mirror of
https://github.com/bitwarden/server.git
synced 2025-07-01 08:02:49 -05:00
Implemented Custom role and permissions (#1057)
* Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
This commit is contained in:
Addison Beck
@ -1,4 +1,5 @@
|
||||
using Bit.Core.Models.Table;
|
||||
using Bit.Core.Models.Data;
|
||||
using Bit.Core.Models.Table;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
|
||||
namespace Bit.Core.Models.Api
|
||||
@ -17,6 +18,8 @@ namespace Bit.Core.Models.Api
|
||||
[StringLength(50)]
|
||||
public string BillingEmail { get; set; }
|
||||
|
||||
public Permissions Permissions { get; set; }
|
||||
|
||||
public virtual Organization ToOrganization(Organization existingOrganization, GlobalSettings globalSettings)
|
||||
{
|
||||
if (!globalSettings.SelfHosted)
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
using Bit.Core.Models.Table;
|
||||
using Bit.Core.Models.Data;
|
||||
using Bit.Core.Models.Table;
|
||||
using System.Collections.Generic;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Text.Json;
|
||||
|
||||
namespace Bit.Core.Models.Api
|
||||
{
|
||||
@ -13,6 +14,7 @@ namespace Bit.Core.Models.Api
|
||||
[Required]
|
||||
public Enums.OrganizationUserType? Type { get; set; }
|
||||
public bool AccessAll { get; set; }
|
||||
public Permissions Permissions { get; set; }
|
||||
public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }
|
||||
|
||||
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
|
||||
@ -62,11 +64,16 @@ namespace Bit.Core.Models.Api
|
||||
[Required]
|
||||
public Enums.OrganizationUserType? Type { get; set; }
|
||||
public bool AccessAll { get; set; }
|
||||
public Permissions Permissions { get; set; }
|
||||
public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }
|
||||
|
||||
public OrganizationUser ToOrganizationUser(OrganizationUser existingUser)
|
||||
{
|
||||
existingUser.Type = Type.Value;
|
||||
existingUser.Permissions = JsonSerializer.Serialize(Permissions, new JsonSerializerOptions
|
||||
{
|
||||
PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
|
||||
});
|
||||
existingUser.AccessAll = AccessAll;
|
||||
return existingUser;
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@ using Bit.Core.Models.Data;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using Bit.Core.Models.Table;
|
||||
|
||||
using Bit.Core.Utilities;
|
||||
namespace Bit.Core.Models.Api
|
||||
{
|
||||
public class OrganizationUserResponseModel : ResponseModel
|
||||
@ -22,6 +22,7 @@ namespace Bit.Core.Models.Api
|
||||
Type = organizationUser.Type;
|
||||
Status = organizationUser.Status;
|
||||
AccessAll = organizationUser.AccessAll;
|
||||
Permissions = CoreHelpers.LoadClassFromJsonData<Permissions>(organizationUser.Permissions);
|
||||
}
|
||||
|
||||
public OrganizationUserResponseModel(OrganizationUserUserDetails organizationUser, string obj = "organizationUser")
|
||||
@ -37,6 +38,7 @@ namespace Bit.Core.Models.Api
|
||||
Type = organizationUser.Type;
|
||||
Status = organizationUser.Status;
|
||||
AccessAll = organizationUser.AccessAll;
|
||||
Permissions = CoreHelpers.LoadClassFromJsonData<Permissions>(organizationUser.Permissions);
|
||||
}
|
||||
|
||||
public string Id { get; set; }
|
||||
@ -44,6 +46,7 @@ namespace Bit.Core.Models.Api
|
||||
public OrganizationUserType Type { get; set; }
|
||||
public OrganizationUserStatusType Status { get; set; }
|
||||
public bool AccessAll { get; set; }
|
||||
public Permissions Permissions { get; set; }
|
||||
}
|
||||
|
||||
public class OrganizationUserDetailsResponseModel : OrganizationUserResponseModel
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Models.Data;
|
||||
|
||||
using Bit.Core.Utilities;
|
||||
namespace Bit.Core.Models.Api
|
||||
{
|
||||
public class ProfileOrganizationResponseModel : ResponseModel
|
||||
@ -29,6 +29,7 @@ namespace Bit.Core.Models.Api
|
||||
Enabled = organization.Enabled;
|
||||
SsoBound = !string.IsNullOrWhiteSpace(organization.SsoExternalId);
|
||||
Identifier = organization.Identifier;
|
||||
Permissions = CoreHelpers.LoadClassFromJsonData<Permissions>(organization.Permissions);
|
||||
}
|
||||
|
||||
public string Id { get; set; }
|
||||
@ -53,5 +54,6 @@ namespace Bit.Core.Models.Api
|
||||
public bool Enabled { get; set; }
|
||||
public bool SsoBound { get; set; }
|
||||
public string Identifier { get; set; }
|
||||
public Permissions Permissions { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
27
src/Core/Models/Business/OrganizationUserInvite.cs
Normal file
27
src/Core/Models/Business/OrganizationUserInvite.cs
Normal file
@ -0,0 +1,27 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using Bit.Core.Models.Api;
|
||||
using Bit.Core.Models.Data;
|
||||
|
||||
namespace Bit.Core.Models.Business
|
||||
{
|
||||
public class OrganizationUserInvite
|
||||
{
|
||||
public IEnumerable<string> Emails { get; set; }
|
||||
public Enums.OrganizationUserType? Type { get; set; }
|
||||
public bool AccessAll { get; set; }
|
||||
public Permissions Permissions { get; set; }
|
||||
public IEnumerable<SelectionReadOnly> Collections { get; set; }
|
||||
|
||||
public OrganizationUserInvite() {}
|
||||
|
||||
public OrganizationUserInvite(OrganizationUserInviteRequestModel requestModel)
|
||||
{
|
||||
Emails = requestModel.Emails;
|
||||
Type = requestModel.Type.Value;
|
||||
AccessAll = requestModel.AccessAll;
|
||||
Collections = requestModel.Collections.Select(c => c.ToSelectionReadOnly());
|
||||
Permissions = requestModel.Permissions;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -27,5 +27,6 @@ namespace Bit.Core.Models.Data
|
||||
public bool Enabled { get; set; }
|
||||
public string SsoExternalId { get; set; }
|
||||
public string Identifier { get; set; }
|
||||
public string Permissions { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -21,6 +21,7 @@ namespace Bit.Core.Models.Data
|
||||
public bool AccessAll { get; set; }
|
||||
public string ExternalId { get; set; }
|
||||
public string SsoExternalId { get; set; }
|
||||
public string Permissions { get; set; }
|
||||
|
||||
public Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders()
|
||||
{
|
||||
|
||||
16
src/Core/Models/Data/Permissions.cs
Normal file
16
src/Core/Models/Data/Permissions.cs
Normal file
@ -0,0 +1,16 @@
|
||||
namespace Bit.Core.Models.Data
|
||||
{
|
||||
public class Permissions
|
||||
{
|
||||
public bool AccessBusinessPortal { get; set; }
|
||||
public bool AccessEventLogs { get; set; }
|
||||
public bool AccessImportExport { get; set; }
|
||||
public bool AccessReports { get; set; }
|
||||
public bool ManageAssignedCollections { get; set; }
|
||||
public bool ManageAllCollections { get; set; }
|
||||
public bool ManageGroups { get; set; }
|
||||
public bool ManagePolicies { get; set; }
|
||||
public bool ManageSso { get; set; }
|
||||
public bool ManageUsers { get; set; }
|
||||
}
|
||||
}
|
||||
@ -17,6 +17,7 @@ namespace Bit.Core.Models.Table
|
||||
public string ExternalId { get; set; }
|
||||
public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
|
||||
public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
|
||||
public string Permissions { get; set; }
|
||||
|
||||
public void SetNewId()
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user