Support use of organizationId parameter in authorization (#5758)

2025-06-30 23:52:50 -05:00 · 2025-05-02 07:00:48 +10:00
parent 9da98d8e97
commit 41001fefae
2 changed files with 55 additions and 7 deletions
--- a/test/Api.Test/AdminConsole/Authorization/HttpContextExtensionsTests.cs
+++ b/test/Api.Test/AdminConsole/Authorization/HttpContextExtensionsTests.cs
@ -1,5 +1,7 @@
-using Bit.Api.AdminConsole.Authorization;
+using AutoFixture.Xunit2;
+using Bit.Api.AdminConsole.Authorization;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
 using NSubstitute;
 using Xunit;

@ -25,4 +27,42 @@ public class HttpContextExtensionsTests
        await callback.ReceivedWithAnyArgs(1).Invoke();
    }

+    [Theory]
+    [InlineAutoData("orgId")]
+    [InlineAutoData("organizationId")]
+    public void GetOrganizationId_GivenValidParameter_ReturnsOrganizationId(string paramName, Guid orgId)
+    {
+        var httpContext = new DefaultHttpContext
+        {
+            Request = { RouteValues = new RouteValueDictionary
+            {
+                { "userId", "someGuid" },
+                { paramName, orgId.ToString() }
+            }
+        }
+        };
+
+        var result = httpContext.GetOrganizationId();
+        Assert.Equal(orgId, result);
+    }
+
+    [Theory]
+    [InlineAutoData("orgId")]
+    [InlineAutoData("organizationId")]
+    [InlineAutoData("missingParameter")]
+    public void GetOrganizationId_GivenMissingOrInvalidGuid_Throws(string paramName)
+    {
+        var httpContext = new DefaultHttpContext
+        {
+            Request = { RouteValues = new RouteValueDictionary
+            {
+                { "userId", "someGuid" },
+                { paramName, "invalidGuid" }
+            }
+        }
+        };
+
+        var exception = Assert.Throws<InvalidOperationException>(() => httpContext.GetOrganizationId());
+        Assert.Equal(HttpContextExtensions.NoOrgIdError, exception.Message);
+    }
 }