set cipher id to limit collection scope

src/Core/Services/Implementations/CipherService.cs

@@ -63,6 +63,7 @@ namespace Bit.Core.Services
                 throw new BadRequestException("You do not have permissions to edit this.");
             }
 
+            cipher.UserId = savingUserId;
             if(cipher.Id == default(Guid))
             {
                 if(cipher.OrganizationId.HasValue && collectionIds != null)

src/Sql/dbo/Stored Procedures/Cipher_Update.sql

@@ -16,7 +16,7 @@ BEGIN
     UPDATE
         [dbo].[Cipher]
     SET
-        [UserId] = @UserId,
+        [UserId] = CASE WHEN @OrganizationId IS NULL THEN @UserId ELSE NULL END,
         [OrganizationId] = @OrganizationId,
         [Type] = @Type,
         [Data] = @Data,

util/Setup/DbScripts/2018-10-17_00_ManagerRole.sql

@@ -488,3 +488,50 @@ BEGIN
     END
 END
 GO
+
+IF OBJECT_ID('[dbo].[Cipher_Update]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[Cipher_Update]
+END
+GO
+
+CREATE PROCEDURE [dbo].[Cipher_Update]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER,
+    @Type TINYINT,
+    @Data NVARCHAR(MAX),
+    @Favorites NVARCHAR(MAX),
+    @Folders NVARCHAR(MAX),
+    @Attachments NVARCHAR(MAX),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7)
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+        [dbo].[Cipher]
+    SET
+        [UserId] = CASE WHEN @OrganizationId IS NULL THEN @UserId ELSE NULL END,
+        [OrganizationId] = @OrganizationId,
+        [Type] = @Type,
+        [Data] = @Data,
+        [Favorites] = @Favorites,
+        [Folders] = @Folders,
+        [Attachments] = @Attachments,
+        [CreationDate] = @CreationDate,
+        [RevisionDate] = @RevisionDate
+    WHERE
+        [Id] = @Id
+
+    IF @OrganizationId IS NOT NULL
+    BEGIN
+        EXEC [dbo].[User_BumpAccountRevisionDateByCipherId] @Id, @OrganizationId
+    END
+    ELSE IF @UserId IS NOT NULL
+    BEGIN
+        EXEC [dbo].[User_BumpAccountRevisionDate] @UserId
+    END
+END
+GO