nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-18 16:11:28 -05:00
Code Activity

[Reset Password] Enrollment API, Service, and Model updates (#1245)

Browse Source 
* [Reset Password] Enrollment API, Service and Model updates

* Added conditional check for calling User's ID
This commit is contained in:
Vincent Salucci
2021-03-30 09:48:52 -05:00
committed by GitHub
parent 339292f536
commit 296e3d881d
9 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Core/Services/IOrganizationService.cs
View File

@ -43,6 +43,7 @@ namespace Bit.Core.Services
Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid? deletingUserId);
Task DeleteUserAsync(Guid organizationId, Guid userId);
Task UpdateUserGroupsAsync(OrganizationUser organizationUser, IEnumerable<Guid> groupIds, Guid? loggedInUserId);
Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid organizationUserId, string resetPasswordKey, Guid? callingUserId);
Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId);
Task<OrganizationLicense> GenerateLicenseAsync(Organization organization, Guid installationId,
int? version = null);

18
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -1378,6 +1378,24 @@ namespace Bit.Core.Services
await _eventService.LogOrganizationUserEventAsync(organizationUser,
EventType.OrganizationUser_UpdatedGroups);
}
public async Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid organizationUserId, string resetPasswordKey, Guid? callingUserId)
{
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, organizationUserId);
if (!callingUserId.HasValue || orgUser == null || orgUser.UserId != callingUserId.Value ||
orgUser.Status != OrganizationUserStatusType.Confirmed ||
orgUser.OrganizationId != organizationId)
{
throw new BadRequestException("User not valid.");
}
// TODO - Block certain org types from using this feature?
orgUser.ResetPasswordKey = resetPasswordKey;
await _organizationUserRepository.ReplaceAsync(orgUser);
await _eventService.LogOrganizationUserEventAsync(orgUser, resetPasswordKey != null ?
EventType.OrganizationUser_ResetPassword_Enroll : EventType.OrganizationUser_ResetPassword_Withdraw);
}
public async Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId)
{