nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-21 11:18:49 -05:00
Code

feat(change-password-component): Change Password Update [18720] - Added new endpoint to just send back aggregated master password policies.

Browse Source
This commit is contained in:
Patrick Pimentel 2025-06-10 16:42:26 -06:00
parent 7ed190006b
commit 0d02ba1beb
No known key found for this signature in database
GPG Key ID: 4B27FC74C6422186
5 changed files with 25 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/Api/AdminConsole/Controllers/PoliciesController.cs
View File

@ -2,15 +2,18 @@
using Bit.Api.AdminConsole.Models.Response.Helpers;
using Bit.Api.AdminConsole.Models.Response.Organizations;
using Bit.Api.Models.Response;
using Bit.Core;
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains.Interfaces;
using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.AdminConsole.Services;
using Bit.Core.Auth.Models.Business.Tokenables;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api.Response;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
@ -36,6 +39,7 @@ public class PoliciesController : Controller
private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
private readonly IPolicyRepository _policyRepository;
private readonly IUserService _userService;
private readonly IPolicyService _policyService;
private readonly ISavePolicyCommand _savePolicyCommand;
@ -49,7 +53,8 @@ public class PoliciesController : Controller
IFeatureService featureService,
IOrganizationHasVerifiedDomainsQuery organizationHasVerifiedDomainsQuery,
IOrganizationRepository organizationRepository,
ISavePolicyCommand savePolicyCommand)
ISavePolicyCommand savePolicyCommand,
IPolicyService policyService)
{
_policyRepository = policyRepository;
_organizationUserRepository = organizationUserRepository;
@ -63,6 +68,7 @@ public class PoliciesController : Controller
_featureService = featureService;
_organizationHasVerifiedDomainsQuery = organizationHasVerifiedDomainsQuery;
_savePolicyCommand = savePolicyCommand;
_policyService = policyService;
}
[HttpGet("{type}")]
@ -192,6 +198,15 @@ public class PoliciesController : Controller
return new PolicyResponseModel(policy);
}
[HttpGet("~/policies/master-password")]
[RequireFeature(FeatureFlagKeys.ChangeExistingPasswordRefactor)]
public async Task<MasterPasswordPolicyResponseModel> GetMasterPasswordPolicy()
{
var userId = _userService.GetProperUserId(User).Value;
return new MasterPasswordPolicyResponseModel(await _policyService.GetMasterPasswordPolicyForUserAsync(new Guid(userId.ToString()), true));
}
[HttpPut("{type}")]
public async Task<PolicyResponseModel> Put(Guid orgId, PolicyType type, [FromBody] PolicyRequestModel model)
{

2
src/Api/Auth/Controllers/AccountsController.cs
View File

@ -278,7 +278,7 @@ public class AccountsController : Controller
if (await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
{
var policyData = await _policyService.GetMasterPasswordPolicyForUserAsync(user);
var policyData = await _policyService.GetMasterPasswordPolicyForUserAsync(user.Id);
return new MasterPasswordPolicyResponseModel(policyData);
}

3
src/Core/AdminConsole/Services/IPolicyService.cs
View File

@ -1,6 +1,5 @@
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
@ -11,7 +10,7 @@ public interface IPolicyService
/// <summary>
/// Get the combined master password policy options for the specified user.
/// </summary>
Task<MasterPasswordPolicyData> GetMasterPasswordPolicyForUserAsync(User user, bool getConfirmedOrAccepted = false);
Task<MasterPasswordPolicyData> GetMasterPasswordPolicyForUserAsync(Guid userId, bool getConfirmedOrAccepted = false);
Task<ICollection<OrganizationUserPolicyDetails>> GetPoliciesApplicableToUserAsync(Guid userId, PolicyType policyType, OrganizationUserStatusType minStatus = OrganizationUserStatusType.Accepted);
Task<bool> AnyPoliciesApplicableToUserAsync(Guid userId, PolicyType policyType, OrganizationUserStatusType minStatus = OrganizationUserStatusType.Accepted);
}

10
src/Core/AdminConsole/Services/Implementations/PolicyService.cs
View File

@ -1,7 +1,6 @@
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
using Bit.Core.Repositories;
@ -29,13 +28,16 @@ public class PolicyService : IPolicyService
_globalSettings = globalSettings;
}
public async Task<MasterPasswordPolicyData> GetMasterPasswordPolicyForUserAsync(User user, bool getConfirmedOrAccepted = false)
// Reuse this in the policies controller
public async Task<MasterPasswordPolicyData> GetMasterPasswordPolicyForUserAsync(
Guid userId,
bool getConfirmedOrAccepted = false)
{
var policies = getConfirmedOrAccepted ?
(await _policyRepository.GetManyAcceptedOrConfirmedByUserIdAsync(user.Id))
(await _policyRepository.GetManyAcceptedOrConfirmedByUserIdAsync(userId))
.Where(p => p.Type == PolicyType.MasterPassword && p.Enabled)
.ToList()
: (await _policyRepository.GetManyByUserIdAsync(user.Id))
: (await _policyRepository.GetManyByUserIdAsync(userId))
.Where(p => p.Type == PolicyType.MasterPassword && p.Enabled)
.ToList();

2
src/Identity/IdentityServer/RequestValidators/BaseRequestValidator.cs
View File

@ -369,7 +369,7 @@ public abstract class BaseRequestValidator<T> where T : class
return null;
}
return new MasterPasswordPolicyResponseModel(await PolicyService.GetMasterPasswordPolicyForUserAsync(user, true));
return new MasterPasswordPolicyResponseModel(await PolicyService.GetMasterPasswordPolicyForUserAsync(user.Id, true));
}
/// <summary>