fix to user already exists checks

2025-01-22 21:51:22 +01:00 · 2017-11-13 10:06:54 -05:00 · 2017-11-13 10:06:54 -05:00 · d03421fe4b
commit d03421fe4b
parent 39baf2a9be
5 changed files with 60 additions and 18 deletions
--- a/src/Core/Repositories/IOrganizationUserRepository.cs
+++ b/src/Core/Repositories/IOrganizationUserRepository.cs
@ -14,7 +14,7 @@ namespace Bit.Core.Repositories
        Task<int> GetCountByOnlyOwnerAsync(Guid userId);
        Task<ICollection<OrganizationUser>> GetManyByUserAsync(Guid userId);
        Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type);
-        Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email);
+        Task<int> GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers);
        Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, Guid userId);
        Task<Tuple<OrganizationUser, ICollection<SelectionReadOnly>>> GetByIdWithCollectionsAsync(Guid id);
        Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId);
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -62,16 +62,16 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }

-        public async Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email)
+        public async Task<int> GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
-                var results = await connection.QueryAsync<OrganizationUser>(
-                    "[dbo].[OrganizationUser_ReadByOrganizationIdEmail]",
-                    new { OrganizationId = organizationId, Email = email },
+                var result = await connection.ExecuteScalarAsync<int>(
+                    "[dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]",
+                    new { OrganizationId = organizationId, Email = email, OnlyUsers = onlyRegisteredUsers },
                    commandType: CommandType.StoredProcedure);

-                return results.SingleOrDefault();
+                return result;
            }
        }

--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@ -857,8 +857,9 @@ namespace Bit.Core.Services
            foreach(var email in emails)
            {
                // Make sure user is not already invited
-                var existingOrgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, email);
-                if(existingOrgUser != null)
+                var existingOrgUserCount = await _organizationUserRepository.GetCountByOrganizationAsync(
+                    organizationId, email, false);
+                if(existingOrgUserCount > 0)
                {
                    throw new BadRequestException("User already invited.");
                }
@ -940,8 +941,9 @@ namespace Bit.Core.Services
                }
            }

-            var existingOrgUser = await _organizationUserRepository.GetByOrganizationAsync(orgUser.OrganizationId, user.Email);
-            if(existingOrgUser != null)
+            var existingOrgUserCount = await _organizationUserRepository.GetCountByOrganizationAsync(
+                orgUser.OrganizationId, user.Email, true);
+            if(existingOrgUserCount > 0)
            {
                throw new BadRequestException("You are already part of this organization.");
            }
--- a/Procedures/OrganizationUser_ReadByOrganizationIdEmail.sql
+++ b/Procedures/OrganizationUser_ReadByOrganizationIdEmail.sql
@ -1,15 +1,21 @@
-CREATE PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdEmail]
+CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
    @OrganizationId UNIQUEIDENTIFIER,
-    @Email NVARCHAR(50)
+    @Email NVARCHAR(50),
+    @OnlyUsers BIT
 AS
 BEGIN
    SET NOCOUNT ON

    SELECT
-        *
+        COUNT(1)
    FROM
-        [dbo].[OrganizationUserView]
+        [dbo].[OrganizationUser] OU
+    LEFT JOIN
+        [dbo].[User] U ON OU.[UserId] = U.[Id]
    WHERE
-        [OrganizationId] = @OrganizationId
-        AND [Email] = @Email
+        OU.[OrganizationId] = @OrganizationId
+        AND (
+            (@OnlyUsers = 0 AND (OU.[Email] = @Email OR U.[Email] = @Email))
+            OR (@OnlyUsers = 1 AND U.[Email] = @Email)
+        )
 END
--- a/util/Setup/DbScripts/2017-11-13_IndexTuning.sql
+++ b/util/Setup/DbScripts/2017-11-13_IndexTuning.sql
@ -1,4 +1,39 @@
-IF EXISTS (
+IF OBJECT_ID('[dbo].[OrganizationUser_ReadByOrganizationIdEmail]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdEmail]
+END
+GO
+
+IF OBJECT_ID('[dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
+END
+GO
+
+CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
+    @OrganizationId UNIQUEIDENTIFIER,
+    @Email NVARCHAR(50),
+    @OnlyUsers BIT
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        COUNT(1)
+    FROM
+        [dbo].[OrganizationUser] OU
+    LEFT JOIN
+        [dbo].[User] U ON OU.[UserId] = U.[Id]
+    WHERE
+        OU.[OrganizationId] = @OrganizationId
+        AND (
+            (@OnlyUsers = 0 AND (OU.[Email] = @Email OR U.[Email] = @Email))
+            OR (@OnlyUsers = 1 AND U.[Email] = @Email)
+        )
+END
+GO
+
+IF EXISTS (
    SELECT *  FROM sys.indexes  WHERE [Name]='IX_Cipher_UserId_Type'
    AND object_id = OBJECT_ID('[dbo].[Cipher]')
 )
@ -39,4 +74,3 @@ BEGIN
        INCLUDE ([AccessAll])
 END
 GO
-