[SM-394] Secrets Manager (#2164)

Long lived feature branch for Secrets Manager Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com>
2025-07-03 17:12:49 -05:00 · 2023-01-13 15:02:53 +01:00
parent 09e524c9a2
commit 1f0fc43278
188 changed files with 21346 additions and 329 deletions
--- a/src/Infrastructure.EntityFramework/Repositories/AccessPolicyRepository.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/AccessPolicyRepository.cs
@ -0,0 +1,27 @@
+using AutoMapper;
+using Bit.Core.Repositories;
+using Bit.Infrastructure.EntityFramework.Models;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using CoreAccessPolicy = Bit.Core.Entities.AccessPolicy;
+
+namespace Bit.Infrastructure.EntityFramework.Repositories;
+
+public class AccessPolicyRepository : IAccessPolicyRepository
+{
+    public AccessPolicyRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper)
+    {
+    }
+
+    protected Func<DatabaseContext, DbSet<AccessPolicy>> GetDbSet { get; private set; }
+
+    public Task<CoreAccessPolicy> GetByIdAsync(Guid id) => throw new NotImplementedException();
+
+    public Task<CoreAccessPolicy> CreateAsync(CoreAccessPolicy obj) => throw new NotImplementedException();
+
+    public Task ReplaceAsync(CoreAccessPolicy obj) => throw new NotImplementedException();
+
+    public Task UpsertAsync(CoreAccessPolicy obj) => throw new NotImplementedException();
+
+    public Task DeleteAsync(CoreAccessPolicy obj) => throw new NotImplementedException();
+}
--- a/src/Infrastructure.EntityFramework/Repositories/ApiKeyRepository.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/ApiKeyRepository.cs
@ -0,0 +1,38 @@
+using AutoMapper;
+using Bit.Core.Models.Data;
+using Bit.Core.Repositories;
+using Bit.Infrastructure.EntityFramework.Models;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Bit.Infrastructure.EntityFramework.Repositories;
+
+public class ApiKeyRepository : Repository<Core.Entities.ApiKey, ApiKey, Guid>, IApiKeyRepository
+{
+    public ApiKeyRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper)
+        : base(serviceScopeFactory, mapper, (DatabaseContext context) => context.ApiKeys)
+    {
+    }
+
+    public async Task<ApiKeyDetails> GetDetailsByIdAsync(Guid id)
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        var dbContext = GetDatabaseContext(scope);
+        var entity = await GetDbSet(dbContext)
+            .Where(apiKey => apiKey.Id == id)
+            .Include(apiKey => apiKey.ServiceAccount)
+            .Select(apiKey => new ServiceAccountApiKeyDetails(apiKey, apiKey.ServiceAccount.OrganizationId))
+            .FirstOrDefaultAsync();
+
+        return Mapper.Map<ServiceAccountApiKeyDetails>(entity);
+    }
+
+    public async Task<ICollection<Core.Entities.ApiKey>> GetManyByServiceAccountIdAsync(Guid id)
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        var dbContext = GetDatabaseContext(scope);
+        var apiKeys = await GetDbSet(dbContext).Where(e => e.ServiceAccountId == id).ToListAsync();
+
+        return Mapper.Map<List<Core.Entities.ApiKey>>(apiKeys);
+    }
+}
--- a/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs
@ -12,6 +12,8 @@ public class DatabaseContext : DbContext
        : base(options)
    { }

+    public DbSet<AccessPolicy> AccessPolicies { get; set; }
+    public DbSet<ApiKey> ApiKeys { get; set; }
    public DbSet<Cipher> Ciphers { get; set; }
    public DbSet<Collection> Collections { get; set; }
    public DbSet<CollectionCipher> CollectionCiphers { get; set; }
@ -32,6 +34,9 @@ public class DatabaseContext : DbContext
    public DbSet<OrganizationUser> OrganizationUsers { get; set; }
    public DbSet<Policy> Policies { get; set; }
    public DbSet<Provider> Providers { get; set; }
+    public DbSet<Secret> Secret { get; set; }
+    public DbSet<ServiceAccount> ServiceAccount { get; set; }
+    public DbSet<Project> Project { get; set; }
    public DbSet<ProviderUser> ProviderUsers { get; set; }
    public DbSet<ProviderOrganization> ProviderOrganizations { get; set; }
    public DbSet<Send> Sends { get; set; }
@ -44,6 +49,13 @@ public class DatabaseContext : DbContext

    protected override void OnModelCreating(ModelBuilder builder)
    {
+        // Scans and loads all configurations implementing the `IEntityTypeConfiguration` from the
+        //  `Infrastructure.EntityFramework` Module. Note to get the assembly we can use a random class
+        //   from this module.
+        builder.ApplyConfigurationsFromAssembly(typeof(DatabaseContext).Assembly);
+
+        // Going forward use `IEntityTypeConfiguration` in the Configurations folder for managing
+        // Entity Framework code first database configurations.
        var eCipher = builder.Entity<Cipher>();
        var eCollection = builder.Entity<Collection>();
        var eCollectionCipher = builder.Entity<CollectionCipher>();
@ -101,7 +113,6 @@ public class DatabaseContext : DbContext
        eGrant.HasKey(x => x.Key);
        eGroupUser.HasKey(gu => new { gu.GroupId, gu.OrganizationUserId });

-
        if (Database.IsNpgsql())
        {
            // the postgres provider doesn't currently support database level non-deterministic collations.