support access all for collection user details

2024-11-26 12:55:17 +01:00 · 2017-05-08 11:27:21 -04:00 · 2017-05-08 11:27:21 -04:00 · 9936f69481
commit 9936f69481
parent 2c604d61b2
9 changed files with 56 additions and 25 deletions
--- a/src/Api/Controllers/CollectionsController.cs
+++ b/src/Api/Controllers/CollectionsController.cs
@ -16,17 +16,20 @@ namespace Bit.Api.Controllers
    public class CollectionsController : Controller
    {
        private readonly ICollectionRepository _collectionRepository;
        private readonly ICollectionUserRepository _collectionUserRepository;
        private readonly ICollectionService _collectionService;
        private readonly IUserService _userService;
        private readonly CurrentContext _currentContext;
        public CollectionsController(
            ICollectionRepository collectionRepository,
            ICollectionUserRepository collectionUserRepository,
            ICollectionService collectionService,
            IUserService userService,
            CurrentContext currentContext)
        {
            _collectionRepository = collectionRepository;
            _collectionUserRepository = collectionUserRepository;
            _collectionService = collectionService;
            _userService = userService;
            _currentContext = currentContext;
@ -59,11 +62,12 @@ namespace Bit.Api.Controllers
        }
        [HttpGet("~/collections")]
-        public async Task<ListResponseModel<CollectionResponseModel>> GetUser()
+        public async Task<ListResponseModel<CollectionUserDetailsResponseModel>> GetUser()
        {
-            var collections = await _collectionRepository.GetManyByUserIdAsync(_userService.GetProperUserId(User).Value);
+            var collections = await _collectionUserRepository.GetManyDetailsByUserIdAsync(
-            var responses = collections.Select(c => new CollectionResponseModel(c));
+                _userService.GetProperUserId(User).Value);
-            return new ListResponseModel<CollectionResponseModel>(responses);
+            var responses = collections.Select(c => new CollectionUserDetailsResponseModel(c));
            return new ListResponseModel<CollectionUserDetailsResponseModel>(responses);
        }
        [HttpPost("")]
--- a/src/Core/Models/Api/Response/CollectionResponseModel.cs
+++ b/src/Core/Models/Api/Response/CollectionResponseModel.cs
@ -1,12 +1,26 @@
 using System;
 using Bit.Core.Models.Table;
 using Bit.Core.Models.Data;
 namespace Bit.Core.Models.Api
 {
    public class CollectionResponseModel : ResponseModel
    {
-        public CollectionResponseModel(Collection collection)
+        public CollectionResponseModel(Collection collection, string obj = "collection")
-            : base("collection")
+            : base(obj)
        {
            if(collection == null)
            {
                throw new ArgumentNullException(nameof(collection));
            }
            Id = collection.Id.ToString();
            OrganizationId = collection.OrganizationId.ToString();
            Name = collection.Name;
        }
        public CollectionResponseModel(CollectionUserCollectionDetails collection, string obj = "collection")
            : base(obj)
        {
            if(collection == null)
            {
@ -22,4 +36,15 @@ namespace Bit.Core.Models.Api
        public string OrganizationId { get; set; }
        public string Name { get; set; }
    }
    public class CollectionUserDetailsResponseModel : CollectionResponseModel
    {
        public CollectionUserDetailsResponseModel(CollectionUserCollectionDetails collection)
            : base(collection, "collectionUserDetails")
        {
            ReadOnly = collection.ReadOnly;
        }
        public bool ReadOnly { get; set; }
    }
 }
--- a/src/Core/Models/Api/Response/OrganizationUserCollectionResponseModel.cs
+++ b/src/Core/Models/Api/Response/OrganizationUserCollectionResponseModel.cs
@ -16,13 +16,11 @@ namespace Bit.Core.Models.Api
            Id = details.Id.ToString();
            Name = details.Name;
            CollectionId = details.CollectionId.ToString();
            ReadOnly = details.ReadOnly;
        }
        public string Id { get; set; }
        public string Name { get; set; }
        public string CollectionId { get; set; }
        public bool ReadOnly { get; set; }
    }
 }
--- a/src/Core/Models/Data/CollectionUserCollectionDetails.cs
+++ b/src/Core/Models/Data/CollectionUserCollectionDetails.cs
@ -5,9 +5,8 @@ namespace Bit.Core.Models.Data
    public class CollectionUserCollectionDetails
    {
        public Guid Id { get; set; }
-        public Guid OrganizationUserId { get; set; }
+        public Guid OrganizationId { get; set; }
        public string Name { get; set; }
        public Guid CollectionId { get; set; }
        public bool ReadOnly { get; set; }
    }
 }
--- a/src/Core/Repositories/SqlServer/CipherRepository.cs
+++ b/src/Core/Repositories/SqlServer/CipherRepository.cs
@ -41,7 +41,7 @@ namespace Bit.Core.Repositories.SqlServer
            {
                var result = await connection.QueryFirstOrDefaultAsync<bool>(
                    $"[{Schema}].[Cipher_ReadCanEditByIdUserId]",
-                    new { UserId = userId, CipherId = cipherId },
+                    new { UserId = userId, Id = cipherId },
                    commandType: CommandType.StoredProcedure);
                return result;
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -113,7 +113,8 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }
-        public async Task<Tuple<OrganizationUserUserDetails, ICollection<CollectionUserCollectionDetails>>> GetDetailsByIdAsync(Guid id)
+        public async Task<Tuple<OrganizationUserUserDetails, ICollection<CollectionUserCollectionDetails>>>
            GetDetailsByIdAsync(Guid id)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
--- a/Procedures/Cipher_ReadCanEditByIdUserId.sql
+++ b/Procedures/Cipher_ReadCanEditByIdUserId.sql
@ -1,4 +1,4 @@
-CREATE PROCEDURE [dbo].[Cipher_CanEditByIdUserId]
+CREATE PROCEDURE [dbo].[Cipher_ReadCanEditByIdUserId]
    @Id UNIQUEIDENTIFIER,
    @UserId UNIQUEIDENTIFIER
 AS
--- a/Procedures/CollectionUserCollectionDetails_ReadByUserId.sql
+++ b/Procedures/CollectionUserCollectionDetails_ReadByUserId.sql
@ -5,11 +5,9 @@ BEGIN
    SET NOCOUNT ON
    SELECT
-        CU.*
+        *
    FROM
-        [dbo].[CollectionUserCollectionDetailsView] CU
+        [dbo].[CollectionUserCollectionDetailsView]
    INNER JOIN
        [OrganizationUser] OU ON CU.[OrganizationUserId] = OU.[Id]
    WHERE
-        OU.[UserId] = @UserId
+        [UserId] = @UserId
 END
--- a/src/Sql/dbo/Views/CollectionUserCollectionDetailsView.sql
+++ b/src/Sql/dbo/Views/CollectionUserCollectionDetailsView.sql
@ -1,12 +1,18 @@
 CREATE VIEW [dbo].[CollectionUserCollectionDetailsView]
 AS
 SELECT
-    CU.[Id],
+    C.[Id] Id,
-    CU.[OrganizationUserId],
+    C.[OrganizationId],
-    S.[Name],
+    C.[Name],
-    S.[Id] CollectionId,
+    OU.[UserId],
-    CU.[ReadOnly]
+    OU.[Id] AS [OrganizationUserId],
    CASE WHEN OU.[AccessAll] = 0 AND CU.[ReadOnly] = 1 THEN 1 ELSE 0 END [ReadOnly]
 FROM
-    [dbo].[CollectionUser] CU
+    [dbo].[Collection] C
 INNER JOIN
-    [dbo].[Collection] S ON S.[Id] = CU.[CollectionId]
+    [dbo].[OrganizationUser] OU ON C.[OrganizationId] = OU.[OrganizationId]
 LEFT JOIN
    [dbo].[CollectionUser] CU ON OU.[AccessAll] = 0 AND CU.[CollectionId] = C.[Id] AND CU.[OrganizationUserId] = [OU].[Id]
 WHERE
    OU.[AccessAll] = 1
    OR CU.[Id] IS NOT NULL