PM-1575 Display error toast if there is a duplicate passkey when moving a cipher to an org

src/App/Pages/Vault/SharePageViewModel.cs

@@ -113,8 +113,15 @@ namespace Bit.App.Pages
             try
             {
                 await _deviceActionService.ShowLoadingAsync(AppResources.Saving);
-                await _cipherService.ShareWithServerAsync(cipherView, OrganizationId, checkedCollectionIds);
+                var error = await _cipherService.ShareWithServerAsync(cipherView, OrganizationId, checkedCollectionIds);
                 await _deviceActionService.HideLoadingAsync();
+
+                if (error == ICipherService.ShareWithServerError.DuplicatedPasskeyInOrg)
+                {
+                    _platformUtilsService.ShowToast(null, null, AppResources.ThisItemCannotBeSharedWithTheOrganizationBecauseThereIsOneAlreadyWithTheSamePasskey);
+                    return false;
+                }
+
                 var movedItemToOrgText = string.Format(AppResources.MovedItemToOrg, cipherView.Name,
                    (await _organizationService.GetAsync(OrganizationId)).Name);
                 _platformUtilsService.ShowToast("success", null, movedItemToOrgText);

src/App/Resources/AppResources.Designer.cs

@@ -6236,6 +6236,16 @@ namespace Bit.App.Resources {
             }
         }
         
+        /// <summary>
+        ///   Looks up a localized string similar to This item cannot be shared with the organization because there is one already with the same passkey..
+        /// </summary>
+        public static string ThisItemCannotBeSharedWithTheOrganizationBecauseThereIsOneAlreadyWithTheSamePasskey {
+            get {
+                return ResourceManager.GetString("ThisItemCannotBeSharedWithTheOrganizationBecauseThereIsOneAlreadyWithTheSamePassk" +
+                        "ey", resourceCulture);
+            }
+        }
+        
         /// <summary>
         ///   Looks up a localized string similar to This request is no longer valid.
         /// </summary>

src/App/Resources/AppResources.resx

@@ -2671,4 +2671,7 @@ Do you want to switch to this account?</value>
   <data name="InvalidAPIToken" xml:space="preserve">
     <value>Invalid API token</value>
   </data>
+  <data name="ThisItemCannotBeSharedWithTheOrganizationBecauseThereIsOneAlreadyWithTheSamePasskey" xml:space="preserve">
+    <value>This item cannot be shared with the organization because there is one already with the same passkey.</value>
+  </data>
 </root>

src/Core/Abstractions/ICipherService.cs

@@ -10,6 +10,12 @@ namespace Bit.Core.Abstractions
 {
     public interface ICipherService
     {
+        public enum ShareWithServerError
+        {
+            None,
+            DuplicatedPasskeyInOrg
+        }
+
         Task ClearAsync(string userId);
         Task ClearCacheAsync();
         Task DeleteAsync(List<string> ids);
@@ -31,7 +37,7 @@ namespace Bit.Core.Abstractions
         Task SaveCollectionsWithServerAsync(Cipher cipher);
         Task SaveNeverDomainAsync(string domain);
         Task SaveWithServerAsync(Cipher cipher);
-        Task ShareWithServerAsync(CipherView cipher, string organizationId, HashSet<string> collectionIds);
+        Task<ShareWithServerError> ShareWithServerAsync(CipherView cipher, string organizationId, HashSet<string> collectionIds);
         Task UpdateLastUsedDateAsync(string id);
         Task UpsertAsync(CipherData cipher);
         Task UpsertAsync(List<CipherData> cipher);

src/Core/Services/CipherService.cs

@@ -532,8 +532,13 @@ namespace Bit.Core.Services
             await UpsertAsync(data);
         }
 
-        public async Task ShareWithServerAsync(CipherView cipher, string organizationId, HashSet<string> collectionIds)
+        public async Task<ICipherService.ShareWithServerError> ShareWithServerAsync(CipherView cipher, string organizationId, HashSet<string> collectionIds)
         {
+            if (!await ValidateCanBeSharedWithOrgAsync(cipher, organizationId))
+            {
+                return ICipherService.ShareWithServerError.DuplicatedPasskeyInOrg;
+            }
+
             var attachmentTasks = new List<Task>();
             if (cipher.Attachments != null)
             {
@@ -554,6 +559,30 @@ namespace Bit.Core.Services
             var userId = await _stateService.GetActiveUserIdAsync();
             var data = new CipherData(response, userId, collectionIds);
             await UpsertAsync(data);
+
+            return ICipherService.ShareWithServerError.None;
+        }
+
+        private async Task<bool> ValidateCanBeSharedWithOrgAsync(CipherView cipher, string organizationId)
+        {
+            if (cipher.Login?.Fido2Key is null && cipher.Fido2Key is null)
+            {
+                return true;
+            }
+
+            var decCiphers = await GetAllDecryptedAsync();
+            var orgCiphers = decCiphers.Where(c => c.OrganizationId == organizationId);
+            if (cipher.Login?.Fido2Key != null)
+            {
+                return !orgCiphers.Any(c => c.Login?.Fido2Key?.RpId == cipher.Login.Fido2Key.RpId);
+            }
+
+            if (cipher.Fido2Key != null)
+            {
+                return !orgCiphers.Any(c => c.Fido2Key?.RpId == cipher.Fido2Key.RpId);
+            }
+
+            return true;
         }
 
         public async Task<Cipher> SaveAttachmentRawWithServerAsync(Cipher cipher, string filename, byte[] data)