
+
+    EXEC [dbo].[User_BumpAccountRevisionDate] @UserId
+END
+GO