nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Remove base class

Browse Source
This commit is contained in:
Thomas Rittson 2025-03-21 14:12:29 +10:00
parent a0ac86888d
commit 645f5fa366
No known key found for this signature in database
GPG Key ID: CDDDA03861C35E27
2 changed files with 23 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/Core/AdminConsole/OrganizationFeatures/AdminConsoleRequirementsHandler.cs
View File

@ -3,6 +3,7 @@
using Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization;
using Bit.Core.Context;
using Bit.Core.Enums;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
namespace Bit.Core.AdminConsole.OrganizationFeatures;
@ -10,23 +11,34 @@ namespace Bit.Core.AdminConsole.OrganizationFeatures;
public class ManageUsersRequirement : IOrganizationRequirement;
public class AdminConsoleRequirementsHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor)
: OrganizationRequirementHandler(currentContext, httpContextAccessor)
: AuthorizationHandler<IOrganizationRequirement>
{
protected override async Task<bool> HandleOrganizationRequirementAsync(IOrganizationRequirement requirement,
Guid organizationId, CurrentContextOrganization? organization)
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context,
IOrganizationRequirement requirement)
{
var organizationId = httpContextAccessor.GetOrganizationId();
if (organizationId is null)
{
return;
}
var organization = currentContext.GetOrganization(organizationId.Value);
var authorized = requirement switch
{
ManageUsersRequirement => await ManageUsersAsync(organizationId, organization),
ManageUsersRequirement => await ManageUsersAsync(organizationId.Value, organization),
_ => false
};
return authorized;
if (authorized)
{
context.Succeed(requirement);
}
}
private async Task<bool> ManageUsersAsync(Guid organizationId, CurrentContextOrganization? organization)
=> organization is
{ Type: OrganizationUserType.Owner or OrganizationUserType.Admin } or
{ Permissions.ManageUsers: true }
|| await IsProviderForOrganizationAsync(organizationId);
|| await currentContext.ProviderUserForOrgAsync(organizationId);
}

23
src/Core/AdminConsole/OrganizationFeatures/Shared/Authorization/OrganizationRequirementHandler.cs
View File

@ -1,6 +1,5 @@
#nullable enable
using Bit.Core.Context;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;
@ -9,33 +8,21 @@ namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization;
public interface IOrganizationRequirement : IAuthorizationRequirement;
public abstract class OrganizationRequirementHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor) : AuthorizationHandler<IOrganizationRequirement>
public static class OrganizationRequirementHelpers
{
protected abstract Task<bool> HandleOrganizationRequirementAsync(IOrganizationRequirement requirement, Guid organizationId, CurrentContextOrganization? organization);
protected async Task<bool> IsProviderForOrganizationAsync(Guid organizationId) =>
await currentContext.ProviderUserForOrgAsync(organizationId);
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, IOrganizationRequirement requirement)
public static Guid? GetOrganizationId(this IHttpContextAccessor httpContextAccessor)
{
if (httpContextAccessor.HttpContext is null)
{
return;
return null;
}
httpContextAccessor.HttpContext.GetRouteData().Values.TryGetValue("orgId", out var orgIdParam);
if (!Guid.TryParse(orgIdParam?.ToString(), out var orgId))
{
// No orgId supplied, unable to authorize
return;
return null;
}
var organization = currentContext.GetOrganization(orgId);
var authorized = await HandleOrganizationRequirementAsync(requirement, orgId, organization);
if (authorized)
{
context.Succeed(requirement);
}
return orgId;
}
}