nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Make error checking more robust per Justin

Browse Source
This commit is contained in:
Thomas Rittson 2025-04-01 15:23:26 +10:00
parent faa2ff8b1d
commit d1fff74504
No known key found for this signature in database
GPG Key ID: CDDDA03861C35E27
2 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Api/AdminConsole/Authorization/OrganizationRequirementHandler.cs
View File

@ -16,15 +16,11 @@ public class OrganizationRequirementHandler(
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, IOrganizationRequirement requirement)
{
var organizationId = httpContextAccessor.GetOrganizationId();
if (organizationId is null)
{
throw new Exception("No organizationId found in route. IOrganizationRequirement cannot be used on this endpoint.");
}
var organizationClaims = context.User.GetCurrentContextOrganization(organizationId.Value);
var organizationClaims = context.User.GetCurrentContextOrganization(organizationId);
var providerOrganizationContext = null; // TODO
var authorized = await requirement.AuthorizeAsync(organizationId.Value, organizationClaims, providerOrganizationContext);
var authorized = await requirement.AuthorizeAsync(organizationId, organizationClaims, providerOrganizationContext);
if (authorized)
{

7
src/Api/AdminConsole/Authorization/OrganizationRequirementHelpers.cs
View File

@ -4,17 +4,18 @@ namespace Bit.Api.AdminConsole.Authorization;
public static class OrganizationRequirementHelpers
{
public static Guid? GetOrganizationId(this IHttpContextAccessor httpContextAccessor)
public static Guid GetOrganizationId(this IHttpContextAccessor httpContextAccessor)
{
if (httpContextAccessor.HttpContext is null)
{
return null;
throw new InvalidOperationException("This method should only be called in the context of an HTTP Request.");
}
httpContextAccessor.HttpContext.GetRouteData().Values.TryGetValue("orgId", out var orgIdParam);
if (orgIdParam == null || !Guid.TryParse(orgIdParam.ToString(), out var orgId))
{
return null;
throw new InvalidOperationException(
"A route decorated with with '[Authorize<Requirement>]' should include a route value named 'orgId' either through the [Controller] attribute or through a '[Http*]' attribute.");
}
return orgId;