Defect/SG-825 - users in org w/ no personal vault still see personal vault (disabled org policies now still apply) (#2429)

* SG-825 - Policy_ReadByUserId stored proc now pulls back policies of disabled orgs * SG-825 - SyncController - Always retrieve policies -- even if orgs are disabled. * SG-825 - EF - PolicyReadByUserId - autoformat to remove whitespace and pass eslint build error
2024-11-21 12:05:42 +01:00 · 2022-12-16 15:22:39 -05:00 · 2022-12-16 15:22:39 -05:00 · a791f93051
commit a791f93051
parent 9ce6ee443b
4 changed files with 27 additions and 5 deletions
--- a/src/Api/Controllers/SyncController.cs
+++ b/src/Api/Controllers/SyncController.cs
@ -74,13 +74,13 @@ public class SyncController : Controller

        IEnumerable<CollectionDetails> collections = null;
        IDictionary<Guid, IGrouping<Guid, CollectionCipher>> collectionCiphersGroupDict = null;
-        IEnumerable<Policy> policies = null;
+        IEnumerable<Policy> policies = await _policyRepository.GetManyByUserIdAsync(user.Id);
+
        if (hasEnabledOrgs)
        {
            collections = await _collectionRepository.GetManyByUserIdAsync(user.Id);
            var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdAsync(user.Id);
            collectionCiphersGroupDict = collectionCiphers.GroupBy(c => c.CipherId).ToDictionary(s => s.Key);
-            policies = await _policyRepository.GetManyByUserIdAsync(user.Id);
        }

        var userTwoFactorEnabled = await _userService.TwoFactorIsEnabledAsync(user);
--- a/src/Infrastructure.EntityFramework/Repositories/Queries/PolicyReadByUserIdQuery.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/Queries/PolicyReadByUserIdQuery.cs
@ -20,8 +20,7 @@ public class PolicyReadByUserIdQuery : IQuery<Policy>
                    join o in dbContext.Organizations
                        on ou.OrganizationId equals o.Id
                    where ou.UserId == _userId &&
-                        ou.Status == OrganizationUserStatusType.Confirmed &&
-                        o.Enabled == true
+                        ou.Status == OrganizationUserStatusType.Confirmed
                    select p;

        return query;
--- a/Procedures/Policy_ReadByUserId.sql
+++ b/Procedures/Policy_ReadByUserId.sql
@ -15,5 +15,4 @@ BEGIN
    WHERE
        OU.[UserId] = @UserId
        AND OU.[Status] = 2 -- 2 = Confirmed
-        AND O.[Enabled] = 1
 END
--- a/util/Migrator/DbScripts/2022-11-18_00_PolicyReadByUserIdRemoveEnabledOrgCheck.sql
+++ b/util/Migrator/DbScripts/2022-11-18_00_PolicyReadByUserIdRemoveEnabledOrgCheck.sql
@ -0,0 +1,24 @@
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+
+ALTER PROCEDURE [dbo].[Policy_ReadByUserId]
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        P.*
+    FROM
+        [dbo].[PolicyView] P
+    INNER JOIN
+        [dbo].[OrganizationUser] OU ON P.[OrganizationId] = OU.[OrganizationId]
+    INNER JOIN
+        [dbo].[Organization] O ON OU.[OrganizationId] = O.[Id]
+    WHERE
+        OU.[UserId] = @UserId
+        AND OU.[Status] = 2 -- 2 = Confirmed
+END
+GO