Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-12-03 14:03:33 +01:00
Code Issues Projects Releases Wiki Activity

Flag for org users to access all subvaults

Browse Source
This commit is contained in:
Kyle Spearrin 2017-04-20 23:50:12 -04:00
parent aa5b79df2b
commit b0b6cac97b
26 changed files with 139 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/Controllers/OrganizationUsersController.cs
View File

@ -75,7 +75,7 @@ namespace Bit.Api.Controllers
var userId = _userService.GetProperUserId(User);
var result = await _organizationService.InviteUserAsync(orgGuidId, userId.Value, model.Email, model.Type.Value,
model.Subvaults?.Select(s => s.ToSubvaultUser()));
model.AccessAllSubvaults, model.Subvaults?.Select(s => s.ToSubvaultUser()));
}
[HttpPut("{id}/reinvite")]

3
src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
View File

@ -12,6 +12,7 @@ namespace Bit.Core.Models.Api
public string Email { get; set; }
[Required]
public Enums.OrganizationUserType? Type { get; set; }
public bool AccessAllSubvaults { get; set; }
public IEnumerable<OrganizationUserSubvaultRequestModel> Subvaults { get; set; }
}
@ -31,11 +32,13 @@ namespace Bit.Core.Models.Api
{
[Required]
public Enums.OrganizationUserType? Type { get; set; }
public bool AccessAllSubvaults { get; set; }
public IEnumerable<OrganizationUserSubvaultRequestModel> Subvaults { get; set; }
public OrganizationUser ToOrganizationUser(OrganizationUser existingUser)
{
existingUser.Type = Type.Value;
existingUser.AccessAllSubvaults = AccessAllSubvaults;
return existingUser;
}
}

2
src/Core/Models/Api/Response/OrganizationUserResponseModel.cs
View File

@ -22,6 +22,7 @@ namespace Bit.Core.Models.Api
Email = organizationUser.Email;
Type = organizationUser.Type;
Status = organizationUser.Status;
AccessAllSubvaults = organizationUser.AccessAllSubvaults;
}
public string Id { get; set; }
@ -30,6 +31,7 @@ namespace Bit.Core.Models.Api
public string Email { get; set; }
public OrganizationUserType Type { get; set; }
public OrganizationUserStatusType Status { get; set; }
public bool AccessAllSubvaults { get; set; }
}
public class OrganizationUserDetailsResponseModel : OrganizationUserResponseModel

6
src/Core/Models/Api/Response/SubvaultUserResponseModel.cs
View File

@ -15,9 +15,10 @@ namespace Bit.Core.Models.Api
throw new ArgumentNullException(nameof(subvaultUser));
}
Id = subvaultUser.Id.ToString();
Id = subvaultUser.Id?.ToString();
OrganizationUserId = subvaultUser.OrganizationUserId.ToString();
SubvaultId = subvaultUser.SubvaultId.ToString();
SubvaultId = subvaultUser.SubvaultId?.ToString();
AccessAllSubvaults = subvaultUser.AccessAllSubvaults;
Name = subvaultUser.Name;
Email = subvaultUser.Email;
Type = subvaultUser.Type;
@ -28,6 +29,7 @@ namespace Bit.Core.Models.Api
public string Id { get; set; }
public string OrganizationUserId { get; set; }
public string SubvaultId { get; set; }
public bool AccessAllSubvaults { get; set; }
public string Name { get; set; }
public string Email { get; set; }
public OrganizationUserType Type { get; set; }

1
src/Core/Models/Data/OrganizationUserUserDetails.cs
View File

@ -11,5 +11,6 @@ namespace Bit.Core.Models.Data
public string Email { get; set; }
public Enums.OrganizationUserStatusType Status { get; set; }
public Enums.OrganizationUserType Type { get; set; }
public bool AccessAllSubvaults { get; set; }
}
}

5
src/Core/Models/Data/SubvaultUserUserDetails.cs
View File

@ -4,9 +4,10 @@ namespace Bit.Core.Models.Data
{
public class SubvaultUserUserDetails
{
public Guid Id { get; set; }
public Guid? Id { get; set; }
public Guid OrganizationUserId { get; set; }
public Guid SubvaultId { get; set; }
public Guid? SubvaultId { get; set; }
public bool AccessAllSubvaults { get; set; }
public string Name { get; set; }
public string Email { get; set; }
public Enums.OrganizationUserStatusType Status { get; set; }

1
src/Core/Models/Table/OrganizationUser.cs
View File

@ -13,6 +13,7 @@ namespace Bit.Core.Models.Table
public string Key { get; set; }
public OrganizationUserStatusType Status { get; set; }
public OrganizationUserType Type { get; set; }
public bool AccessAllSubvaults { get; set; }
public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;

2
src/Core/Services/IOrganizationService.cs
View File

@ -19,7 +19,7 @@ namespace Bit.Core.Services
Task DeleteAsync(Organization organization);
Task UpdateAsync(Organization organization, bool updateBilling = false);
Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid invitingUserId, string email,
Enums.OrganizationUserType type, IEnumerable<SubvaultUser> subvaults);
Enums.OrganizationUserType type, bool accessAllSubvaults, IEnumerable<SubvaultUser> subvaults);
Task ResendInviteAsync(Guid organizationId, Guid invitingUserId, Guid organizationUserId);
Task<OrganizationUser> AcceptUserAsync(Guid organizationUserId, User user, string token);
Task<OrganizationUser> ConfirmUserAsync(Guid organizationId, Guid organizationUserId, string key, Guid confirmingUserId);

17
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -475,7 +475,7 @@ namespace Bit.Core.Services
$"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
}
if(plan.Type == Enums.PlanType.Free)
if(plan.Type == PlanType.Free)
{
var ownerExistingOrgCount =
await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(signup.Owner.Id);
@ -555,6 +555,7 @@ namespace Bit.Core.Services
Key = signup.OwnerKey,
Type = OrganizationUserType.Owner,
Status = OrganizationUserStatusType.Confirmed,
AccessAllSubvaults = true,
CreationDate = DateTime.UtcNow,
RevisionDate = DateTime.UtcNow
};
@ -631,7 +632,7 @@ namespace Bit.Core.Services
}
public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid invitingUserId, string email,
OrganizationUserType type, IEnumerable<SubvaultUser> subvaults)
OrganizationUserType type, bool accessAllSubvaults, IEnumerable<SubvaultUser> subvaults)
{
var organization = await _organizationRepository.GetByIdAsync(organizationId);
if(organization == null)
@ -664,12 +665,16 @@ namespace Bit.Core.Services
Key = null,
Type = type,
Status = OrganizationUserStatusType.Invited,
AccessAllSubvaults = accessAllSubvaults,
CreationDate = DateTime.UtcNow,
RevisionDate = DateTime.UtcNow
};
await _organizationUserRepository.CreateAsync(orgUser);
await SaveUserSubvaultsAsync(orgUser, subvaults, true);
if(!orgUser.AccessAllSubvaults && subvaults.Any())
{
await SaveUserSubvaultsAsync(orgUser, subvaults, true);
}
await SendInviteAsync(orgUser);
return orgUser;
@ -786,6 +791,12 @@ namespace Bit.Core.Services
}
await _organizationUserRepository.ReplaceAsync(user);
if(user.AccessAllSubvaults)
{
// We don't need any subvaults if we're flagged to have all access.
subvaults = new List<SubvaultUser>();
}
await SaveUserSubvaultsAsync(user, subvaults, false);
}

18
src/Sql/dbo/Functions/UserCanEditCipher.sql
View File

@ -5,22 +5,22 @@ BEGIN
;WITH [CTE] AS(
SELECT
CASE WHEN SU.[ReadOnly] = 0 THEN 1 ELSE 0 END [CanEdit]
CASE WHEN OU.[AccessAllSubvaults] = 1 OR SU.[ReadOnly] = 0 THEN 1 ELSE 0 END [CanEdit]
FROM
[dbo].[SubvaultUser] SU
[dbo].[Cipher] C
INNER JOIN
[dbo].[SubvaultCipher] SC ON SC.SubvaultId = SU.SubvaultId
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
INNER JOIN
[dbo].[Cipher] C ON SC.[CipherId] = C.[Id]
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.Id = SU.OrganizationUserId AND OU.OrganizationId = C.OrganizationId
INNER JOIN
[dbo].[Organization] O ON O.Id = C.OrganizationId
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
C.[Id] = @CipherId
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
)
SELECT
@CanEdit = CASE WHEN COUNT(1) > 0 THEN 1 ELSE 0 END

14
src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql
View File

@ -9,23 +9,23 @@ BEGIN
C.*
FROM
[dbo].[CipherDetails](@UserId) C
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
LEFT JOIN
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
C.Id = @Id
AND (
C.[UserId] = @UserId
OR (
C.[UserId] IS NULL
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
)
)
END

14
src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql
View File

@ -9,23 +9,23 @@ BEGIN
C.*
FROM
[dbo].[CipherDetails](@UserId) C
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
LEFT JOIN
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
C.[Type] = @Type
AND (
C.[UserId] = @UserId
OR (
C.[UserId] IS NULL
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
)
)
END

14
src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql
View File

@ -8,20 +8,20 @@ BEGIN
C.*
FROM
[dbo].[CipherDetails](@UserId) C
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
LEFT JOIN
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
C.[UserId] = @UserId
OR (
C.[UserId] IS NULL
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
)
END

16
src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql
View File

@ -8,16 +8,16 @@ BEGIN
C.*
FROM
[dbo].[CipherDetails](@UserId) C
INNER JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND SC.[CipherId] = C.[Id]
INNER JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
INNER JOIN
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
END

14
src/Sql/dbo/Stored Procedures/CipherFullDetails_ReadByIdUserId.sql
View File

@ -13,23 +13,23 @@ BEGIN
END [Edit]
FROM
[dbo].[CipherDetails](@UserId) C
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
LEFT JOIN
[dbo].[Organization] O ON C.[UserId] IS NULL AND O.[Id] = C.[OrganizationId]
LEFT JOIN
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultCipher] SC ON C.[UserId] IS NULL AND OU.[AccessAllSubvaults] = 0 AND SC.[CipherId] = C.[Id]
LEFT JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
C.Id = @Id
AND (
C.[UserId] = @UserId
OR (
C.[UserId] IS NULL
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- 2 = Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
)
)
END

20
src/Sql/dbo/Stored Procedures/Cipher_UpdateWithSubvaults.sql
View File

@ -24,21 +24,21 @@ BEGIN
WHERE
[Id] = @Id
;WITH [AvailableSubvaultsCTE] AS(
SELECT
SU.SubvaultId
S.[Id]
FROM
[dbo].[SubvaultUser] SU
[dbo].[Subvault] S
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
[Organization] O ON O.[Id] = S.[OrganizationId]
INNER JOIN
[dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[SubvaultId] = S.[Id] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
OU.[UserId] = @UserId
AND SU.[ReadOnly] = 0
AND OU.[Status] = 2 -- Confirmed
OU.[Status] = 2 -- Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[ReadOnly] = 0)
)
INSERT INTO [dbo].[SubvaultCipher]
(
@ -46,10 +46,10 @@ BEGIN
[CipherId]
)
SELECT
Id,
[Id],
@Id
FROM
@SubvaultIds
WHERE
Id IN (SELECT SubvaultId FROM [AvailableSubvaultsCTE])
[Id] IN (SELECT [Id] FROM [AvailableSubvaultsCTE])
END

3
src/Sql/dbo/Stored Procedures/OrganizationUser_Create.sql
View File

@ -6,6 +6,7 @@
@Key VARCHAR(MAX),
@Status TINYINT,
@Type TINYINT,
@AccessAllSubvaults BIT,
@CreationDate DATETIME2(7),
@RevisionDate DATETIME2(7)
AS
@ -21,6 +22,7 @@ BEGIN
[Key],
[Status],
[Type],
[AccessAllSubvaults],
[CreationDate],
[RevisionDate]
)
@ -33,6 +35,7 @@ BEGIN
@Key,
@Status,
@Type,
@AccessAllSubvaults,
@CreationDate,
@RevisionDate
)

2
src/Sql/dbo/Stored Procedures/OrganizationUser_Update.sql
View File

@ -6,6 +6,7 @@
@Key VARCHAR(MAX),
@Status TINYINT,
@Type TINYINT,
@AccessAllSubvaults BIT,
@CreationDate DATETIME2(7),
@RevisionDate DATETIME2(7)
AS
@ -21,6 +22,7 @@ BEGIN
[Key] = @Key,
[Status] = @Status,
[Type] = @Type,
[AccessAllSubvaults] = @AccessAllSubvaults,
[CreationDate] = @CreationDate,
[RevisionDate] = @RevisionDate
WHERE

10
src/Sql/dbo/Stored Procedures/SubvaultCipher_ReadByUserId.sql
View File

@ -9,10 +9,12 @@ BEGIN
FROM
[dbo].[SubvaultCipher] SC
INNER JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
[dbo].[Subvault] S ON S.[Id] = SC.[SubvaultId]
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = S.[OrganizationId] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[SubvaultId] = S.[Id] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
OU.[UserId] = @UserId
AND OU.[Status] = 2 -- Confirmed
OU.[Status] = 2 -- Confirmed
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
END

8
src/Sql/dbo/Stored Procedures/SubvaultCipher_ReadByUserIdCipherId.sql
View File

@ -10,11 +10,13 @@ BEGIN
FROM
[dbo].[SubvaultCipher] SC
INNER JOIN
[dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
[dbo].[Subvault] S ON S.[Id] = SC.[SubvaultId]
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = S.[OrganizationId] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[SubvaultId] = S.[Id] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
SC.[CipherId] = @CipherId
AND OU.[UserId] = @UserId
AND OU.[Status] = 2 -- Confirmed
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
END

19
src/Sql/dbo/Stored Procedures/SubvaultCipher_UpdateSubvaults.sql
View File

@ -8,18 +8,19 @@ BEGIN
;WITH [AvailableSubvaultsCTE] AS(
SELECT
SU.SubvaultId
S.[Id]
FROM
[dbo].[SubvaultUser] SU
[dbo].[Subvault] S
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
[Organization] O ON O.[Id] = S.[OrganizationId]
INNER JOIN
[dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[SubvaultId] = S.[Id] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
OU.[UserId] = @UserId
AND SU.[ReadOnly] = 0
AND OU.[Status] = 2 -- Confirmed
OU.[Status] = 2 -- Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[ReadOnly] = 0)
)
MERGE
[dbo].[SubvaultCipher] AS [Target]
@ -29,7 +30,7 @@ BEGIN
[Target].[SubvaultId] = [Source].[Id]
AND [Target].[CipherId] = @CipherId
WHEN NOT MATCHED BY TARGET
AND [Source].[Id] IN (SELECT [SubvaultId] FROM [AvailableSubvaultsCTE]) THEN
AND [Source].[Id] IN (SELECT [Id] FROM [AvailableSubvaultsCTE]) THEN
INSERT VALUES
(
[Source].[Id],
@ -37,7 +38,7 @@ BEGIN
)
WHEN NOT MATCHED BY SOURCE
AND [Target].[CipherId] = @CipherId
AND [Target].[SubvaultId] IN (SELECT [SubvaultId] FROM [AvailableSubvaultsCTE]) THEN
AND [Target].[SubvaultId] IN (SELECT [Id] FROM [AvailableSubvaultsCTE]) THEN
DELETE
;
END

9
src/Sql/dbo/Stored Procedures/SubvaultUserUserDetails_ReadBySubvaultId.sql
View File

@ -5,11 +5,10 @@ BEGIN
SET NOCOUNT ON
SELECT
SU.*
*
FROM
[dbo].[SubvaultUserUserDetailsView] SU
INNER JOIN
[OrganizationUser] OU ON SU.[OrganizationUserId] = OU.[Id]
[dbo].[SubvaultUserUserDetailsView]
WHERE
SU.[SubvaultId] = @SubvaultId
[AccessAllSubvaults] = 1
OR [SubvaultId] = @SubvaultId
END

12
src/Sql/dbo/Stored Procedures/Subvault_ReadByUserId.sql
View File

@ -9,13 +9,13 @@ BEGIN
FROM
[dbo].[SubvaultView] S
INNER JOIN
[SubvaultUser] SU ON SU.[SubvaultId] = S.[Id]
[Organization] O ON O.[Id] = S.[OrganizationId]
INNER JOIN
[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
INNER JOIN
[Organization] O ON O.[Id] = OU.[OrganizationId]
[dbo].[OrganizationUser] OU ON OU.[OrganizationId] = O.[Id] AND OU.[UserId] = @UserId
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[SubvaultId] = S.[Id] AND SU.[OrganizationUserId] = OU.[Id]
WHERE
OU.[UserId] = @UserId
AND OU.[Status] = 2 -- Confirmed
OU.[Status] = 2 -- Confirmed
AND O.[Enabled] = 1
AND (OU.[AccessAllSubvaults] = 1 OR SU.[SubvaultId] IS NOT NULL)
END

19
src/Sql/dbo/Tables/OrganizationUser.sql
View File

@ -1,13 +1,14 @@
CREATE TABLE [dbo].[OrganizationUser] (
[Id] UNIQUEIDENTIFIER NOT NULL,
[OrganizationId] UNIQUEIDENTIFIER NOT NULL,
[UserId] UNIQUEIDENTIFIER NULL,
[Email] NVARCHAR (50) NULL,
[Key] VARCHAR (MAX) NULL,
[Status] TINYINT NOT NULL,
[Type] TINYINT NOT NULL,
[CreationDate] DATETIME2 (7) NOT NULL,
[RevisionDate] DATETIME2 (7) NOT NULL,
[Id] UNIQUEIDENTIFIER NOT NULL,
[OrganizationId] UNIQUEIDENTIFIER NOT NULL,
[UserId] UNIQUEIDENTIFIER NULL,
[Email] NVARCHAR (50) NULL,
[Key] VARCHAR (MAX) NULL,
[Status] TINYINT NOT NULL,
[Type] TINYINT NOT NULL,
[AccessAllSubvaults] BIT NOT NULL,
[CreationDate] DATETIME2 (7) NOT NULL,
[RevisionDate] DATETIME2 (7) NOT NULL,
CONSTRAINT [PK_OrganizationUser] PRIMARY KEY CLUSTERED ([Id] ASC),
CONSTRAINT [FK_OrganizationUser_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id]) ON DELETE CASCADE,
CONSTRAINT [FK_OrganizationUser_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])

3
src/Sql/dbo/Views/OrganizationUserUserDetailsView.sql
View File

@ -7,7 +7,8 @@ SELECT
U.[Name],
ISNULL(U.[Email], OU.[Email]) Email,
OU.[Status],
OU.[Type]
OU.[Type],
OU.[AccessAllSubvaults]
FROM
[dbo].[OrganizationUser] OU
LEFT JOIN

11
src/Sql/dbo/Views/SubvaultUserUserDetailsView.sql
View File

@ -1,17 +1,18 @@
CREATE VIEW [dbo].[SubvaultUserUserDetailsView]
AS
SELECT
OU.[Id] AS [OrganizationUserId],
OU.[AccessAllSubvaults],
SU.[Id],
SU.[OrganizationUserId],
SU.[SubvaultId],
U.[Name],
ISNULL(U.[Email], OU.[Email]) Email,
OU.[Status],
OU.[Type],
SU.[ReadOnly]
CASE WHEN OU.[AccessAllSubvaults] = 0 AND SU.[ReadOnly] = 1 THEN 1 ELSE 0 END [ReadOnly]
FROM
[dbo].[SubvaultUser] SU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
[dbo].[OrganizationUser] OU
LEFT JOIN
[dbo].[SubvaultUser] SU ON OU.[AccessAllSubvaults] = 0 AND SU.[OrganizationUserId] = OU.[Id]
LEFT JOIN
[dbo].[User] U ON U.[Id] = OU.[UserId]