[PM-19585] Use Authorize attributes for simple role authorization (#5555)

- Add Authorize<T> attribute - Add IOrganizationRequirement and example implementation - Add OrganizationRequirementHandler - Add extension methods (replacing ICurrentContext) - Move custom permissions claim definitions --- Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
2025-06-30 23:52:50 -05:00 · 2025-04-15 14:36:00 +10:00
parent c9a42d861c
commit 84a984a9e6
16 changed files with 590 additions and 16 deletions
--- a/test/Api.Test/AdminConsole/Authorization/HttpContextExtensionsTests.cs
+++ b/test/Api.Test/AdminConsole/Authorization/HttpContextExtensionsTests.cs
@ -0,0 +1,28 @@
+using Bit.Api.AdminConsole.Authorization;
+using Microsoft.AspNetCore.Http;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Api.Test.AdminConsole.Authorization;
+
+public class HttpContextExtensionsTests
+{
+    [Fact]
+    public async Task WithFeaturesCacheAsync_OnlyExecutesCallbackOnce()
+    {
+        var httpContext = new DefaultHttpContext();
+        var callback = Substitute.For<Func<Task<string>>>();
+        callback().Returns(Task.FromResult("hello world"));
+
+        // Call once
+        var result1 = await httpContext.WithFeaturesCacheAsync(callback);
+        Assert.Equal("hello world", result1);
+        await callback.ReceivedWithAnyArgs(1).Invoke();
+
+        // Call again - callback not executed again
+        var result2 = await httpContext.WithFeaturesCacheAsync(callback);
+        Assert.Equal("hello world", result2);
+        await callback.ReceivedWithAnyArgs(1).Invoke();
+    }
+
+}