mirror of
https://github.com/bitwarden/server.git
synced 2025-06-30 15:42:48 -05:00
[AC-2614] Member Access Report Endpoint (#4599)
* Initial draft of moving the org user controller details method into a query * Removing comments and addressing pr items * Adding the org users query to core * Adding the member access report * Addressing some pr concerns and refactoring to be more efficient * Some minor changes to the way properties are spelled * Setting authorization to organization * Adding the permissions check for reports and comments * removing unnecessary usings * Removing ciphers controller change that was a mistake * There was a duplication issue in getting collections for users grabbing groups * Adding comments to the CreateReport method * Only get the user collections by userId * Some finaly refactoring * Adding the no group, no collection, and no perms local strings * Modifying and adding query test cases * Removing unnecessary permissions code in query * Added mapping for id and UsesKeyConnector to MemberAccessReportModel (#4681) * Moving test cases from controller fully into the query. --------- Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com> Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
This commit is contained in:
Tom
@ -13,7 +13,6 @@ using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Models.Business;
|
||||
using Bit.Core.Models.Data;
|
||||
using Bit.Core.Models.Data.Organizations;
|
||||
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
|
||||
using Bit.Core.OrganizationFeatures.OrganizationUsers.Interfaces;
|
||||
@ -22,6 +21,8 @@ using Bit.Core.Services;
|
||||
using Bit.Core.Utilities;
|
||||
using Bit.Test.Common.AutoFixture;
|
||||
using Bit.Test.Common.AutoFixture.Attributes;
|
||||
using Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
|
||||
using Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Requests;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using NSubstitute;
|
||||
using Xunit;
|
||||
@ -194,71 +195,6 @@ public class OrganizationUsersControllerTests
|
||||
Assert.True(response.Data.All(r => organizationUsers.Any(ou => ou.Id == r.Id)));
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task Get_HandlesNullPermissionsObject(
|
||||
ICollection<OrganizationUserUserDetails> organizationUsers, OrganizationAbility organizationAbility,
|
||||
SutProvider<OrganizationUsersController> sutProvider)
|
||||
{
|
||||
Get_Setup(organizationAbility, organizationUsers, sutProvider);
|
||||
organizationUsers.First().Permissions = "null";
|
||||
var response = await sutProvider.Sut.Get(organizationAbility.Id);
|
||||
|
||||
Assert.True(response.Data.All(r => organizationUsers.Any(ou => ou.Id == r.Id)));
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task Get_SetsDeprecatedCustomPermissionstoFalse(
|
||||
ICollection<OrganizationUserUserDetails> organizationUsers, OrganizationAbility organizationAbility,
|
||||
SutProvider<OrganizationUsersController> sutProvider)
|
||||
{
|
||||
Get_Setup(organizationAbility, organizationUsers, sutProvider);
|
||||
|
||||
var customUser = organizationUsers.First();
|
||||
customUser.Type = OrganizationUserType.Custom;
|
||||
customUser.Permissions = CoreHelpers.ClassToJsonData(new Permissions
|
||||
{
|
||||
AccessReports = true,
|
||||
EditAssignedCollections = true,
|
||||
DeleteAssignedCollections = true,
|
||||
AccessEventLogs = true
|
||||
});
|
||||
|
||||
var response = await sutProvider.Sut.Get(organizationAbility.Id);
|
||||
|
||||
var customUserResponse = response.Data.First(r => r.Id == organizationUsers.First().Id);
|
||||
Assert.Equal(OrganizationUserType.Custom, customUserResponse.Type);
|
||||
Assert.True(customUserResponse.Permissions.AccessReports);
|
||||
Assert.True(customUserResponse.Permissions.AccessEventLogs);
|
||||
Assert.False(customUserResponse.Permissions.EditAssignedCollections);
|
||||
Assert.False(customUserResponse.Permissions.DeleteAssignedCollections);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task Get_DowngradesCustomUsersWithDeprecatedPermissions(
|
||||
ICollection<OrganizationUserUserDetails> organizationUsers, OrganizationAbility organizationAbility,
|
||||
SutProvider<OrganizationUsersController> sutProvider)
|
||||
{
|
||||
Get_Setup(organizationAbility, organizationUsers, sutProvider);
|
||||
|
||||
var customUser = organizationUsers.First();
|
||||
customUser.Type = OrganizationUserType.Custom;
|
||||
customUser.Permissions = CoreHelpers.ClassToJsonData(new Permissions
|
||||
{
|
||||
EditAssignedCollections = true,
|
||||
DeleteAssignedCollections = true,
|
||||
});
|
||||
|
||||
var response = await sutProvider.Sut.Get(organizationAbility.Id);
|
||||
|
||||
var customUserResponse = response.Data.First(r => r.Id == organizationUsers.First().Id);
|
||||
Assert.Equal(OrganizationUserType.User, customUserResponse.Type);
|
||||
Assert.False(customUserResponse.Permissions.EditAssignedCollections);
|
||||
Assert.False(customUserResponse.Permissions.DeleteAssignedCollections);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task GetAccountRecoveryDetails_ReturnsDetails(
|
||||
@ -309,6 +245,8 @@ public class OrganizationUsersControllerTests
|
||||
sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organizationAbility.Id)
|
||||
.Returns(organizationAbility);
|
||||
|
||||
sutProvider.GetDependency<IOrganizationUserUserDetailsQuery>().GetOrganizationUserUserDetails(Arg.Any<OrganizationUserUserDetailsQueryRequest>()).Returns(organizationUsers);
|
||||
|
||||
sutProvider.GetDependency<IAuthorizationService>().AuthorizeAsync(
|
||||
user: Arg.Any<ClaimsPrincipal>(),
|
||||
resource: Arg.Any<Object>(),
|
||||
|
||||
Reference in New Issue
Block a user