[AC-1192] Create endpoints for new Device Approvals page (#2993)

* [AC-1192] Create new OrganizationAuthRequestsController.cs * [AC-1192] Introduce OrganizationAdminAuthRequest model * [AC-1192] Add GetManyPendingByOrganizationId method to AuthRequest repository * [AC-1192] Add new list pending organization auth requests endpoint * [AC-1192] Add new GetManyAdminApprovalsByManyIdsAsync method to the AuthRequestRepository * [AC-1192] Make the response device identifier optional for admin approval requests * [AC-1192] Add endpoint for bulk denying admin device auth requests * [AC-1192] Add OrganizationUserId to PendingOrganizationAuthRequestResponseModel * [AC-1192] Add UpdateAuthRequest endpoint and logic to OrganizationAuthRequestsController * [AC-1192] Secure new endpoints behind TDE feature flag * [AC-1192] Formatting * [AC-1192] Add sql migration script * [AC-1192] Add optional OrganizationId column to AuthRequest entity - Rename migration script to match existing formatting - Add new column - Add migration scripts - Update new sprocs to filter/join on OrganizationId - Update old sprocs to include OrganizationId * [AC-1192] Format migration scripts * [AC-1192] Fix failing AuthRequest EF unit test * [AC-1192] Make OrganizationId optional in updated AuthRequest sprocs for backwards compatability * [AC-1192] Fix missing comma in migration file * [AC-1192] Rename Key to EncryptedUserKey to be more descriptive * [AC-1192] Move request validation into helper method to reduce repetition * [AC-1192] Return UnauthorizedAccessException instead of NotFound when user is missing permission * [AC-1192] Introduce FeatureUnavailableException * [AC-1192] Introduce RequireFeatureAttribute * [AC-1192] Utilize the new RequireFeatureAttribute in the OrganizationAuthRequestsController * [AC-1192] Attempt to fix out of sync database migration by moving new OrganizationId column * [AC-1192] More attempts to sync database migrations * [AC-1192] Formatting * [AC-1192] Remove unused reference to FeatureService * [AC-1192] Change Id types from String to Guid * [AC-1192] Add EncryptedString attribute * [AC-1192] Remove redundant OrganizationId property * [AC-1192] Switch to projection for OrganizationAdminAuthRequest mapping - Add new OrganizationUser relationship to EF entity - Replace AuthRequest DBContext config with new IEntityTypeConfiguration - Add navigation property to AuthRequest entity configuration for OrganizationUser - Update EF AuthRequestRepository to use new mapping and navigation properties * [AC-1192] Remove OrganizationUser navigation property
2025-06-30 07:36:14 -05:00 · 2023-06-15 14:54:08 -07:00
parent bdd5e0916e
commit 904b2fe205
34 changed files with 7417 additions and 11 deletions
--- a/util/MySqlMigrations/Migrations/20230605183142_TdeAdminApproval.Designer.cs
+++ b/util/MySqlMigrations/Migrations/20230605183142_TdeAdminApproval.Designer.cs
--- a/util/MySqlMigrations/Migrations/20230605183142_TdeAdminApproval.cs
+++ b/util/MySqlMigrations/Migrations/20230605183142_TdeAdminApproval.cs
@ -0,0 +1,45 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+public partial class TdeAdminApproval : Migration
+{
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<Guid>(
+            name: "OrganizationId",
+            table: "AuthRequest",
+            type: "char(36)",
+            nullable: true,
+            collation: "ascii_general_ci");
+
+        migrationBuilder.CreateIndex(
+            name: "IX_AuthRequest_OrganizationId",
+            table: "AuthRequest",
+            column: "OrganizationId");
+
+        migrationBuilder.AddForeignKey(
+            name: "FK_AuthRequest_Organization_OrganizationId",
+            table: "AuthRequest",
+            column: "OrganizationId",
+            principalTable: "Organization",
+            principalColumn: "Id");
+    }
+
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropForeignKey(
+            name: "FK_AuthRequest_Organization_OrganizationId",
+            table: "AuthRequest");
+
+        migrationBuilder.DropIndex(
+            name: "IX_AuthRequest_OrganizationId",
+            table: "AuthRequest");
+
+        migrationBuilder.DropColumn(
+            name: "OrganizationId",
+            table: "AuthRequest");
+    }
+}
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -43,6 +43,9 @@ namespace Bit.MySqlMigrations.Migrations
                    b.Property<string>("MasterPasswordHash")
                        .HasColumnType("longtext");

+                    b.Property<Guid?>("OrganizationId")
+                        .HasColumnType("char(36)");
+
                    b.Property<string>("PublicKey")
                        .HasColumnType("longtext");

@ -71,6 +74,8 @@ namespace Bit.MySqlMigrations.Migrations

                    b.HasKey("Id");

+                    b.HasIndex("OrganizationId");
+
                    b.HasIndex("ResponseDeviceId");

                    b.HasIndex("UserId");
@ -1658,6 +1663,10 @@ namespace Bit.MySqlMigrations.Migrations

            modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Auth.Models.AuthRequest", b =>
                {
+                    b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
+                        .WithMany()
+                        .HasForeignKey("OrganizationId");
+
                    b.HasOne("Bit.Infrastructure.EntityFramework.Models.Device", "ResponseDevice")
                        .WithMany()
                        .HasForeignKey("ResponseDeviceId");
@ -1668,6 +1677,8 @@ namespace Bit.MySqlMigrations.Migrations
                        .OnDelete(DeleteBehavior.Cascade)
                        .IsRequired();

+                    b.Navigation("Organization");
+
                    b.Navigation("ResponseDevice");

                    b.Navigation("User");