Fix OrganizationConnection Update (#2071)

* Force CloudOrganizationId to be read only * Fix tests
2025-06-30 07:36:14 -05:00 · 2022-06-23 07:50:10 -04:00
parent d918f5aae3
commit 94059a2b06
2 changed files with 30 additions and 0 deletions
--- a/test/Api.Test/Controllers/OrganizationConnectionsControllerTests.cs
+++ b/test/Api.Test/Controllers/OrganizationConnectionsControllerTests.cs
@ -141,6 +141,10 @@ namespace Bit.Api.Test.Controllers
        [BitAutoData]
        public async Task UpdateConnection_RequiresOwnerPermissions(SutProvider<OrganizationConnectionsController> sutProvider)
        {
+            sutProvider.GetDependency<IOrganizationConnectionRepository>()
+                .GetByIdAsync(Arg.Any<Guid>())
+                .Returns(new OrganizationConnection());
+
            var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.UpdateConnection(default, null));

            Assert.Contains("Only the owner of an organization can update a connection.", exception.Message);
@ -157,6 +161,10 @@ namespace Bit.Api.Test.Controllers

            sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(typedModel.OrganizationId).Returns(true);

+            sutProvider.GetDependency<IOrganizationConnectionRepository>()
+                .GetByIdAsync(existing1.Id)
+                .Returns(existing1);
+
            sutProvider.GetDependency<IOrganizationConnectionRepository>().GetByOrganizationIdTypeAsync(typedModel.OrganizationId, type).Returns(new[] { existing1, existing2 });

            var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.UpdateConnection(existing1.Id, typedModel));
@ -170,6 +178,10 @@ namespace Bit.Api.Test.Controllers
            OrganizationConnection updated,
            SutProvider<OrganizationConnectionsController> sutProvider)
        {
+            existing.SetConfig(new BillingSyncConfig
+            {
+                CloudOrganizationId = config.CloudOrganizationId,
+            });
            updated.Config = JsonSerializer.Serialize(config);
            updated.Id = existing.Id;
            var model = RequestModelFromEntity(updated);
@ -177,6 +189,9 @@ namespace Bit.Api.Test.Controllers
            sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.OrganizationId).Returns(true);
            sutProvider.GetDependency<IOrganizationConnectionRepository>().GetByOrganizationIdTypeAsync(model.OrganizationId, model.Type).Returns(new[] { existing });
            sutProvider.GetDependency<IUpdateOrganizationConnectionCommand>().UpdateAsync<BillingSyncConfig>(default).ReturnsForAnyArgs(updated);
+            sutProvider.GetDependency<IOrganizationConnectionRepository>()
+                .GetByIdAsync(existing.Id)
+                .Returns(existing);

            var expected = new OrganizationConnectionResponseModel(updated, typeof(BillingSyncConfig));
            var result = await sutProvider.Sut.UpdateConnection(existing.Id, model);
@ -186,6 +201,13 @@ namespace Bit.Api.Test.Controllers
                .UpdateAsync(Arg.Is(AssertHelper.AssertPropertyEqual(model.ToData(updated.Id))));
        }

+        [Theory]
+        [BitAutoData]
+        public async Task UpdateConnection_DoesNotExist_ThrowsNotFound(SutProvider<OrganizationConnectionsController> sutProvider)
+        {
+            await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.UpdateConnection(Guid.NewGuid(), null));
+        }
+
        [Theory]
        [BitAutoData]
        public async Task GetConnection_RequiresOwnerPermissions(Guid connectionId, SutProvider<OrganizationConnectionsController> sutProvider)