[SM-378] Enable SM on a user basis (#2590)

* Add support for giving individual users access to secrets manager

src/Api/Models/Request/Organizations/OrganizationUserRequestModels.cs

@@ -17,6 +17,7 @@ public class OrganizationUserInviteRequestModel
     [Required]
     public OrganizationUserType? Type { get; set; }
     public bool AccessAll { get; set; }
+    public bool AccessSecretsManager { get; set; }
     public Permissions Permissions { get; set; }
     public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }
     public IEnumerable<Guid> Groups { get; set; }
@@ -28,6 +29,7 @@ public class OrganizationUserInviteRequestModel
             Emails = Emails,
             Type = Type,
             AccessAll = AccessAll,
+            AccessSecretsManager = AccessSecretsManager,
             Collections = Collections?.Select(c => c.ToSelectionReadOnly()),
             Groups = Groups,
             Permissions = Permissions,
@@ -73,6 +75,7 @@ public class OrganizationUserUpdateRequestModel
     [Required]
     public OrganizationUserType? Type { get; set; }
     public bool AccessAll { get; set; }
+    public bool AccessSecretsManager { get; set; }
     public Permissions Permissions { get; set; }
     public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }
     public IEnumerable<Guid> Groups { get; set; }
@@ -85,6 +88,7 @@ public class OrganizationUserUpdateRequestModel
             PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
         });
         existingUser.AccessAll = AccessAll;
+        existingUser.AccessSecretsManager = AccessSecretsManager;
         return existingUser;
     }
 }

src/Api/Models/Response/Organizations/OrganizationUserResponseModel.cs

@@ -23,6 +23,7 @@ public class OrganizationUserResponseModel : ResponseModel
         Type = organizationUser.Type;
         Status = organizationUser.Status;
         AccessAll = organizationUser.AccessAll;
+        AccessSecretsManager = organizationUser.AccessSecretsManager;
         Permissions = CoreHelpers.LoadClassFromJsonData<Permissions>(organizationUser.Permissions);
         ResetPasswordEnrolled = !string.IsNullOrEmpty(organizationUser.ResetPasswordKey);
     }
@@ -40,6 +41,7 @@ public class OrganizationUserResponseModel : ResponseModel
         Type = organizationUser.Type;
         Status = organizationUser.Status;
         AccessAll = organizationUser.AccessAll;
+        AccessSecretsManager = organizationUser.AccessSecretsManager;
         Permissions = CoreHelpers.LoadClassFromJsonData<Permissions>(organizationUser.Permissions);
         ResetPasswordEnrolled = !string.IsNullOrEmpty(organizationUser.ResetPasswordKey);
         UsesKeyConnector = organizationUser.UsesKeyConnector;
@@ -50,6 +52,7 @@ public class OrganizationUserResponseModel : ResponseModel
     public OrganizationUserType Type { get; set; }
     public OrganizationUserStatusType Status { get; set; }
     public bool AccessAll { get; set; }
+    public bool AccessSecretsManager { get; set; }
     public Permissions Permissions { get; set; }
     public bool ResetPasswordEnrolled { get; set; }
     public bool UsesKeyConnector { get; set; }

src/Api/Models/Response/ProfileOrganizationResponseModel.cs

@@ -52,6 +52,7 @@ public class ProfileOrganizationResponseModel : ResponseModel
         FamilySponsorshipLastSyncDate = organization.FamilySponsorshipLastSyncDate;
         FamilySponsorshipToDelete = organization.FamilySponsorshipToDelete;
         FamilySponsorshipValidUntil = organization.FamilySponsorshipValidUntil;
+        AccessSecretsManager = organization.AccessSecretsManager;
 
         if (organization.SsoConfig != null)
         {
@@ -101,4 +102,5 @@ public class ProfileOrganizationResponseModel : ResponseModel
     public DateTime? FamilySponsorshipLastSyncDate { get; set; }
     public DateTime? FamilySponsorshipValidUntil { get; set; }
     public bool? FamilySponsorshipToDelete { get; set; }
+    public bool AccessSecretsManager { get; set; }
 }