nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Families for enterprise/add sponsorship prevalidate (#1734)

Browse Source 
* Add sponsorship prevalidate endpoint

* Test pre validate endpoint

* Fix tests

* Rename variable
This commit is contained in:
Matt Gibson 2021-11-24 14:18:52 -06:00 committed by GitHub
parent 0ae9e28884
commit 8dffb27667
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 41 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/Api/Controllers/OrganizationSponsorshipsController.cs
View File

@ -1,8 +1,6 @@
using System; using System;
using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
using Bit.Core.Context; using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Exceptions; using Bit.Core.Exceptions;
using Bit.Core.Models.Api; using Bit.Core.Models.Api;
using Bit.Core.Models.Api.Request; using Bit.Core.Models.Api.Request;
@ -67,11 +65,18 @@ namespace Bit.Api.Controllers
(await CurrentUser).Email); (await CurrentUser).Email);
} }
[HttpPost("validate-token")]
[SelfHosted(NotSelfHostedOnly = true)]
public async Task<bool> PreValidateSponsorshipToken([FromQuery] string sponsorshipToken)
{
return await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email);
}
[HttpPost("redeem")] [HttpPost("redeem")]
[SelfHosted(NotSelfHostedOnly = true)] [SelfHosted(NotSelfHostedOnly = true)]
public async Task RedeemSponsorship([FromQuery] string sponsorshipToken, [FromBody] OrganizationSponsorshipRedeemRequestModel model) public async Task RedeemSponsorship([FromQuery] string sponsorshipToken, [FromBody] OrganizationSponsorshipRedeemRequestModel model)
{ {
if (!await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken)) if (!await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email))
{ {
throw new BadRequestException("Failed to parse sponsorship token."); throw new BadRequestException("Failed to parse sponsorship token.");
} }

2
src/Core/Services/IOrganizationSponsorshipService.cs
View File

@ -7,7 +7,7 @@ namespace Bit.Core.Services
{ {
public interface IOrganizationSponsorshipService public interface IOrganizationSponsorshipService
{ {
Task<bool> ValidateRedemptionTokenAsync(string encryptedToken); Task<bool> ValidateRedemptionTokenAsync(string encryptedToken, string currentUserEmail);
Task OfferSponsorshipAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser, Task OfferSponsorshipAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser,
PlanSponsorshipType sponsorshipType, string sponsoredEmail, string friendlyName, string sponsoringUserEmail); PlanSponsorshipType sponsorshipType, string sponsoredEmail, string friendlyName, string sponsoringUserEmail);
Task ResendSponsorshipOfferAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser, Task ResendSponsorshipOfferAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser,

8
src/Core/Services/Implementations/OrganizationSponsorshipService.cs
View File

@ -37,9 +37,9 @@ namespace Bit.Core.Services
_dataProtector = dataProtectionProvider.CreateProtector("OrganizationSponsorshipServiceDataProtector"); _dataProtector = dataProtectionProvider.CreateProtector("OrganizationSponsorshipServiceDataProtector");
} }
public async Task<bool> ValidateRedemptionTokenAsync(string encryptedToken) public async Task<bool> ValidateRedemptionTokenAsync(string encryptedToken, string sponsoredUserEmail)
{ {
if (!encryptedToken.StartsWith(TokenClearTextPrefix)) if (!encryptedToken.StartsWith(TokenClearTextPrefix) || sponsoredUserEmail == null)
{ {
return false; return false;
} }
@ -61,7 +61,9 @@ namespace Bit.Core.Services
} }
var sponsorship = await _organizationSponsorshipRepository.GetByIdAsync(sponsorshipId); var sponsorship = await _organizationSponsorshipRepository.GetByIdAsync(sponsorshipId);
if (sponsorship == null || sponsorship.PlanSponsorshipType != sponsorshipType) if (sponsorship == null ||
sponsorship.PlanSponsorshipType != sponsorshipType ||
sponsorship.OfferedToEmail != sponsoredUserEmail)
{ {
return false; return false;
} }

33
test/Api.Test/Controllers/OrganizationSponsorshipsControllerTests.cs
View File

@ -39,11 +39,14 @@ namespace Bit.Api.Test.Controllers
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async Task RedeemSponsorship_BadToken_ThrowsBadRequest(string sponsorshipToken, public async Task RedeemSponsorship_BadToken_ThrowsBadRequest(string sponsorshipToken, User user,
OrganizationSponsorshipRedeemRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider) OrganizationSponsorshipRedeemRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider)
{ {
sutProvider.GetDependency<IOrganizationSponsorshipService>().ValidateRedemptionTokenAsync(sponsorshipToken) sutProvider.GetDependency<ICurrentContext>().UserId.Returns(user.Id);
.Returns(false); sutProvider.GetDependency<IUserService>().GetUserByIdAsync(user.Id)
.Returns(user);
sutProvider.GetDependency<IOrganizationSponsorshipService>().ValidateRedemptionTokenAsync(sponsorshipToken,
user.Email).Returns(false);
var exception = await Assert.ThrowsAsync<BadRequestException>(() => var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
sutProvider.Sut.RedeemSponsorship(sponsorshipToken, model)); sutProvider.Sut.RedeemSponsorship(sponsorshipToken, model));
@ -56,11 +59,14 @@ namespace Bit.Api.Test.Controllers
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async Task RedeemSponsorship_NotSponsoredOrgOwner_ThrowsBadRequest(string sponsorshipToken, public async Task RedeemSponsorship_NotSponsoredOrgOwner_ThrowsBadRequest(string sponsorshipToken, User user,
OrganizationSponsorshipRedeemRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider) OrganizationSponsorshipRedeemRequestModel model, SutProvider<OrganizationSponsorshipsController> sutProvider)
{ {
sutProvider.GetDependency<IOrganizationSponsorshipService>().ValidateRedemptionTokenAsync(sponsorshipToken) sutProvider.GetDependency<ICurrentContext>().UserId.Returns(user.Id);
.Returns(true); sutProvider.GetDependency<IUserService>().GetUserByIdAsync(user.Id)
.Returns(user);
sutProvider.GetDependency<IOrganizationSponsorshipService>().ValidateRedemptionTokenAsync(sponsorshipToken,
user.Email).Returns(true);
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.SponsoredOrganizationId).Returns(false); sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.SponsoredOrganizationId).Returns(false);
var exception = await Assert.ThrowsAsync<BadRequestException>(() => var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
@ -72,6 +78,21 @@ namespace Bit.Api.Test.Controllers
.SetUpSponsorshipAsync(default, default); .SetUpSponsorshipAsync(default, default);
} }
[Theory]
[BitAutoData]
public async Task PreValidateSponsorshipToken_ValidatesToken_Success(string sponsorshipToken, User user,
SutProvider<OrganizationSponsorshipsController> sutProvider)
{
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(user.Id);
sutProvider.GetDependency<IUserService>().GetUserByIdAsync(user.Id)
.Returns(user);
await sutProvider.Sut.PreValidateSponsorshipToken(sponsorshipToken);
await sutProvider.GetDependency<IOrganizationSponsorshipService>().Received(1)
.ValidateRedemptionTokenAsync(sponsorshipToken, user.Email);
}
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async Task RevokeSponsorship_WrongSponsoringUser_ThrowsBadRequest(OrganizationUser sponsoringOrgUser, public async Task RevokeSponsorship_WrongSponsoringUser_ThrowsBadRequest(OrganizationUser sponsoringOrgUser,