mirror of
https://github.com/bitwarden/server.git
synced 2025-07-06 10:32:49 -05:00
[PM-15420] Managed to Claimed (#5594)
* Renamed ManagedUserDomainClaimedEmails to ClaimedUserDomainClaimedEmails * Renamed method to improve clarity and consistency. Replaced `ValidateManagedUserDomainAsync` with `ValidateClaimedUserDomainAsync`. * Rename `GetOrganizationsManagingUserAsync` to `GetOrganizationsClaimingUserAsync`. This renaming clarifies the function's purpose, aligning its name with the concept of "claiming" rather than "managing" user associations. * Refactor variable naming in ValidateClaimedUserDomainAsync * Managed to claimed * Managed to claimed * Managed to claimed * Managing to Claiming * Managing to Claiming * Managing to Claiming * Managing to Claiming * Renamed DeleteManagedOrganizationUserAccountCommand to DeleteClaimedOrganizationUserAccountCommand * Renamed IDeleteManagedOrganizationUserAccountCommand to IDeleteClaimedOrganizationUserAccountCommand * Updated variable name * IsManagedBy to IsClaimedBy * Created new property. obsoleted old property and wired up for backward compatibility. * More Managed to Claimed renames. * Managed to Claimed * Fixing tests... 🤦 * Got the rest of em * missed the test 🤦 * fixed test.
This commit is contained in:
Jared McCannon
@ -154,6 +154,6 @@ public class VerifyOrganizationDomainCommand(
|
||||
|
||||
var organization = await organizationRepository.GetByIdAsync(domain.OrganizationId);
|
||||
|
||||
await mailService.SendClaimedDomainUserEmailAsync(new ManagedUserDomainClaimedEmails(domainUserEmails, organization));
|
||||
await mailService.SendClaimedDomainUserEmailAsync(new ClaimedUserDomainClaimedEmails(domainUserEmails, organization));
|
||||
}
|
||||
}
|
||||
|
||||
@ -15,11 +15,11 @@ using Bit.Core.Tools.Services;
|
||||
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers;
|
||||
|
||||
public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganizationUserAccountCommand
|
||||
public class DeleteClaimedOrganizationUserAccountCommand : IDeleteClaimedOrganizationUserAccountCommand
|
||||
{
|
||||
private readonly IUserService _userService;
|
||||
private readonly IEventService _eventService;
|
||||
private readonly IGetOrganizationUsersManagementStatusQuery _getOrganizationUsersManagementStatusQuery;
|
||||
private readonly IGetOrganizationUsersClaimedStatusQuery _getOrganizationUsersClaimedStatusQuery;
|
||||
private readonly IOrganizationUserRepository _organizationUserRepository;
|
||||
private readonly IUserRepository _userRepository;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
@ -28,10 +28,10 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
private readonly IPushNotificationService _pushService;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly IProviderUserRepository _providerUserRepository;
|
||||
public DeleteManagedOrganizationUserAccountCommand(
|
||||
public DeleteClaimedOrganizationUserAccountCommand(
|
||||
IUserService userService,
|
||||
IEventService eventService,
|
||||
IGetOrganizationUsersManagementStatusQuery getOrganizationUsersManagementStatusQuery,
|
||||
IGetOrganizationUsersClaimedStatusQuery getOrganizationUsersClaimedStatusQuery,
|
||||
IOrganizationUserRepository organizationUserRepository,
|
||||
IUserRepository userRepository,
|
||||
ICurrentContext currentContext,
|
||||
@ -43,7 +43,7 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
{
|
||||
_userService = userService;
|
||||
_eventService = eventService;
|
||||
_getOrganizationUsersManagementStatusQuery = getOrganizationUsersManagementStatusQuery;
|
||||
_getOrganizationUsersClaimedStatusQuery = getOrganizationUsersClaimedStatusQuery;
|
||||
_organizationUserRepository = organizationUserRepository;
|
||||
_userRepository = userRepository;
|
||||
_currentContext = currentContext;
|
||||
@ -62,10 +62,10 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
throw new NotFoundException("Member not found.");
|
||||
}
|
||||
|
||||
var managementStatus = await _getOrganizationUsersManagementStatusQuery.GetUsersOrganizationManagementStatusAsync(organizationId, new[] { organizationUserId });
|
||||
var claimedStatus = await _getOrganizationUsersClaimedStatusQuery.GetUsersOrganizationClaimedStatusAsync(organizationId, new[] { organizationUserId });
|
||||
var hasOtherConfirmedOwners = await _hasConfirmedOwnersExceptQuery.HasConfirmedOwnersExceptAsync(organizationId, new[] { organizationUserId }, includeProvider: true);
|
||||
|
||||
await ValidateDeleteUserAsync(organizationId, organizationUser, deletingUserId, managementStatus, hasOtherConfirmedOwners);
|
||||
await ValidateDeleteUserAsync(organizationId, organizationUser, deletingUserId, claimedStatus, hasOtherConfirmedOwners);
|
||||
|
||||
var user = await _userRepository.GetByIdAsync(organizationUser.UserId!.Value);
|
||||
if (user == null)
|
||||
@ -83,7 +83,7 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
var userIds = orgUsers.Where(ou => ou.UserId.HasValue).Select(ou => ou.UserId!.Value).ToList();
|
||||
var users = await _userRepository.GetManyAsync(userIds);
|
||||
|
||||
var managementStatus = await _getOrganizationUsersManagementStatusQuery.GetUsersOrganizationManagementStatusAsync(organizationId, orgUserIds);
|
||||
var claimedStatus = await _getOrganizationUsersClaimedStatusQuery.GetUsersOrganizationClaimedStatusAsync(organizationId, orgUserIds);
|
||||
var hasOtherConfirmedOwners = await _hasConfirmedOwnersExceptQuery.HasConfirmedOwnersExceptAsync(organizationId, orgUserIds, includeProvider: true);
|
||||
|
||||
var results = new List<(Guid OrganizationUserId, string? ErrorMessage)>();
|
||||
@ -97,7 +97,7 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
throw new NotFoundException("Member not found.");
|
||||
}
|
||||
|
||||
await ValidateDeleteUserAsync(organizationId, orgUser, deletingUserId, managementStatus, hasOtherConfirmedOwners);
|
||||
await ValidateDeleteUserAsync(organizationId, orgUser, deletingUserId, claimedStatus, hasOtherConfirmedOwners);
|
||||
|
||||
var user = users.FirstOrDefault(u => u.Id == orgUser.UserId);
|
||||
if (user == null)
|
||||
@ -129,7 +129,7 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
return results;
|
||||
}
|
||||
|
||||
private async Task ValidateDeleteUserAsync(Guid organizationId, OrganizationUser orgUser, Guid? deletingUserId, IDictionary<Guid, bool> managementStatus, bool hasOtherConfirmedOwners)
|
||||
private async Task ValidateDeleteUserAsync(Guid organizationId, OrganizationUser orgUser, Guid? deletingUserId, IDictionary<Guid, bool> claimedStatus, bool hasOtherConfirmedOwners)
|
||||
{
|
||||
if (!orgUser.UserId.HasValue || orgUser.Status == OrganizationUserStatusType.Invited)
|
||||
{
|
||||
@ -159,10 +159,9 @@ public class DeleteManagedOrganizationUserAccountCommand : IDeleteManagedOrganiz
|
||||
throw new BadRequestException("Custom users can not delete admins.");
|
||||
}
|
||||
|
||||
|
||||
if (!managementStatus.TryGetValue(orgUser.Id, out var isManaged) || !isManaged)
|
||||
if (!claimedStatus.TryGetValue(orgUser.Id, out var isClaimed) || !isClaimed)
|
||||
{
|
||||
throw new BadRequestException("Member is not managed by the organization.");
|
||||
throw new BadRequestException("Member is not claimed by the organization.");
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,12 +4,12 @@ using Bit.Core.Services;
|
||||
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers;
|
||||
|
||||
public class GetOrganizationUsersManagementStatusQuery : IGetOrganizationUsersManagementStatusQuery
|
||||
public class GetOrganizationUsersClaimedStatusQuery : IGetOrganizationUsersClaimedStatusQuery
|
||||
{
|
||||
private readonly IApplicationCacheService _applicationCacheService;
|
||||
private readonly IOrganizationUserRepository _organizationUserRepository;
|
||||
|
||||
public GetOrganizationUsersManagementStatusQuery(
|
||||
public GetOrganizationUsersClaimedStatusQuery(
|
||||
IApplicationCacheService applicationCacheService,
|
||||
IOrganizationUserRepository organizationUserRepository)
|
||||
{
|
||||
@ -17,11 +17,11 @@ public class GetOrganizationUsersManagementStatusQuery : IGetOrganizationUsersMa
|
||||
_organizationUserRepository = organizationUserRepository;
|
||||
}
|
||||
|
||||
public async Task<IDictionary<Guid, bool>> GetUsersOrganizationManagementStatusAsync(Guid organizationId, IEnumerable<Guid> organizationUserIds)
|
||||
public async Task<IDictionary<Guid, bool>> GetUsersOrganizationClaimedStatusAsync(Guid organizationId, IEnumerable<Guid> organizationUserIds)
|
||||
{
|
||||
if (organizationUserIds.Any())
|
||||
{
|
||||
// Users can only be managed by an Organization that is enabled and can have organization domains
|
||||
// Users can only be claimed by an Organization that is enabled and can have organization domains
|
||||
var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(organizationId);
|
||||
|
||||
// TODO: Replace "UseSso" with a new organization ability like "UseOrganizationDomains" (PM-11622).
|
||||
@ -31,7 +31,7 @@ public class GetOrganizationUsersManagementStatusQuery : IGetOrganizationUsersMa
|
||||
// Get all organization users with claimed domains by the organization
|
||||
var organizationUsersWithClaimedDomain = await _organizationUserRepository.GetManyByOrganizationWithClaimedDomainsAsync(organizationId);
|
||||
|
||||
// Create a dictionary with the OrganizationUserId and a boolean indicating if the user is managed by the organization
|
||||
// Create a dictionary with the OrganizationUserId and a boolean indicating if the user is claimed by the organization
|
||||
return organizationUserIds.ToDictionary(ouId => ouId, ouId => organizationUsersWithClaimedDomain.Any(ou => ou.Id == ouId));
|
||||
}
|
||||
}
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
|
||||
|
||||
public interface IDeleteManagedOrganizationUserAccountCommand
|
||||
public interface IDeleteClaimedOrganizationUserAccountCommand
|
||||
{
|
||||
/// <summary>
|
||||
/// Removes a user from an organization and deletes all of their associated user data.
|
||||
@ -1,19 +1,19 @@
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
|
||||
|
||||
public interface IGetOrganizationUsersManagementStatusQuery
|
||||
public interface IGetOrganizationUsersClaimedStatusQuery
|
||||
{
|
||||
/// <summary>
|
||||
/// Checks whether each user in the provided list of organization user IDs is managed by the specified organization.
|
||||
/// Checks whether each user in the provided list of organization user IDs is claimed by the specified organization.
|
||||
/// </summary>
|
||||
/// <param name="organizationId">The unique identifier of the organization to check against.</param>
|
||||
/// <param name="organizationUserIds">A list of OrganizationUserIds to be checked.</param>
|
||||
/// <remarks>
|
||||
/// A managed user is a user whose email domain matches one of the Organization's verified domains.
|
||||
/// A claimed user is a user whose email domain matches one of the Organization's verified domains.
|
||||
/// The organization must be enabled and be on an Enterprise plan.
|
||||
/// </remarks>
|
||||
/// <returns>
|
||||
/// A dictionary containing the OrganizationUserId and a boolean indicating if the user is managed by the organization.
|
||||
/// A dictionary containing the OrganizationUserId and a boolean indicating if the user is claimed by the organization.
|
||||
/// </returns>
|
||||
Task<IDictionary<Guid, bool>> GetUsersOrganizationManagementStatusAsync(Guid organizationId,
|
||||
Task<IDictionary<Guid, bool>> GetUsersOrganizationClaimedStatusAsync(Guid organizationId,
|
||||
IEnumerable<Guid> organizationUserIds);
|
||||
}
|
||||
@ -18,7 +18,7 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
private readonly IPushRegistrationService _pushRegistrationService;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly IHasConfirmedOwnersExceptQuery _hasConfirmedOwnersExceptQuery;
|
||||
private readonly IGetOrganizationUsersManagementStatusQuery _getOrganizationUsersManagementStatusQuery;
|
||||
private readonly IGetOrganizationUsersClaimedStatusQuery _getOrganizationUsersClaimedStatusQuery;
|
||||
private readonly IFeatureService _featureService;
|
||||
private readonly TimeProvider _timeProvider;
|
||||
|
||||
@ -38,7 +38,7 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
IPushRegistrationService pushRegistrationService,
|
||||
ICurrentContext currentContext,
|
||||
IHasConfirmedOwnersExceptQuery hasConfirmedOwnersExceptQuery,
|
||||
IGetOrganizationUsersManagementStatusQuery getOrganizationUsersManagementStatusQuery,
|
||||
IGetOrganizationUsersClaimedStatusQuery getOrganizationUsersClaimedStatusQuery,
|
||||
IFeatureService featureService,
|
||||
TimeProvider timeProvider)
|
||||
{
|
||||
@ -49,7 +49,7 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
_pushRegistrationService = pushRegistrationService;
|
||||
_currentContext = currentContext;
|
||||
_hasConfirmedOwnersExceptQuery = hasConfirmedOwnersExceptQuery;
|
||||
_getOrganizationUsersManagementStatusQuery = getOrganizationUsersManagementStatusQuery;
|
||||
_getOrganizationUsersClaimedStatusQuery = getOrganizationUsersClaimedStatusQuery;
|
||||
_featureService = featureService;
|
||||
_timeProvider = timeProvider;
|
||||
}
|
||||
@ -161,8 +161,8 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
|
||||
if (_featureService.IsEnabled(FeatureFlagKeys.AccountDeprovisioning) && deletingUserId.HasValue && eventSystemUser == null)
|
||||
{
|
||||
var managementStatus = await _getOrganizationUsersManagementStatusQuery.GetUsersOrganizationManagementStatusAsync(orgUser.OrganizationId, new[] { orgUser.Id });
|
||||
if (managementStatus.TryGetValue(orgUser.Id, out var isManaged) && isManaged)
|
||||
var claimedStatus = await _getOrganizationUsersClaimedStatusQuery.GetUsersOrganizationClaimedStatusAsync(orgUser.OrganizationId, new[] { orgUser.Id });
|
||||
if (claimedStatus.TryGetValue(orgUser.Id, out var isClaimed) && isClaimed)
|
||||
{
|
||||
throw new BadRequestException(RemoveClaimedAccountErrorMessage);
|
||||
}
|
||||
@ -214,8 +214,8 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
deletingUserIsOwner = await _currentContext.OrganizationOwner(organizationId);
|
||||
}
|
||||
|
||||
var managementStatus = _featureService.IsEnabled(FeatureFlagKeys.AccountDeprovisioning) && deletingUserId.HasValue && eventSystemUser == null
|
||||
? await _getOrganizationUsersManagementStatusQuery.GetUsersOrganizationManagementStatusAsync(organizationId, filteredUsers.Select(u => u.Id))
|
||||
var claimedStatus = _featureService.IsEnabled(FeatureFlagKeys.AccountDeprovisioning) && deletingUserId.HasValue && eventSystemUser == null
|
||||
? await _getOrganizationUsersClaimedStatusQuery.GetUsersOrganizationClaimedStatusAsync(organizationId, filteredUsers.Select(u => u.Id))
|
||||
: filteredUsers.ToDictionary(u => u.Id, u => false);
|
||||
var result = new List<(OrganizationUser OrganizationUser, string ErrorMessage)>();
|
||||
foreach (var orgUser in filteredUsers)
|
||||
@ -232,7 +232,7 @@ public class RemoveOrganizationUserCommand : IRemoveOrganizationUserCommand
|
||||
throw new BadRequestException(RemoveOwnerByNonOwnerErrorMessage);
|
||||
}
|
||||
|
||||
if (managementStatus.TryGetValue(orgUser.Id, out var isManaged) && isManaged)
|
||||
if (claimedStatus.TryGetValue(orgUser.Id, out var isClaimed) && isClaimed)
|
||||
{
|
||||
throw new BadRequestException(RemoveClaimedAccountErrorMessage);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user