Fix key rotation being broken due to org ciphers being included (#10140)

bitwarden · Jul 17, 2024 · fd93c76 · fd93c76
1 parent e27d698
commit fd93c76
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/libs/common/src/vault/services/cipher.service.spec.ts b/libs/common/src/vault/services/cipher.service.spec.ts
@@ -352,8 +352,10 @@ describe("Cipher Service", () => {
 
       const cipher1 = new CipherView(cipherObj);
       cipher1.id = "Cipher 1";
+      cipher1.organizationId = null;
       const cipher2 = new CipherView(cipherObj);
       cipher2.id = "Cipher 2";
+      cipher2.organizationId = null;
 
       decryptedCiphers = new BehaviorSubject({
         Cipher1: cipher1,

diff --git a/libs/common/src/vault/services/cipher.service.ts b/libs/common/src/vault/services/cipher.service.ts
@@ -1184,11 +1184,16 @@ export class CipherService implements CipherServiceAbstraction {
     let encryptedCiphers: CipherWithIdRequest[] = [];
 
     const ciphers = await this.getAllDecrypted();
-    if (!ciphers || ciphers.length === 0) {
+    if (!ciphers) {
+      return encryptedCiphers;
+    }
+
+    const userCiphers = ciphers.filter((c) => c.organizationId == null);
+    if (userCiphers.length === 0) {
       return encryptedCiphers;
     }
     encryptedCiphers = await Promise.all(
-      ciphers.map(async (cipher) => {
+      userCiphers.map(async (cipher) => {
         const encryptedCipher = await this.encrypt(cipher, newUserKey, originalUserKey);
         return new CipherWithIdRequest(encryptedCipher);
       }),