nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-09 07:08:15 -05:00
Code

fix to user already exists checks

Browse Source
This commit is contained in:
Kyle Spearrin 2017-11-13 10:06:54 -05:00
parent 39baf2a9be
commit d03421fe4b
5 changed files with 60 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Core/Repositories/IOrganizationUserRepository.cs
View File

@ -14,7 +14,7 @@ namespace Bit.Core.Repositories
Task<int> GetCountByOnlyOwnerAsync(Guid userId); Task<int> GetCountByOnlyOwnerAsync(Guid userId);
Task<ICollection<OrganizationUser>> GetManyByUserAsync(Guid userId); Task<ICollection<OrganizationUser>> GetManyByUserAsync(Guid userId);
Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type); Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type);
Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email); Task<int> GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers);
Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, Guid userId); Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, Guid userId);
Task<Tuple<OrganizationUser, ICollection<SelectionReadOnly>>> GetByIdWithCollectionsAsync(Guid id); Task<Tuple<OrganizationUser, ICollection<SelectionReadOnly>>> GetByIdWithCollectionsAsync(Guid id);
Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId); Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId);

10
src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
View File

@ -62,16 +62,16 @@ namespace Bit.Core.Repositories.SqlServer
} }
} }
public async Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email) public async Task<int> GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers)
{ {
using(var connection = new SqlConnection(ConnectionString)) using(var connection = new SqlConnection(ConnectionString))
{ {
var results = await connection.QueryAsync<OrganizationUser>( var result = await connection.ExecuteScalarAsync<int>(
"[dbo].[OrganizationUser_ReadByOrganizationIdEmail]", "[dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]",
new { OrganizationId = organizationId, Email = email }, new { OrganizationId = organizationId, Email = email, OnlyUsers = onlyRegisteredUsers },
commandType: CommandType.StoredProcedure); commandType: CommandType.StoredProcedure);
return results.SingleOrDefault(); return result;
} }
} }

10
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -857,8 +857,9 @@ namespace Bit.Core.Services
foreach(var email in emails) foreach(var email in emails)
{ {
// Make sure user is not already invited // Make sure user is not already invited
var existingOrgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, email); var existingOrgUserCount = await _organizationUserRepository.GetCountByOrganizationAsync(
if(existingOrgUser != null) organizationId, email, false);
if(existingOrgUserCount > 0)
{ {
throw new BadRequestException("User already invited."); throw new BadRequestException("User already invited.");
} }
@ -940,8 +941,9 @@ namespace Bit.Core.Services
} }
} }
var existingOrgUser = await _organizationUserRepository.GetByOrganizationAsync(orgUser.OrganizationId, user.Email); var existingOrgUserCount = await _organizationUserRepository.GetCountByOrganizationAsync(
if(existingOrgUser != null) orgUser.OrganizationId, user.Email, true);
if(existingOrgUserCount > 0)
{ {
throw new BadRequestException("You are already part of this organization."); throw new BadRequestException("You are already part of this organization.");
} }

18
src/Sql/dbo/Stored Procedures/OrganizationUser_ReadByOrganizationIdEmail.sql
View File

@ -1,15 +1,21 @@
CREATE PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdEmail] CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
@OrganizationId UNIQUEIDENTIFIER, @OrganizationId UNIQUEIDENTIFIER,
@Email NVARCHAR(50) @Email NVARCHAR(50),
@OnlyUsers BIT
AS AS
BEGIN BEGIN
SET NOCOUNT ON SET NOCOUNT ON
SELECT SELECT
* COUNT(1)
FROM FROM
[dbo].[OrganizationUserView] [dbo].[OrganizationUser] OU
LEFT JOIN
[dbo].[User] U ON OU.[UserId] = U.[Id]
WHERE WHERE
[OrganizationId] = @OrganizationId OU.[OrganizationId] = @OrganizationId
AND [Email] = @Email AND (
(@OnlyUsers = 0 AND (OU.[Email] = @Email OR U.[Email] = @Email))
OR (@OnlyUsers = 1 AND U.[Email] = @Email)
)
END END

38
util/Setup/DbScripts/2017-11-13_IndexTuning.sql
View File

@ -1,4 +1,39 @@
IF EXISTS ( IF OBJECT_ID('[dbo].[OrganizationUser_ReadByOrganizationIdEmail]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdEmail]
END
GO
IF OBJECT_ID('[dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
END
GO
CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]
@OrganizationId UNIQUEIDENTIFIER,
@Email NVARCHAR(50),
@OnlyUsers BIT
AS
BEGIN
SET NOCOUNT ON
SELECT
COUNT(1)
FROM
[dbo].[OrganizationUser] OU
LEFT JOIN
[dbo].[User] U ON OU.[UserId] = U.[Id]
WHERE
OU.[OrganizationId] = @OrganizationId
AND (
(@OnlyUsers = 0 AND (OU.[Email] = @Email OR U.[Email] = @Email))
OR (@OnlyUsers = 1 AND U.[Email] = @Email)
)
END
GO
IF EXISTS (
SELECT * FROM sys.indexes WHERE [Name]='IX_Cipher_UserId_Type' SELECT * FROM sys.indexes WHERE [Name]='IX_Cipher_UserId_Type'
AND object_id = OBJECT_ID('[dbo].[Cipher]') AND object_id = OBJECT_ID('[dbo].[Cipher]')
) )
@ -39,4 +74,3 @@ BEGIN
INCLUDE ([AccessAll]) INCLUDE ([AccessAll])
END END
GO GO