[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings

src/Api/Auth/Controllers/EmergencyAccessController.cs

@@ -0,0 +1,180 @@
+using Bit.Api.Auth.Models.Request;
+using Bit.Api.Auth.Models.Response;
+using Bit.Api.Models.Request.Organizations;
+using Bit.Api.Models.Response;
+using Bit.Api.Vault.Models.Response;
+using Bit.Core.Auth.Services;
+using Bit.Core.Entities;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Bit.Core.Settings;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Bit.Api.Auth.Controllers;
+
+[Route("emergency-access")]
+[Authorize("Application")]
+public class EmergencyAccessController : Controller
+{
+    private readonly IUserService _userService;
+    private readonly IEmergencyAccessRepository _emergencyAccessRepository;
+    private readonly IEmergencyAccessService _emergencyAccessService;
+    private readonly IGlobalSettings _globalSettings;
+
+    public EmergencyAccessController(
+        IUserService userService,
+        IEmergencyAccessRepository emergencyAccessRepository,
+        IEmergencyAccessService emergencyAccessService,
+        IGlobalSettings globalSettings)
+    {
+        _userService = userService;
+        _emergencyAccessRepository = emergencyAccessRepository;
+        _emergencyAccessService = emergencyAccessService;
+        _globalSettings = globalSettings;
+    }
+
+    [HttpGet("trusted")]
+    public async Task<ListResponseModel<EmergencyAccessGranteeDetailsResponseModel>> GetContacts()
+    {
+        var userId = _userService.GetProperUserId(User);
+        var granteeDetails = await _emergencyAccessRepository.GetManyDetailsByGrantorIdAsync(userId.Value);
+
+        var responses = granteeDetails.Select(d =>
+            new EmergencyAccessGranteeDetailsResponseModel(d));
+
+        return new ListResponseModel<EmergencyAccessGranteeDetailsResponseModel>(responses);
+    }
+
+    [HttpGet("granted")]
+    public async Task<ListResponseModel<EmergencyAccessGrantorDetailsResponseModel>> GetGrantees()
+    {
+        var userId = _userService.GetProperUserId(User);
+        var granteeDetails = await _emergencyAccessRepository.GetManyDetailsByGranteeIdAsync(userId.Value);
+
+        var responses = granteeDetails.Select(d => new EmergencyAccessGrantorDetailsResponseModel(d));
+
+        return new ListResponseModel<EmergencyAccessGrantorDetailsResponseModel>(responses);
+    }
+
+    [HttpGet("{id}")]
+    public async Task<EmergencyAccessGranteeDetailsResponseModel> Get(Guid id)
+    {
+        var userId = _userService.GetProperUserId(User);
+        var result = await _emergencyAccessService.GetAsync(id, userId.Value);
+        return new EmergencyAccessGranteeDetailsResponseModel(result);
+    }
+
+    [HttpGet("{id}/policies")]
+    public async Task<ListResponseModel<PolicyResponseModel>> Policies(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        var policies = await _emergencyAccessService.GetPoliciesAsync(id, user);
+        var responses = policies.Select<Policy, PolicyResponseModel>(policy => new PolicyResponseModel(policy));
+        return new ListResponseModel<PolicyResponseModel>(responses);
+    }
+
+    [HttpPut("{id}")]
+    [HttpPost("{id}")]
+    public async Task Put(Guid id, [FromBody] EmergencyAccessUpdateRequestModel model)
+    {
+        var emergencyAccess = await _emergencyAccessRepository.GetByIdAsync(id);
+        if (emergencyAccess == null)
+        {
+            throw new NotFoundException();
+        }
+
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.SaveAsync(model.ToEmergencyAccess(emergencyAccess), user);
+    }
+
+    [HttpDelete("{id}")]
+    [HttpPost("{id}/delete")]
+    public async Task Delete(Guid id)
+    {
+        var userId = _userService.GetProperUserId(User);
+        await _emergencyAccessService.DeleteAsync(id, userId.Value);
+    }
+
+    [HttpPost("invite")]
+    public async Task Invite([FromBody] EmergencyAccessInviteRequestModel model)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.InviteAsync(user, model.Email, model.Type.Value, model.WaitTimeDays);
+    }
+
+    [HttpPost("{id}/reinvite")]
+    public async Task Reinvite(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.ResendInviteAsync(user, id);
+    }
+
+    [HttpPost("{id}/accept")]
+    public async Task Accept(Guid id, [FromBody] OrganizationUserAcceptRequestModel model)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.AcceptUserAsync(id, user, model.Token, _userService);
+    }
+
+    [HttpPost("{id}/confirm")]
+    public async Task Confirm(Guid id, [FromBody] OrganizationUserConfirmRequestModel model)
+    {
+        var userId = _userService.GetProperUserId(User);
+        await _emergencyAccessService.ConfirmUserAsync(id, model.Key, userId.Value);
+    }
+
+    [HttpPost("{id}/initiate")]
+    public async Task Initiate(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.InitiateAsync(id, user);
+    }
+
+    [HttpPost("{id}/approve")]
+    public async Task Accept(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.ApproveAsync(id, user);
+    }
+
+    [HttpPost("{id}/reject")]
+    public async Task Reject(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.RejectAsync(id, user);
+    }
+
+    [HttpPost("{id}/takeover")]
+    public async Task<EmergencyAccessTakeoverResponseModel> Takeover(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        var (result, grantor) = await _emergencyAccessService.TakeoverAsync(id, user);
+        return new EmergencyAccessTakeoverResponseModel(result, grantor);
+    }
+
+    [HttpPost("{id}/password")]
+    public async Task Password(Guid id, [FromBody] EmergencyAccessPasswordRequestModel model)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        await _emergencyAccessService.PasswordAsync(id, user, model.NewMasterPasswordHash, model.Key);
+    }
+
+    [HttpPost("{id}/view")]
+    public async Task<EmergencyAccessViewResponseModel> ViewCiphers(Guid id)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        var viewResult = await _emergencyAccessService.ViewAsync(id, user);
+        return new EmergencyAccessViewResponseModel(_globalSettings, viewResult.EmergencyAccess, viewResult.Ciphers);
+    }
+
+    [HttpGet("{id}/{cipherId}/attachment/{attachmentId}")]
+    public async Task<AttachmentResponseModel> GetAttachmentData(Guid id, Guid cipherId, string attachmentId)
+    {
+        var user = await _userService.GetUserByPrincipalAsync(User);
+        var result =
+            await _emergencyAccessService.GetAttachmentDownloadAsync(id, cipherId, attachmentId, user);
+        return new AttachmentResponseModel(result);
+    }
+}