nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-03 00:52:49 -05:00
Code Activity

WIP: Organization sponsorship flow

Browse Source
This commit is contained in:
Matt Gibson
2021-10-29 18:43:45 -04:00
parent 0cbeb75b29
commit b8fdbbcb9f
11 changed files with 333 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
src/Api/Controllers/OrganizationSponsorshipsController.cs Normal file
View File

@ -0,0 +1,136 @@
using System;
using System.Threading.Tasks;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api;
using Bit.Core.Models.Api.Request;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Controllers
{
[Route("organization/sponsorship")]
[Authorize("Application")]
public class OrganizationSponsorshipsController : Controller
{
private readonly IOrganizationSponsorshipService _organizationsSponsorshipService;
private readonly IOrganizationSponsorshipRepository _organizationSponsorshipRepository;
private readonly IOrganizationRepository _organizationRepository;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly ICurrentContext _currentContext;
public OrganizationSponsorshipsController(IOrganizationSponsorshipService organizationSponsorshipService,
IOrganizationSponsorshipRepository organizationSponsorshipRepository,
IOrganizationRepository organizationRepository,
IOrganizationUserRepository organizationUserRepository,
ICurrentContext currentContext)
{
_organizationsSponsorshipService = organizationSponsorshipService;
_organizationSponsorshipRepository = organizationSponsorshipRepository;
_organizationRepository = organizationRepository;
_organizationUserRepository = organizationUserRepository;
_currentContext = currentContext;
}
[HttpPost("{sponsoringOrgId}/families-for-enterprise")]
public async Task<IActionResult> CreateSponsorship(string sponsoringOrgId, [FromBody] OrganizationSponsorshipRequestModel model)
{
// TODO: validate has right to sponsor, send sponsorship email
var sponsoringOrgIdGuid = new Guid(sponsoringOrgId);
var sponsoringOrg = await _organizationRepository.GetByIdAsync(sponsoringOrgIdGuid);
if (sponsoringOrg == null || !PlanTypeHelper.HasEnterprisePlan(sponsoringOrg))
{
throw new BadRequestException("Specified Organization cannot sponsor other organizations.");
}
var sponsoringOrgUser = await _organizationUserRepository.GetByIdAsync(model.OrganizationUserId);
if (sponsoringOrgUser == null || sponsoringOrgUser.Status != OrganizationUserStatusType.Confirmed)
{
throw new BadRequestException("Only confirm users can sponsor other organizations.");
}
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoringOrganizationUserIdAsync(sponsoringOrgUser.Id);
if (existingOrgSponsorship != null)
{
throw new BadRequestException("Can only sponsor one organization per Organization User");
}
// TODO: send sponsorship email
throw new NotImplementedException();
}
[HttpPost("sponsored/redeem/families-for-enterprise")]
public async Task<IActionResult> RedeemSponsorship([FromQuery] string sponsorshipInfo, [FromBody] OrganizationSponsorshipRedeemRequestModel model)
{
// TODO: parse out sponsorshipInfo
if (!await _currentContext.OrganizationOwner(model.SponsoredOrganizationId))
{
throw new BadRequestException("Can only redeem sponsorship for and organization you own");
}
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoredOrganizationIdAsync(model.SponsoredOrganizationId);
if (existingOrgSponsorship != null)
{
throw new BadRequestException("Cannot redeem a sponsorship offer for and organization that is already sponsored. Revoke existing sponsorship first.");
}
var organizationToSponsor = await _organizationRepository.GetByIdAsync(model.SponsoredOrganizationId);
// TODO: only current families plan?
if (organizationToSponsor == null || !PlanTypeHelper.HasFamiliesPlan(organizationToSponsor))
{
throw new BadRequestException("Can only redeem sponsorship offer on families organizations");
}
// TODO: check user is owner of proposed org, it isn't currently sponsored, and set up sponsorship
throw new NotImplementedException();
}
[HttpDelete("{sponsoringOrgId}/{sponsoringOrgUserId}")]
[HttpPost("{sponsoringOrgId}/{sponsoringOrgUserId}/delete")]
public async Task<IActionResult> RevokeSponsorship(string sponsoringOrgId, string sponsoringOrgUserId)
{
var sponsoringOrgIdGuid = new Guid(sponsoringOrgId);
var sponsoringOrgUserIdGuid = new Guid(sponsoringOrgUserId);
var orgUser = await _organizationUserRepository.GetByIdAsync(sponsoringOrgUserIdGuid);
if (_currentContext.UserId != orgUser?.UserId)
{
throw new BadRequestException("Can only revoke a sponsorship you own.");
}
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoringOrganizationUserIdAsync(sponsoringOrgUserIdGuid);
if (existingOrgSponsorship == null)
{
throw new BadRequestException("You are not currently sponsoring and organization.");
}
// TODO: remove sponsorship
throw new NotImplementedException();
}
[HttpDelete("sponsored/{sponsoredOrgId}")]
[HttpPost("sponsored/{sponsoredOrgId}/remove")]
public async Task<IActionResult> RemoveSponsorship(string sponsoredOrgId)
{
var sponsoredOrgIdGuid = new Guid(sponsoredOrgId);
if (!await _currentContext.OrganizationOwner(sponsoredOrgIdGuid))
{
throw new BadRequestException("Only the owner of an organization can remove sponsorship.");
}
var existingOrgSponsorship = await _organizationSponsorshipRepository.GetBySponsoringOrganizationUserIdAsync(sponsoredOrgIdGuid);
if (existingOrgSponsorship == null)
{
throw new BadRequestException("The requested organization is not currently being sponsored");
}
// TODO: remove sponsorship
throw new NotImplementedException();
}
}
}

11
src/Core/Models/Api/Request/Organizations/OrganizationSponsorshipRedeemRequestModel.cs Normal file
View File

@ -0,0 +1,11 @@
using System;
using System.ComponentModel.DataAnnotations;
namespace Bit.Core.Models.Api
{
public class OrganizationSponsorshipRedeemRequestModel
{
[Required]
public Guid SponsoredOrganizationId { get; set; }
}
}

16
src/Core/Models/Api/Request/Organizations/OrganizationSponsorshipRequestModel.cs Normal file
View File

@ -0,0 +1,16 @@
using System;
using System.ComponentModel.DataAnnotations;
using Bit.Core.Utilities;
namespace Bit.Core.Models.Api.Request
{
public class OrganizationSponsorshipRequestModel
{
[Required]
public Guid OrganizationUserId { get; set; }
[Required]
[StringLength(256)]
[StrictEmailAddress]
public string sponsoredEmail { get; set; }
}
}

24
src/Core/Models/Table/OrganizationSponsorship.cs Normal file
View File

@ -0,0 +1,24 @@
using System;
using Bit.Core.Utilities;
namespace Bit.Core.Models.Table
{
public class OrganizationSponsorship : ITableObject<Guid>
{
public Guid Id { get; set; }
public Guid InstallationId { get; set; }
public Guid SponsoringOrganizationId { get; set; }
public Guid SponsoringOrganizationUserId { get; set; }
public Guid SponsoringUserId { get; set; }
public Guid? SponsoredOrganizationId { get; set; }
public bool CloudSponsor { get; set; }
public DateTime? LastSyncDate { get; set; }
public byte TimesRenewedWithoutValidation { get; set; }
public DateTime? SponsorshipLapsedDate { get; set; }
public void SetNewId()
{
Id = CoreHelpers.GenerateComb();
}
}
}

14
src/Core/Repositories/IOrganizationSponsorshipRepository.cs Normal file
View File

@ -0,0 +1,14 @@
using System;
using System.Collections;
using System.Collections.Generic;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
namespace Bit.Core.Repositories
{
public interface IOrganizationSponsorshipRepository : IRepository<OrganizationSponsorship, Guid>
{
Task<OrganizationSponsorship> GetBySponsoringOrganizationUserIdAsync(Guid sponsoringOrganizationUserId);
Task<OrganizationSponsorship> GetBySponsoredOrganizationIdAsync(Guid sponsoredOrganizationId);
}
}

49
src/Core/Repositories/SqlServer/OrganizationSponsorshipRepository.cs Normal file
View File

@ -0,0 +1,49 @@
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Models.Table;
using Bit.Core.Settings;
using Dapper;
namespace Bit.Core.Repositories.SqlServer
{
public class OrganizationSponsorshipRepository : Repository<OrganizationSponsorship, Guid>, IOrganizationSponsorshipRepository
{
public OrganizationSponsorshipRepository(GlobalSettings globalSettings)
: this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
{ }
public OrganizationSponsorshipRepository(string connectionString, string readOnlyConnectionString)
: base(connectionString, readOnlyConnectionString)
{ }
public async Task<OrganizationSponsorship> GetBySponsoringOrganizationUserIdAsync(Guid sponsoringOrganizationUserId)
{
using (var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<OrganizationSponsorship>(
"[dbo].[OrganizationSponsorship_ReadBySponsoringOrganizationUserId]",
new { SponsoringOrganizationUserId = sponsoringOrganizationUserId },
commandType: CommandType.StoredProcedure);
return results.SingleOrDefault();
}
}
public async Task<OrganizationSponsorship> GetBySponsoredOrganizationIdAsync(Guid sponsoredOrganizationId)
{
using (var connection = new SqlConnection(ConnectionString))
{
var results = await connection.QueryAsync<OrganizationSponsorship>(
"[dbo].[OrganizationSponsorship_ReadBySponsoredOrganizationId]",
new { SponsoredOrganizationId = sponsoredOrganizationId },
commandType: CommandType.StoredProcedure);
return results.SingleOrDefault();
}
}
}
}

7
src/Core/Services/IOrganizationSponsorshipService.cs Normal file
View File

@ -0,0 +1,7 @@
namespace Bit.Core.Services
{
public interface IOrganizationSponsorshipService
{
}
}

14
src/Core/Services/Implementations/OrganizationSponsorshipService.cs Normal file
View File

@ -0,0 +1,14 @@
using Bit.Core.Repositories;
namespace Bit.Core.Services
{
public class OrganizationSponsorshipService : IOrganizationSponsorshipService
{
private readonly IOrganizationSponsorshipRepository _organizationSponsorshipRepository;
public OrganizationSponsorshipService(IOrganizationSponsorshipRepository organizationSponsorshipRepository)
{
_organizationSponsorshipRepository = organizationSponsorshipRepository;
}
}
}

17
test/Api.Test/AutoFixture/Attributes/ControllerCustomizeAttribute.cs Normal file
View File

@ -0,0 +1,17 @@
using System;
using AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
namespace Bit.Api.Test.AutoFixture.Attributes
{
public class ControllerCustomizeAttribute : BitCustomizeAttribute
{
private readonly Type _controllerType;
public ControllerCustomizeAttribute(Type controllerType)
{
_controllerType = controllerType;
}
public override ICustomization GetCustomization() => new ControllerCustomization(_controllerType);
}
}

40
test/Api.Test/Controllers/OrganizationSponsorshipsControllerTests.cs Normal file
View File

@ -0,0 +1,40 @@
using Xunit;
using Bit.Test.Common.AutoFixture.Attributes;
using System.Threading.Tasks;
using System;
using Bit.Core.Enums;
using System.Linq;
using System.Collections.Generic;
using Bit.Core.Models.Table;
using Bit.Test.Common.AutoFixture;
using Bit.Api.Controllers;
using Bit.Core.Context;
using NSubstitute;
using Bit.Core.Exceptions;
using Bit.Api.Test.AutoFixture.Attributes;
namespace Bit.Api.Test.Controllers
{
[ControllerCustomize(typeof(OrganizationSponsorshipsController))]
[SutProviderCustomize]
public class OrganizationSponsorshipsControllerTests
{
public static IEnumerable<object[]> EnterprisePlanTypes =>
Enum.GetValues<PlanType>().Where(p => PlanTypeHelper.IsEnterprise(p)).Select(p => new object[] { p });
public static IEnumerable<object[]> NonEnterprisePlanTypes =>
Enum.GetValues<PlanType>().Where(p => !PlanTypeHelper.IsEnterprise(p)).Select(p => new object[] { p });
[Theory]
[MemberAutoData(nameof(NonEnterprisePlanTypes))]
public async Task CreateSponsorship_BadSponsoringOrgPlan_ThrowsBadRequest(PlanType sponsoringOrgPlan, Organization org,
SutProvider<OrganizationSponsorshipsController> sutProvider)
{
org.PlanType = sponsoringOrgPlan;
var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
sutProvider.Sut.CreateSponsorship(org.Id.ToString(), null));
Assert.Contains("Specified Organization cannot sponsor other organizations.", exception.Message);
}
}
}

5
test/Common/AutoFixture/Attributes/SutAutoDataAttribute.cs
View File

@ -6,6 +6,11 @@ using AutoFixture.Xunit2;
namespace Bit.Test.Common.AutoFixture.Attributes namespace Bit.Test.Common.AutoFixture.Attributes
{ {
public class SutProviderCustomizeAttribute : BitCustomizeAttribute
{
public override ICustomization GetCustomization() => new SutProviderCustomization();
}
public class SutAutoDataAttribute : CustomAutoDataAttribute public class SutAutoDataAttribute : CustomAutoDataAttribute
{ {
public SutAutoDataAttribute(params Type[] iCustomizationTypes) : base( public SutAutoDataAttribute(params Type[] iCustomizationTypes) : base(