[AC-1192] Create endpoints for new Device Approvals page (#2993)

* [AC-1192] Create new OrganizationAuthRequestsController.cs * [AC-1192] Introduce OrganizationAdminAuthRequest model * [AC-1192] Add GetManyPendingByOrganizationId method to AuthRequest repository * [AC-1192] Add new list pending organization auth requests endpoint * [AC-1192] Add new GetManyAdminApprovalsByManyIdsAsync method to the AuthRequestRepository * [AC-1192] Make the response device identifier optional for admin approval requests * [AC-1192] Add endpoint for bulk denying admin device auth requests * [AC-1192] Add OrganizationUserId to PendingOrganizationAuthRequestResponseModel * [AC-1192] Add UpdateAuthRequest endpoint and logic to OrganizationAuthRequestsController * [AC-1192] Secure new endpoints behind TDE feature flag * [AC-1192] Formatting * [AC-1192] Add sql migration script * [AC-1192] Add optional OrganizationId column to AuthRequest entity - Rename migration script to match existing formatting - Add new column - Add migration scripts - Update new sprocs to filter/join on OrganizationId - Update old sprocs to include OrganizationId * [AC-1192] Format migration scripts * [AC-1192] Fix failing AuthRequest EF unit test * [AC-1192] Make OrganizationId optional in updated AuthRequest sprocs for backwards compatability * [AC-1192] Fix missing comma in migration file * [AC-1192] Rename Key to EncryptedUserKey to be more descriptive * [AC-1192] Move request validation into helper method to reduce repetition * [AC-1192] Return UnauthorizedAccessException instead of NotFound when user is missing permission * [AC-1192] Introduce FeatureUnavailableException * [AC-1192] Introduce RequireFeatureAttribute * [AC-1192] Utilize the new RequireFeatureAttribute in the OrganizationAuthRequestsController * [AC-1192] Attempt to fix out of sync database migration by moving new OrganizationId column * [AC-1192] More attempts to sync database migrations * [AC-1192] Formatting * [AC-1192] Remove unused reference to FeatureService * [AC-1192] Change Id types from String to Guid * [AC-1192] Add EncryptedString attribute * [AC-1192] Remove redundant OrganizationId property * [AC-1192] Switch to projection for OrganizationAdminAuthRequest mapping - Add new OrganizationUser relationship to EF entity - Replace AuthRequest DBContext config with new IEntityTypeConfiguration - Add navigation property to AuthRequest entity configuration for OrganizationUser - Update EF AuthRequestRepository to use new mapping and navigation properties * [AC-1192] Remove OrganizationUser navigation property
2025-07-04 01:22:50 -05:00 · 2023-06-15 14:54:08 -07:00
parent bdd5e0916e
commit 904b2fe205
34 changed files with 7417 additions and 11 deletions
--- a/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs
+++ b/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs
@ -1,5 +1,6 @@
 using System.Data;
 using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Models.Data;
 using Bit.Core.Repositories;
 using Bit.Core.Settings;
 using Bit.Infrastructure.Dapper.Repositories;
@ -41,4 +42,30 @@ public class AuthRequestRepository : Repository<AuthRequest, Guid>, IAuthRequest
            return results.ToList();
        }
    }
+
+    public async Task<ICollection<OrganizationAdminAuthRequest>> GetManyPendingByOrganizationIdAsync(Guid organizationId)
+    {
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            var results = await connection.QueryAsync<OrganizationAdminAuthRequest>(
+                $"[{Schema}].[AuthRequest_ReadPendingByOrganizationId]",
+                new { OrganizationId = organizationId },
+                commandType: CommandType.StoredProcedure);
+
+            return results.ToList();
+        }
+    }
+
+    public async Task<ICollection<OrganizationAdminAuthRequest>> GetManyAdminApprovalRequestsByManyIdsAsync(Guid organizationId, IEnumerable<Guid> ids)
+    {
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            var results = await connection.QueryAsync<OrganizationAdminAuthRequest>(
+                $"[{Schema}].[AuthRequest_ReadAdminApprovalsByIds]",
+                new { OrganizationId = organizationId, Ids = ids.ToGuidIdArrayTVP() },
+                commandType: CommandType.StoredProcedure);
+
+            return results.ToList();
+        }
+    }
 }