nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

[SM-390] Project Access Policies (#2507)

Browse Source 
The purpose of this PR is to create server endpoints for creating, reading, updating, and deleting access policies for projects.
This commit is contained in:
Thomas Avery
2023-01-19 17:31:19 -06:00
committed by GitHub
parent ae647bbf44
commit 53ba2eeb18
24 changed files with 1133 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
src/Core/Entities/AccessPolicy.cs
View File

@ -1,33 +1,8 @@
using Bit.Core.Utilities;
#nullable enable
using Bit.Core.Utilities;
namespace Bit.Core.Entities;
public class AccessPolicy : ITableObject<Guid>
{
public Guid Id { get; set; }
// Object to grant access from
public Guid? OrganizationUserId { get; set; }
public Guid? GroupId { get; set; }
public Guid? ServiceAccountId { get; set; }
// Object to grant access to
public Guid? GrantedProjectId { get; set; }
public Guid? GrantedServiceAccountId { get; set; }
// Access
public bool Read { get; set; }
public bool Write { get; set; }
public DateTime CreationDate { get; set; }
public DateTime RevisionDate { get; set; }
public void SetNewId()
{
Id = CoreHelpers.GenerateComb();
}
}
public abstract class BaseAccessPolicy
{
public Guid Id { get; set; }
@ -36,8 +11,8 @@ public abstract class BaseAccessPolicy
public bool Read { get; set; }
public bool Write { get; set; }
public DateTime CreationDate { get; set; }
public DateTime RevisionDate { get; set; }
public DateTime CreationDate { get; set; } = DateTime.UtcNow;
public DateTime RevisionDate { get; set; } = DateTime.UtcNow;
public void SetNewId()
{
@ -49,28 +24,33 @@ public class UserProjectAccessPolicy : BaseAccessPolicy
{
public Guid? OrganizationUserId { get; set; }
public Guid? GrantedProjectId { get; set; }
public User? User { get; set; }
}
public class UserServiceAccountAccessPolicy : BaseAccessPolicy
{
public Guid? OrganizationUserId { get; set; }
public Guid? GrantedServiceAccountId { get; set; }
public User? User { get; set; }
}
public class GroupProjectAccessPolicy : BaseAccessPolicy
{
public Guid? GroupId { get; set; }
public Guid? GrantedProjectId { get; set; }
public Group? Group { get; set; }
}
public class GroupServiceAccountAccessPolicy : BaseAccessPolicy
{
public Guid? GroupId { get; set; }
public Guid? GrantedServiceAccountId { get; set; }
public Group? Group { get; set; }
}
public class ServiceAccountProjectAccessPolicy : BaseAccessPolicy
{
public Guid? ServiceAccountId { get; set; }
public Guid? GrantedProjectId { get; set; }
public ServiceAccount? ServiceAccount { get; set; }
}

11
src/Core/Repositories/IAccessPolicyRepository.cs
View File

@ -1,7 +1,14 @@
using Bit.Core.Entities;
#nullable enable
using Bit.Core.Entities;
namespace Bit.Core.Repositories;
public interface IAccessPolicyRepository : IRepository<AccessPolicy, Guid>
public interface IAccessPolicyRepository
{
Task<List<BaseAccessPolicy>> CreateManyAsync(List<BaseAccessPolicy> baseAccessPolicies);
Task<bool> AccessPolicyExists(BaseAccessPolicy baseAccessPolicy);
Task<BaseAccessPolicy?> GetByIdAsync(Guid id);
Task<IEnumerable<BaseAccessPolicy>?> GetManyByProjectId(Guid id);
Task ReplaceAsync(BaseAccessPolicy baseAccessPolicy);
Task DeleteAsync(Guid id);
}

8
src/Core/SecretManagerFeatures/AccessPolicies/Interfaces/ICreateAccessPoliciesCommand.cs Normal file
View File

@ -0,0 +1,8 @@
using Bit.Core.Entities;
namespace Bit.Core.SecretManagerFeatures.AccessPolicies.Interfaces;
public interface ICreateAccessPoliciesCommand
{
Task<List<BaseAccessPolicy>> CreateAsync(List<BaseAccessPolicy> accessPolicies);
}

6
src/Core/SecretManagerFeatures/AccessPolicies/Interfaces/IDeleteAccessPolicyCommand.cs Normal file
View File

@ -0,0 +1,6 @@
namespace Bit.Core.SecretManagerFeatures.AccessPolicies.Interfaces;
public interface IDeleteAccessPolicyCommand
{
Task DeleteAsync(Guid id);
}

8
src/Core/SecretManagerFeatures/AccessPolicies/Interfaces/IUpdateAccessPolicyCommand.cs Normal file
View File

@ -0,0 +1,8 @@
using Bit.Core.Entities;
namespace Bit.Core.SecretManagerFeatures.AccessPolicies.Interfaces;
public interface IUpdateAccessPolicyCommand
{
public Task<BaseAccessPolicy> UpdateAsync(Guid id, bool read, bool write);
}