[SM-574] Wire up read/write for secret list and secret response (#2767)

* Wire up read/write for secret list and secret response * Fix trash * Remove UserHasReadPermission * Fix list by project * Implement admin and service accounts for AccessToSecretAsync * Resolve feedback * Fix tests * Rename function * Change create to return true, true * Remove duplicated access check
2025-06-30 07:36:14 -05:00 · 2023-03-30 16:51:46 +02:00
parent 60fcc79f97
commit 60bdf77e8b
9 changed files with 170 additions and 88 deletions
--- a/test/Api.Test/SecretsManager/Controllers/SecretsControllerTests.cs
+++ b/test/Api.Test/SecretsManager/Controllers/SecretsControllerTests.cs
@ -6,6 +6,7 @@ using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
 using Bit.Core.SecretsManager.Entities;
+using Bit.Core.SecretsManager.Models.Data;
 using Bit.Core.SecretsManager.Repositories;
 using Bit.Core.Services;
 using Bit.Core.Test.SecretsManager.AutoFixture.SecretsFixture;
@ -45,7 +46,11 @@ public class SecretsControllerTests
    public async void GetSecretsByOrganization_Success(PermissionType permissionType, SutProvider<SecretsController> sutProvider, Core.SecretsManager.Entities.Secret resultSecret, Guid organizationId, Guid userId, Core.SecretsManager.Entities.Project mockProject, AccessClientType accessType)
    {
        sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(default).ReturnsForAnyArgs(true);
-        sutProvider.GetDependency<ISecretRepository>().GetManyByOrganizationIdAsync(default, default, default).ReturnsForAnyArgs(new List<Core.SecretsManager.Entities.Secret> { resultSecret });
+        sutProvider.GetDependency<ISecretRepository>().GetManyByOrganizationIdAsync(default, default, default)
+            .ReturnsForAnyArgs(new List<SecretPermissionDetails>
+            {
+                new() { Secret = resultSecret, Read = true, Write = true },
+            });
        sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(userId);

        if (permissionType == PermissionType.RunAsAdmin)
@ -95,6 +100,8 @@ public class SecretsControllerTests
        resultSecret.OrganizationId = organizationId;

        sutProvider.GetDependency<ISecretRepository>().GetByIdAsync(default).ReturnsForAnyArgs(resultSecret);
+        sutProvider.GetDependency<ISecretRepository>().AccessToSecretAsync(default, default, default)
+            .ReturnsForAnyArgs(Task.FromResult((true, true)));

        if (permissionType == PermissionType.RunAsAdmin)
        {
@ -107,7 +114,7 @@ public class SecretsControllerTests
            sutProvider.GetDependency<IProjectRepository>().UserHasReadAccessToProject(mockProject.Id, userId).Returns(true);
        }

-        var result = await sutProvider.Sut.GetAsync(resultSecret.Id);
+        await sutProvider.Sut.GetAsync(resultSecret.Id);

        await sutProvider.GetDependency<ISecretRepository>().Received(1)
                     .GetByIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(resultSecret.Id)));