nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-21 13:05:11 -05:00
Code

Initial commit of SingleOrg downstream policy checks (#1038)

Browse Source
This commit is contained in:
Vincent Salucci 2020-12-16 16:02:54 -06:00 committed by GitHub
parent 0f1af2333e
commit 136c39fa50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
bitwarden_license/src/Portal/Controllers/PoliciesController.cs
View File

@ -135,7 +135,20 @@ namespace Bit.Portal.Controllers
case PolicyType.MasterPassword: case PolicyType.MasterPassword:
case PolicyType.PasswordGenerator: case PolicyType.PasswordGenerator:
case PolicyType.TwoFactorAuthentication: case PolicyType.TwoFactorAuthentication:
break;
case PolicyType.SingleOrg: case PolicyType.SingleOrg:
if (enabled)
{
break;
}
var requireSso =
await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.RequireSso);
if (requireSso?.Enabled == true)
{
ModelState.AddModelError(string.Empty, _i18nService.T("DisableRequireSsoError"));
}
break; break;
case PolicyType.RequireSso: case PolicyType.RequireSso:
@ -143,6 +156,7 @@ namespace Bit.Portal.Controllers
{ {
break; break;
} }
var singleOrg = await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.SingleOrg); var singleOrg = await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.SingleOrg);
if (singleOrg?.Enabled != true) if (singleOrg?.Enabled != true)
{ {

3
src/Core/Resources/SharedResources.en.resx
View File

@ -575,4 +575,7 @@
<data name="PersonalOwnershipExemption" xml:space="preserve"> <data name="PersonalOwnershipExemption" xml:space="preserve">
<value>Organization Owners and Administrators are exempt from this policy's enforcement.</value> <value>Organization Owners and Administrators are exempt from this policy's enforcement.</value>
</data> </data>
<data name="DisableRequireSsoError" xml:space="preserve">
<value>You must manually disable the Single Sign-On Authentication policy before this policy can be disabled.</value>
</data>
</root> </root>

15
src/Core/Services/Implementations/PolicyService.cs
View File

@ -48,6 +48,18 @@ namespace Bit.Core.Services
// Handle dependent policy checks // Handle dependent policy checks
switch(policy.Type) switch(policy.Type)
{ {
case PolicyType.SingleOrg:
if (!policy.Enabled)
{
var requireSso =
await _policyRepository.GetByOrganizationIdTypeAsync(org.Id, PolicyType.RequireSso);
if (requireSso?.Enabled == true)
{
throw new BadRequestException("Single Sign-On Authentication policy is enabled.");
}
}
break;
case PolicyType.RequireSso: case PolicyType.RequireSso:
if (policy.Enabled) if (policy.Enabled)
{ {
@ -58,9 +70,6 @@ namespace Bit.Core.Services
} }
} }
break; break;
default:
break;
} }
var now = DateTime.UtcNow; var now = DateTime.UtcNow;