mirror of
https://github.com/bitwarden/server.git
synced 2025-07-01 16:12:49 -05:00
Use userId to find org users
This commit is contained in:
Matt Gibson
@ -51,14 +51,10 @@ namespace Bit.Api.Controllers
|
|||||||
throw new BadRequestException("Specified Organization cannot sponsor other organizations.");
|
throw new BadRequestException("Specified Organization cannot sponsor other organizations.");
|
||||||
}
|
}
|
||||||
|
|
||||||
var sponsoringOrgUser = await _organizationUserRepository.GetByIdAsync(model.OrganizationUserId);
|
var sponsoringOrgUser = await _organizationUserRepository.GetByOrganizationAsync(sponsoringOrgIdGuid, _currentContext.UserId ?? default);
|
||||||
if (sponsoringOrgUser == null || sponsoringOrgUser.Status != OrganizationUserStatusType.Confirmed)
|
if (sponsoringOrgUser == null || sponsoringOrgUser.Status != OrganizationUserStatusType.Confirmed)
|
||||||
{
|
{
|
||||||
throw new BadRequestException("Only confirm users can sponsor other organizations.");
|
throw new BadRequestException("Only confirmed users can sponsor other organizations.");
|
||||||
}
|
|
||||||
if (sponsoringOrgUser.UserId != _currentContext.UserId)
|
|
||||||
{
|
|
||||||
throw new BadRequestException("Can only create organization sponsorships for yourself.");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoringOrganizationUserIdAsync(sponsoringOrgUser.Id);
|
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoringOrganizationUserIdAsync(sponsoringOrgUser.Id);
|
||||||
|
|||||||
@ -10,9 +10,6 @@ namespace Bit.Core.Models.Api.Request
|
|||||||
[Required]
|
[Required]
|
||||||
public PlanSponsorshipType PlanSponsorshipType { get; set; }
|
public PlanSponsorshipType PlanSponsorshipType { get; set; }
|
||||||
|
|
||||||
[Required]
|
|
||||||
public Guid OrganizationUserId { get; set; }
|
|
||||||
|
|
||||||
[Required]
|
[Required]
|
||||||
[StringLength(256)]
|
[StringLength(256)]
|
||||||
[StrictEmailAddress]
|
[StrictEmailAddress]
|
||||||
|
|||||||
@ -88,7 +88,7 @@ namespace Bit.Core.Services
|
|||||||
sponsorship = await _organizationSponsorshipRepository.CreateAsync(sponsorship);
|
sponsorship = await _organizationSponsorshipRepository.CreateAsync(sponsorship);
|
||||||
|
|
||||||
// TODO: send email to sponsoredEmail w/ redemption token link
|
// TODO: send email to sponsoredEmail w/ redemption token link
|
||||||
var _ = RedemptionToken(sponsorship.Id, sponsorshipType);
|
// var _ = RedemptionToken(sponsorship.Id, sponsorshipType);
|
||||||
}
|
}
|
||||||
catch
|
catch
|
||||||
{
|
{
|
||||||
|
|||||||
@ -58,45 +58,21 @@ namespace Bit.Api.Test.Controllers
|
|||||||
[Theory]
|
[Theory]
|
||||||
[BitMemberAutoData(nameof(NonConfirmedOrganizationUsersStatuses))]
|
[BitMemberAutoData(nameof(NonConfirmedOrganizationUsersStatuses))]
|
||||||
public async Task CreateSponsorship_BadSponsoringUserStatus_ThrowsBadRequest(
|
public async Task CreateSponsorship_BadSponsoringUserStatus_ThrowsBadRequest(
|
||||||
OrganizationUserStatusType statusType, Guid userId, Organization org, OrganizationUser orgUser,
|
OrganizationUserStatusType statusType, Organization org, OrganizationUser orgUser,
|
||||||
OrganizationSponsorshipRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider)
|
OrganizationSponsorshipRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider)
|
||||||
{
|
{
|
||||||
org.PlanType = PlanType.EnterpriseAnnually;
|
org.PlanType = PlanType.EnterpriseAnnually;
|
||||||
orgUser.Status = statusType;
|
orgUser.Status = statusType;
|
||||||
orgUser.UserId = userId;
|
|
||||||
model.OrganizationUserId = orgUser.Id;
|
|
||||||
|
|
||||||
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(org.Id).Returns(org);
|
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(org.Id).Returns(org);
|
||||||
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(orgUser.UserId);
|
||||||
sutProvider.GetDependency<IOrganizationUserRepository>().GetByIdAsync(orgUser.Id).Returns(orgUser);
|
sutProvider.GetDependency<IOrganizationUserRepository>().GetByOrganizationAsync(org.Id, orgUser.UserId.Value)
|
||||||
|
.Returns(orgUser);
|
||||||
|
|
||||||
var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
|
||||||
sutProvider.Sut.CreateSponsorship(org.Id.ToString(), model));
|
sutProvider.Sut.CreateSponsorship(org.Id.ToString(), model));
|
||||||
|
|
||||||
Assert.Contains("Only confirm users can sponsor other organizations.", exception.Message);
|
Assert.Contains("Only confirmed users can sponsor other organizations.", exception.Message);
|
||||||
await sutProvider.GetDependency<IOrganizationSponsorshipService>()
|
|
||||||
.DidNotReceiveWithAnyArgs()
|
|
||||||
.OfferSponsorshipAsync(default, default, default, default, default);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Theory]
|
|
||||||
[BitAutoData("c56c7ab4-a174-412a-a822-abe53ea71d50")]
|
|
||||||
public async Task CreateSponsorship_CreateSponsorshipAsDifferentUser_ThrowsBadRequest(Guid userId,
|
|
||||||
Organization org, OrganizationUser orgUser, OrganizationSponsorshipRequestModel model,
|
|
||||||
SutProvider<OrganizationSponsorshipsController> sutProvider)
|
|
||||||
{
|
|
||||||
org.PlanType = PlanType.EnterpriseAnnually;
|
|
||||||
orgUser.Status = OrganizationUserStatusType.Confirmed;
|
|
||||||
model.OrganizationUserId = orgUser.Id;
|
|
||||||
|
|
||||||
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(org.Id).Returns(org);
|
|
||||||
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
|
|
||||||
sutProvider.GetDependency<IOrganizationUserRepository>().GetByIdAsync(orgUser.Id).Returns(orgUser);
|
|
||||||
|
|
||||||
var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
|
|
||||||
sutProvider.Sut.CreateSponsorship(org.Id.ToString(), model));
|
|
||||||
|
|
||||||
Assert.Contains("Can only create organization sponsorships for yourself.", exception.Message);
|
|
||||||
await sutProvider.GetDependency<IOrganizationSponsorshipService>()
|
await sutProvider.GetDependency<IOrganizationSponsorshipService>()
|
||||||
.DidNotReceiveWithAnyArgs()
|
.DidNotReceiveWithAnyArgs()
|
||||||
.OfferSponsorshipAsync(default, default, default, default, default);
|
.OfferSponsorshipAsync(default, default, default, default, default);
|
||||||
@ -110,11 +86,11 @@ namespace Bit.Api.Test.Controllers
|
|||||||
{
|
{
|
||||||
org.PlanType = PlanType.EnterpriseAnnually;
|
org.PlanType = PlanType.EnterpriseAnnually;
|
||||||
orgUser.Status = OrganizationUserStatusType.Confirmed;
|
orgUser.Status = OrganizationUserStatusType.Confirmed;
|
||||||
model.OrganizationUserId = orgUser.Id;
|
|
||||||
|
|
||||||
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(org.Id).Returns(org);
|
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(org.Id).Returns(org);
|
||||||
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(orgUser.UserId);
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(orgUser.UserId);
|
||||||
sutProvider.GetDependency<IOrganizationUserRepository>().GetByIdAsync(orgUser.Id).Returns(orgUser);
|
sutProvider.GetDependency<IOrganizationUserRepository>().GetByOrganizationAsync(org.Id, orgUser.UserId.Value)
|
||||||
|
.Returns(orgUser);
|
||||||
sutProvider.GetDependency<IOrganizationSponsorshipRepository>()
|
sutProvider.GetDependency<IOrganizationSponsorshipRepository>()
|
||||||
.GetBySponsoringOrganizationUserIdAsync(orgUser.Id).Returns(sponsorship);
|
.GetBySponsoringOrganizationUserIdAsync(orgUser.Id).Returns(sponsorship);
|
||||||
|
|
||||||
|
|||||||
@ -45,6 +45,7 @@ namespace Bit.Core.Test.Services
|
|||||||
SponsoringOrganizationUserId = sponsoringOrgUser.Id,
|
SponsoringOrganizationUserId = sponsoringOrgUser.Id,
|
||||||
FriendlyName = friendlyName,
|
FriendlyName = friendlyName,
|
||||||
OfferedToEmail = sponsoredEmail,
|
OfferedToEmail = sponsoredEmail,
|
||||||
|
PlanSponsorshipType = PlanSponsorshipType.FamiliesForEnterprise,
|
||||||
CloudSponsor = true,
|
CloudSponsor = true,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user