nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 00:22:50 -05:00
Code Activity

[PM-1033] feat: auto accept invitation when enrolling into password reset

Browse Source
This commit is contained in:
Andreas Coroiu
2023-06-28 14:48:12 +02:00
parent b0392972fd
commit b7ca8d09a1
3 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controllers/OrganizationUsersController.cs
View File

@ -213,7 +213,7 @@ public class OrganizationUsersController : Controller
if (useMasterPasswordPolicy) if (useMasterPasswordPolicy)
{ {
await _organizationService.UpdateUserResetPasswordEnrollmentAsync(orgId, user.Id, model.ResetPasswordKey, user.Id); await _organizationService.UpdateUserResetPasswordEnrollmentAsync(orgId, user.Id, model.ResetPasswordKey, _userService, user.Id);
} }
} }
@ -315,7 +315,7 @@ public class OrganizationUsersController : Controller
var callingUserId = user.Id; var callingUserId = user.Id;
await _organizationService.UpdateUserResetPasswordEnrollmentAsync( await _organizationService.UpdateUserResetPasswordEnrollmentAsync(
new Guid(orgId), new Guid(userId), model.ResetPasswordKey, callingUserId); new Guid(orgId), new Guid(userId), model.ResetPasswordKey, _userService, callingUserId);
} }
[HttpPut("{id}/reset-password")] [HttpPut("{id}/reset-password")]

2
src/Core/Services/IOrganizationService.cs
View File

@ -55,7 +55,7 @@ public interface IOrganizationService
Task<List<Tuple<OrganizationUser, string>>> DeleteUsersAsync(Guid organizationId, Task<List<Tuple<OrganizationUser, string>>> DeleteUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? deletingUserId); IEnumerable<Guid> organizationUserIds, Guid? deletingUserId);
Task UpdateUserGroupsAsync(OrganizationUser organizationUser, IEnumerable<Guid> groupIds, Guid? loggedInUserId); Task UpdateUserGroupsAsync(OrganizationUser organizationUser, IEnumerable<Guid> groupIds, Guid? loggedInUserId);
Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid userId, string resetPasswordKey, Guid? callingUserId); Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid userId, string resetPasswordKey, IUserService userService, Guid? callingUserId);
Task ImportAsync(Guid organizationId, Guid? importingUserId, IEnumerable<ImportedGroup> groups, Task ImportAsync(Guid organizationId, Guid? importingUserId, IEnumerable<ImportedGroup> groups,
IEnumerable<ImportedOrganizationUser> newUsers, IEnumerable<string> removeUserExternalIds, IEnumerable<ImportedOrganizationUser> newUsers, IEnumerable<string> removeUserExternalIds,
bool overwriteExisting); bool overwriteExisting);

26
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -1269,6 +1269,24 @@ public class OrganizationService : IOrganizationService
return await AcceptUserAsync(orgUser, user, userService); return await AcceptUserAsync(orgUser, user, userService);
} }
public async Task<OrganizationUser> AcceptUserAsync(Guid organizationId, User user, IUserService userService)
{
var org = await _organizationRepository.GetByIdAsync(organizationId);
if (org == null)
{
throw new BadRequestException("Organization invalid.");
}
var usersOrgs = await _organizationUserRepository.GetManyByUserAsync(user.Id);
var orgUser = usersOrgs.FirstOrDefault(u => u.OrganizationId == org.Id);
if (orgUser == null)
{
throw new BadRequestException("User not found within organization.");
}
return await AcceptUserAsync(orgUser, user, userService);
}
private async Task<OrganizationUser> AcceptUserAsync(OrganizationUser orgUser, User user, private async Task<OrganizationUser> AcceptUserAsync(OrganizationUser orgUser, User user,
IUserService userService) IUserService userService)
{ {
@ -1716,7 +1734,7 @@ public class OrganizationService : IOrganizationService
EventType.OrganizationUser_UpdatedGroups); EventType.OrganizationUser_UpdatedGroups);
} }
public async Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid userId, string resetPasswordKey, Guid? callingUserId) public async Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid userId, string resetPasswordKey, IUserService userService, Guid? callingUserId)
{ {
// Org User must be the same as the calling user and the organization ID associated with the user must match passed org ID // Org User must be the same as the calling user and the organization ID associated with the user must match passed org ID
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, userId); var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, userId);
@ -1756,6 +1774,12 @@ public class OrganizationService : IOrganizationService
await _organizationUserRepository.ReplaceAsync(orgUser); await _organizationUserRepository.ReplaceAsync(orgUser);
await _eventService.LogOrganizationUserEventAsync(orgUser, resetPasswordKey != null ? await _eventService.LogOrganizationUserEventAsync(orgUser, resetPasswordKey != null ?
EventType.OrganizationUser_ResetPassword_Enroll : EventType.OrganizationUser_ResetPassword_Withdraw); EventType.OrganizationUser_ResetPassword_Enroll : EventType.OrganizationUser_ResetPassword_Withdraw);
if (orgUser.Status == OrganizationUserStatusType.Invited)
{
var user = await _userRepository.GetByIdAsync(userId);
await AcceptUserAsync(orgUser, user, userService);
}
} }
public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email, public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email,