[SM-895] Enforce project maximums (#3214)

* Add ProjectLimitQuery * Add query to DI * Add unit tests * Add query to controller * Add controller unit tests * add integration tests * rename query and variables * More renaming
2025-07-02 16:42:50 -05:00 · 2023-08-28 12:34:37 -05:00
parent 7cac93ea90
commit a1d227c121
7 changed files with 194 additions and 0 deletions
--- a/bitwarden_license/src/Commercial.Core/SecretsManager/Queries/Projects/MaxProjectsQuery.cs
+++ b/bitwarden_license/src/Commercial.Core/SecretsManager/Queries/Projects/MaxProjectsQuery.cs
@ -0,0 +1,45 @@
+using Bit.Core.Enums;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Bit.Core.SecretsManager.Queries.Projects.Interfaces;
+using Bit.Core.SecretsManager.Repositories;
+using Bit.Core.Utilities;
+
+namespace Bit.Commercial.Core.SecretsManager.Queries.Projects;
+
+public class MaxProjectsQuery : IMaxProjectsQuery
+{
+    private readonly IOrganizationRepository _organizationRepository;
+    private readonly IProjectRepository _projectRepository;
+
+    public MaxProjectsQuery(
+        IOrganizationRepository organizationRepository,
+        IProjectRepository projectRepository)
+    {
+        _organizationRepository = organizationRepository;
+        _projectRepository = projectRepository;
+    }
+
+    public async Task<(short? max, bool? atMax)> GetByOrgIdAsync(Guid organizationId)
+    {
+        var org = await _organizationRepository.GetByIdAsync(organizationId);
+        if (org == null)
+        {
+            throw new NotFoundException();
+        }
+
+        var plan = StaticStore.GetSecretsManagerPlan(org.PlanType);
+        if (plan == null)
+        {
+            throw new BadRequestException("Existing plan not found.");
+        }
+
+        if (plan.Type == PlanType.Free)
+        {
+            var projects = await _projectRepository.GetProjectCountByOrganizationIdAsync(organizationId);
+            return projects >= plan.MaxProjects ? (plan.MaxProjects, true) : (plan.MaxProjects, false);
+        }
+
+        return (null, null);
+    }
+}
--- a/bitwarden_license/src/Commercial.Core/SecretsManager/SecretsManagerCollectionExtensions.cs
+++ b/bitwarden_license/src/Commercial.Core/SecretsManager/SecretsManagerCollectionExtensions.cs
@ -10,6 +10,7 @@ using Bit.Commercial.Core.SecretsManager.Commands.Secrets;
 using Bit.Commercial.Core.SecretsManager.Commands.ServiceAccounts;
 using Bit.Commercial.Core.SecretsManager.Commands.Trash;
 using Bit.Commercial.Core.SecretsManager.Queries;
+using Bit.Commercial.Core.SecretsManager.Queries.Projects;
 using Bit.Commercial.Core.SecretsManager.Queries.ServiceAccounts;
 using Bit.Core.SecretsManager.Commands.AccessPolicies.Interfaces;
 using Bit.Core.SecretsManager.Commands.AccessTokens.Interfaces;
@ -19,6 +20,7 @@ using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
 using Bit.Core.SecretsManager.Commands.ServiceAccounts.Interfaces;
 using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
 using Bit.Core.SecretsManager.Queries.Interfaces;
+using Bit.Core.SecretsManager.Queries.Projects.Interfaces;
 using Bit.Core.SecretsManager.Queries.ServiceAccounts.Interfaces;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.Extensions.DependencyInjection;
@ -34,6 +36,7 @@ public static class SecretsManagerCollectionExtensions
        services.AddScoped<IAuthorizationHandler, ServiceAccountAuthorizationHandler>();
        services.AddScoped<IAuthorizationHandler, AccessPolicyAuthorizationHandler>();
        services.AddScoped<IAccessClientQuery, AccessClientQuery>();
+        services.AddScoped<IMaxProjectsQuery, MaxProjectsQuery>();
        services.AddScoped<IServiceAccountSecretsDetailsQuery, ServiceAccountSecretsDetailsQuery>();
        services.AddScoped<ICreateSecretCommand, CreateSecretCommand>();
        services.AddScoped<IUpdateSecretCommand, UpdateSecretCommand>();