nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-18 08:00:59 -05:00
Code Activity

[PM-22105] Extract CollectionService.SaveAsync into commands (#5959)

Browse Source 
* Add CreateCollectionCommand and associated interface with validation logic

* Implement CreateCollectionCommand to handle collection creation with organization checks and access permissions.
* Introduce ICreateCollectionCommand interface for defining the collection creation contract.
* Add unit tests for CreateCollectionCommand to validate various scenarios including permission checks and error handling.

* Add UpdateCollectionCommand and associated interface with validation logic

* Implement UpdateCollectionCommand to handle collection updates with organization checks and access permissions.
* Introduce IUpdateCollectionCommand interface for defining the collection update contract.
* Add unit tests for UpdateCollectionCommand to validate various scenarios including permission checks and error handling.

* Add scoped services for collection commands

* Register ICreateCollectionCommand and IUpdateCollectionCommand in the service collection for handling collection creation and updates.

* Refactor CollectionsController to use command interfaces for collection creation and updates

* Updated CollectionsController to utilize ICreateCollectionCommand and IUpdateCollectionCommand for handling collection creation and updates, replacing calls to ICollectionService.
* Adjusted related unit tests to verify the new command implementations.

* Refactor ICollectionService and CollectionService to remove SaveAsync method

* Removed the SaveAsync method from ICollectionService and its implementation in CollectionService.
* Updated related tests in CollectionServiceTests to reflect the removal of SaveAsync, ensuring existing functionality remains intact.

* Remove unused organization repository dependency from CollectionServiceTests
This commit is contained in:
Rui Tomé
2025-06-24 10:19:48 +01:00
committed by GitHub
parent 2da1b43c10
commit 77bf849d85
13 changed files with 555 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
src/Core/OrganizationFeatures/OrganizationCollections/CreateCollectionCommand.cs Normal file
View File

@ -0,0 +1,70 @@
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
using Bit.Core.Repositories;
using Bit.Core.Services;
namespace Bit.Core.OrganizationFeatures.OrganizationCollections;
public class CreateCollectionCommand : ICreateCollectionCommand
{
private readonly IEventService _eventService;
private readonly IOrganizationRepository _organizationRepository;
private readonly ICollectionRepository _collectionRepository;
public CreateCollectionCommand(
IEventService eventService,
IOrganizationRepository organizationRepository,
ICollectionRepository collectionRepository)
{
_eventService = eventService;
_organizationRepository = organizationRepository;
_collectionRepository = collectionRepository;
}
public async Task<Collection> CreateAsync(Collection collection, IEnumerable<CollectionAccessSelection> groups = null,
IEnumerable<CollectionAccessSelection> users = null)
{
var org = await _organizationRepository.GetByIdAsync(collection.OrganizationId);
if (org == null)
{
throw new BadRequestException("Organization not found");
}
var groupsList = groups?.ToList();
var usersList = users?.ToList();
// Cannot use Manage with ReadOnly/HidePasswords permissions
var invalidAssociations = groupsList?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
if (invalidAssociations?.Any() ?? false)
{
throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
}
// A collection should always have someone with Can Manage permissions
var groupHasManageAccess = groupsList?.Any(g => g.Manage) ?? false;
var userHasManageAccess = usersList?.Any(u => u.Manage) ?? false;
if (!groupHasManageAccess && !userHasManageAccess && !org.AllowAdminAccessToAllCollectionItems)
{
throw new BadRequestException(
"At least one member or group must have can manage permission.");
}
// Check max collections limit
if (org.MaxCollections.HasValue)
{
var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(org.Id);
if (org.MaxCollections.Value <= collectionCount)
{
throw new BadRequestException("You have reached the maximum number of collections " +
$"({org.MaxCollections.Value}) for this organization.");
}
}
await _collectionRepository.CreateAsync(collection, org.UseGroups ? groupsList : null, usersList);
await _eventService.LogCollectionEventAsync(collection, Enums.EventType.Collection_Created);
return collection;
}
}

17
src/Core/OrganizationFeatures/OrganizationCollections/Interfaces/ICreateCollectionCommand.cs Normal file
View File

@ -0,0 +1,17 @@
using Bit.Core.Entities;
using Bit.Core.Models.Data;
namespace Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
public interface ICreateCollectionCommand
{
/// <summary>
/// Creates a new collection.
/// </summary>
/// <param name="collection">The collection to create.</param>
/// <param name="groups">(Optional) The groups that will have access to the collection.</param>
/// <param name="users">(Optional) The users that will have access to the collection.</param>
/// <returns>The created collection.</returns>
Task<Collection> CreateAsync(Collection collection, IEnumerable<CollectionAccessSelection> groups = null,
IEnumerable<CollectionAccessSelection> users = null);
}

17
src/Core/OrganizationFeatures/OrganizationCollections/Interfaces/IUpdateCollectionCommand.cs Normal file
View File

@ -0,0 +1,17 @@
using Bit.Core.Entities;
using Bit.Core.Models.Data;
namespace Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
public interface IUpdateCollectionCommand
{
/// <summary>
/// Updates a collection.
/// </summary>
/// <param name="collection">The collection to update.</param>
/// <param name="groups">(Optional) The groups that will have access to the collection.</param>
/// <param name="users">(Optional) The users that will have access to the collection.</param>
/// <returns>The updated collection.</returns>
Task<Collection> UpdateAsync(Collection collection, IEnumerable<CollectionAccessSelection> groups = null,
IEnumerable<CollectionAccessSelection> users = null);
}

59
src/Core/OrganizationFeatures/OrganizationCollections/UpdateCollectionCommand.cs Normal file
View File

@ -0,0 +1,59 @@
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.OrganizationFeatures.OrganizationCollections.Interfaces;
using Bit.Core.Repositories;
using Bit.Core.Services;
namespace Bit.Core.OrganizationFeatures.OrganizationCollections;
public class UpdateCollectionCommand : IUpdateCollectionCommand
{
private readonly IEventService _eventService;
private readonly IOrganizationRepository _organizationRepository;
private readonly ICollectionRepository _collectionRepository;
public UpdateCollectionCommand(
IEventService eventService,
IOrganizationRepository organizationRepository,
ICollectionRepository collectionRepository)
{
_eventService = eventService;
_organizationRepository = organizationRepository;
_collectionRepository = collectionRepository;
}
public async Task<Collection> UpdateAsync(Collection collection, IEnumerable<CollectionAccessSelection> groups = null,
IEnumerable<CollectionAccessSelection> users = null)
{
var org = await _organizationRepository.GetByIdAsync(collection.OrganizationId);
if (org == null)
{
throw new BadRequestException("Organization not found");
}
var groupsList = groups?.ToList();
var usersList = users?.ToList();
// Cannot use Manage with ReadOnly/HidePasswords permissions
var invalidAssociations = groupsList?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
if (invalidAssociations?.Any() ?? false)
{
throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
}
// A collection should always have someone with Can Manage permissions
var groupHasManageAccess = groupsList?.Any(g => g.Manage) ?? false;
var userHasManageAccess = usersList?.Any(u => u.Manage) ?? false;
if (!groupHasManageAccess && !userHasManageAccess && !org.AllowAdminAccessToAllCollectionItems)
{
throw new BadRequestException(
"At least one member or group must have can manage permission.");
}
await _collectionRepository.ReplaceAsync(collection, org.UseGroups ? groupsList : null, usersList);
await _eventService.LogCollectionEventAsync(collection, Enums.EventType.Collection_Updated);
return collection;
}
}

2
src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs
View File

@ -143,6 +143,8 @@ public static class OrganizationServiceCollectionExtensions
public static void AddOrganizationCollectionCommands(this IServiceCollection services)
{
services.AddScoped<ICreateCollectionCommand, CreateCollectionCommand>();
services.AddScoped<IUpdateCollectionCommand, UpdateCollectionCommand>();
services.AddScoped<IDeleteCollectionCommand, DeleteCollectionCommand>();
services.AddScoped<IBulkAddCollectionAccessCommand, BulkAddCollectionAccessCommand>();
}

2
src/Core/Services/ICollectionService.cs
View File

@ -1,10 +1,8 @@
using Bit.Core.Entities;
using Bit.Core.Models.Data;
namespace Bit.Core.Services;
public interface ICollectionService
{
Task SaveAsync(Collection collection, IEnumerable<CollectionAccessSelection> groups = null, IEnumerable<CollectionAccessSelection> users = null);
Task DeleteUserAsync(Collection collection, Guid organizationUserId);
}

52
src/Core/Services/Implementations/CollectionService.cs
View File

@ -2,7 +2,6 @@
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
namespace Bit.Core.Services;
@ -10,71 +9,20 @@ namespace Bit.Core.Services;
public class CollectionService : ICollectionService
{
private readonly IEventService _eventService;
private readonly IOrganizationRepository _organizationRepository;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly ICollectionRepository _collectionRepository;
public CollectionService(
IEventService eventService,
IOrganizationRepository organizationRepository,
IOrganizationUserRepository organizationUserRepository,
ICollectionRepository collectionRepository)
{
_eventService = eventService;
_organizationRepository = organizationRepository;
_organizationUserRepository = organizationUserRepository;
_collectionRepository = collectionRepository;
}
public async Task SaveAsync(Collection collection, IEnumerable<CollectionAccessSelection>? groups = null,
IEnumerable<CollectionAccessSelection>? users = null)
{
var org = await _organizationRepository.GetByIdAsync(collection.OrganizationId);
if (org == null)
{
throw new BadRequestException("Organization not found");
}
var groupsList = groups?.ToList();
var usersList = users?.ToList();
// Cannot use Manage with ReadOnly/HidePasswords permissions
var invalidAssociations = groupsList?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
if (invalidAssociations?.Any() ?? false)
{
throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
}
// A collection should always have someone with Can Manage permissions
var groupHasManageAccess = groupsList?.Any(g => g.Manage) ?? false;
var userHasManageAccess = usersList?.Any(u => u.Manage) ?? false;
if (!groupHasManageAccess && !userHasManageAccess && !org.AllowAdminAccessToAllCollectionItems)
{
throw new BadRequestException(
"At least one member or group must have can manage permission.");
}
if (collection.Id == default(Guid))
{
if (org.MaxCollections.HasValue)
{
var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(org.Id);
if (org.MaxCollections.Value <= collectionCount)
{
throw new BadRequestException("You have reached the maximum number of collections " +
$"({org.MaxCollections.Value}) for this organization.");
}
}
await _collectionRepository.CreateAsync(collection, org.UseGroups ? groupsList : null, usersList);
await _eventService.LogCollectionEventAsync(collection, Enums.EventType.Collection_Created);
}
else
{
await _collectionRepository.ReplaceAsync(collection, org.UseGroups ? groupsList : null, usersList);
await _eventService.LogCollectionEventAsync(collection, Enums.EventType.Collection_Updated);
}
}
public async Task DeleteUserAsync(Collection collection, Guid organizationUserId)
{