[Emergency Access] Add premium check (#1815)

src/Api/Controllers/EmergencyAccessController.cs

@@ -85,8 +85,8 @@ namespace Bit.Api.Controllers
                 throw new NotFoundException();
             }
 
-            var userId = _userService.GetProperUserId(User);
-            await _emergencyAccessService.SaveAsync(model.ToEmergencyAccess(emergencyAccess), userId.Value);
+            var user = await _userService.GetUserByPrincipalAsync(User);
+            await _emergencyAccessService.SaveAsync(model.ToEmergencyAccess(emergencyAccess), user);
         }
 
         [HttpDelete("{id}")]

src/Core/Services/IEmergencyAccessService.cs

@@ -15,7 +15,7 @@ namespace Bit.Core.Services
         Task DeleteAsync(Guid emergencyAccessId, Guid grantorId);
         Task<EmergencyAccess> ConfirmUserAsync(Guid emergencyAccessId, string key, Guid grantorId);
         Task<EmergencyAccessDetails> GetAsync(Guid emergencyAccessId, Guid userId);
-        Task SaveAsync(EmergencyAccess emergencyAccess, Guid savingUserId);
+        Task SaveAsync(EmergencyAccess emergencyAccess, User savingUser);
         Task InitiateAsync(Guid id, User initiatingUser);
         Task ApproveAsync(Guid id, User approvingUser);
         Task RejectAsync(Guid id, User rejectingUser);

src/Core/Services/Implementations/EmergencyAccessService.cs

@@ -189,9 +189,14 @@ namespace Bit.Core.Services
             return emergencyAccess;
         }
 
-        public async Task SaveAsync(EmergencyAccess emergencyAccess, Guid savingUserId)
+        public async Task SaveAsync(EmergencyAccess emergencyAccess, User savingUser)
         {
-            if (emergencyAccess.GrantorId != savingUserId)
+            if (!await _userService.CanAccessPremium(savingUser))
+            {
+                throw new BadRequestException("Not a premium user.");
+            }
+
+            if (emergencyAccess.GrantorId != savingUser.Id)
             {
                 throw new BadRequestException("Emergency Access not valid.");
             }