[AC-1191] TDE admin approval email (#3044)

* feat: add new command for updating request and emailing user, refs AC-1191 * feat: inject service with organization service collection extensions, refs AC-1191 * feat: add function to send admin approval email to mail services (interface/noop/handlebars), refs AC-1191 * feat: add html/text mail templates and add view model for email data, refs AC-1191 * feat: update org auth request controller to use new command during auth request update, refs AC-1191 * fix: dotnet format, refs AC-1191 * refactor: update user not found error, FirstOrDefault for enum type display name, refs AC-1191 * refactor: update user not found to log error instead of throws, refs AC-1191 * fix: remove whitespace lint errors, refs AC-1191 * refactor: update hardcoded UTC timezone string, refs AC-1191 * refactor: add unit test for new command, refs AC-1191 * refactor: improve enum name fallback and identifier string creation, refs AC-1191 * refactor: add addtional unit tests, refs AC-1191 * refactor: update success test to use more generated params, refs AC-1191 * fix: dotnet format...again, refs AC-1191 * refactor: make UTC display a constant for handlebars mail service, refs AC-1191 * refactor: update displayTypeIdentifer to displayTypeAndIdentifier for clarity, refs AC-1191
2025-06-30 07:36:14 -05:00 · 2023-07-06 10:03:49 -05:00
parent 62beb7d1e8
commit 3b4c8afea0
11 changed files with 243 additions and 8 deletions
--- a/test/Core.Test/AdminConsole/OrganizationAuth/UpdateOrganizationAuthRequestCommandTests.cs
+++ b/test/Core.Test/AdminConsole/OrganizationAuth/UpdateOrganizationAuthRequestCommandTests.cs
@ -0,0 +1,100 @@
+using Bit.Core.AdminConsole.OrganizationAuth;
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Models.Api.Request.AuthRequest;
+using Bit.Core.Auth.Services;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using NSubstitute;
+using NSubstitute.ReturnsExtensions;
+using Xunit;
+
+namespace Bit.Core.Test.AdminConsole.OrganizationAuth;
+
+[SutProviderCustomize]
+public class UpdateOrganizationAuthRequestCommandTests
+{
+    [Theory]
+    [BitAutoData]
+    public async Task UpdateOrgAuthRequest_Approved_SendEmail_Success(
+        DateTime responseDate, string email, DeviceType deviceType, string deviceIdentifier,
+        string requestIpAddress, Guid requestId, Guid userId, bool requestApproved,
+        string encryptedUserKey, SutProvider<UpdateOrganizationAuthRequestCommand> sutProvider)
+    {
+        var expectedDeviceTypeAndIdentifier = $"{deviceType} - {deviceIdentifier}";
+
+        sutProvider.GetDependency<IAuthRequestService>()
+            .UpdateAuthRequestAsync(requestId, userId,
+                Arg.Is<AuthRequestUpdateRequestModel>(x =>
+                    x.RequestApproved == requestApproved && x.Key == encryptedUserKey))
+            .Returns(new AuthRequest()
+            {
+                UserId = userId,
+                Approved = true,
+                ResponseDate = responseDate,
+                RequestDeviceType = deviceType,
+                RequestDeviceIdentifier = deviceIdentifier,
+                RequestIpAddress = requestIpAddress,
+            });
+
+        sutProvider.GetDependency<IUserRepository>()
+            .GetByIdAsync(userId)
+            .Returns(new User()
+            {
+                Email = email
+            });
+
+        await sutProvider.Sut.UpdateAsync(requestId, userId, requestApproved, encryptedUserKey);
+
+        await sutProvider.GetDependency<IUserRepository>().Received(1).GetByIdAsync(userId);
+        await sutProvider.GetDependency<IMailService>().Received(1)
+            .SendTrustedDeviceAdminApprovalEmailAsync(email, responseDate, requestIpAddress, expectedDeviceTypeAndIdentifier);
+    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task UpdateOrgAuthRequest_Denied_NonExecutes(
+        SutProvider<UpdateOrganizationAuthRequestCommand> sutProvider, Guid requestId, Guid userId,
+        bool requestApproved, string encryptedUserKey)
+    {
+        sutProvider.GetDependency<IAuthRequestService>()
+            .UpdateAuthRequestAsync(requestId, userId,
+                Arg.Is<AuthRequestUpdateRequestModel>(x =>
+                    x.RequestApproved == requestApproved && x.Key == encryptedUserKey))
+            .Returns(new AuthRequest() { Approved = false });
+
+        await sutProvider.Sut.UpdateAsync(requestId, userId, requestApproved, encryptedUserKey);
+
+        await sutProvider.GetDependency<IUserRepository>().DidNotReceive().GetByIdAsync(userId);
+        await sutProvider.GetDependency<IMailService>().DidNotReceive()
+            .SendTrustedDeviceAdminApprovalEmailAsync(Arg.Any<string>(), Arg.Any<DateTime>(), Arg.Any<string>(),
+                Arg.Any<string>());
+    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task UpdateOrgAuthRequest_Approved_UserNotFound(
+        SutProvider<UpdateOrganizationAuthRequestCommand> sutProvider, Guid requestId, Guid userId,
+        bool requestApproved, string encryptedUserKey)
+    {
+        sutProvider.GetDependency<IAuthRequestService>()
+            .UpdateAuthRequestAsync(requestId, userId,
+                Arg.Is<AuthRequestUpdateRequestModel>(x =>
+                    x.RequestApproved == requestApproved && x.Key == encryptedUserKey))
+            .Returns(new AuthRequest() { Approved = true, });
+
+        sutProvider.GetDependency<IUserRepository>()
+            .GetByIdAsync(userId)
+            .ReturnsNull();
+
+        await sutProvider.Sut.UpdateAsync(requestId, userId, requestApproved, encryptedUserKey);
+
+        await sutProvider.GetDependency<IUserRepository>().Received(1).GetByIdAsync(userId);
+        await sutProvider.GetDependency<IMailService>().DidNotReceive()
+            .SendTrustedDeviceAdminApprovalEmailAsync(Arg.Any<string>(), Arg.Any<DateTime>(), Arg.Any<string>(),
+                Arg.Any<string>());
+    }
+}