nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

[PM-7742] Set hasManageResetPasswordPermission for owner and admin invitees (#4528)

Browse Source 
* Set hasManageResetPasswordPermission for owner and admin invitees

* Make userdecryptionoptionsbuilder ignore orgusertype if orguser is null
This commit is contained in:
Bernd Schoolmann
2024-08-06 11:22:10 +02:00
committed by GitHub
parent 4d3c1c5a5c
commit 7d48102865
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
test/Identity.Test/IdentityServer/UserDecryptionOptionsBuilderTests.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Auth.Enums;
using Bit.Core.Auth.Models.Data;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Repositories;
using Bit.Identity.IdentityServer;
using Bit.Identity.Utilities;
@ -131,6 +132,40 @@ public class UserDecryptionOptionsBuilderTests
Assert.True(result.TrustedDeviceOption?.HasManageResetPasswordPermission);
}
[Theory, BitAutoData]
public async Task Build_WhenIsOwnerInvite_ShouldReturnHasManageResetPasswordPermissionTrue(
SsoConfig ssoConfig,
SsoConfigurationData configurationData,
OrganizationUser organizationUser,
User user)
{
configurationData.MemberDecryptionType = MemberDecryptionType.TrustedDeviceEncryption;
ssoConfig.Data = configurationData.Serialize();
organizationUser.Type = OrganizationUserType.Owner;
_organizationUserRepository.GetByOrganizationAsync(ssoConfig.OrganizationId, user.Id).Returns(organizationUser);
var result = await _builder.ForUser(user).WithSso(ssoConfig).BuildAsync();
Assert.True(result.TrustedDeviceOption?.HasManageResetPasswordPermission);
}
[Theory, BitAutoData]
public async Task Build_WhenIsAdminInvite_ShouldReturnHasManageResetPasswordPermissionTrue(
SsoConfig ssoConfig,
SsoConfigurationData configurationData,
OrganizationUser organizationUser,
User user)
{
configurationData.MemberDecryptionType = MemberDecryptionType.TrustedDeviceEncryption;
ssoConfig.Data = configurationData.Serialize();
organizationUser.Type = OrganizationUserType.Admin;
_organizationUserRepository.GetByOrganizationAsync(ssoConfig.OrganizationId, user.Id).Returns(organizationUser);
var result = await _builder.ForUser(user).WithSso(ssoConfig).BuildAsync();
Assert.True(result.TrustedDeviceOption?.HasManageResetPasswordPermission);
}
[Theory, BitAutoData]
public async Task Build_WhenUserHasEnrolledIntoPasswordReset_ShouldReturnHasAdminApprovalTrue(
SsoConfig ssoConfig,