Move into and read ciphers from org subvaults

src/Core/Services/Implementations/CipherService.cs

@@ -5,6 +5,7 @@ using System.Threading.Tasks;
 using Bit.Core.Models.Table;
 using Bit.Core.Repositories;
 using Core.Models.Data;
+using Bit.Core.Exceptions;
 
 namespace Bit.Core.Services
 {
@@ -13,17 +14,26 @@ namespace Bit.Core.Services
         private readonly ICipherRepository _cipherRepository;
         private readonly IFolderRepository _folderRepository;
         private readonly IUserRepository _userRepository;
+        private readonly IOrganizationRepository _organizationRepository;
+        private readonly IOrganizationUserRepository _organizationUserRepository;
+        private readonly ISubvaultUserRepository _subvaultUserRepository;
         private readonly IPushService _pushService;
 
         public CipherService(
             ICipherRepository cipherRepository,
             IFolderRepository folderRepository,
             IUserRepository userRepository,
+            IOrganizationRepository organizationRepository,
+            IOrganizationUserRepository organizationUserRepository,
+            ISubvaultUserRepository subvaultUserRepository,
             IPushService pushService)
         {
             _cipherRepository = cipherRepository;
             _folderRepository = folderRepository;
             _userRepository = userRepository;
+            _organizationRepository = organizationRepository;
+            _organizationUserRepository = organizationUserRepository;
+            _subvaultUserRepository = subvaultUserRepository;
             _pushService = pushService;
         }
 
@@ -81,6 +91,35 @@ namespace Bit.Core.Services
             //await _pushService.PushSyncCipherDeleteAsync(cipher);
         }
 
+        public async Task MoveSubvaultAsync(Cipher cipher, IEnumerable<Guid> subvaultIds, Guid userId)
+        {
+            if(cipher.Id == default(Guid))
+            {
+                throw new BadRequestException(nameof(cipher.Id));
+            }
+
+            if(!cipher.OrganizationId.HasValue)
+            {
+                throw new BadRequestException(nameof(cipher.OrganizationId));
+            }
+
+            var existingCipher = await _cipherRepository.GetByIdAsync(cipher.Id);
+            if(existingCipher == null || (existingCipher.UserId.HasValue && existingCipher.UserId != userId))
+            {
+                throw new NotFoundException();
+            }
+
+            var subvaultUserDetails = await _subvaultUserRepository.GetPermissionsByUserIdAsync(userId, subvaultIds,
+                cipher.OrganizationId.Value);
+
+            cipher.UserId = null;
+            cipher.RevisionDate = DateTime.UtcNow;
+            await _cipherRepository.ReplaceAsync(cipher, subvaultUserDetails.Where(s => s.Admin).Select(s => s.SubvaultId));
+
+            // push
+            await _pushService.PushSyncCipherUpdateAsync(cipher);
+        }
+
         public async Task ImportCiphersAsync(
             List<Folder> folders,
             List<CipherDetails> ciphers,

src/Core/Services/Implementations/PushSharpPushService.cs

@@ -71,7 +71,7 @@ namespace Bit.Core.Services
             {
                 Type = type,
                 Id = cipher.Id,
-                UserId = cipher.UserId,
+                UserId = cipher.UserId.Value,
                 RevisionDate = cipher.RevisionDate,
                 Aps = new PushNotification.AppleData { ContentAvailable = 1 }
             };
@@ -82,7 +82,7 @@ namespace Bit.Core.Services
                 excludedTokens.Add(_currentContext.DeviceIdentifier);
             }
 
-            await PushToAllUserDevicesAsync(cipher.UserId, JObject.FromObject(message), excludedTokens);
+            await PushToAllUserDevicesAsync(cipher.UserId.Value, JObject.FromObject(message), excludedTokens);
         }
 
         public async Task PushSyncCiphersAsync(Guid userId)