From 4643f5960ec304ccfc300b0ce97cd199a8d6b5c4 Mon Sep 17 00:00:00 2001 From: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Date: Fri, 24 Feb 2023 07:54:19 +1000 Subject: [PATCH] [EC-635] Extract organizationService.UpdateLicenseAsync to a command (#2408) * move UpdateLicenseAsync from service to command * create new SelfHostedOrganizationDetails view model and move license validation logic there * move occupied seat count logic to database level --- .../src/Sso/Controllers/AccountController.cs | 2 +- src/Admin/Models/OrganizationViewModel.cs | 2 +- .../Controllers/OrganizationsController.cs | 13 +- ...elfHostedOrganizationLicensesController.cs | 28 +- src/Core/Entities/Organization.cs | 30 ++ .../Models/Business/OrganizationLicense.cs | 31 +- .../OrganizationUserUserDetails.cs | 8 - .../SelfHostedOrganizationDetails.cs | 145 +++++++ .../Cloud/CloudGetOrganizationLicenseQuery.cs | 4 +- .../IUpdateOrganizationLicenseCommand.cs | 13 + .../UpdateOrganizationLicenseCommand.cs | 66 +++ ...OrganizationServiceCollectionExtensions.cs | 5 +- .../Repositories/IOrganizationRepository.cs | 2 + .../IOrganizationUserRepository.cs | 1 + src/Core/Services/IOrganizationService.cs | 3 +- .../Implementations/OrganizationService.cs | 226 +---------- .../Repositories/OrganizationRepository.cs | 40 ++ .../OrganizationUserRepository.cs | 13 + .../Models/Organization.cs | 1 + .../Repositories/OrganizationRepository.cs | 39 +- .../OrganizationUserRepository.cs | 6 + ...dOccupiedSeatCountByOrganizationIdQuery.cs | 22 + src/Sql/Sql.sqlproj | 5 +- .../Group_ReadCountByOrganizationId.sql | 13 + ..._ReadOccupiedSeatCountByOrganizationId.sql | 14 + .../Organization_ReadByLicenseKey.sql | 13 + ...Organization_ReadSelfHostedDetailsById.sql | 15 + .../OrganizationsControllerTests.cs | 5 +- .../SelfHostedOrganizationDetailsTests.cs | 379 ++++++++++++++++++ ...02-16_00_SelfHostedOrganizationDetails.sql | 62 +++ 30 files changed, 967 insertions(+), 239 deletions(-) create mode 100644 src/Core/Models/Data/Organizations/SelfHostedOrganizationDetails.cs create mode 100644 src/Core/OrganizationFeatures/OrganizationLicenses/Interfaces/IUpdateOrganizationLicenseCommand.cs create mode 100644 src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs create mode 100644 src/Infrastructure.EntityFramework/Repositories/Queries/OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery.cs create mode 100644 src/Sql/dbo/Stored Procedures/Group_ReadCountByOrganizationId.sql create mode 100644 src/Sql/dbo/Stored Procedures/OrganizationUser_ReadOccupiedSeatCountByOrganizationId.sql create mode 100644 src/Sql/dbo/Stored Procedures/Organization_ReadByLicenseKey.sql create mode 100644 src/Sql/dbo/Stored Procedures/Organization_ReadSelfHostedDetailsById.sql create mode 100644 test/Core.Test/Models/Data/SelfHostedOrganizationDetailsTests.cs create mode 100644 util/Migrator/DbScripts/2023-02-16_00_SelfHostedOrganizationDetails.sql diff --git a/bitwarden_license/src/Sso/Controllers/AccountController.cs b/bitwarden_license/src/Sso/Controllers/AccountController.cs index fdbcf0f0d1..2f8e8e90f7 100644 --- a/bitwarden_license/src/Sso/Controllers/AccountController.cs +++ b/bitwarden_license/src/Sso/Controllers/AccountController.cs @@ -483,7 +483,7 @@ public class AccountController : Controller // Before any user creation - if Org User doesn't exist at this point - make sure there are enough seats to add one if (orgUser == null && organization.Seats.HasValue) { - var occupiedSeats = await _organizationService.GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); var initialSeatCount = organization.Seats.Value; var availableSeats = initialSeatCount - occupiedSeats; var prorationDate = DateTime.UtcNow; diff --git a/src/Admin/Models/OrganizationViewModel.cs b/src/Admin/Models/OrganizationViewModel.cs index 31504f9371..6799f34e26 100644 --- a/src/Admin/Models/OrganizationViewModel.cs +++ b/src/Admin/Models/OrganizationViewModel.cs @@ -18,7 +18,7 @@ public class OrganizationViewModel UserInvitedCount = orgUsers.Count(u => u.Status == OrganizationUserStatusType.Invited); UserAcceptedCount = orgUsers.Count(u => u.Status == OrganizationUserStatusType.Accepted); UserConfirmedCount = orgUsers.Count(u => u.Status == OrganizationUserStatusType.Confirmed); - OccupiedSeatCount = orgUsers.Count(u => u.OccupiesOrganizationSeat); + OccupiedSeatCount = UserInvitedCount + UserAcceptedCount + UserConfirmedCount; CipherCount = ciphers.Count(); CollectionCount = collections.Count(); GroupCount = groups?.Count() ?? 0; diff --git a/src/Api/Controllers/OrganizationsController.cs b/src/Api/Controllers/OrganizationsController.cs index 57c39359ba..e4c4003199 100644 --- a/src/Api/Controllers/OrganizationsController.cs +++ b/src/Api/Controllers/OrganizationsController.cs @@ -39,6 +39,7 @@ public class OrganizationsController : Controller private readonly IRotateOrganizationApiKeyCommand _rotateOrganizationApiKeyCommand; private readonly ICreateOrganizationApiKeyCommand _createOrganizationApiKeyCommand; private readonly IOrganizationApiKeyRepository _organizationApiKeyRepository; + private readonly IUpdateOrganizationLicenseCommand _updateOrganizationLicenseCommand; private readonly ICloudGetOrganizationLicenseQuery _cloudGetOrganizationLicenseQuery; private readonly GlobalSettings _globalSettings; @@ -56,6 +57,7 @@ public class OrganizationsController : Controller IRotateOrganizationApiKeyCommand rotateOrganizationApiKeyCommand, ICreateOrganizationApiKeyCommand createOrganizationApiKeyCommand, IOrganizationApiKeyRepository organizationApiKeyRepository, + IUpdateOrganizationLicenseCommand updateOrganizationLicenseCommand, ICloudGetOrganizationLicenseQuery cloudGetOrganizationLicenseQuery, GlobalSettings globalSettings) { @@ -72,6 +74,7 @@ public class OrganizationsController : Controller _rotateOrganizationApiKeyCommand = rotateOrganizationApiKeyCommand; _createOrganizationApiKeyCommand = createOrganizationApiKeyCommand; _organizationApiKeyRepository = organizationApiKeyRepository; + _updateOrganizationLicenseCommand = updateOrganizationLicenseCommand; _cloudGetOrganizationLicenseQuery = cloudGetOrganizationLicenseQuery; _globalSettings = globalSettings; } @@ -461,7 +464,15 @@ public class OrganizationsController : Controller throw new BadRequestException("Invalid license"); } - await _organizationService.UpdateLicenseAsync(new Guid(id), license); + var selfHostedOrganizationDetails = await _organizationRepository.GetSelfHostedOrganizationDetailsById(orgIdGuid); + if (selfHostedOrganizationDetails == null) + { + throw new NotFoundException(); + } + + var existingOrganization = await _organizationRepository.GetByLicenseKeyAsync(license.LicenseKey); + + await _updateOrganizationLicenseCommand.UpdateLicenseAsync(selfHostedOrganizationDetails, license, existingOrganization); } [HttpPost("{id}/import")] diff --git a/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs b/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs index 92cf50ae41..c821204c75 100644 --- a/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs +++ b/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs @@ -27,6 +27,7 @@ public class SelfHostedOrganizationLicensesController : Controller private readonly IOrganizationService _organizationService; private readonly IOrganizationRepository _organizationRepository; private readonly IUserService _userService; + private readonly IUpdateOrganizationLicenseCommand _updateOrganizationLicenseCommand; public SelfHostedOrganizationLicensesController( ICurrentContext currentContext, @@ -34,7 +35,8 @@ public class SelfHostedOrganizationLicensesController : Controller IOrganizationConnectionRepository organizationConnectionRepository, IOrganizationService organizationService, IOrganizationRepository organizationRepository, - IUserService userService) + IUserService userService, + IUpdateOrganizationLicenseCommand updateOrganizationLicenseCommand) { _currentContext = currentContext; _selfHostedGetOrganizationLicenseQuery = selfHostedGetOrganizationLicenseQuery; @@ -42,6 +44,7 @@ public class SelfHostedOrganizationLicensesController : Controller _organizationService = organizationService; _organizationRepository = organizationRepository; _userService = userService; + _updateOrganizationLicenseCommand = updateOrganizationLicenseCommand; } [HttpPost("")] @@ -79,25 +82,33 @@ public class SelfHostedOrganizationLicensesController : Controller throw new BadRequestException("Invalid license"); } - await _organizationService.UpdateLicenseAsync(new Guid(id), license); + var selfHostedOrganizationDetails = await _organizationRepository.GetSelfHostedOrganizationDetailsById(orgIdGuid); + if (selfHostedOrganizationDetails == null) + { + throw new NotFoundException(); + } + + var currentOrganization = await _organizationRepository.GetByLicenseKeyAsync(license.LicenseKey); + + await _updateOrganizationLicenseCommand.UpdateLicenseAsync(selfHostedOrganizationDetails, license, currentOrganization); } [HttpPost("{id}/sync")] public async Task SyncLicenseAsync(string id) { - var organization = await _organizationRepository.GetByIdAsync(new Guid(id)); - if (organization == null) + var selfHostedOrganizationDetails = await _organizationRepository.GetSelfHostedOrganizationDetailsById(new Guid(id)); + if (selfHostedOrganizationDetails == null) { throw new NotFoundException(); } - if (!await _currentContext.OrganizationOwner(organization.Id)) + if (!await _currentContext.OrganizationOwner(selfHostedOrganizationDetails.Id)) { throw new NotFoundException(); } var billingSyncConnection = - (await _organizationConnectionRepository.GetByOrganizationIdTypeAsync(organization.Id, + (await _organizationConnectionRepository.GetByOrganizationIdTypeAsync(selfHostedOrganizationDetails.Id, OrganizationConnectionType.CloudBillingSync)).FirstOrDefault(); if (billingSyncConnection == null) { @@ -105,9 +116,10 @@ public class SelfHostedOrganizationLicensesController : Controller } var license = - await _selfHostedGetOrganizationLicenseQuery.GetLicenseAsync(organization, billingSyncConnection); + await _selfHostedGetOrganizationLicenseQuery.GetLicenseAsync(selfHostedOrganizationDetails, billingSyncConnection); + var currentOrganization = await _organizationRepository.GetByLicenseKeyAsync(license.LicenseKey); - await _organizationService.UpdateLicenseAsync(organization.Id, license); + await _updateOrganizationLicenseCommand.UpdateLicenseAsync(selfHostedOrganizationDetails, license, currentOrganization); var config = billingSyncConnection.GetConfig(); config.LastLicenseSync = DateTime.Now; diff --git a/src/Core/Entities/Organization.cs b/src/Core/Entities/Organization.cs index cbb2fb64e7..0f6d75ae0e 100644 --- a/src/Core/Entities/Organization.cs +++ b/src/Core/Entities/Organization.cs @@ -2,6 +2,7 @@ using System.Text.Json; using Bit.Core.Enums; using Bit.Core.Models; +using Bit.Core.Models.Business; using Bit.Core.Utilities; namespace Bit.Core.Entities; @@ -197,4 +198,33 @@ public class Organization : ITableObject, ISubscriber, IStorable, IStorabl return providers[provider]; } + + public void UpdateFromLicense(OrganizationLicense license) + { + Name = license.Name; + BusinessName = license.BusinessName; + BillingEmail = license.BillingEmail; + PlanType = license.PlanType; + Seats = license.Seats; + MaxCollections = license.MaxCollections; + UseGroups = license.UseGroups; + UseDirectory = license.UseDirectory; + UseEvents = license.UseEvents; + UseTotp = license.UseTotp; + Use2fa = license.Use2fa; + UseApi = license.UseApi; + UsePolicies = license.UsePolicies; + UseSso = license.UseSso; + UseKeyConnector = license.UseKeyConnector; + UseScim = license.UseScim; + UseResetPassword = license.UseResetPassword; + SelfHost = license.SelfHost; + UsersGetPremium = license.UsersGetPremium; + UseCustomPermissions = license.UseCustomPermissions; + Plan = license.Plan; + Enabled = license.Enabled; + ExpirationDate = license.Expires; + LicenseKey = license.LicenseKey; + RevisionDate = DateTime.UtcNow; + } } diff --git a/src/Core/Models/Business/OrganizationLicense.cs b/src/Core/Models/Business/OrganizationLicense.cs index 03cba08c49..58cce4cffb 100644 --- a/src/Core/Models/Business/OrganizationLicense.cs +++ b/src/Core/Models/Business/OrganizationLicense.cs @@ -199,21 +199,42 @@ public class OrganizationLicense : ILicense } } - public bool CanUse(IGlobalSettings globalSettings) + public bool CanUse(IGlobalSettings globalSettings, ILicensingService licensingService, out string exception) { if (!Enabled || Issued > DateTime.UtcNow || Expires < DateTime.UtcNow) { + exception = "Invalid license. Your organization is disabled or the license has expired."; return false; } - if (ValidLicenseVersion) + if (!ValidLicenseVersion) { - return InstallationId == globalSettings.Installation.Id && SelfHost; + exception = $"Version {Version} is not supported."; + return false; } - else + + if (InstallationId != globalSettings.Installation.Id || !SelfHost) { - throw new NotSupportedException($"Version {Version} is not supported."); + exception = "Invalid license. Make sure your license allows for on-premise " + + "hosting of organizations and that the installation id matches your current installation."; + return false; } + + if (LicenseType != null && LicenseType != Enums.LicenseType.Organization) + { + exception = "Premium licenses cannot be applied to an organization. " + + "Upload this license from your personal account settings page."; + return false; + } + + if (!licensingService.VerifyLicense(this)) + { + exception = "Invalid license."; + return false; + } + + exception = ""; + return true; } public bool VerifyData(Organization organization, IGlobalSettings globalSettings) diff --git a/src/Core/Models/Data/Organizations/OrganizationUsers/OrganizationUserUserDetails.cs b/src/Core/Models/Data/Organizations/OrganizationUsers/OrganizationUserUserDetails.cs index 3bb9416813..98bad1ccb6 100644 --- a/src/Core/Models/Data/Organizations/OrganizationUsers/OrganizationUserUserDetails.cs +++ b/src/Core/Models/Data/Organizations/OrganizationUsers/OrganizationUserUserDetails.cs @@ -62,14 +62,6 @@ public class OrganizationUserUserDetails : IExternal, ITwoFactorProvidersUser return Premium.GetValueOrDefault(false); } - public bool OccupiesOrganizationSeat - { - get - { - return Status != OrganizationUserStatusType.Revoked; - } - } - public Permissions GetPermissions() { return string.IsNullOrWhiteSpace(Permissions) ? null diff --git a/src/Core/Models/Data/Organizations/SelfHostedOrganizationDetails.cs b/src/Core/Models/Data/Organizations/SelfHostedOrganizationDetails.cs new file mode 100644 index 0000000000..a2c0811762 --- /dev/null +++ b/src/Core/Models/Data/Organizations/SelfHostedOrganizationDetails.cs @@ -0,0 +1,145 @@ +using Bit.Core.Entities; +using Bit.Core.Enums; +using Bit.Core.Models.Business; +using Bit.Core.Models.OrganizationConnectionConfigs; + +namespace Bit.Core.Models.Data.Organizations; + +public class SelfHostedOrganizationDetails : Organization +{ + public int OccupiedSeatCount { get; set; } + public int CollectionCount { get; set; } + public int GroupCount { get; set; } + public IEnumerable OrganizationUsers { get; set; } + public IEnumerable Policies { get; set; } + public SsoConfig SsoConfig { get; set; } + public IEnumerable ScimConnections { get; set; } + + public bool CanUseLicense(OrganizationLicense license, out string exception) + { + if (license.Seats.HasValue && OccupiedSeatCount > license.Seats.Value) + { + exception = $"Your organization currently has {OccupiedSeatCount} seats filled. " + + $"Your new license only has ({license.Seats.Value}) seats. Remove some users."; + return false; + } + + if (license.MaxCollections.HasValue && CollectionCount > license.MaxCollections.Value) + { + exception = $"Your organization currently has {CollectionCount} collections. " + + $"Your new license allows for a maximum of ({license.MaxCollections.Value}) collections. " + + "Remove some collections."; + return false; + } + + if (!license.UseGroups && UseGroups && GroupCount > 1) + { + exception = $"Your organization currently has {GroupCount} groups. " + + $"Your new license does not allow for the use of groups. Remove all groups."; + return false; + } + + var enabledPolicyCount = Policies.Count(p => p.Enabled); + if (!license.UsePolicies && UsePolicies && enabledPolicyCount > 0) + { + exception = $"Your organization currently has {enabledPolicyCount} enabled " + + $"policies. Your new license does not allow for the use of policies. Disable all policies."; + return false; + } + + if (!license.UseSso && UseSso && SsoConfig is { Enabled: true }) + { + exception = $"Your organization currently has a SSO configuration. " + + $"Your new license does not allow for the use of SSO. Disable your SSO configuration."; + return false; + } + + if (!license.UseKeyConnector && UseKeyConnector && SsoConfig?.Data != null && + SsoConfig.GetData().KeyConnectorEnabled) + { + exception = $"Your organization currently has Key Connector enabled. " + + $"Your new license does not allow for the use of Key Connector. Disable your Key Connector."; + return false; + } + + if (!license.UseScim && UseScim && ScimConnections != null && + ScimConnections.Any(c => c.GetConfig() is { Enabled: true })) + { + exception = "Your new plan does not allow the SCIM feature. " + + "Disable your SCIM configuration."; + return false; + } + + if (!license.UseCustomPermissions && UseCustomPermissions && + OrganizationUsers.Any(ou => ou.Type == OrganizationUserType.Custom)) + { + exception = "Your new plan does not allow the Custom Permissions feature. " + + "Disable your Custom Permissions configuration."; + return false; + } + + if (!license.UseResetPassword && UseResetPassword && + Policies.Any(p => p.Type == PolicyType.ResetPassword && p.Enabled)) + { + exception = "Your new license does not allow the Password Reset feature. " + + "Disable your Password Reset policy."; + return false; + } + + exception = ""; + return true; + } + + public Organization ToOrganization() + { + // Any new Organization properties must be added here for them to flow through to self-hosted organizations + return new Organization + { + Id = Id, + Identifier = Identifier, + Name = Name, + BusinessName = BusinessName, + BusinessAddress1 = BusinessAddress1, + BusinessAddress2 = BusinessAddress2, + BusinessAddress3 = BusinessAddress3, + BusinessCountry = BusinessCountry, + BusinessTaxNumber = BusinessTaxNumber, + BillingEmail = BillingEmail, + Plan = Plan, + PlanType = PlanType, + Seats = Seats, + MaxCollections = MaxCollections, + UsePolicies = UsePolicies, + UseSso = UseSso, + UseKeyConnector = UseKeyConnector, + UseScim = UseScim, + UseGroups = UseGroups, + UseDirectory = UseDirectory, + UseEvents = UseEvents, + UseTotp = UseTotp, + Use2fa = Use2fa, + UseApi = UseApi, + UseResetPassword = UseResetPassword, + UseSecretsManager = UseSecretsManager, + SelfHost = SelfHost, + UsersGetPremium = UsersGetPremium, + UseCustomPermissions = UseCustomPermissions, + Storage = Storage, + MaxStorageGb = MaxStorageGb, + Gateway = Gateway, + GatewayCustomerId = GatewayCustomerId, + GatewaySubscriptionId = GatewaySubscriptionId, + ReferenceData = ReferenceData, + Enabled = Enabled, + LicenseKey = LicenseKey, + PublicKey = PublicKey, + PrivateKey = PrivateKey, + TwoFactorProviders = TwoFactorProviders, + ExpirationDate = ExpirationDate, + CreationDate = CreationDate, + RevisionDate = RevisionDate, + MaxAutoscaleSeats = MaxAutoscaleSeats, + OwnersNotifiedOfAutoscaling = OwnersNotifiedOfAutoscaling, + }; + } +} diff --git a/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs b/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs index ff8a6d34fb..a8d3a1638f 100644 --- a/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs +++ b/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs @@ -32,7 +32,7 @@ public class CloudGetOrganizationLicenseQuery : ICloudGetOrganizationLicenseQuer throw new BadRequestException("Invalid installation id"); } - var subInfo = await _paymentService.GetSubscriptionAsync(organization); - return new OrganizationLicense(organization, subInfo, installationId, _licensingService, version); + var subscriptionInfo = await _paymentService.GetSubscriptionAsync(organization); + return new OrganizationLicense(organization, subscriptionInfo, installationId, _licensingService, version); } } diff --git a/src/Core/OrganizationFeatures/OrganizationLicenses/Interfaces/IUpdateOrganizationLicenseCommand.cs b/src/Core/OrganizationFeatures/OrganizationLicenses/Interfaces/IUpdateOrganizationLicenseCommand.cs new file mode 100644 index 0000000000..2ba82c1c62 --- /dev/null +++ b/src/Core/OrganizationFeatures/OrganizationLicenses/Interfaces/IUpdateOrganizationLicenseCommand.cs @@ -0,0 +1,13 @@ +#nullable enable + +using Bit.Core.Entities; +using Bit.Core.Models.Business; +using Bit.Core.Models.Data.Organizations; + +namespace Bit.Core.OrganizationFeatures.OrganizationLicenses.Interfaces; + +public interface IUpdateOrganizationLicenseCommand +{ + Task UpdateLicenseAsync(SelfHostedOrganizationDetails selfHostedOrganization, + OrganizationLicense license, Organization? currentOrganizationUsingLicenseKey); +} diff --git a/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs b/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs new file mode 100644 index 0000000000..583f521434 --- /dev/null +++ b/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs @@ -0,0 +1,66 @@ +#nullable enable + +using System.Text.Json; +using Bit.Core.Entities; +using Bit.Core.Exceptions; +using Bit.Core.Models.Business; +using Bit.Core.Models.Data.Organizations; +using Bit.Core.OrganizationFeatures.OrganizationLicenses.Interfaces; +using Bit.Core.Services; +using Bit.Core.Settings; +using Bit.Core.Utilities; + +namespace Bit.Core.OrganizationFeatures.OrganizationLicenses; + +public class UpdateOrganizationLicenseCommand : IUpdateOrganizationLicenseCommand +{ + private readonly ILicensingService _licensingService; + private readonly IGlobalSettings _globalSettings; + private readonly IOrganizationService _organizationService; + + public UpdateOrganizationLicenseCommand( + ILicensingService licensingService, + IGlobalSettings globalSettings, + IOrganizationService organizationService) + { + _licensingService = licensingService; + _globalSettings = globalSettings; + _organizationService = organizationService; + } + + public async Task UpdateLicenseAsync(SelfHostedOrganizationDetails selfHostedOrganization, + OrganizationLicense license, Organization? currentOrganizationUsingLicenseKey) + { + if (currentOrganizationUsingLicenseKey != null && currentOrganizationUsingLicenseKey.Id != selfHostedOrganization.Id) + { + throw new BadRequestException("License is already in use by another organization."); + } + + var canUse = license.CanUse(_globalSettings, _licensingService, out var exception) && + selfHostedOrganization.CanUseLicense(license, out exception); + + if (!canUse) + { + throw new BadRequestException(exception); + } + + await WriteLicenseFileAsync(selfHostedOrganization, license); + await UpdateOrganizationAsync(selfHostedOrganization, license); + } + + private async Task WriteLicenseFileAsync(Organization organization, OrganizationLicense license) + { + var dir = $"{_globalSettings.LicenseDirectory}/organization"; + Directory.CreateDirectory(dir); + await using var fs = new FileStream(Path.Combine(dir, $"{organization.Id}.json"), FileMode.Create); + await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented); + } + + private async Task UpdateOrganizationAsync(SelfHostedOrganizationDetails selfHostedOrganizationDetails, OrganizationLicense license) + { + var organization = selfHostedOrganizationDetails.ToOrganization(); + organization.UpdateFromLicense(license); + + await _organizationService.ReplaceAndUpdateCacheAsync(organization); + } +} diff --git a/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs b/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs index 0eaf160452..983fa3b352 100644 --- a/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs +++ b/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs @@ -36,7 +36,7 @@ public static class OrganizationServiceCollectionExtensions services.AddOrganizationApiKeyCommandsQueries(); services.AddOrganizationCollectionCommands(); services.AddOrganizationGroupCommands(); - services.AddOrganizationLicenseCommandQueries(); + services.AddOrganizationLicenseCommandsQueries(); services.AddOrganizationDomainCommandsQueries(); } @@ -91,10 +91,11 @@ public static class OrganizationServiceCollectionExtensions services.AddScoped(); } - private static void AddOrganizationLicenseCommandQueries(this IServiceCollection services) + private static void AddOrganizationLicenseCommandsQueries(this IServiceCollection services) { services.AddScoped(); services.AddScoped(); + services.AddScoped(); } private static void AddOrganizationDomainCommandsQueries(this IServiceCollection services) diff --git a/src/Core/Repositories/IOrganizationRepository.cs b/src/Core/Repositories/IOrganizationRepository.cs index 690bff9139..e8bdc869ac 100644 --- a/src/Core/Repositories/IOrganizationRepository.cs +++ b/src/Core/Repositories/IOrganizationRepository.cs @@ -11,4 +11,6 @@ public interface IOrganizationRepository : IRepository Task> SearchAsync(string name, string userEmail, bool? paid, int skip, int take); Task UpdateStorageAsync(Guid id); Task> GetManyAbilitiesAsync(); + Task GetByLicenseKeyAsync(string licenseKey); + Task GetSelfHostedOrganizationDetailsById(Guid id); } diff --git a/src/Core/Repositories/IOrganizationUserRepository.cs b/src/Core/Repositories/IOrganizationUserRepository.cs index 3844b1a87d..207295b8b1 100644 --- a/src/Core/Repositories/IOrganizationUserRepository.cs +++ b/src/Core/Repositories/IOrganizationUserRepository.cs @@ -13,6 +13,7 @@ public interface IOrganizationUserRepository : IRepository> GetManyByUserAsync(Guid userId); Task> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type); Task GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers); + Task GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId); Task> SelectKnownEmailsAsync(Guid organizationId, IEnumerable emails, bool onlyRegisteredUsers); Task GetByOrganizationAsync(Guid organizationId, Guid userId); Task>> GetByIdWithCollectionsAsync(Guid id); diff --git a/src/Core/Services/IOrganizationService.cs b/src/Core/Services/IOrganizationService.cs index 5383c1a3e3..8082ed0f44 100644 --- a/src/Core/Services/IOrganizationService.cs +++ b/src/Core/Services/IOrganizationService.cs @@ -20,7 +20,6 @@ public interface IOrganizationService Task> SignUpAsync(OrganizationSignup organizationSignup, bool provider = false); Task> SignUpAsync(OrganizationLicense license, User owner, string ownerKey, string collectionName, string publicKey, string privateKey); - Task UpdateLicenseAsync(Guid organizationId, OrganizationLicense license); Task DeleteAsync(Organization organization); Task EnableAsync(Guid organizationId, DateTime? expirationDate); Task DisableAsync(Guid organizationId, DateTime? expirationDate); @@ -70,5 +69,5 @@ public interface IOrganizationService Task RestoreUserAsync(OrganizationUser organizationUser, EventSystemUser systemUser, IUserService userService); Task>> RestoreUsersAsync(Guid organizationId, IEnumerable organizationUserIds, Guid? restoringUserId, IUserService userService); - Task GetOccupiedSeatCount(Organization organization); + Task ReplaceAndUpdateCacheAsync(Organization org, EventType? orgEvent = null); } diff --git a/src/Core/Services/Implementations/OrganizationService.cs b/src/Core/Services/Implementations/OrganizationService.cs index 88370639ec..0c0154c2de 100644 --- a/src/Core/Services/Implementations/OrganizationService.cs +++ b/src/Core/Services/Implementations/OrganizationService.cs @@ -39,7 +39,6 @@ public class OrganizationService : IOrganizationService private readonly ISsoUserRepository _ssoUserRepository; private readonly IReferenceEventService _referenceEventService; private readonly IGlobalSettings _globalSettings; - private readonly ITaxRateRepository _taxRateRepository; private readonly IOrganizationApiKeyRepository _organizationApiKeyRepository; private readonly IOrganizationConnectionRepository _organizationConnectionRepository; private readonly ICurrentContext _currentContext; @@ -68,7 +67,6 @@ public class OrganizationService : IOrganizationService ISsoUserRepository ssoUserRepository, IReferenceEventService referenceEventService, IGlobalSettings globalSettings, - ITaxRateRepository taxRateRepository, IOrganizationApiKeyRepository organizationApiKeyRepository, IOrganizationConnectionRepository organizationConnectionRepository, ICurrentContext currentContext, @@ -96,7 +94,6 @@ public class OrganizationService : IOrganizationService _ssoUserRepository = ssoUserRepository; _referenceEventService = referenceEventService; _globalSettings = globalSettings; - _taxRateRepository = taxRateRepository; _organizationApiKeyRepository = organizationApiKeyRepository; _organizationConnectionRepository = organizationConnectionRepository; _currentContext = currentContext; @@ -119,7 +116,7 @@ public class OrganizationService : IOrganizationService paymentMethodType, paymentToken); if (updated) { - await ReplaceAndUpdateCache(organization); + await ReplaceAndUpdateCacheAsync(organization); } } @@ -205,7 +202,7 @@ public class OrganizationService : IOrganizationService (newPlan.HasAdditionalSeatsOption ? upgrade.AdditionalSeats : 0)); if (!organization.Seats.HasValue || organization.Seats.Value > newPlanSeats) { - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); if (occupiedSeats > newPlanSeats) { throw new BadRequestException($"Your organization currently has {occupiedSeats} seats filled. " + @@ -346,7 +343,7 @@ public class OrganizationService : IOrganizationService organization.Enabled = success; organization.PublicKey = upgrade.PublicKey; organization.PrivateKey = upgrade.PrivateKey; - await ReplaceAndUpdateCache(organization); + await ReplaceAndUpdateCacheAsync(organization); if (success) { await _referenceEventService.RaiseEventAsync( @@ -392,7 +389,7 @@ public class OrganizationService : IOrganizationService PlanType = plan.Type, Storage = storageAdjustmentGb, }); - await ReplaceAndUpdateCache(organization); + await ReplaceAndUpdateCacheAsync(organization); return secret; } @@ -451,7 +448,7 @@ public class OrganizationService : IOrganizationService organization.MaxAutoscaleSeats = maxAutoscaleSeats; - await ReplaceAndUpdateCache(organization); + await ReplaceAndUpdateCacheAsync(organization); } public async Task AdjustSeatsAsync(Guid organizationId, int seatAdjustment, DateTime? prorationDate = null) @@ -513,7 +510,7 @@ public class OrganizationService : IOrganizationService if (!organization.Seats.HasValue || organization.Seats.Value > newSeatTotal) { - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); if (occupiedSeats > newSeatTotal) { throw new BadRequestException($"Your organization currently has {occupiedSeats} seats filled. " + @@ -531,7 +528,7 @@ public class OrganizationService : IOrganizationService PreviousSeats = organization.Seats }); organization.Seats = (short?)newSeatTotal; - await ReplaceAndUpdateCache(organization); + await ReplaceAndUpdateCacheAsync(organization); if (organization.Seats.HasValue && organization.MaxAutoscaleSeats.HasValue && organization.Seats == organization.MaxAutoscaleSeats) { @@ -697,21 +694,10 @@ public class OrganizationService : IOrganizationService OrganizationLicense license, User owner, string ownerKey, string collectionName, string publicKey, string privateKey) { - if (license?.LicenseType != null && license.LicenseType != LicenseType.Organization) + var canUse = license.CanUse(_globalSettings, _licensingService, out var exception); + if (!canUse) { - throw new BadRequestException("Premium licenses cannot be applied to an organization. " - + "Upload this license from your personal account settings page."); - } - - if (license == null || !_licensingService.VerifyLicense(license)) - { - throw new BadRequestException("Invalid license."); - } - - if (!license.CanUse(_globalSettings)) - { - throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " + - "hosting of organizations and that the installation id matches your current installation."); + throw new BadRequestException(exception); } if (license.PlanType != PlanType.Custom && @@ -843,172 +829,6 @@ public class OrganizationService : IOrganizationService } } - public async Task UpdateLicenseAsync(Guid organizationId, OrganizationLicense license) - { - var organization = await GetOrgById(organizationId); - if (organization == null) - { - throw new NotFoundException(); - } - - if (!_globalSettings.SelfHosted) - { - throw new InvalidOperationException("Licenses require self hosting."); - } - - if (license?.LicenseType != null && license.LicenseType != LicenseType.Organization) - { - throw new BadRequestException("Premium licenses cannot be applied to an organization. " - + "Upload this license from your personal account settings page."); - } - - if (license == null || !_licensingService.VerifyLicense(license)) - { - throw new BadRequestException("Invalid license."); - } - - if (!license.CanUse(_globalSettings)) - { - throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " + - "hosting of organizations and that the installation id matches your current installation."); - } - - var enabledOrgs = await _organizationRepository.GetManyByEnabledAsync(); - if (enabledOrgs.Any(o => string.Equals(o.LicenseKey, license.LicenseKey) && o.Id != organizationId)) - { - throw new BadRequestException("License is already in use by another organization."); - } - - if (license.Seats.HasValue && - (!organization.Seats.HasValue || organization.Seats.Value > license.Seats.Value)) - { - var occupiedSeats = await GetOccupiedSeatCount(organization); - if (occupiedSeats > license.Seats.Value) - { - throw new BadRequestException($"Your organization currently has {occupiedSeats} seats filled. " + - $"Your new license only has ({license.Seats.Value}) seats. Remove some users."); - } - } - - if (license.MaxCollections.HasValue && (!organization.MaxCollections.HasValue || - organization.MaxCollections.Value > license.MaxCollections.Value)) - { - var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(organization.Id); - if (collectionCount > license.MaxCollections.Value) - { - throw new BadRequestException($"Your organization currently has {collectionCount} collections. " + - $"Your new license allows for a maximum of ({license.MaxCollections.Value}) collections. " + - "Remove some collections."); - } - } - - if (!license.UseGroups && organization.UseGroups) - { - var groups = await _groupRepository.GetManyByOrganizationIdAsync(organization.Id); - if (groups.Count > 0) - { - throw new BadRequestException($"Your organization currently has {groups.Count} groups. " + - $"Your new license does not allow for the use of groups. Remove all groups."); - } - } - - if (!license.UsePolicies && organization.UsePolicies) - { - var policies = await _policyRepository.GetManyByOrganizationIdAsync(organization.Id); - if (policies.Any(p => p.Enabled)) - { - throw new BadRequestException($"Your organization currently has {policies.Count} enabled " + - $"policies. Your new license does not allow for the use of policies. Disable all policies."); - } - } - - if (!license.UseSso && organization.UseSso) - { - var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id); - if (ssoConfig != null && ssoConfig.Enabled) - { - throw new BadRequestException($"Your organization currently has a SSO configuration. " + - $"Your new license does not allow for the use of SSO. Disable your SSO configuration."); - } - } - - if (!license.UseKeyConnector && organization.UseKeyConnector) - { - var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id); - if (ssoConfig != null && ssoConfig.GetData().KeyConnectorEnabled) - { - throw new BadRequestException($"Your organization currently has Key Connector enabled. " + - $"Your new license does not allow for the use of Key Connector. Disable your Key Connector."); - } - } - - if (!license.UseScim && organization.UseScim) - { - var scimConnections = await _organizationConnectionRepository.GetByOrganizationIdTypeAsync(organization.Id, - OrganizationConnectionType.Scim); - if (scimConnections != null && scimConnections.Any(c => c.GetConfig()?.Enabled == true)) - { - throw new BadRequestException("Your new plan does not allow the SCIM feature. " + - "Disable your SCIM configuration."); - } - } - - if (!license.UseCustomPermissions && organization.UseCustomPermissions) - { - var organizationCustomUsers = - await _organizationUserRepository.GetManyByOrganizationAsync(organization.Id, - OrganizationUserType.Custom); - if (organizationCustomUsers.Any()) - { - throw new BadRequestException("Your new plan does not allow the Custom Permissions feature. " + - "Disable your Custom Permissions configuration."); - } - } - - if (!license.UseResetPassword && organization.UseResetPassword) - { - var resetPasswordPolicy = - await _policyRepository.GetByOrganizationIdTypeAsync(organization.Id, PolicyType.ResetPassword); - if (resetPasswordPolicy != null && resetPasswordPolicy.Enabled) - { - throw new BadRequestException("Your new license does not allow the Password Reset feature. " - + "Disable your Password Reset policy."); - } - } - - var dir = $"{_globalSettings.LicenseDirectory}/organization"; - Directory.CreateDirectory(dir); - await using var fs = new FileStream(Path.Combine(dir, $"{organization.Id}.json"), FileMode.Create); - await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented); - - organization.Name = license.Name; - organization.BusinessName = license.BusinessName; - organization.BillingEmail = license.BillingEmail; - organization.PlanType = license.PlanType; - organization.Seats = license.Seats; - organization.MaxCollections = license.MaxCollections; - organization.UseGroups = license.UseGroups; - organization.UseDirectory = license.UseDirectory; - organization.UseEvents = license.UseEvents; - organization.UseTotp = license.UseTotp; - organization.Use2fa = license.Use2fa; - organization.UseApi = license.UseApi; - organization.UsePolicies = license.UsePolicies; - organization.UseSso = license.UseSso; - organization.UseKeyConnector = license.UseKeyConnector; - organization.UseScim = license.UseScim; - organization.UseResetPassword = license.UseResetPassword; - organization.SelfHost = license.SelfHost; - organization.UsersGetPremium = license.UsersGetPremium; - organization.UseCustomPermissions = license.UseCustomPermissions; - organization.Plan = license.Plan; - organization.Enabled = license.Enabled; - organization.ExpirationDate = license.Expires; - organization.LicenseKey = license.LicenseKey; - organization.RevisionDate = DateTime.UtcNow; - await ReplaceAndUpdateCache(organization); - } - public async Task DeleteAsync(Organization organization) { await ValidateDeleteOrganizationAsync(organization); @@ -1038,7 +858,7 @@ public class OrganizationService : IOrganizationService org.Enabled = true; org.ExpirationDate = expirationDate; org.RevisionDate = DateTime.UtcNow; - await ReplaceAndUpdateCache(org); + await ReplaceAndUpdateCacheAsync(org); } } @@ -1050,7 +870,7 @@ public class OrganizationService : IOrganizationService org.Enabled = false; org.ExpirationDate = expirationDate; org.RevisionDate = DateTime.UtcNow; - await ReplaceAndUpdateCache(org); + await ReplaceAndUpdateCacheAsync(org); // TODO: send email to owners? } @@ -1063,7 +883,7 @@ public class OrganizationService : IOrganizationService { org.ExpirationDate = expirationDate; org.RevisionDate = DateTime.UtcNow; - await ReplaceAndUpdateCache(org); + await ReplaceAndUpdateCacheAsync(org); } } @@ -1073,7 +893,7 @@ public class OrganizationService : IOrganizationService if (org != null && !org.Enabled) { org.Enabled = true; - await ReplaceAndUpdateCache(org); + await ReplaceAndUpdateCacheAsync(org); } } @@ -1093,7 +913,7 @@ public class OrganizationService : IOrganizationService } } - await ReplaceAndUpdateCache(organization, EventType.Organization_Updated); + await ReplaceAndUpdateCacheAsync(organization, EventType.Organization_Updated); if (updateBilling && !string.IsNullOrWhiteSpace(organization.GatewayCustomerId)) { @@ -1193,7 +1013,7 @@ public class OrganizationService : IOrganizationService organizationId, invites.SelectMany(i => i.invite.Emails), false), StringComparer.InvariantCultureIgnoreCase); if (organization.Seats.HasValue) { - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); var availableSeats = organization.Seats.Value - occupiedSeats; newSeatsRequired = invites.Sum(i => i.invite.Emails.Count()) - existingEmails.Count() - availableSeats; } @@ -2044,7 +1864,7 @@ public class OrganizationService : IOrganizationService var enoughSeatsAvailable = true; if (organization.Seats.HasValue) { - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); seatsAvailable = organization.Seats.Value - occupiedSeats; enoughSeatsAvailable = seatsAvailable >= usersToAdd.Count; } @@ -2213,7 +2033,7 @@ public class OrganizationService : IOrganizationService return devices.Where(d => !string.IsNullOrWhiteSpace(d.PushToken)).Select(d => d.Id.ToString()); } - private async Task ReplaceAndUpdateCache(Organization org, EventType? orgEvent = null) + public async Task ReplaceAndUpdateCacheAsync(Organization org, EventType? orgEvent = null) { await _organizationRepository.ReplaceAsync(org); await _applicationCacheService.UpsertOrganizationAbilityAsync(org); @@ -2463,7 +2283,7 @@ public class OrganizationService : IOrganizationService } var organization = await _organizationRepository.GetByIdAsync(organizationUser.OrganizationId); - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); var availableSeats = organization.Seats.GetValueOrDefault(0) - occupiedSeats; if (availableSeats < 1) { @@ -2491,7 +2311,7 @@ public class OrganizationService : IOrganizationService } var organization = await _organizationRepository.GetByIdAsync(organizationId); - var occupiedSeats = await GetOccupiedSeatCount(organization); + var occupiedSeats = await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id); var availableSeats = organization.Seats.GetValueOrDefault(0) - occupiedSeats; var newSeatsRequired = organizationUserIds.Count() - availableSeats; await AutoAddSeatsAsync(organization, newSeatsRequired, DateTime.UtcNow); @@ -2606,10 +2426,4 @@ public class OrganizationService : IOrganizationService return status; } - - public async Task GetOccupiedSeatCount(Organization organization) - { - var orgUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(organization.Id); - return orgUsers.Count(ou => ou.OccupiesOrganizationSeat); - } } diff --git a/src/Infrastructure.Dapper/Repositories/OrganizationRepository.cs b/src/Infrastructure.Dapper/Repositories/OrganizationRepository.cs index c10903e116..52f486212f 100644 --- a/src/Infrastructure.Dapper/Repositories/OrganizationRepository.cs +++ b/src/Infrastructure.Dapper/Repositories/OrganizationRepository.cs @@ -94,4 +94,44 @@ public class OrganizationRepository : Repository, IOrganizat return results.ToList(); } } + + public async Task GetByLicenseKeyAsync(string licenseKey) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var result = await connection.QueryAsync( + "[dbo].[Organization_ReadByLicenseKey]", + new { LicenseKey = licenseKey }, + commandType: CommandType.StoredProcedure); + + return result.SingleOrDefault(); + } + } + + public async Task GetSelfHostedOrganizationDetailsById(Guid id) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var result = await connection.QueryMultipleAsync( + "[dbo].[Organization_ReadSelfHostedDetailsById]", + new { Id = id }, + commandType: CommandType.StoredProcedure); + + var selfHostOrganization = await result.ReadSingleOrDefaultAsync(); + if (selfHostOrganization == null) + { + return null; + } + + selfHostOrganization.OccupiedSeatCount = await result.ReadSingleAsync(); + selfHostOrganization.CollectionCount = await result.ReadSingleAsync(); + selfHostOrganization.GroupCount = await result.ReadSingleAsync(); + selfHostOrganization.OrganizationUsers = await result.ReadAsync(); + selfHostOrganization.Policies = await result.ReadAsync(); + selfHostOrganization.SsoConfig = await result.ReadFirstOrDefaultAsync(); + selfHostOrganization.ScimConnections = await result.ReadAsync(); + + return selfHostOrganization; + } + } } diff --git a/src/Infrastructure.Dapper/Repositories/OrganizationUserRepository.cs b/src/Infrastructure.Dapper/Repositories/OrganizationUserRepository.cs index ef3d5bfbbd..462f1ba065 100644 --- a/src/Infrastructure.Dapper/Repositories/OrganizationUserRepository.cs +++ b/src/Infrastructure.Dapper/Repositories/OrganizationUserRepository.cs @@ -86,6 +86,19 @@ public class OrganizationUserRepository : Repository, IO } } + public async Task GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId) + { + using (var connection = new SqlConnection(ConnectionString)) + { + var result = await connection.ExecuteScalarAsync( + "[dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId]", + new { OrganizationId = organizationId }, + commandType: CommandType.StoredProcedure); + + return result; + } + } + public async Task> SelectKnownEmailsAsync(Guid organizationId, IEnumerable emails, bool onlyRegisteredUsers) { diff --git a/src/Infrastructure.EntityFramework/Models/Organization.cs b/src/Infrastructure.EntityFramework/Models/Organization.cs index 49f9ff422c..fca548545c 100644 --- a/src/Infrastructure.EntityFramework/Models/Organization.cs +++ b/src/Infrastructure.EntityFramework/Models/Organization.cs @@ -8,6 +8,7 @@ public class Organization : Core.Entities.Organization public virtual ICollection OrganizationUsers { get; set; } public virtual ICollection Groups { get; set; } public virtual ICollection Policies { get; set; } + public virtual ICollection Collections { get; set; } public virtual ICollection SsoConfigs { get; set; } public virtual ICollection SsoUsers { get; set; } public virtual ICollection Transactions { get; set; } diff --git a/src/Infrastructure.EntityFramework/Repositories/OrganizationRepository.cs b/src/Infrastructure.EntityFramework/Repositories/OrganizationRepository.cs index 970a2da730..7f0028d25b 100644 --- a/src/Infrastructure.EntityFramework/Repositories/OrganizationRepository.cs +++ b/src/Infrastructure.EntityFramework/Repositories/OrganizationRepository.cs @@ -1,9 +1,10 @@ using AutoMapper; +using Bit.Core.Enums; using Bit.Core.Models.Data.Organizations; using Bit.Core.Repositories; -using Bit.Infrastructure.EntityFramework.Models; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.DependencyInjection; +using Organization = Bit.Infrastructure.EntityFramework.Models.Organization; namespace Bit.Infrastructure.EntityFramework.Repositories; @@ -139,4 +140,40 @@ public class OrganizationRepository : Repository GetByLicenseKeyAsync(string licenseKey) + { + using (var scope = ServiceScopeFactory.CreateScope()) + { + var dbContext = GetDatabaseContext(scope); + var organization = await GetDbSet(dbContext) + .FirstOrDefaultAsync(o => o.LicenseKey == licenseKey); + + return organization; + } + } + + public async Task GetSelfHostedOrganizationDetailsById(Guid id) + { + using (var scope = ServiceScopeFactory.CreateScope()) + { + var dbContext = GetDatabaseContext(scope); + var organization = await GetDbSet(dbContext).FindAsync(id); + if (organization == null) + { + return null; + } + + var selfHostOrganization = Mapper.Map(organization); + + selfHostOrganization.OccupiedSeatCount = + organization.OrganizationUsers.Count(ou => ou.Status >= OrganizationUserStatusType.Invited); + selfHostOrganization.CollectionCount = organization.Collections?.Count ?? 0; + selfHostOrganization.GroupCount = organization?.Groups.Count ?? 0; + selfHostOrganization.SsoConfig = organization.SsoConfigs.SingleOrDefault(); + selfHostOrganization.ScimConnections = organization.Connections.Where(c => c.Type == OrganizationConnectionType.Scim); + + return selfHostOrganization; + } + } } diff --git a/src/Infrastructure.EntityFramework/Repositories/OrganizationUserRepository.cs b/src/Infrastructure.EntityFramework/Repositories/OrganizationUserRepository.cs index 6fe13f245d..8deae8e14d 100644 --- a/src/Infrastructure.EntityFramework/Repositories/OrganizationUserRepository.cs +++ b/src/Infrastructure.EntityFramework/Repositories/OrganizationUserRepository.cs @@ -197,6 +197,12 @@ public class OrganizationUserRepository : Repository GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId) + { + var query = new OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery(organizationId); + return await GetCountFromQuery(query); + } + public async Task GetCountByOrganizationIdAsync(Guid organizationId) { var query = new OrganizationUserReadCountByOrganizationIdQuery(organizationId); diff --git a/src/Infrastructure.EntityFramework/Repositories/Queries/OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery.cs b/src/Infrastructure.EntityFramework/Repositories/Queries/OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery.cs new file mode 100644 index 0000000000..47b50617a0 --- /dev/null +++ b/src/Infrastructure.EntityFramework/Repositories/Queries/OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery.cs @@ -0,0 +1,22 @@ +using Bit.Core.Enums; +using Bit.Infrastructure.EntityFramework.Models; + +namespace Bit.Infrastructure.EntityFramework.Repositories.Queries; + +public class OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery : IQuery +{ + private readonly Guid _organizationId; + + public OrganizationUserReadOccupiedSeatCountByOrganizationIdQuery(Guid organizationId) + { + _organizationId = organizationId; + } + + public IQueryable Run(DatabaseContext dbContext) + { + var query = from ou in dbContext.OrganizationUsers + where ou.OrganizationId == _organizationId && ou.Status >= OrganizationUserStatusType.Invited + select ou; + return query; + } +} diff --git a/src/Sql/Sql.sqlproj b/src/Sql/Sql.sqlproj index 1bed1049a3..39a4a06a92 100644 --- a/src/Sql/Sql.sqlproj +++ b/src/Sql/Sql.sqlproj @@ -454,6 +454,9 @@ + + + @@ -471,4 +474,4 @@ - \ No newline at end of file + diff --git a/src/Sql/dbo/Stored Procedures/Group_ReadCountByOrganizationId.sql b/src/Sql/dbo/Stored Procedures/Group_ReadCountByOrganizationId.sql new file mode 100644 index 0000000000..141143ee73 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Group_ReadCountByOrganizationId.sql @@ -0,0 +1,13 @@ +CREATE PROCEDURE [dbo].[Group_ReadCountByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + COUNT(1) + FROM + [dbo].[Group] + WHERE + [OrganizationId] = @OrganizationId +END diff --git a/src/Sql/dbo/Stored Procedures/OrganizationUser_ReadOccupiedSeatCountByOrganizationId.sql b/src/Sql/dbo/Stored Procedures/OrganizationUser_ReadOccupiedSeatCountByOrganizationId.sql new file mode 100644 index 0000000000..892ed51012 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/OrganizationUser_ReadOccupiedSeatCountByOrganizationId.sql @@ -0,0 +1,14 @@ +CREATE PROCEDURE [dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + COUNT(1) + FROM + [dbo].[OrganizationUserView] + WHERE + OrganizationId = @OrganizationId + AND Status >= 0 --Invited +END diff --git a/src/Sql/dbo/Stored Procedures/Organization_ReadByLicenseKey.sql b/src/Sql/dbo/Stored Procedures/Organization_ReadByLicenseKey.sql new file mode 100644 index 0000000000..c189aedd30 --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Organization_ReadByLicenseKey.sql @@ -0,0 +1,13 @@ +CREATE PROCEDURE [dbo].[Organization_ReadByLicenseKey] + @LicenseKey VARCHAR (100) +AS +BEGIN + SET NOCOUNT ON + +SELECT + * +FROM + [dbo].[OrganizationView] +WHERE + [LicenseKey] = @LicenseKey +END diff --git a/src/Sql/dbo/Stored Procedures/Organization_ReadSelfHostedDetailsById.sql b/src/Sql/dbo/Stored Procedures/Organization_ReadSelfHostedDetailsById.sql new file mode 100644 index 0000000000..6db79e0b2e --- /dev/null +++ b/src/Sql/dbo/Stored Procedures/Organization_ReadSelfHostedDetailsById.sql @@ -0,0 +1,15 @@ +CREATE PROCEDURE [dbo].[Organization_ReadSelfHostedDetailsById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + EXEC [dbo].[Organization_ReadById] @Id + EXEC [dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId] @Id + EXEC [dbo].[Collection_ReadCountByOrganizationId] @Id + EXEC [dbo].[Group_ReadCountByOrganizationId] @Id + EXEC [dbo].[OrganizationUser_ReadByOrganizationId] @Id, NULL + EXEC [dbo].[Policy_ReadByOrganizationId] @Id + EXEC [dbo].[SsoConfig_ReadByOrganizationId] @Id + EXEC [dbo].[OrganizationConnection_ReadByOrganizationIdType] @Id, 2 --Scim connection type +END diff --git a/test/Api.Test/Controllers/OrganizationsControllerTests.cs b/test/Api.Test/Controllers/OrganizationsControllerTests.cs index 8755388213..0933a6ae53 100644 --- a/test/Api.Test/Controllers/OrganizationsControllerTests.cs +++ b/test/Api.Test/Controllers/OrganizationsControllerTests.cs @@ -32,6 +32,7 @@ public class OrganizationsControllerTests : IDisposable private readonly IOrganizationApiKeyRepository _organizationApiKeyRepository; private readonly ICloudGetOrganizationLicenseQuery _cloudGetOrganizationLicenseQuery; private readonly ICreateOrganizationApiKeyCommand _createOrganizationApiKeyCommand; + private readonly IUpdateOrganizationLicenseCommand _updateOrganizationLicenseCommand; private readonly IOrganizationDomainRepository _organizationDomainRepository; private readonly OrganizationsController _sut; @@ -53,11 +54,13 @@ public class OrganizationsControllerTests : IDisposable _userService = Substitute.For(); _cloudGetOrganizationLicenseQuery = Substitute.For(); _createOrganizationApiKeyCommand = Substitute.For(); + _updateOrganizationLicenseCommand = Substitute.For(); _sut = new OrganizationsController(_organizationRepository, _organizationUserRepository, _policyRepository, _organizationService, _userService, _paymentService, _currentContext, _ssoConfigRepository, _ssoConfigService, _getOrganizationApiKeyQuery, _rotateOrganizationApiKeyCommand, - _createOrganizationApiKeyCommand, _organizationApiKeyRepository, _cloudGetOrganizationLicenseQuery, _globalSettings); + _createOrganizationApiKeyCommand, _organizationApiKeyRepository, _updateOrganizationLicenseCommand, + _cloudGetOrganizationLicenseQuery, _globalSettings); } public void Dispose() diff --git a/test/Core.Test/Models/Data/SelfHostedOrganizationDetailsTests.cs b/test/Core.Test/Models/Data/SelfHostedOrganizationDetailsTests.cs new file mode 100644 index 0000000000..02c35151c2 --- /dev/null +++ b/test/Core.Test/Models/Data/SelfHostedOrganizationDetailsTests.cs @@ -0,0 +1,379 @@ +using Bit.Core.Entities; +using Bit.Core.Enums; +using Bit.Core.Models.Business; +using Bit.Core.Models.Data; +using Bit.Core.Models.Data.Organizations; +using Bit.Core.Models.OrganizationConnectionConfigs; +using Bit.Core.Test.AutoFixture; +using Bit.Test.Common.AutoFixture.Attributes; +using Xunit; + +namespace Bit.Core.Test.Models.Data; + +public class SelfHostedOrganizationDetailsTests +{ + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_OccupiedSeatCount_ExceedsLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.Seats = 1; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Remove some users", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_MaxCollections_ExceedsLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.MaxCollections = 1; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Remove some collections", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_Groups_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseGroups = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new license does not allow for the use of groups", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_Policies_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UsePolicies = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new license does not allow for the use of policies", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_DisabledPolicies_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UsePolicies = false; + ((List)orgDetails.Policies).ForEach(p => p.Enabled = false); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_Sso_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseSso = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new license does not allow for the use of SSO", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_DisabledSso_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseSso = false; + orgDetails.SsoConfig.Enabled = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_NoSso_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseSso = false; + orgDetails.SsoConfig = null; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_KeyConnector_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseKeyConnector = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new license does not allow for the use of Key Connector", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_DisabledKeyConnector_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseKeyConnector = false; + orgDetails.SsoConfig.SetData(new SsoConfigurationData() { KeyConnectorEnabled = false }); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_NoSsoKeyConnector_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseKeyConnector = false; + orgDetails.SsoConfig = null; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_Scim_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseScim = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new plan does not allow the SCIM feature", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_DisabledScim_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseScim = false; + ((List>)orgDetails.ScimConnections) + .ForEach(c => c.SetConfig(new ScimConfig() { Enabled = false })); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_NoScimConfig_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseScim = false; + orgDetails.ScimConnections = null; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_CustomPermissions_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseCustomPermissions = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new plan does not allow the Custom Permissions feature", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_NoCustomPermissions_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseCustomPermissions = false; + ((List)orgDetails.OrganizationUsers).ForEach(ou => ou.Type = OrganizationUserType.User); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_ResetPassword_NotAllowedByLicense_Fail(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseResetPassword = false; + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.False(result); + Assert.Contains("Your new license does not allow the Password Reset feature", exception); + } + + [Theory] + [BitAutoData] + [OrganizationLicenseCustomize] + public async Task ValidateForOrganization_DisabledResetPassword_NotAllowedByLicense_Success(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + var (orgDetails, orgLicense) = GetOrganizationAndLicense(orgUsers, policies, ssoConfig, scimConnections, license); + orgLicense.UseResetPassword = false; + ((List)orgDetails.Policies).ForEach(p => p.Enabled = false); + + var result = orgDetails.CanUseLicense(license, out var exception); + + Assert.True(result); + Assert.True(string.IsNullOrEmpty(exception)); + } + + private (SelfHostedOrganizationDetails organization, OrganizationLicense license) GetOrganizationAndLicense(List orgUsers, + List policies, SsoConfig ssoConfig, List> scimConnections, OrganizationLicense license) + { + // The default state is that all features are used by Org and allowed by License + // Each test then toggles on/off as necessary + policies.ForEach(p => p.Enabled = true); + policies.First().Type = PolicyType.ResetPassword; + + ssoConfig.Enabled = true; + ssoConfig.SetData(new SsoConfigurationData() + { + KeyConnectorEnabled = true + }); + + var enabledScimConfig = new ScimConfig() { Enabled = true }; + scimConnections.ForEach(c => c.Config = enabledScimConfig); + + orgUsers.First().Type = OrganizationUserType.Custom; + + var organization = new SelfHostedOrganizationDetails() + { + OccupiedSeatCount = 10, + CollectionCount = 5, + GroupCount = 5, + OrganizationUsers = orgUsers, + Policies = policies, + SsoConfig = ssoConfig, + ScimConnections = scimConnections, + + UsePolicies = true, + UseSso = true, + UseKeyConnector = true, + UseScim = true, + UseGroups = true, + UseDirectory = true, + UseEvents = true, + UseTotp = true, + Use2fa = true, + UseApi = true, + UseResetPassword = true, + SelfHost = true, + UsersGetPremium = true, + UseCustomPermissions = true, + }; + + license.Enabled = true; + license.PlanType = PlanType.EnterpriseAnnually; + license.Seats = 10; + license.MaxCollections = 5; + license.UsePolicies = true; + license.UseSso = true; + license.UseKeyConnector = true; + license.UseScim = true; + license.UseGroups = true; + license.UseEvents = true; + license.UseDirectory = true; + license.UseTotp = true; + license.Use2fa = true; + license.UseApi = true; + license.UseResetPassword = true; + license.MaxStorageGb = 1; + license.SelfHost = true; + license.UsersGetPremium = true; + license.UseCustomPermissions = true; + license.Version = 11; + license.Issued = DateTime.Now; + license.Expires = DateTime.Now.AddYears(1); + + return (organization, license); + } +} diff --git a/util/Migrator/DbScripts/2023-02-16_00_SelfHostedOrganizationDetails.sql b/util/Migrator/DbScripts/2023-02-16_00_SelfHostedOrganizationDetails.sql new file mode 100644 index 0000000000..49323874cc --- /dev/null +++ b/util/Migrator/DbScripts/2023-02-16_00_SelfHostedOrganizationDetails.sql @@ -0,0 +1,62 @@ +CREATE OR ALTER PROCEDURE [dbo].[Group_ReadCountByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + COUNT(1) + FROM + [dbo].[Group] + WHERE + [OrganizationId] = @OrganizationId +END +GO + +CREATE OR ALTER PROCEDURE [dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId] + @OrganizationId UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + SELECT + COUNT(1) + FROM + [dbo].[OrganizationUserView] + WHERE + OrganizationId = @OrganizationId + AND Status >= 0 --Invited +END +GO + +CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadByLicenseKey] + @LicenseKey VARCHAR (100) +AS +BEGIN + SET NOCOUNT ON + +SELECT + * +FROM + [dbo].[OrganizationView] +WHERE + [LicenseKey] = @LicenseKey +END +GO + +CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadSelfHostedDetailsById] + @Id UNIQUEIDENTIFIER +AS +BEGIN + SET NOCOUNT ON + + EXEC [dbo].[Organization_ReadById] @Id + EXEC [dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId] @Id + EXEC [dbo].[Collection_ReadCountByOrganizationId] @Id + EXEC [dbo].[Group_ReadCountByOrganizationId] @Id + EXEC [dbo].[OrganizationUser_ReadByOrganizationId] @Id, NULL + EXEC [dbo].[Policy_ReadByOrganizationId] @Id + EXEC [dbo].[SsoConfig_ReadByOrganizationId] @Id + EXEC [dbo].[OrganizationConnection_ReadByOrganizationIdType] @Id, 2 --Scim connection type +END +GO