From cc2741735ffdb8ff3758bb92d71a240c17a47660 Mon Sep 17 00:00:00 2001
From: Rui Tome <rtome@bitwarden.com>
Date: Thu, 3 Apr 2025 15:53:28 +0100
Subject: [PATCH] Add OrganizationUpdateKeysCommand

---
 .../IOrganizationUpdateKeysCommand.cs         | 13 +++++
 .../OrganizationUpdateKeysCommand.cs          | 47 +++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IOrganizationUpdateKeysCommand.cs
 create mode 100644 src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationUpdateKeysCommand.cs

diff --git a/src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IOrganizationUpdateKeysCommand.cs b/src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IOrganizationUpdateKeysCommand.cs
new file mode 100644
index 0000000000..2d01a5e4e3
--- /dev/null
+++ b/src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IOrganizationUpdateKeysCommand.cs
@@ -0,0 +1,13 @@
+using Bit.Core.AdminConsole.Entities;
+
+public interface IOrganizationUpdateKeysCommand
+{
+    /// <summary>
+    /// Update the keys for an organization.
+    /// </summary>
+    /// <param name="orgId">The ID of the organization to update.</param>
+    /// <param name="publicKey">The public key for the organization.</param>
+    /// <param name="privateKey">The private key for the organization.</param>
+    /// <returns>The updated organization.</returns>
+    Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey);
+}
diff --git a/src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationUpdateKeysCommand.cs b/src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationUpdateKeysCommand.cs
new file mode 100644
index 0000000000..aa85c7e2a4
--- /dev/null
+++ b/src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationUpdateKeysCommand.cs
@@ -0,0 +1,47 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Context;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+
+public class OrganizationUpdateKeysCommand : IOrganizationUpdateKeysCommand
+{
+    private readonly ICurrentContext _currentContext;
+    private readonly IOrganizationRepository _organizationRepository;
+    private readonly IOrganizationService _organizationService;
+
+    public const string OrganizationKeysAlreadyExistErrorMessage = "Organization Keys already exist.";
+
+    public OrganizationUpdateKeysCommand(
+        ICurrentContext currentContext,
+        IOrganizationRepository organizationRepository,
+        IOrganizationService organizationService)
+    {
+        _currentContext = currentContext;
+        _organizationRepository = organizationRepository;
+        _organizationService = organizationService;
+    }
+
+    public async Task<Organization> UpdateOrganizationKeysAsync(Guid organizationId, string publicKey, string privateKey)
+    {
+        if (!await _currentContext.ManageResetPassword(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        // If the keys already exist, error out
+        var organization = await _organizationRepository.GetByIdAsync(organizationId);
+        if (organization.PublicKey != null && organization.PrivateKey != null)
+        {
+            throw new BadRequestException(OrganizationKeysAlreadyExistErrorMessage);
+        }
+
+        // Update org with generated public/private key
+        organization.PublicKey = publicKey;
+        organization.PrivateKey = privateKey;
+
+        await _organizationService.UpdateAsync(organization);
+
+        return organization;
+    }
+}