nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

Allow for bulk processing new login device requests (#4064)

Browse Source 
* Define a model for updating many auth requests

In order to facilitate a command method that can update many auth
requests at one time a new model must be defined that accepts valid
input for the command's needs. To achieve this a new file has been
created at
`Core/AdminConsole/OrganizationAuth/Models/OrganizationAuthRequestUpdateCommandModel.cs`
that contains a class of the same name. It's properties match those that
need to come from any calling API request models to fulfill the request.

* Declare a new command interface method

Calling API functions of the `UpdateOrganizationAuthRequestCommand` need
a function that can accept many auth request response objects and
process them as approved or denied. To achieve this a new function has
been added to `IUpdateOrganizationAuthRequestCommand` called
`UpdateManyAsync()` that accepts an
`IEnumberable<OrganizationAuthRequest>` and returns a `Task`.
Implementations of this interface method will be used to bulk process
auth requests as approved or denied.

* Stub out method implementation for unit testing

To facilitate a bulk device login request approval workflow in the admin
console `UpdateOrganizationAuthRequestCommand` needs to be updated to
include an `UpdateMany()` method. It should accept a list of
`OrganizationAuthRequestUpdateCommandModel` objects, perform some simple
data validation checks, and then pass those along to
`AuthRequestRepository` for updating in the database.

This commit stubs out this method for the purpose of writing unit tests.
At this stage the method throws a `NotImplementedException()`. It will
be expand after writing assertions.

* Inject `IAuthRequestRepository` into `UpdateOrganizationAuthCommand`

The updates to `UpdateOrganizationAuthRequestCommand` require a new
direct dependency on `IAuthRequestRepository`. This commit simply
registers this dependency in the `UpdateOrganizationAuthRequest`
constructor for use in unit tests and the `UpdateManyAsync()`
implementation.

* Write tests

* Rename `UpdateManyAsync()` to `UpdateAsync`

* Drop the `CommandModel` suffix

* Invert business logic update filters

* Rework everything to be more model-centric

* Bulk send push notifications

* Write tests that validate the command as a whole

* Fix a test that I broke by mistake

* Swap to using await instead of chained methods for processing

* Seperate a function arguement into a variable declaration

* Ungeneric-ify the processor

* Adjust ternary formatting

* Adjust naming of methods regarding logging organization events

* Throw an exception if Process is called with no auth request loaded

* Rename `_updates` -> `_update`

* Rename email methods

* Stop returning `this`

* Allow callbacks to be null

* Make some assertions about the state of a processed auth request

* Be more terse about arguements in happy path test

* Remove unneeded null check

* Expose an endpoint for bulk processing of organization auth requests  (#4077)

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
This commit is contained in:
Addison Beck
2024-05-26 20:56:52 -05:00
committed by GitHub
parent 0d2e953459
commit 98a191a5e8
15 changed files with 1054 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/Api/AdminConsole/Controllers/OrganizationAuthRequestsController.cs
View File

@ -1,12 +1,14 @@
using Bit.Api.AdminConsole.Models.Request;
using Bit.Api.AdminConsole.Models.Response;
using Bit.Api.Models.Response;
using Bit.Core;
using Bit.Core.AdminConsole.OrganizationAuth.Interfaces;
using Bit.Core.Auth.Models.Api.Request.AuthRequest;
using Bit.Core.Auth.Services;
using Bit.Core.Context;
using Bit.Core.Exceptions;
using Bit.Core.Repositories;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@ -73,7 +75,15 @@ public class OrganizationAuthRequestsController : Controller
}
}
private async Task ValidateAdminRequest(Guid orgId)
[RequireFeature(FeatureFlagKeys.BulkDeviceApproval)]
[HttpPost("")]
public async Task UpdateManyAuthRequests(Guid orgId, [FromBody] IEnumerable<OrganizationAuthRequestUpdateManyRequestModel> model)
{
await ValidateAdminRequest(orgId);
await _updateOrganizationAuthRequestCommand.UpdateAsync(orgId, model.Select(x => x.ToOrganizationAuthRequestUpdate()));
}
public async Task ValidateAdminRequest(Guid orgId)
{
if (!await _currentContext.ManageResetPassword(orgId))
{