From 34675c3487f4a75ebc93c51139accf43edcc92c6 Mon Sep 17 00:00:00 2001
From: Thomas Rittson <trittson@bitwarden.com>
Date: Mon, 7 Apr 2025 11:05:05 +1000
Subject: [PATCH] Consolidate helper method into extensions class

---
 .../Authorization/HttpContextExtensions.cs    | 25 ++++++++++++++++---
 .../OrganizationRequirementHelpers.cs         | 20 ---------------
 .../OrganizationRequirementHandlerTests.cs    |  6 ++---
 3 files changed, 25 insertions(+), 26 deletions(-)
 delete mode 100644 src/Api/AdminConsole/Authorization/OrganizationRequirementHelpers.cs

diff --git a/src/Api/AdminConsole/Authorization/HttpContextExtensions.cs b/src/Api/AdminConsole/Authorization/HttpContextExtensions.cs
index d0ed9eaf89..40525a488c 100644
--- a/src/Api/AdminConsole/Authorization/HttpContextExtensions.cs
+++ b/src/Api/AdminConsole/Authorization/HttpContextExtensions.cs
@@ -8,6 +8,9 @@ namespace Bit.Api.AdminConsole.Authorization;
 
 public static class HttpContextExtensions
 {
+    public const string NoOrgIdError =
+        "A route decorated with with '[Authorize<Requirement>]' should include a route value named 'orgId' either through the [Controller] attribute or through a '[Http*]' attribute.";
+
     /// <summary>
     /// Returns the result of the callback, caching it in HttpContext.Features for the lifetime of the request.
     /// Subsequent calls will retrieve the cached value.
@@ -53,8 +56,24 @@ public static class HttpContextExtensions
         this HttpContext httpContext,
         IProviderUserRepository providerUserRepository,
         Guid userId)
-        => await httpContext.WithFeaturesCacheAsync(async () =>
-            (await providerUserRepository.GetManyOrganizationDetailsByUserAsync(
-                userId, ProviderUserStatusType.Confirmed)).ToList());
+        => await httpContext.WithFeaturesCacheAsync(() =>
+            providerUserRepository.GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed));
 
+
+    /// <summary>
+    /// Parses the {orgId} route parameter into a Guid, or throws if the {orgId} is not present or not a valid guid.
+    /// </summary>
+    /// <param name="httpContext"></param>
+    /// <returns></returns>
+    /// <exception cref="InvalidOperationException"></exception>
+    public static Guid GetOrganizationId(this HttpContext httpContext)
+    {
+        httpContext.GetRouteData().Values.TryGetValue("orgId", out var orgIdParam);
+        if (orgIdParam == null || !Guid.TryParse(orgIdParam.ToString(), out var orgId))
+        {
+            throw new InvalidOperationException(NoOrgIdError);
+        }
+
+        return orgId;
+    }
 }
diff --git a/src/Api/AdminConsole/Authorization/OrganizationRequirementHelpers.cs b/src/Api/AdminConsole/Authorization/OrganizationRequirementHelpers.cs
deleted file mode 100644
index c58120b7da..0000000000
--- a/src/Api/AdminConsole/Authorization/OrganizationRequirementHelpers.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-#nullable enable
-
-namespace Bit.Api.AdminConsole.Authorization;
-
-public static class OrganizationRequirementHelpers
-{
-    public const string NoOrgIdError =
-        "A route decorated with with '[Authorize<Requirement>]' should include a route value named 'orgId' either through the [Controller] attribute or through a '[Http*]' attribute.";
-
-    public static Guid GetOrganizationId(this HttpContext httpContext)
-    {
-        httpContext.GetRouteData().Values.TryGetValue("orgId", out var orgIdParam);
-        if (orgIdParam == null || !Guid.TryParse(orgIdParam.ToString(), out var orgId))
-        {
-            throw new InvalidOperationException(NoOrgIdError);
-        }
-
-        return orgId;
-    }
-}
diff --git a/test/Api.Test/AdminConsole/Authorization/OrganizationRequirementHandlerTests.cs b/test/Api.Test/AdminConsole/Authorization/OrganizationRequirementHandlerTests.cs
index 9c165c4732..b3ebc2640e 100644
--- a/test/Api.Test/AdminConsole/Authorization/OrganizationRequirementHandlerTests.cs
+++ b/test/Api.Test/AdminConsole/Authorization/OrganizationRequirementHandlerTests.cs
@@ -17,13 +17,13 @@ public class OrganizationRequirementHandlerTests
     public async Task IfNoOrganizationId_Throws(SutProvider<OrganizationRequirementHandler> sutProvider)
     {
         // Arrange
-        ArrangeRouteAndUser(sutProvider, null); // no orgId in route
+        ArrangeRouteAndUser(sutProvider, null!); // no orgId in route
         var testRequirement = Substitute.For<IOrganizationRequirement>();
         var authContext = new AuthorizationHandlerContext([testRequirement], new ClaimsPrincipal(), null);
 
         // Act
         var exception = await Assert.ThrowsAsync<InvalidOperationException>(() => sutProvider.Sut.HandleAsync(authContext));
-        Assert.Equal(OrganizationRequirementHelpers.NoOrgIdError, exception.Message);
+        Assert.Equal(HttpContextExtensions.NoOrgIdError, exception.Message);
         Assert.False(authContext.HasSucceeded);
     }
 
@@ -37,7 +37,7 @@ public class OrganizationRequirementHandlerTests
 
         // Act
         var exception = await Assert.ThrowsAsync<InvalidOperationException>(() => sutProvider.Sut.HandleAsync(authContext));
-        Assert.Contains(OrganizationRequirementHelpers.NoOrgIdError, exception.Message);
+        Assert.Contains(HttpContextExtensions.NoOrgIdError, exception.Message);
         Assert.False(authContext.HasSucceeded);
     }