nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-04 01:22:50 -05:00
Code Activity

[PM-10291] Remove Flexible Collections v1 flag from API (#4578)

Browse Source 
* chore: remove fc v1 from groups controller, refs PM-10291

* chore: remove fc v1 from organization users controller, refs PM-10291

* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291

* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291

* chore: remove fc v1 from CiphersCollections, refs PM-10291

* fix: unit tests related to fc v1 flag removal, refs PM-10291

* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291

* fix: format files, refs PM-10291

* chore: revert change to helper method, ignore double cache call, refs PM-10291
This commit is contained in:
Vincent Salucci
2024-08-08 12:26:07 -05:00
committed by GitHub
parent 8d69bb0aaa
commit 746a35a14a
8 changed files with 27 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/Api/AdminConsole/Controllers/GroupsController.cs
View File

@ -4,7 +4,6 @@ using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Api.Vault.AuthorizationHandlers.Groups;
using Bit.Core;
using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.AdminConsole.Services;
@ -126,8 +125,8 @@ public class GroupsController : Controller
throw new NotFoundException();
}
// Flexible Collections - check the user has permission to grant access to the collections for the new group
if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) && model.Collections?.Any() == true)
// Check the user has permission to grant access to the collections for the new group
if (model.Collections?.Any() == true)
{
var collections = await _collectionRepository.GetManyByManyIdsAsync(model.Collections.Select(a => a.Id));
var authorized =
@ -149,31 +148,6 @@ public class GroupsController : Controller
[HttpPut("{id}")]
[HttpPost("{id}")]
public async Task<GroupResponseModel> Put(Guid orgId, Guid id, [FromBody] GroupRequestModel model)
{
if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
{
// Use new Flexible Collections v1 logic
return await Put_vNext(orgId, id, model);
}
// Pre-Flexible Collections v1 logic follows
var group = await _groupRepository.GetByIdAsync(id);
if (group == null || !await _currentContext.ManageGroups(group.OrganizationId))
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgId);
await _updateGroupCommand.UpdateGroupAsync(model.ToGroup(group), organization,
model.Collections.Select(c => c.ToSelectionReadOnly()).ToList(), model.Users);
return new GroupResponseModel(group);
}
/// <summary>
/// Put logic for Flexible Collections v1
/// </summary>
private async Task<GroupResponseModel> Put_vNext(Guid orgId, Guid id, [FromBody] GroupRequestModel model)
{
if (!await _currentContext.ManageGroups(orgId))
{

34
src/Api/AdminConsole/Controllers/OrganizationUsersController.cs
View File

@ -5,7 +5,6 @@ using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Api.Vault.AuthorizationHandlers.Collections;
using Bit.Api.Vault.AuthorizationHandlers.OrganizationUsers;
using Bit.Core;
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
@ -229,8 +228,8 @@ public class OrganizationUsersController : Controller
throw new NotFoundException();
}
// Flexible Collections - check the user has permission to grant access to the collections for the new user
if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) && model.Collections?.Any() == true)
// Check the user has permission to grant access to the collections for the new user
if (model.Collections?.Any() == true)
{
var collections = await _collectionRepository.GetManyByManyIdsAsync(model.Collections.Select(a => a.Id));
var authorized =
@ -366,35 +365,6 @@ public class OrganizationUsersController : Controller
[HttpPut("{id}")]
[HttpPost("{id}")]
public async Task Put(Guid orgId, Guid id, [FromBody] OrganizationUserUpdateRequestModel model)
{
if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
{
// Use new Flexible Collections v1 logic
await Put_vNext(orgId, id, model);
return;
}
// Pre-Flexible Collections v1 code follows
if (!await _currentContext.ManageUsers(orgId))
{
throw new NotFoundException();
}
var organizationUser = await _organizationUserRepository.GetByIdAsync(id);
if (organizationUser == null || organizationUser.OrganizationId != orgId)
{
throw new NotFoundException();
}
var userId = _userService.GetProperUserId(User);
await _updateOrganizationUserCommand.UpdateUserAsync(model.ToOrganizationUser(organizationUser), userId.Value,
model.Collections.Select(c => c.ToSelectionReadOnly()).ToList(), model.Groups);
}
/// <summary>
/// Put logic for Flexible Collections v1
/// </summary>
private async Task Put_vNext(Guid orgId, Guid id, [FromBody] OrganizationUserUpdateRequestModel model)
{
if (!await _currentContext.ManageUsers(orgId))
{

8
src/Api/AdminConsole/Controllers/OrganizationsController.cs
View File

@ -539,14 +539,6 @@ public class OrganizationsController : Controller
throw new NotFoundException();
}
var v1Enabled = _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1);
if (!v1Enabled)
{
// V1 is disabled, ensure V1 setting doesn't change
model.AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems;
}
await _organizationService.UpdateAsync(model.ToOrganization(organization), eventType: EventType.Organization_CollectionManagement_Updated);
return new OrganizationResponseModel(organization);
}