[AC-2328] Add a Bulk OrganizationUsersController.GetResetPasswordDetails endpoint (#4079)

* Add new stored procedure for reading reset password details for multiple organization user IDs * Add method IOrganizationUserRepository.GetManyResetPasswordDetailsByOrganizationUserAsync * Add new API endpoint for getting reset password details for multiple organization users * Add unit tests for bulk OrganizationUsersController.GetResetPasswordDetails * Add alias to sql query result column * Add constructor for automatic mapping * Fix http method type for endpoint * dotnet format * Simplify the constructor in the OrganizationUserResetPasswordDetails * Refactor stored procedure and repository method names for retrieving account recovery details * Add integration tests for GetManyAccountRecoveryDetailsByOrganizationUserAsync * Lock endpoint behind BulkDeviceApproval feature flag * Update feature flag key value
2025-06-30 07:36:14 -05:00 · 2024-05-24 11:20:54 +01:00
parent be41865b59
commit 5fabad35c7
11 changed files with 225 additions and 0 deletions
--- a/test/Api.Test/AdminConsole/Controllers/OrganizationUsersControllerTests.cs
+++ b/test/Api.Test/AdminConsole/Controllers/OrganizationUsersControllerTests.cs
@ -471,6 +471,45 @@ public class OrganizationUsersControllerTests
        Assert.False(customUserResponse.Permissions.DeleteAssignedCollections);
    }

+    [Theory]
+    [BitAutoData]
+    public async Task GetAccountRecoveryDetails_ReturnsDetails(
+        Guid organizationId,
+        OrganizationUserBulkRequestModel bulkRequestModel,
+        ICollection<OrganizationUserResetPasswordDetails> resetPasswordDetails,
+        SutProvider<OrganizationUsersController> sutProvider)
+    {
+        sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(true);
+        sutProvider.GetDependency<IOrganizationUserRepository>()
+            .GetManyAccountRecoveryDetailsByOrganizationUserAsync(organizationId, bulkRequestModel.Ids)
+            .Returns(resetPasswordDetails);
+
+        var response = await sutProvider.Sut.GetAccountRecoveryDetails(organizationId, bulkRequestModel);
+
+        Assert.Equal(resetPasswordDetails.Count, response.Data.Count());
+        Assert.True(response.Data.All(r =>
+            resetPasswordDetails.Any(ou =>
+                ou.OrganizationUserId == r.OrganizationUserId &&
+                ou.Kdf == r.Kdf &&
+                ou.KdfIterations == r.KdfIterations &&
+                ou.KdfMemory == r.KdfMemory &&
+                ou.KdfParallelism == r.KdfParallelism &&
+                ou.ResetPasswordKey == r.ResetPasswordKey &&
+                ou.EncryptedPrivateKey == r.EncryptedPrivateKey)));
+    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task GetAccountRecoveryDetails_WithoutManageResetPasswordPermission_Throws(
+        Guid organizationId,
+        OrganizationUserBulkRequestModel bulkRequestModel,
+        SutProvider<OrganizationUsersController> sutProvider)
+    {
+        sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(false);
+
+        await Assert.ThrowsAsync<NotFoundException>(async () => await sutProvider.Sut.GetAccountRecoveryDetails(organizationId, bulkRequestModel));
+    }
+
    private void Put_Setup(SutProvider<OrganizationUsersController> sutProvider, OrganizationAbility organizationAbility,
        OrganizationUser organizationUser, Guid savingUserId, OrganizationUserUpdateRequestModel model, bool authorizeAll)
    {