nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

[SM-572] Modify project endpoint to return current user's permission (#2752)

Browse Source 
* Add endpoints to check current user's permission

* Swap to adding current user permission onto GET

* Cleanup DI

* Add ProjectPermissionDetails DTO and query

* code review updates

* Remove assert recent for longer running creates
This commit is contained in:
Thomas Avery
2023-03-02 09:02:42 -06:00
committed by GitHub
parent 26c30f8854
commit 05f5d79938
9 changed files with 94 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/Api/SecretsManager/Controllers/ProjectsController.cs
View File

@ -80,9 +80,10 @@ public class ProjectsController : Controller
}
[HttpGet("projects/{id}")]
public async Task<ProjectResponseModel> GetAsync([FromRoute] Guid id)
public async Task<ProjectPermissionDetailsResponseModel> GetAsync([FromRoute] Guid id)
{
var project = await _projectRepository.GetByIdAsync(id);
var userId = _userService.GetProperUserId(User).Value;
var project = await _projectRepository.GetPermissionDetailsByIdAsync(id, userId);
if (project == null)
{
throw new NotFoundException();
@ -93,23 +94,34 @@ public class ProjectsController : Controller
throw new NotFoundException();
}
var userId = _userService.GetProperUserId(User).Value;
var orgAdmin = await _currentContext.OrganizationAdmin(project.OrganizationId);
var accessClient = AccessClientHelper.ToAccessClient(_currentContext.ClientType, orgAdmin);
var hasAccess = accessClient switch
bool hasAccess;
var read = project.Read;
var write = project.Write;
switch (accessClient)
{
AccessClientType.NoAccessCheck => true,
AccessClientType.User => await _projectRepository.UserHasReadAccessToProject(id, userId),
_ => false,
};
case AccessClientType.NoAccessCheck:
hasAccess = true;
write = true;
read = true;
break;
case AccessClientType.User:
hasAccess = project.Read;
break;
default:
hasAccess = false;
break;
}
if (!hasAccess)
{
throw new NotFoundException();
}
return new ProjectResponseModel(project);
return new ProjectPermissionDetailsResponseModel(project, read, write);
}
[HttpPost("projects/delete")]

22
src/Api/SecretsManager/Models/Response/ProjectPermissionDetailsResponseModel.cs Normal file
View File

@ -0,0 +1,22 @@
using Bit.Core.SecretsManager.Entities;
namespace Bit.Api.SecretsManager.Models.Response;
public class ProjectPermissionDetailsResponseModel : ProjectResponseModel
{
private const string _objectName = "projectPermissionDetails";
public ProjectPermissionDetailsResponseModel(Project project, bool read, bool write, string obj = _objectName) : base(project, obj)
{
Read = read;
Write = write;
}
public ProjectPermissionDetailsResponseModel()
{
}
public bool Read { get; set; }
public bool Write { get; set; }
}

4
src/Api/SecretsManager/Models/Response/ProjectResponseModel.cs
View File

@ -7,8 +7,8 @@ public class ProjectResponseModel : ResponseModel
{
private const string _objectName = "project";
public ProjectResponseModel(Project project)
: base(_objectName)
public ProjectResponseModel(Project project, string obj = _objectName)
: base(obj)
{
if (project == null)
{

9
src/Core/SecretsManager/Models/Data/ProjectPermissionDetails.cs Normal file
View File

@ -0,0 +1,9 @@
using Bit.Core.SecretsManager.Entities;
namespace Bit.Core.SecretsManager.Models.Data;
public class ProjectPermissionDetails : Project
{
public bool Read { get; set; }
public bool Write { get; set; }
}

2
src/Core/SecretsManager/Repositories/IProjectRepository.cs
View File

@ -1,5 +1,6 @@
using Bit.Core.Enums;
using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Models.Data;
namespace Bit.Core.SecretsManager.Repositories;
@ -8,6 +9,7 @@ public interface IProjectRepository
Task<IEnumerable<Project>> GetManyByOrganizationIdAsync(Guid organizationId, Guid userId, AccessClientType accessType);
Task<IEnumerable<Project>> GetManyByOrganizationIdWriteAccessAsync(Guid organizationId, Guid userId, AccessClientType accessType);
Task<IEnumerable<Project>> GetManyByIds(IEnumerable<Guid> ids);
Task<ProjectPermissionDetails> GetPermissionDetailsByIdAsync(Guid id, Guid userId);
Task<Project> GetByIdAsync(Guid id);
Task<Project> CreateAsync(Project project);
Task ReplaceAsync(Project project);