diff --git a/src/Api/Public/Controllers/GroupsController.cs b/src/Api/Public/Controllers/GroupsController.cs
index c43f345dd5..4b67b9e61c 100644
--- a/src/Api/Public/Controllers/GroupsController.cs
+++ b/src/Api/Public/Controllers/GroupsController.cs
@@ -139,6 +139,29 @@ namespace Bit.Api.Public.Controllers
return new JsonResult(response);
}
+ ///
+ /// Update a group's members.
+ ///
+ ///
+ /// Updates the specified group's member associations.
+ ///
+ /// The identifier of the group to be updated.
+ /// The request model.
+ [HttpPut("{id}/member-ids")]
+ [ProducesResponseType((int)HttpStatusCode.OK)]
+ [ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
+ [ProducesResponseType((int)HttpStatusCode.NotFound)]
+ public async Task PutMemberIds(Guid id, [FromBody]UpdateMemberIdsRequestModel model)
+ {
+ var existingGroup = await _groupRepository.GetByIdAsync(id);
+ if(existingGroup == null || existingGroup.OrganizationId != _currentContext.OrganizationId)
+ {
+ return new NotFoundResult();
+ }
+ await _groupRepository.UpdateUsersAsync(existingGroup.Id, model.MemberIds);
+ return new OkResult();
+ }
+
///
/// Delete a group.
///
diff --git a/src/Api/Public/Controllers/MembersController.cs b/src/Api/Public/Controllers/MembersController.cs
index 76c078e545..93ed8e1a7d 100644
--- a/src/Api/Public/Controllers/MembersController.cs
+++ b/src/Api/Public/Controllers/MembersController.cs
@@ -159,6 +159,29 @@ namespace Bit.Api.Public.Controllers
return new JsonResult(response);
}
+ ///
+ /// Update a member's groups.
+ ///
+ ///
+ /// Updates the specified member's group associations.
+ ///
+ /// The identifier of the member to be updated.
+ /// The request model.
+ [HttpPut("{id}/group-ids")]
+ [ProducesResponseType((int)HttpStatusCode.OK)]
+ [ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
+ [ProducesResponseType((int)HttpStatusCode.NotFound)]
+ public async Task PutGroupIds(Guid id, [FromBody]UpdateGroupIdsRequestModel model)
+ {
+ var existingUser = await _organizationUserRepository.GetByIdAsync(id);
+ if(existingUser == null || existingUser.OrganizationId != _currentContext.OrganizationId)
+ {
+ return new NotFoundResult();
+ }
+ await _organizationService.UpdateUserGroupsAsync(existingUser, model.GroupIds);
+ return new OkResult();
+ }
+
///
/// Delete a member.
///
diff --git a/src/Core/Models/Api/Public/Request/UpdateGroupIdsRequestModel.cs b/src/Core/Models/Api/Public/Request/UpdateGroupIdsRequestModel.cs
new file mode 100644
index 0000000000..a3fc7df5d3
--- /dev/null
+++ b/src/Core/Models/Api/Public/Request/UpdateGroupIdsRequestModel.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+
+namespace Bit.Core.Models.Api.Public
+{
+ public class UpdateGroupIdsRequestModel
+ {
+ ///
+ /// The associated group ids that this object can access.
+ ///
+ public IEnumerable GroupIds { get; set; }
+ }
+}
diff --git a/src/Core/Models/Api/Public/Request/UpdateMemberIdsRequestModel.cs b/src/Core/Models/Api/Public/Request/UpdateMemberIdsRequestModel.cs
new file mode 100644
index 0000000000..c1bf602c0b
--- /dev/null
+++ b/src/Core/Models/Api/Public/Request/UpdateMemberIdsRequestModel.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+
+namespace Bit.Core.Models.Api.Public
+{
+ public class UpdateMemberIdsRequestModel
+ {
+ ///
+ /// The associated member ids that have access to this object.
+ ///
+ public IEnumerable MemberIds { get; set; }
+ }
+}