[PM-19883] Add untrust devices endpoint (#5619)

* Add untrust devices endpoint * Fix tests * Update src/Core/Auth/UserFeatures/DeviceTrust/UntrustDevicesCommand.cs Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * Fix whitespace --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2025-06-30 15:42:48 -05:00 · 2025-04-09 14:26:06 +02:00
parent 19b5431177
commit 0a4f97b50e
7 changed files with 141 additions and 0 deletions
--- a/test/Core.Test/Auth/UserFeatures/DeviceTrust/UntrustDevicesCommandTests.cs
+++ b/test/Core.Test/Auth/UserFeatures/DeviceTrust/UntrustDevicesCommandTests.cs
@ -0,0 +1,55 @@
+using Bit.Core.Auth.UserFeatures.DeviceTrust;
+using Bit.Core.Entities;
+using Bit.Core.Repositories;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Core.Test.Auth.UserFeatures.WebAuthnLogin;
+
+[SutProviderCustomize]
+public class UntrustDevicesCommandTests
+{
+    [Theory, BitAutoData]
+    public async Task SetsKeysToNull(SutProvider<UntrustDevicesCommand> sutProvider, User user)
+    {
+        var deviceId = Guid.NewGuid();
+        // Arrange
+        sutProvider.GetDependency<IDeviceRepository>()
+            .GetManyByUserIdAsync(user.Id)
+            .Returns([new Device
+            {
+                Id = deviceId,
+                EncryptedPrivateKey = "encryptedPrivateKey",
+                EncryptedPublicKey = "encryptedPublicKey",
+                EncryptedUserKey = "encryptedUserKey"
+            }]);
+
+        // Act
+        await sutProvider.Sut.UntrustDevices(user, new List<Guid> { deviceId });
+
+        // Assert
+        await sutProvider.GetDependency<IDeviceRepository>()
+            .Received()
+            .UpsertAsync(Arg.Is<Device>(d =>
+                d.Id == deviceId &&
+                d.EncryptedPrivateKey == null &&
+                d.EncryptedPublicKey == null &&
+                d.EncryptedUserKey == null));
+    }
+
+    [Theory, BitAutoData]
+    public async Task RejectsWrongUser(SutProvider<UntrustDevicesCommand> sutProvider, User user)
+    {
+        var deviceId = Guid.NewGuid();
+        // Arrange
+        sutProvider.GetDependency<IDeviceRepository>()
+            .GetManyByUserIdAsync(user.Id)
+            .Returns([]);
+
+        // Act
+        await Assert.ThrowsAsync<UnauthorizedAccessException>(async () =>
+            await sutProvider.Sut.UntrustDevices(user, new List<Guid> { deviceId }));
+    }
+}