allow for archived ciphers to be shared into an organization (#6626)

Author: nick-livefront

src/Api/Vault/Controllers/CiphersController.cs

@@ -757,11 +757,6 @@ public async Task<CipherResponseModel> PutShare(Guid id, [FromBody] CipherShareR
             }
         }
 
-        if (cipher.ArchivedDate.HasValue)
-        {
-            throw new BadRequestException("Cannot move an archived item to an organization.");
-        }
-
         ValidateClientVersionForFido2CredentialSupport(cipher);
 
         var original = cipher.Clone();
@@ -1271,11 +1266,6 @@ public async Task<ListResponseModel<CipherMiniResponseModel>> PutShareMany([From
                 _logger.LogError("Cipher was not encrypted for the current user. CipherId: {CipherId}, CurrentUser: {CurrentUserId}, EncryptedFor: {EncryptedFor}", cipher.Id, userId, cipher.EncryptedFor);
                 throw new BadRequestException("Cipher was not encrypted for the current user. Please try again.");
             }
-
-            if (cipher.ArchivedDate.HasValue)
-            {
-                throw new BadRequestException("Cannot move archived items to an organization.");
-            }
         }
 
         var shareCiphers = new List<(CipherDetails, DateTime?)>();
@@ -1288,11 +1278,6 @@ public async Task<ListResponseModel<CipherMiniResponseModel>> PutShareMany([From
 
             ValidateClientVersionForFido2CredentialSupport(existingCipher);
 
-            if (existingCipher.ArchivedDate.HasValue)
-            {
-                throw new BadRequestException("Cannot move archived items to an organization.");
-            }
-
             shareCiphers.Add((cipher.ToCipherDetails(existingCipher), cipher.LastKnownRevisionDate));
         }
 

src/Core/Vault/Services/Implementations/CipherService.cs

@@ -990,11 +990,6 @@ private async Task ValidateCipherCanBeShared(
             throw new BadRequestException("One or more ciphers do not belong to you.");
         }
 
-        if (cipher.ArchivedDate.HasValue)
-        {
-            throw new BadRequestException("Cipher cannot be shared with organization because it is archived.");
-        }
-
         var attachments = cipher.GetAttachments();
         var hasAttachments = attachments?.Any() ?? false;
         var org = await _organizationRepository.GetByIdAsync(organizationId);

test/Api.Test/Vault/Controllers/CiphersControllerTests.cs

@@ -1790,118 +1790,6 @@ await Assert.ThrowsAsync<NotFoundException>(
         );
     }
 
-    [Theory, BitAutoData]
-    public async Task PutShareMany_ArchivedCipher_ThrowsBadRequestException(
-        Guid organizationId,
-        Guid userId,
-        CipherWithIdRequestModel request,
-        SutProvider<CiphersController> sutProvider)
-    {
-        request.EncryptedFor = userId;
-        request.OrganizationId = organizationId.ToString();
-        request.ArchivedDate = DateTime.UtcNow;
-        var model = new CipherBulkShareRequestModel
-        {
-            Ciphers = [request],
-            CollectionIds = [Guid.NewGuid().ToString()]
-        };
-
-        sutProvider.GetDependency<ICurrentContext>()
-            .OrganizationUser(organizationId)
-            .Returns(Task.FromResult(true));
-        sutProvider.GetDependency<IUserService>()
-            .GetProperUserId(default)
-            .ReturnsForAnyArgs(userId);
-
-        var exception = await Assert.ThrowsAsync<BadRequestException>(
-            () => sutProvider.Sut.PutShareMany(model)
-        );
-
-        Assert.Equal("Cannot move archived items to an organization.", exception.Message);
-    }
-
-    [Theory, BitAutoData]
-    public async Task PutShareMany_ExistingCipherArchived_ThrowsBadRequestException(
-        Guid organizationId,
-        Guid userId,
-        CipherWithIdRequestModel request,
-        SutProvider<CiphersController> sutProvider)
-    {
-        // Request model does not have ArchivedDate (only the existing cipher does)
-        request.EncryptedFor = userId;
-        request.OrganizationId = organizationId.ToString();
-        request.ArchivedDate = null;
-
-        var model = new CipherBulkShareRequestModel
-        {
-            Ciphers = [request],
-            CollectionIds = [Guid.NewGuid().ToString()]
-        };
-
-        // The existing cipher from the repository IS archived
-        var existingCipher = new CipherDetails
-        {
-            Id = request.Id!.Value,
-            UserId = userId,
-            Type = CipherType.Login,
-            Data = JsonSerializer.Serialize(new CipherLoginData()),
-            ArchivedDate = DateTime.UtcNow
-        };
-
-        sutProvider.GetDependency<ICurrentContext>()
-            .OrganizationUser(organizationId)
-            .Returns(Task.FromResult(true));
-        sutProvider.GetDependency<IUserService>()
-            .GetProperUserId(default)
-            .ReturnsForAnyArgs(userId);
-        sutProvider.GetDependency<ICipherRepository>()
-            .GetManyByUserIdAsync(userId, withOrganizations: false)
-            .Returns(Task.FromResult((ICollection<CipherDetails>)[existingCipher]));
-
-        var exception = await Assert.ThrowsAsync<BadRequestException>(
-            () => sutProvider.Sut.PutShareMany(model)
-        );
-
-        Assert.Equal("Cannot move archived items to an organization.", exception.Message);
-    }
-
-    [Theory, BitAutoData]
-    public async Task PutShare_ArchivedCipher_ThrowsBadRequestException(
-        Guid cipherId,
-        Guid organizationId,
-        User user,
-        CipherShareRequestModel model,
-        SutProvider<CiphersController> sutProvider)
-    {
-        model.Cipher.OrganizationId = organizationId.ToString();
-        model.Cipher.EncryptedFor = user.Id;
-
-        var cipher = new Cipher
-        {
-            Id = cipherId,
-            UserId = user.Id,
-            ArchivedDate = DateTime.UtcNow.AddDays(-1),
-            Type = CipherType.Login,
-            Data = JsonSerializer.Serialize(new CipherLoginData())
-        };
-
-        sutProvider.GetDependency<IUserService>()
-            .GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>())
-            .Returns(user);
-        sutProvider.GetDependency<ICipherRepository>()
-            .GetByIdAsync(cipherId)
-            .Returns(cipher);
-        sutProvider.GetDependency<ICurrentContext>()
-            .OrganizationUser(organizationId)
-            .Returns(Task.FromResult(true));
-
-        var exception = await Assert.ThrowsAsync<BadRequestException>(
-            () => sutProvider.Sut.PutShare(cipherId, model)
-        );
-
-        Assert.Equal("Cannot move an archived item to an organization.", exception.Message);
-    }
-
     [Theory, BitAutoData]
     public async Task PostPurge_WhenUserNotFound_ThrowsUnauthorizedAccessException(
         SecretVerificationRequestModel model,