diff --git a/src/Api/Controllers/LoginsController.cs b/src/Api/Controllers/LoginsController.cs index 86d22d476..7cc09af03 100644 --- a/src/Api/Controllers/LoginsController.cs +++ b/src/Api/Controllers/LoginsController.cs @@ -54,8 +54,7 @@ namespace Bit.Api.Controllers [HttpGet("{id}/admin")] public async Task GetAdmin(string id) { - var userId = _userService.GetProperUserId(User).Value; - var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId); + var login = await _cipherRepository.GetDetailsByIdAsync(new Guid(id)); if(login == null || !login.OrganizationId.HasValue || !_currentContext.OrganizationAdmin(login.OrganizationId.Value)) { @@ -131,7 +130,7 @@ namespace Bit.Api.Controllers public async Task PutAdmin(string id, [FromBody]LoginRequestModel model) { var userId = _userService.GetProperUserId(User).Value; - var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId); + var login = await _cipherRepository.GetDetailsByIdAsync(new Guid(id)); if(login == null || !login.OrganizationId.HasValue || !_currentContext.OrganizationAdmin(login.OrganizationId.Value)) { diff --git a/src/Core/Repositories/ICipherRepository.cs b/src/Core/Repositories/ICipherRepository.cs index df174d956..133a6ab26 100644 --- a/src/Core/Repositories/ICipherRepository.cs +++ b/src/Core/Repositories/ICipherRepository.cs @@ -10,6 +10,7 @@ namespace Bit.Core.Repositories public interface ICipherRepository : IRepository { Task GetByIdAsync(Guid id, Guid userId); + Task GetDetailsByIdAsync(Guid id); Task GetCanEditByIdAsync(Guid userId, Guid cipherId); Task> GetManyByUserIdAsync(Guid userId); Task> GetManyByUserIdHasCollectionsAsync(Guid userId); diff --git a/src/Core/Repositories/SqlServer/CipherRepository.cs b/src/Core/Repositories/SqlServer/CipherRepository.cs index 305c93fba..9a1d99974 100644 --- a/src/Core/Repositories/SqlServer/CipherRepository.cs +++ b/src/Core/Repositories/SqlServer/CipherRepository.cs @@ -36,6 +36,19 @@ namespace Bit.Core.Repositories.SqlServer } } + public async Task GetDetailsByIdAsync(Guid id) + { + using(var connection = new SqlConnection(ConnectionString)) + { + var results = await connection.QueryAsync( + $"[{Schema}].[CipherDetails_ReadById]", + new { Id = id }, + commandType: CommandType.StoredProcedure); + + return results.FirstOrDefault(); + } + } + public async Task GetCanEditByIdAsync(Guid userId, Guid cipherId) { using(var connection = new SqlConnection(ConnectionString)) @@ -401,7 +414,7 @@ namespace Bit.Core.Repositories.SqlServer } } - public async Task CreateAsync(IEnumerable ciphers, IEnumerable collections, + public async Task CreateAsync(IEnumerable ciphers, IEnumerable collections, IEnumerable collectionCiphers) { if(!ciphers.Any()) diff --git a/src/Sql/Sql.sqlproj b/src/Sql/Sql.sqlproj index fb88a734b..b7ba0d923 100644 --- a/src/Sql/Sql.sqlproj +++ b/src/Sql/Sql.sqlproj @@ -212,5 +212,6 @@ + \ No newline at end of file diff --git a/src/Sql/dbo/Functions/CipherDetails.sql b/src/Sql/dbo/Functions/CipherDetails.sql index 0f131475a..af819c5ea 100644 --- a/src/Sql/dbo/Functions/CipherDetails.sql +++ b/src/Sql/dbo/Functions/CipherDetails.sql @@ -11,13 +11,15 @@ SELECT C.[CreationDate], C.[RevisionDate], CASE WHEN - C.[Favorites] IS NULL + @UserId IS NULL + OR C.[Favorites] IS NULL OR JSON_VALUE(C.[Favorites], CONCAT('$."', @UserId, '"')) IS NULL THEN 0 ELSE 1 END [Favorite], CASE WHEN - C.[Folders] IS NULL + @UserId IS NULL + OR C.[Folders] IS NULL THEN NULL ELSE TRY_CONVERT(UNIQUEIDENTIFIER, JSON_VALUE(C.[Folders], CONCAT('$."', @UserId, '"'))) END [FolderId] diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql new file mode 100644 index 000000000..bd14e89a5 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadById.sql @@ -0,0 +1,20 @@ +CREATE PROCEDURE [dbo].[CipherDetails_ReadById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + C.*, + 1 [Edit], + CASE + WHEN O.[UseTotp] = 1 THEN 1 + ELSE 0 + END [OrganizationUseTotp] + FROM + [dbo].[CipherDetails](NULL) C + LEFT JOIN + [dbo].[Organization] O ON O.[Id] = C.[OrganizationId] + WHERE + C.[Id] = @Id +END \ No newline at end of file diff --git a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasCollection.sql b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasCollection.sql index 871015704..2a4b67d88 100644 --- a/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasCollection.sql +++ b/src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasCollection.sql @@ -9,7 +9,11 @@ BEGIN CASE WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 OR G.[AccessAll] = 1 OR CG.[ReadOnly] = 0 THEN 1 ELSE 0 - END [Edit] + END [Edit], + CASE + WHEN C.[UserId] IS NULL AND O.[UseTotp] = 1 THEN 1 + ELSE 0 + END [OrganizationUseTotp] FROM [dbo].[CipherDetails](@UserId) C INNER JOIN diff --git a/src/Sql/dbo/Stored Procedures/Cipher_ReadCanEditByIdUserId.sql b/src/Sql/dbo/Stored Procedures/Cipher_ReadCanEditByIdUserId.sql index 715f06db7..0c1ad526f 100644 --- a/src/Sql/dbo/Stored Procedures/Cipher_ReadCanEditByIdUserId.sql +++ b/src/Sql/dbo/Stored Procedures/Cipher_ReadCanEditByIdUserId.sql @@ -14,7 +14,7 @@ BEGIN ELSE 0 END [Edit] FROM - [dbo].[CipherDetails](@UserId) C + [dbo].[Cipher] C LEFT JOIN [dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId] LEFT JOIN