nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

[AC-2317] Public API - remove old permissions code (#4125)

Browse Source 
* Remove FlexibleCollections checks from Public API controllers

* Remove AccessAll from Public API

* Update tests
This commit is contained in:
Thomas Rittson
2024-06-04 08:58:44 +10:00
committed by GitHub
parent 2c40dc0602
commit cae417e2a2
13 changed files with 24 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
test/Api.Test/AdminConsole/Public/Controllers/GroupsControllerTests.cs
View File

@ -5,7 +5,6 @@ using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.Context;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
using Bit.Test.Common.AutoFixture;
@ -22,105 +21,7 @@ public class GroupsControllerTests
{
[Theory]
[BitAutoData]
public async Task Post_Success_BeforeFlexibleCollectionMigration(Organization organization, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has not migrated
organization.FlexibleCollections = false;
// Permissions do not contain Manage property
var expectedPermissions = (groupRequestModel.Collections ?? []).Select(model => new AssociationWithPermissionsRequestModel { Id = model.Id, ReadOnly = model.ReadOnly, HidePasswords = model.HidePasswords.GetValueOrDefault() });
groupRequestModel.Collections = expectedPermissions;
sutProvider.GetDependency<ICurrentContext>().OrganizationId.Returns(organization.Id);
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
var response = await sutProvider.Sut.Post(groupRequestModel) as JsonResult;
var responseValue = response.Value as GroupResponseModel;
await sutProvider.GetDependency<ICreateGroupCommand>().Received(1).CreateGroupAsync(
Arg.Is<Group>(g =>
g.OrganizationId == organization.Id && g.Name == groupRequestModel.Name &&
g.AccessAll == groupRequestModel.AccessAll && g.ExternalId == groupRequestModel.ExternalId),
organization,
Arg.Any<ICollection<CollectionAccessSelection>>());
Assert.Equal(groupRequestModel.Name, responseValue.Name);
Assert.Equal(groupRequestModel.AccessAll, responseValue.AccessAll);
Assert.Equal(groupRequestModel.ExternalId, responseValue.ExternalId);
}
[Theory]
[BitAutoData]
public async Task Post_Throws_BadRequestException_BeforeFlexibleCollectionMigration_Manage(Organization organization, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has not migrated
organization.FlexibleCollections = false;
// Contains at least one can manage
groupRequestModel.Collections.First().Manage = true;
sutProvider.GetDependency<ICurrentContext>().OrganizationId.Returns(organization.Id);
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
await sutProvider.GetDependency<ICreateGroupCommand>().DidNotReceiveWithAnyArgs().CreateGroupAsync(default, default, default, default);
await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.Post(groupRequestModel));
}
[Theory]
[BitAutoData]
public async Task Put_Success_BeforeFlexibleCollectionMigration(Organization organization, Group group, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has not migrated
organization.FlexibleCollections = false;
// Permissions do not contain Manage property
var expectedPermissions = (groupRequestModel.Collections ?? []).Select(model => new AssociationWithPermissionsRequestModel { Id = model.Id, ReadOnly = model.ReadOnly, HidePasswords = model.HidePasswords.GetValueOrDefault() });
groupRequestModel.Collections = expectedPermissions;
group.OrganizationId = organization.Id;
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
sutProvider.GetDependency<IGroupRepository>().GetByIdAsync(group.Id).Returns(group);
sutProvider.GetDependency<ICurrentContext>().OrganizationId.Returns(organization.Id);
var response = await sutProvider.Sut.Put(group.Id, groupRequestModel) as JsonResult;
var responseValue = response.Value as GroupResponseModel;
await sutProvider.GetDependency<IUpdateGroupCommand>().Received(1).UpdateGroupAsync(
Arg.Is<Group>(g =>
g.OrganizationId == organization.Id && g.Name == groupRequestModel.Name &&
g.AccessAll == groupRequestModel.AccessAll && g.ExternalId == groupRequestModel.ExternalId),
Arg.Is<Organization>(o => o.Id == organization.Id),
Arg.Any<ICollection<CollectionAccessSelection>>());
Assert.Equal(groupRequestModel.Name, responseValue.Name);
Assert.Equal(groupRequestModel.AccessAll, responseValue.AccessAll);
Assert.Equal(groupRequestModel.ExternalId, responseValue.ExternalId);
}
[Theory]
[BitAutoData]
public async Task Put_Throws_BadRequestException_BeforeFlexibleCollectionMigration_Manage(Organization organization, Group group, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has not migrated
organization.FlexibleCollections = false;
// Contains at least one can manage
groupRequestModel.Collections.First().Manage = true;
group.OrganizationId = organization.Id;
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
sutProvider.GetDependency<IGroupRepository>().GetByIdAsync(group.Id).Returns(group);
sutProvider.GetDependency<ICurrentContext>().OrganizationId.Returns(organization.Id);
await sutProvider.GetDependency<IUpdateGroupCommand>().DidNotReceiveWithAnyArgs().UpdateGroupAsync(default, default, default, default);
await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.Put(group.Id, groupRequestModel));
}
[Theory]
[BitAutoData]
public async Task Post_Success_AfterFlexibleCollectionMigration(Organization organization, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
public async Task Post_Success(Organization organization, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has migrated
organization.FlexibleCollections = true;
@ -137,18 +38,17 @@ public class GroupsControllerTests
await sutProvider.GetDependency<ICreateGroupCommand>().Received(1).CreateGroupAsync(
Arg.Is<Group>(g =>
g.OrganizationId == organization.Id && g.Name == groupRequestModel.Name &&
g.AccessAll == groupRequestModel.AccessAll && g.ExternalId == groupRequestModel.ExternalId),
g.ExternalId == groupRequestModel.ExternalId),
organization,
Arg.Any<ICollection<CollectionAccessSelection>>());
Assert.Equal(groupRequestModel.Name, responseValue.Name);
Assert.Equal(groupRequestModel.AccessAll, responseValue.AccessAll);
Assert.Equal(groupRequestModel.ExternalId, responseValue.ExternalId);
}
[Theory]
[BitAutoData]
public async Task Put_Success_AfterFlexibleCollectionMigration(Organization organization, Group group, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
public async Task Put_Success(Organization organization, Group group, GroupCreateUpdateRequestModel groupRequestModel, SutProvider<GroupsController> sutProvider)
{
// Organization has migrated
organization.FlexibleCollections = true;
@ -168,12 +68,11 @@ public class GroupsControllerTests
await sutProvider.GetDependency<IUpdateGroupCommand>().Received(1).UpdateGroupAsync(
Arg.Is<Group>(g =>
g.OrganizationId == organization.Id && g.Name == groupRequestModel.Name &&
g.AccessAll == groupRequestModel.AccessAll && g.ExternalId == groupRequestModel.ExternalId),
g.ExternalId == groupRequestModel.ExternalId),
Arg.Is<Organization>(o => o.Id == organization.Id),
Arg.Any<ICollection<CollectionAccessSelection>>());
Assert.Equal(groupRequestModel.Name, responseValue.Name);
Assert.Equal(groupRequestModel.AccessAll, responseValue.AccessAll);
Assert.Equal(groupRequestModel.ExternalId, responseValue.ExternalId);
}
}