admin subvault updates for cipher

src/Sql/Sql.sqlproj

@@ -143,7 +143,6 @@
     <Build Include="dbo\Stored Procedures\Subvault_ReadById.sql" />
     <Build Include="dbo\Stored Procedures\User_UpdateEmailPassword.sql" />
     <Build Include="dbo\Stored Procedures\Subvault_Update.sql" />
-    <Build Include="dbo\Stored Procedures\SubvaultUser_ReadPermissionsBySubvaultUserId.sql" />
     <Build Include="dbo\Stored Procedures\SubvaultCipher_Create.sql" />
     <Build Include="dbo\Stored Procedures\SubvaultCipher_Delete.sql" />
     <Build Include="dbo\Stored Procedures\Cipher_UpdateWithSubvaults.sql" />
@@ -176,5 +175,6 @@
     <Build Include="dbo\User Defined Types\GuidIdArray.sql" />
     <Build Include="dbo\Stored Procedures\Cipher_ReadByOrganizationId.sql" />
     <Build Include="dbo\Stored Procedures\SubvaultCipher_ReadByOrganizationId.sql" />
+    <Build Include="dbo\Stored Procedures\SubvaultCipher_UpdateSubvaultsAdmin.sql" />
   </ItemGroup>
 </Project>

src/Sql/dbo/Stored Procedures/Cipher_UpdateWithSubvaults.sql

@@ -24,21 +24,32 @@ BEGIN
     WHERE
         [Id] = @Id
 
-    MERGE
-        [dbo].[SubvaultCipher] AS [Target]
-    USING 
-        @SubvaultIds AS [Source]
-    ON
-        [Target].[SubvaultId] = [Source].[Id]
-        AND [Target].[CipherId] = @Id
-    WHEN NOT MATCHED BY TARGET THEN
-        INSERT VALUES
-        (
-            [Source].[Id],
-            @Id
-        )
-    WHEN NOT MATCHED BY SOURCE
-    AND [Target].[CipherId] = @Id THEN
-        DELETE
-    ;
+
+    ;WITH [AvailableSubvaultsCTE] AS(
+        SELECT
+            SU.SubvaultId
+        FROM
+            [dbo].[SubvaultUser] SU
+        INNER JOIN
+            [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+        INNER JOIN
+            [dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
+        WHERE
+            OU.[UserId] = @UserId
+            AND SU.[ReadOnly] = 0
+            AND OU.[Status] = 2 -- Confirmed
+            AND O.[Enabled] = 1
+    )
+    INSERT INTO [dbo].[SubvaultCipher]
+    (
+        [SubvaultId],
+        [CipherId]
+    )
+    SELECT
+        Id,
+        @Id
+    FROM
+        @SubvaultIds
+    WHERE
+        Id IN (SELECT SubvaultId FROM [AvailableSubvaultsCTE])
 END

src/Sql/dbo/Stored Procedures/SubvaultCipher_UpdateSubvaultsAdmin.sql

@@ -0,0 +1,35 @@
+CREATE PROCEDURE [dbo].[SubvaultCipher_UpdateSubvaultsAdmin]
+    @CipherId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER,
+    @SubvaultIds AS [dbo].[GuidIdArray] READONLY
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    ;WITH [AvailableSubvaultsCTE] AS(
+        SELECT
+            Id
+        FROM
+            [dbo].[Subvault]
+        WHERE
+            OrganizationId = @OrganizationId
+    )
+    MERGE
+        [dbo].[SubvaultCipher] AS [Target]
+    USING 
+        @SubvaultIds AS [Source]
+    ON
+        [Target].[SubvaultId] = [Source].[Id]
+        AND [Target].[CipherId] = @CipherId
+    WHEN NOT MATCHED BY TARGET
+    AND [Source].[Id] IN (SELECT [SubvaultId] FROM [AvailableSubvaultsCTE]) THEN
+        INSERT VALUES
+        (
+            [Source].[Id],
+            @CipherId
+        )
+    WHEN NOT MATCHED BY SOURCE
+    AND [Target].[CipherId] = @CipherId THEN
+        DELETE
+    ;
+END

src/Sql/dbo/Stored Procedures/SubvaultUser_ReadPermissionsBySubvaultUserId.sql

@@ -1,21 +0,0 @@
-CREATE PROCEDURE [dbo].[SubvaultUser_ReadPermissionsBySubvaultUserId]
-    @UserId UNIQUEIDENTIFIER,
-    @SubvaultIds AS [dbo].[GuidIdArray] READONLY,
-    @OrganizationId UNIQUEIDENTIFIER
-AS
-BEGIN
-    SET NOCOUNT ON
-
-    SELECT
-        SU.[SubvaultId],
-        SU.[ReadOnly]
-    FROM
-        [dbo].[SubvaultUser] SU
-    INNER JOIN
-        [dbo].[OrganizationUser] OU ON OU.Id = SU.OrganizationUserId
-    WHERE
-        OU.[UserId] = @UserId
-        AND OU.[OrganizationId] = @OrganizationId
-        AND OU.[Status] = 2 -- 2 = Confirmed
-        AND SU.[SubvaultId] IN (SELECT [Id] FROM @SubvaultIds)
-END