diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/OrganizationPolicyRequirementQuery.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/OrganizationPolicyRequirementQuery.cs new file mode 100644 index 0000000000..5092bae100 --- /dev/null +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/OrganizationPolicyRequirementQuery.cs @@ -0,0 +1,26 @@ +#nullable enable + +using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements; +using Bit.Core.AdminConsole.Repositories; + +namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.Implementations; + +public class OrganizationPolicyRequirementQuery( + IPolicyRepository policyRepository, + IEnumerable> factories) + : IOrganizationPolicyRequirementQuery +{ + public async Task GetAsync(Guid organizationId) where T : IPolicyRequirement + { + var factory = factories.OfType>().SingleOrDefault(); + if (factory is null) + { + throw new NotImplementedException("No Organization Requirement Factory found for " + typeof(T)); + } + + var policy = await policyRepository.GetByOrganizationIdTypeAsync(organizationId, factory.PolicyType); + + var requirement = factory.Create(policy); + return requirement; + } +} diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationTwoFactorPolicyRequirement.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationTwoFactorPolicyRequirement.cs new file mode 100644 index 0000000000..6e8b84ba83 --- /dev/null +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationTwoFactorPolicyRequirement.cs @@ -0,0 +1,38 @@ +#nullable enable + +using Bit.Core.AdminConsole.Entities; +using Bit.Core.AdminConsole.Enums; + +namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements; + +/// +/// Policy requirements for the Two-Factor Authentication policy at the organization level. +/// +public class OrganizationTwoFactorPolicyRequirement : IPolicyRequirement +{ + private readonly Policy? _policy; + + public OrganizationTwoFactorPolicyRequirement(Policy? policy) + { + _policy = policy; + } + + /// + /// Determines if the organization requires two-factor authentication. + /// + public bool IsRequired => _policy != null && _policy.Enabled; +} + +/// +/// Organization policy requirement factory for the Require Two-Factor Authentication policy. +/// +public class OrganizationTwoFactorPolicyRequirementFactory + : IOrganizationPolicyRequirementFactory +{ + public PolicyType PolicyType => PolicyType.TwoFactorAuthentication; + + public OrganizationTwoFactorPolicyRequirement Create(Policy? policy) + { + return new OrganizationTwoFactorPolicyRequirement(policy); + } +} diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs index f98135b70d..1641af84e3 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs @@ -14,9 +14,11 @@ public static class PolicyServiceCollectionExtensions services.AddScoped(); services.AddScoped(); services.AddScoped(); + services.AddScoped(); services.AddPolicyValidators(); services.AddPolicyRequirements(); + services.AddOrganizationPolicyRequirements(); } private static void AddPolicyValidators(this IServiceCollection services) @@ -38,4 +40,9 @@ public static class PolicyServiceCollectionExtensions services.AddScoped, RequireSsoPolicyRequirementFactory>(); services.AddScoped, RequireTwoFactorPolicyRequirementFactory>(); } + + private static void AddOrganizationPolicyRequirements(this IServiceCollection services) + { + services.AddScoped, OrganizationRequireTwoFactorPolicyRequirementFactory>(); + } }