nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 23:52:50 -05:00
Code Activity

Add AuthorizeOrThrowAsync extension method (#4790)

Browse Source
This commit is contained in:
Thomas Rittson
2024-09-23 08:45:14 +10:00
committed by GitHub
parent ab8c3af685
commit 2384e0b7ef
5 changed files with 65 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/AdminConsole/Controllers/GroupsController.cs
View File

@ -1,7 +1,6 @@
using Bit.Api.AdminConsole.Models.Request;
using Bit.Api.AdminConsole.Models.Response;
using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Api.Vault.AuthorizationHandlers.Groups;
using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
@ -11,6 +10,7 @@ using Bit.Core.Context;
using Bit.Core.Exceptions;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

2
src/Api/AdminConsole/Controllers/OrganizationUsersController.cs
View File

@ -2,7 +2,6 @@
using Bit.Api.AdminConsole.Models.Response.Organizations;
using Bit.Api.Models.Request.Organizations;
using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Api.Vault.AuthorizationHandlers.OrganizationUsers;
using Bit.Core;
@ -22,6 +21,7 @@ using Bit.Core.OrganizationFeatures.OrganizationSubscriptions.Interface;
using Bit.Core.OrganizationFeatures.OrganizationUsers.Interfaces;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
using Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Requests;
using Microsoft.AspNetCore.Authorization;

2
src/Api/Controllers/CollectionsController.cs
View File

@ -1,6 +1,5 @@
using Bit.Api.Models.Request;
using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Core.Context;
using Bit.Core.Entities;
@ -9,6 +8,7 @@ using Bit.Core.Models.Data;
using Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

25
src/Api/Utilities/AuthorizationServiceExtensions.cs → src/Core/Utilities/AuthorizationServiceExtensions.cs
View File

@ -1,7 +1,8 @@
using System.Security.Claims;
using Bit.Core.Exceptions;
using Microsoft.AspNetCore.Authorization;
namespace Bit.Api.Utilities;
namespace Bit.Core.Utilities;
public static class AuthorizationServiceExtensions
{
@ -29,4 +30,26 @@ public static class AuthorizationServiceExtensions
return service.AuthorizeAsync(user, resource: null, new[] { requirement });
}
/// <summary>
/// Performs an authorization check and throws a <see cref="Bit.Core.Exceptions.NotFoundException"/> if the
/// check fails or the resource is null.
/// </summary>
public static async Task AuthorizeOrThrowAsync(this IAuthorizationService service,
ClaimsPrincipal user, object resource, IAuthorizationRequirement requirement)
{
ArgumentNullException.ThrowIfNull(service);
ArgumentNullException.ThrowIfNull(requirement);
if (resource == null)
{
throw new NotFoundException();
}
var authorizationResult = await service.AuthorizeAsync(user, resource, requirement);
if (!authorizationResult.Succeeded)
{
throw new NotFoundException();
}
}
}