orgs must have one owner checks

2025-05-22 12:04:27 -05:00 · 2017-03-29 21:26:19 -04:00 · 2017-03-29 21:26:19 -04:00 · 95fdfeb519
commit 95fdfeb519
parent 9e10314b21
5 changed files with 54 additions and 3 deletions
--- a/src/Core/Repositories/IOrganizationUserRepository.cs
+++ b/src/Core/Repositories/IOrganizationUserRepository.cs
@ -10,6 +10,7 @@ namespace Bit.Core.Repositories
    public interface IOrganizationUserRepository : IRepository<OrganizationUser, Guid>
    {
        Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, Guid userId);
        Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type);
        Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email);
        Task<Tuple<OrganizationUserUserDetails, ICollection<SubvaultUserDetails>>> GetDetailsByIdAsync(Guid id);
        Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId);
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -47,6 +47,20 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }
        public async Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId,
            OrganizationUserType? type)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
                var results = await connection.QueryAsync<OrganizationUser>(
                    "[dbo].[OrganizationUser_ReadByOrganizationId]",
                    new { OrganizationId = organizationId, Type = type },
                    commandType: CommandType.StoredProcedure);
                return results.ToList();
            }
        }
        public async Task<Tuple<OrganizationUserUserDetails, ICollection<SubvaultUserDetails>>> GetDetailsByIdAsync(Guid id)
        {
            using(var connection = new SqlConnection(ConnectionString))
@ -75,7 +89,7 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }
-        public async Task<ICollection<OrganizationUserOrganizationDetails>> GetManyDetailsByUserAsync(Guid userId, 
+        public async Task<ICollection<OrganizationUserOrganizationDetails>> GetManyDetailsByUserAsync(Guid userId,
            OrganizationUserStatusType? status = null)
        {
            using(var connection = new SqlConnection(ConnectionString))
--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@ -242,10 +242,17 @@ namespace Bit.Core.Services
                throw new BadRequestException("Cannot update users.");
            }
-            // TODO: validate subvaults?
+            var confirmedOwners = (await GetConfirmedOwnersAsync(user.OrganizationId)).ToList();
            if(confirmedOwners.Count == 1 && confirmedOwners[0].Id == user.Id)
            {
                throw new BadRequestException("Organization must have at least one confirmed owner.");
            }
            var orgSubvaults = await _subvaultRepository.GetManyByOrganizationIdAsync(user.OrganizationId);
            var filteredSubvaults = subvaults.Where(s => orgSubvaults.Any(os => os.Id == s.SubvaultId));
            await _organizationUserRepository.ReplaceAsync(user);
-            await SaveUserSubvaultsAsync(user, subvaults, false);
+            await SaveUserSubvaultsAsync(user, filteredSubvaults, false);
        }
        public async Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid deletingUserId)
@ -261,9 +268,22 @@ namespace Bit.Core.Services
                throw new BadRequestException("User not valid.");
            }
            var confirmedOwners = (await GetConfirmedOwnersAsync(organizationId)).ToList();
            if(confirmedOwners.Count == 1 && confirmedOwners[0].Id == organizationUserId)
            {
                throw new BadRequestException("Organization must have at least one confirmed owner.");
            }
            await _organizationUserRepository.DeleteAsync(orgUser);
        }
        private async Task<IEnumerable<OrganizationUser>> GetConfirmedOwnersAsync(Guid organizationId)
        {
            var owners = await _organizationUserRepository.GetManyByOrganizationAsync(organizationId,
                Enums.OrganizationUserType.Owner);
            return owners.Where(o => o.Status == Enums.OrganizationUserStatusType.Confirmed);
        }
        private async Task<bool> OrganizationUserHasAdminRightsAsync(Guid organizationId, Guid userId)
        {
            var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, userId);
--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -178,5 +178,6 @@
    <Build Include="dbo\Functions\UserCanEditCipher.sql" />
    <Build Include="dbo\Stored Procedures\Cipher_UpdatePartial.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadByOrganizationIdEmail.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadByOrganizationId.sql" />
  </ItemGroup>
 </Project>
--- a/Procedures/OrganizationUser_ReadByOrganizationId.sql
+++ b/Procedures/OrganizationUser_ReadByOrganizationId.sql
@ -0,0 +1,15 @@
 CREATE PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationId]
    @OrganizationId UNIQUEIDENTIFIER,
    @Type TINYINT
 AS
 BEGIN
    SET NOCOUNT ON
    SELECT
        *
    FROM
        [dbo].[OrganizationUserView]
    WHERE
        [OrganizationId] = @OrganizationId
        AND (@Type IS NULL OR [Type] = @Type)
 END