[PM-3797 Part 1] Layout new key rotation methods (#3425)

* layout new key rotation methods - add endpoint with request model - add command with data model - add repository method * layout new key rotation methods - add endpoint with request model - add command with data model - add repository method * formatting * rename account recovery to reset password * fix tests * remove extra endpoint * rename account recovery to reset password * fix tests and formatting * register db calls in command, removing list from user repo * formatting
2025-07-03 00:52:49 -05:00 · 2023-11-09 14:56:08 -05:00
parent 4cf2142b68
commit b716a925f8
12 changed files with 340 additions and 38 deletions
--- a/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs
+++ b/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs
@ -1,4 +1,5 @@
 using AutoMapper;
+using Bit.Core.Auth.UserFeatures.UserKey;
 using Bit.Core.Repositories;
 using Bit.Infrastructure.EntityFramework.Models;
 using Microsoft.EntityFrameworkCore;
@ -135,6 +136,48 @@ public class UserRepository : Repository<Core.Entities.User, User, Guid>, IUserR
        }
    }

+    /// <inheritdoc />
+    public async Task UpdateUserKeyAndEncryptedDataAsync(Core.Entities.User user,
+        IEnumerable<UpdateEncryptedDataForKeyRotation> updateDataActions)
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        var dbContext = GetDatabaseContext(scope);
+
+        await using var transaction = await dbContext.Database.BeginTransactionAsync();
+
+        try
+        {
+            // Update user
+            var entity = await dbContext.Users.FindAsync(user.Id);
+            if (entity == null)
+            {
+                throw new ArgumentException("User not found", nameof(user));
+            }
+
+            entity.SecurityStamp = user.SecurityStamp;
+            entity.Key = user.Key;
+            entity.PrivateKey = user.PrivateKey;
+            entity.LastKeyRotationDate = user.LastKeyRotationDate;
+            entity.AccountRevisionDate = user.AccountRevisionDate;
+            entity.RevisionDate = user.RevisionDate;
+
+            //  Update re-encrypted data
+            foreach (var action in updateDataActions)
+            {
+                // TODO (jlf0dev): Check if transaction captures these operations
+                await action();
+            }
+
+            await transaction.CommitAsync();
+        }
+        catch
+        {
+            await transaction.RollbackAsync();
+            throw;
+        }
+
+    }
+
    public async Task<IEnumerable<Core.Entities.User>> GetManyAsync(IEnumerable<Guid> ids)
    {
        using (var scope = ServiceScopeFactory.CreateScope())