Cipher update time is modified on folder change

[jjlin]

When changing the folder that a cipher/entry belongs to, the cipher update time is modified, even if the actual contents of the entry were not modified. This is arguably acceptable behavior for an entry owned by a single user, but for an org-owned entry, it has some unintuitive consequences. That is, if someone you've shared the entry with decides to organize it into a folder on their side, that shouldn't be shown as an update to all other users the entry is shared with, because

• It can be confusing/concerning to see an unexpected change to the update timestamp.
• The "updated" entry is synced to all users who have read access, even though nothing has actually changed.

[BlackDex]

This is something which also happens upstream if i'm correct. Also, if a cipher is not writeable by a user, they can't even put it in a folder at all using upstream, in my opinion that isn't good logic, so i think how bitwarden_rs has it is better.

[jjlin]

Yeah, that's correct. It stems from how per-cipher and per-user data is mixed together, which requires extra unmixing work to get the right behavior. Neither upstream nor bitwarden_rs are doing the unmixing currently, as I noted here:

https://github.com/dani-garcia/bitwarden_rs/blob/4628e4519de043aae343b4d0a1e2f110bd40aa8a/src/api/core/ciphers.rs#L499-L506

[BlackDex]

This also happens during key-rotation when changing the password and checking the Also rotate my account's encryption key. I think that should not be the case, since it will mess-up the users whole vault because every cipher is being saved again.

[BlackDex]

This is btw partially fixed when moving ciphers via the multiple-select flow. Doesn't matter if you tick one or multiple boxes. But for all the ciphers ticked, and then using the 3dot main menu and select Move selected, they will be moved, but without updating the cipher update time.