nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 05:28:15 -05:00
Code

Give creating owner Manage permissions for default collection (#3776)

Browse Source
This commit is contained in:
Thomas Rittson 2024-02-12 08:50:41 +10:00 committed by GitHub
parent 17118bc74f
commit 1d9fe79ef6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 51 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/Core/AdminConsole/Services/Implementations/OrganizationService.cs
View File

@ -655,18 +655,6 @@ public class OrganizationService : IOrganizationService
}); });
await _applicationCacheService.UpsertOrganizationAbilityAsync(organization); await _applicationCacheService.UpsertOrganizationAbilityAsync(organization);
if (!string.IsNullOrWhiteSpace(collectionName))
{
var defaultCollection = new Collection
{
Name = collectionName,
OrganizationId = organization.Id,
CreationDate = organization.CreationDate,
RevisionDate = organization.CreationDate
};
await _collectionRepository.CreateAsync(defaultCollection);
}
OrganizationUser orgUser = null; OrganizationUser orgUser = null;
if (ownerId != default) if (ownerId != default)
{ {
@ -685,6 +673,7 @@ public class OrganizationService : IOrganizationService
CreationDate = organization.CreationDate, CreationDate = organization.CreationDate,
RevisionDate = organization.CreationDate RevisionDate = organization.CreationDate
}; };
orgUser.SetNewId();
await _organizationUserRepository.CreateAsync(orgUser); await _organizationUserRepository.CreateAsync(orgUser);
@ -694,6 +683,27 @@ public class OrganizationService : IOrganizationService
await _pushNotificationService.PushSyncOrgKeysAsync(ownerId); await _pushNotificationService.PushSyncOrgKeysAsync(ownerId);
} }
if (!string.IsNullOrWhiteSpace(collectionName))
{
var defaultCollection = new Collection
{
Name = collectionName,
OrganizationId = organization.Id,
CreationDate = organization.CreationDate,
RevisionDate = organization.CreationDate
};
// If using Flexible Collections, give the owner Can Manage access over the default collection
List<CollectionAccessSelection> defaultOwnerAccess = null;
if (organization.FlexibleCollections)
{
defaultOwnerAccess =
[new CollectionAccessSelection { Id = orgUser.Id, HidePasswords = false, ReadOnly = false, Manage = true }];
}
await _collectionRepository.CreateAsync(defaultCollection, null, defaultOwnerAccess);
}
return new Tuple<Organization, OrganizationUser>(organization, orgUser); return new Tuple<Organization, OrganizationUser>(organization, orgUser);
} }
catch catch
@ -2548,12 +2558,21 @@ public class OrganizationService : IOrganizationService
if (!string.IsNullOrWhiteSpace(collectionName)) if (!string.IsNullOrWhiteSpace(collectionName))
{ {
// If using Flexible Collections, give the owner Can Manage access over the default collection
List<CollectionAccessSelection> defaultOwnerAccess = null;
if (org.FlexibleCollections)
{
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(org.Id, userId);
defaultOwnerAccess =
[new CollectionAccessSelection { Id = orgUser.Id, HidePasswords = false, ReadOnly = false, Manage = true }];
}
var defaultCollection = new Collection var defaultCollection = new Collection
{ {
Name = collectionName, Name = collectionName,
OrganizationId = org.Id OrganizationId = org.Id
}; };
await _collectionRepository.CreateAsync(defaultCollection); await _collectionRepository.CreateAsync(defaultCollection, null, defaultOwnerAccess);
} }
} }
} }

20
test/Core.Test/AdminConsole/Services/OrganizationServiceTests.cs
View File

@ -259,7 +259,6 @@ public class OrganizationServiceTests
(PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider) (PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
{ {
signup.Plan = planType; signup.Plan = planType;
var plan = StaticStore.GetPlan(signup.Plan);
signup.AdditionalSeats = 0; signup.AdditionalSeats = 0;
signup.PaymentMethodType = PaymentMethodType.Card; signup.PaymentMethodType = PaymentMethodType.Card;
signup.PremiumAccessAddon = false; signup.PremiumAccessAddon = false;
@ -269,13 +268,32 @@ public class OrganizationServiceTests
.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup) .IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup)
.Returns(true); .Returns(true);
// Extract orgUserId when created
Guid? orgUserId = null;
await sutProvider.GetDependency<IOrganizationUserRepository>()
.CreateAsync(Arg.Do<OrganizationUser>(ou => orgUserId = ou.Id));
var result = await sutProvider.Sut.SignUpAsync(signup); var result = await sutProvider.Sut.SignUpAsync(signup);
// Assert: AccessAll is not used
await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).CreateAsync( await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).CreateAsync(
Arg.Is<OrganizationUser>(o => Arg.Is<OrganizationUser>(o =>
o.UserId == signup.Owner.Id && o.UserId == signup.Owner.Id &&
o.AccessAll == false)); o.AccessAll == false));
// Assert: created a Can Manage association for the default collection instead
Assert.NotNull(orgUserId);
await sutProvider.GetDependency<ICollectionRepository>().Received(1).CreateAsync(
Arg.Any<Collection>(),
Arg.Is<IEnumerable<CollectionAccessSelection>>(cas => cas == null),
Arg.Is<IEnumerable<CollectionAccessSelection>>(cas =>
cas.Count() == 1 &&
cas.All(c =>
c.Id == orgUserId &&
!c.ReadOnly &&
!c.HidePasswords &&
c.Manage)));
Assert.NotNull(result); Assert.NotNull(result);
Assert.NotNull(result.Item1); Assert.NotNull(result.Item1);
Assert.NotNull(result.Item2); Assert.NotNull(result.Item2);