nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

[AC-2489] Resolve SM Standalone issues with SCIM & Directory Connector (#4011)

Browse Source 
* Add auto-scale support to standalone SM for SCIM

* Mark users for SM when using SM Stadalone with Directory Connector
This commit is contained in:
Alex Morask
2024-05-20 10:22:16 -04:00
committed by GitHub
parent febc696c80
commit 0be40d1bd9
6 changed files with 43 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Core/AdminConsole/Services/IOrganizationService.cs
View File

@ -49,7 +49,7 @@ public interface IOrganizationService
Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email,
OrganizationUserType type, bool accessAll, string externalId, ICollection<CollectionAccessSelection> collections, IEnumerable<Guid> groups);
Task<OrganizationUser> InviteUserAsync(Guid organizationId, EventSystemUser systemUser, string email,
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid> groups);
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid> groups, bool accessSecretsManager);
Task<IEnumerable<Tuple<OrganizationUser, string>>> ResendInvitesAsync(Guid organizationId, Guid? invitingUserId, IEnumerable<Guid> organizationUsersId);
Task ResendInviteAsync(Guid organizationId, Guid? invitingUserId, Guid organizationUserId, bool initOrganization = false);
Task<OrganizationUser> ConfirmUserAsync(Guid organizationId, Guid organizationUserId, string key,

12
src/Core/AdminConsole/Services/Implementations/OrganizationService.cs
View File

@ -1679,14 +1679,14 @@ public class OrganizationService : IOrganizationService
public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, EventSystemUser systemUser, string email,
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<CollectionAccessSelection> collections,
IEnumerable<Guid> groups)
IEnumerable<Guid> groups, bool accessSecretsManager)
{
// Collection associations validation not required as they are always an empty list - created via system user (scim)
return await SaveUserSendInviteAsync(organizationId, invitingUserId: null, systemUser, email, type, accessAll, externalId, collections, groups);
return await SaveUserSendInviteAsync(organizationId, invitingUserId: null, systemUser, email, type, accessAll, externalId, collections, groups, accessSecretsManager);
}
private async Task<OrganizationUser> SaveUserSendInviteAsync(Guid organizationId, Guid? invitingUserId, EventSystemUser? systemUser, string email,
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid> groups)
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid> groups, bool accessSecretsManager = false)
{
var invite = new OrganizationUserInvite()
{
@ -1694,7 +1694,8 @@ public class OrganizationService : IOrganizationService
Type = type,
AccessAll = accessAll,
Collections = collections,
Groups = groups
Groups = groups,
AccessSecretsManager = accessSecretsManager
};
var results = systemUser.HasValue ? await InviteUsersAsync(organizationId, systemUser.Value,
new (OrganizationUserInvite, string)[] { (invite, externalId) }) : await InviteUsersAsync(organizationId, invitingUserId,
@ -1793,6 +1794,8 @@ public class OrganizationService : IOrganizationService
enoughSeatsAvailable = seatsAvailable >= usersToAdd.Count;
}
var hasStandaloneSecretsManager = await _paymentService.HasSecretsManagerStandalone(organization);
var userInvites = new List<(OrganizationUserInvite, string)>();
foreach (var user in newUsers)
{
@ -1809,6 +1812,7 @@ public class OrganizationService : IOrganizationService
Type = OrganizationUserType.User,
AccessAll = false,
Collections = new List<CollectionAccessSelection>(),
AccessSecretsManager = hasStandaloneSecretsManager
};
userInvites.Add((invite, user.ExternalId));
}

1
src/Core/Services/IPaymentService.cs
View File

@ -57,4 +57,5 @@ public interface IPaymentService
Task<string> AddSecretsManagerToSubscription(Organization org, Plan plan, int additionalSmSeats,
int additionalServiceAccount, DateTime? prorationDate = null);
Task<bool> RisksSubscriptionFailure(Organization organization);
Task<bool> HasSecretsManagerStandalone(Organization organization);
}

12
src/Core/Services/Implementations/StripePaymentService.cs
View File

@ -1800,6 +1800,18 @@ public class StripePaymentService : IPaymentService
return paymentSource == null;
}
public async Task<bool> HasSecretsManagerStandalone(Organization organization)
{
if (string.IsNullOrEmpty(organization.GatewayCustomerId))
{
return false;
}
var customer = await _stripeAdapter.CustomerGetAsync(organization.GatewayCustomerId);
return customer?.Discount?.Coupon?.Id == SecretsManagerStandaloneDiscountId;
}
private PaymentMethod GetLatestCardPaymentMethod(string customerId)
{
var cardPaymentMethods = _stripeAdapter.PaymentMethodListAutoPaging(