nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

Revert "Merge branch 'main' into ac/ac-1682/ef-migrations"

Browse Source 
This reverts commit f98646a722, reversing
changes made to 7dfd2821f1.
This commit is contained in:
Rui Tome
2024-04-03 15:52:54 +01:00
parent bd3b21b969
commit e027bb4956
97 changed files with 998 additions and 2552 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/Api.IntegrationTest/Factories/ApiApplicationFactory.cs
View File

@ -64,13 +64,4 @@ public class ApiApplicationFactory : WebApplicationFactoryBase<Startup>
base.Dispose(disposing);
SqliteConnection.Dispose();
}
/// <summary>
/// Helper for logging in via client secret.
/// Currently used for Secrets Manager service accounts
/// </summary>
public async Task<string> LoginWithClientSecretAsync(Guid clientId, string clientSecret)
{
return await _identityApplicationFactory.TokenFromAccessTokenAsync(clientId, clientSecret);
}
}

199
test/Api.IntegrationTest/SecretsManager/Controllers/AccessPoliciesControllerTests.cs
View File

@ -1,7 +1,7 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Enums;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.Models.Response;
using Bit.Api.SecretsManager.Models.Request;
using Bit.Api.SecretsManager.Models.Response;
@ -28,7 +28,6 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
private readonly IProjectRepository _projectRepository;
private readonly IServiceAccountRepository _serviceAccountRepository;
private readonly IGroupRepository _groupRepository;
private readonly LoginHelper _loginHelper;
private string _email = null!;
private SecretsManagerOrganizationHelper _organizationHelper = null!;
@ -40,7 +39,6 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
_serviceAccountRepository = _factory.GetService<IServiceAccountRepository>();
_projectRepository = _factory.GetService<IProjectRepository>();
_groupRepository = _factory.GetService<IGroupRepository>();
_loginHelper = new LoginHelper(_factory, _client);
}
public async Task InitializeAsync()
@ -56,6 +54,12 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -67,7 +71,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateProjectAccessPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id);
@ -89,7 +93,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id);
var request = new AccessPoliciesCreateRequest
@ -111,7 +115,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateProjectAccessPolicies_MismatchedOrgIds_NotFound(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id, true);
await SetupProjectAndServiceAccountPermissionAsync(permissionType, projectId, serviceAccountId);
@ -136,7 +140,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateProjectAccessPolicies_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id);
await SetupProjectAndServiceAccountPermissionAsync(permissionType, projectId, serviceAccountId);
@ -155,7 +159,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ProjectAccessPoliciesResponseModel>();
Assert.NotNull(result);
Assert.Equal(serviceAccountId, result.ServiceAccountAccessPolicies.First().ServiceAccountId);
Assert.Equal(serviceAccountId, result!.ServiceAccountAccessPolicies.First().ServiceAccountId);
Assert.True(result.ServiceAccountAccessPolicies.First().Read);
Assert.True(result.ServiceAccountAccessPolicies.First().Write);
AssertHelper.AssertRecent(result.ServiceAccountAccessPolicies.First().RevisionDate);
@ -164,7 +168,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var createdAccessPolicy =
await _accessPolicyRepository.GetByIdAsync(result.ServiceAccountAccessPolicies.First().Id);
Assert.NotNull(createdAccessPolicy);
Assert.Equal(result.ServiceAccountAccessPolicies.First().Read, createdAccessPolicy.Read);
Assert.Equal(result.ServiceAccountAccessPolicies.First().Read, createdAccessPolicy!.Read);
Assert.Equal(result.ServiceAccountAccessPolicies.First().Write, createdAccessPolicy.Write);
Assert.Equal(result.ServiceAccountAccessPolicies.First().Id, createdAccessPolicy.Id);
AssertHelper.AssertRecent(createdAccessPolicy.CreationDate);
@ -182,7 +186,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task UpdateAccessPolicy_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
const bool expectedRead = true;
@ -199,7 +203,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var initData = await SetupAccessPolicyRequest(orgUser.OrganizationId);
@ -218,13 +222,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task UpdateAccessPolicy_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
@ -245,13 +249,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ServiceAccountProjectAccessPolicyResponseModel>();
Assert.NotNull(result);
Assert.Equal(expectedRead, result.Read);
Assert.Equal(expectedRead, result!.Read);
Assert.Equal(expectedWrite, result.Write);
AssertHelper.AssertRecent(result.RevisionDate);
var updatedAccessPolicy = await _accessPolicyRepository.GetByIdAsync(result.Id);
Assert.NotNull(updatedAccessPolicy);
Assert.Equal(expectedRead, updatedAccessPolicy.Read);
Assert.Equal(expectedRead, updatedAccessPolicy!.Read);
Assert.Equal(expectedWrite, updatedAccessPolicy.Write);
AssertHelper.AssertRecent(updatedAccessPolicy.RevisionDate);
}
@ -267,7 +271,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task DeleteAccessPolicy_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
var response = await _client.DeleteAsync($"/access-policies/{initData.AccessPolicyId}");
@ -280,7 +284,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var initData = await SetupAccessPolicyRequest(orgUser.OrganizationId);
@ -295,13 +299,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task DeleteAccessPolicy_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
@ -323,7 +327,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectAccessPolicies_ReturnsEmpty()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -337,7 +341,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ProjectAccessPoliciesResponseModel>();
Assert.NotNull(result);
Assert.Empty(result.UserAccessPolicies);
Assert.Empty(result!.UserAccessPolicies);
Assert.Empty(result.GroupAccessPolicies);
Assert.Empty(result.ServiceAccountAccessPolicies);
}
@ -353,7 +357,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectAccessPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
@ -367,7 +371,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var initData = await SetupAccessPolicyRequest(orgUser.OrganizationId);
@ -382,13 +386,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectAccessPolicies(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
@ -405,7 +409,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ProjectAccessPoliciesResponseModel>();
Assert.NotNull(result?.ServiceAccountAccessPolicies);
Assert.Single(result.ServiceAccountAccessPolicies);
Assert.Single(result!.ServiceAccountAccessPolicies);
}
[Theory]
@ -419,7 +423,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetPeoplePotentialGrantees_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response =
await _client.GetAsync(
@ -433,12 +437,12 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetPeoplePotentialGrantees_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
}
var response =
@ -449,7 +453,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<PotentialGranteeResponseModel>>();
Assert.NotNull(result?.Data);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
}
[Theory]
@ -463,7 +467,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountPotentialGrantees_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response =
await _client.GetAsync(
@ -477,7 +481,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -494,7 +498,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<PotentialGranteeResponseModel>>();
Assert.NotNull(result?.Data);
Assert.Empty(result.Data);
Assert.Empty(result!.Data);
}
[Theory]
@ -503,7 +507,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountsPotentialGrantees_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -514,7 +518,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _accessPolicyRepository.CreateManyAsync(
new List<BaseAccessPolicy>
@ -537,7 +541,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<PotentialGranteeResponseModel>>();
Assert.NotNull(result?.Data);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(serviceAccount.Id, result.Data.First(x => x.Id == serviceAccount.Id).Id);
}
@ -552,7 +556,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectPotentialGrantees_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response =
await _client.GetAsync(
@ -566,7 +570,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _projectRepository.CreateAsync(new Project { OrganizationId = org.Id, Name = _mockEncryptedString });
@ -579,7 +583,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<PotentialGranteeResponseModel>>();
Assert.NotNull(result?.Data);
Assert.Empty(result.Data);
Assert.Empty(result!.Data);
}
[Theory]
@ -588,7 +592,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectPotentialGrantees_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -599,7 +603,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _accessPolicyRepository.CreateManyAsync(
new List<BaseAccessPolicy>
@ -619,7 +623,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<PotentialGranteeResponseModel>>();
Assert.NotNull(result?.Data);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(project.Id, result.Data.First(x => x.Id == project.Id).Id);
}
@ -634,7 +638,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateServiceAccountGrantedPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -655,7 +659,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -683,7 +687,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateServiceAccountGrantedPolicies_MismatchedOrgId_NotFound(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id, true);
await SetupProjectAndServiceAccountPermissionAsync(permissionType, projectId, serviceAccountId);
@ -703,7 +707,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task CreateServiceAccountGrantedPolicies_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (projectId, serviceAccountId) = await CreateProjectAndServiceAccountAsync(org.Id);
await SetupProjectAndServiceAccountPermissionAsync(permissionType, projectId, serviceAccountId);
@ -719,13 +723,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
.ReadFromJsonAsync<ListResponseModel<ServiceAccountProjectAccessPolicyResponseModel>>();
Assert.NotNull(result);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(projectId, result.Data.First().GrantedProjectId);
var createdAccessPolicy =
await _accessPolicyRepository.GetByIdAsync(result.Data.First().Id);
Assert.NotNull(createdAccessPolicy);
Assert.Equal(result.Data.First().Read, createdAccessPolicy.Read);
Assert.Equal(result.Data.First().Read, createdAccessPolicy!.Read);
Assert.Equal(result.Data.First().Write, createdAccessPolicy.Write);
Assert.Equal(result.Data.First().Id, createdAccessPolicy.Id);
AssertHelper.AssertRecent(createdAccessPolicy.CreationDate);
@ -743,7 +747,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountGrantedPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
var response = await _client.GetAsync($"/service-accounts/{initData.ServiceAccountId}/granted-policies");
@ -754,7 +758,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountGrantedPolicies_ReturnsEmpty()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -769,7 +773,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
.ReadFromJsonAsync<ListResponseModel<ServiceAccountProjectAccessPolicyResponseModel>>();
Assert.NotNull(result);
Assert.Empty(result.Data);
Assert.Empty(result!.Data);
}
[Fact]
@ -778,7 +782,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
// Create a new account as a user
await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var initData = await SetupAccessPolicyRequest(orgUser.OrganizationId);
@ -788,7 +792,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
.ReadFromJsonAsync<ListResponseModel<ServiceAccountProjectAccessPolicyResponseModel>>();
Assert.NotNull(result);
Assert.Empty(result.Data);
Assert.Empty(result!.Data);
}
[Theory]
@ -797,13 +801,13 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountGrantedPolicies(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initData = await SetupAccessPolicyRequest(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
@ -821,7 +825,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
.ReadFromJsonAsync<ListResponseModel<ServiceAccountProjectAccessPolicyResponseModel>>();
Assert.NotNull(result?.Data);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(initData.ServiceAccountId, result.Data.First().ServiceAccountId);
Assert.NotNull(result.Data.First().ServiceAccountName);
Assert.NotNull(result.Data.First().GrantedProjectName);
@ -838,7 +842,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectPeopleAccessPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -854,7 +858,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectPeopleAccessPolicies_ReturnsEmpty()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -868,7 +872,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ProjectPeopleAccessPoliciesResponseModel>();
Assert.NotNull(result);
Assert.Empty(result.UserAccessPolicies);
Assert.Empty(result!.UserAccessPolicies);
Assert.Empty(result.GroupAccessPolicies);
}
@ -877,7 +881,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
{
await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -896,7 +900,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetProjectPeopleAccessPolicies_Success(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, _) = await SetupProjectPeoplePermissionAsync(permissionType, organizationUser);
@ -906,7 +910,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ProjectPeopleAccessPoliciesResponseModel>();
Assert.NotNull(result?.UserAccessPolicies);
Assert.Single(result.UserAccessPolicies);
Assert.Single(result!.UserAccessPolicies);
}
[Theory]
@ -920,7 +924,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutProjectPeopleAccessPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (_, organizationUser) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, request) = await SetupProjectPeopleRequestAsync(PermissionType.RunAsAdmin, organizationUser);
@ -933,7 +937,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, organizationUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -960,7 +964,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutProjectPeopleAccessPolicies_MismatchedOrgIds_NotFound(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, request) = await SetupProjectPeopleRequestAsync(permissionType, organizationUser);
var newOrg = await _organizationHelper.CreateSmOrganizationAsync();
@ -985,7 +989,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutProjectPeopleAccessPolicies_Success(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, request) = await SetupProjectPeopleRequestAsync(permissionType, organizationUser);
@ -996,14 +1000,14 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
Assert.NotNull(result);
Assert.Equal(request.UserAccessPolicyRequests.First().GranteeId,
result.UserAccessPolicies.First().OrganizationUserId);
result!.UserAccessPolicies.First().OrganizationUserId);
Assert.True(result.UserAccessPolicies.First().Read);
Assert.True(result.UserAccessPolicies.First().Write);
var createdAccessPolicy =
await _accessPolicyRepository.GetByIdAsync(result.UserAccessPolicies.First().Id);
Assert.NotNull(createdAccessPolicy);
Assert.Equal(result.UserAccessPolicies.First().Read, createdAccessPolicy.Read);
Assert.Equal(result.UserAccessPolicies.First().Read, createdAccessPolicy!.Read);
Assert.Equal(result.UserAccessPolicies.First().Write, createdAccessPolicy.Write);
Assert.Equal(result.UserAccessPolicies.First().Id, createdAccessPolicy.Id);
}
@ -1019,7 +1023,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountPeopleAccessPolicies_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
OrganizationId = org.Id,
@ -1034,7 +1038,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountPeopleAccessPolicies_ReturnsEmpty()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -1048,7 +1052,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ServiceAccountPeopleAccessPoliciesResponseModel>();
Assert.NotNull(result);
Assert.Empty(result.UserAccessPolicies);
Assert.Empty(result!.UserAccessPolicies);
Assert.Empty(result.GroupAccessPolicies);
}
@ -1057,7 +1061,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -1076,7 +1080,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task GetServiceAccountPeopleAccessPolicies_Success(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (serviceAccount, _) = await SetupServiceAccountPeoplePermissionAsync(permissionType, organizationUser);
@ -1086,7 +1090,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
var result = await response.Content.ReadFromJsonAsync<ServiceAccountPeopleAccessPoliciesResponseModel>();
Assert.NotNull(result?.UserAccessPolicies);
Assert.Single(result.UserAccessPolicies);
Assert.Single(result!.UserAccessPolicies);
}
[Theory]
@ -1096,7 +1100,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutServiceAccountPeopleAccessPolicies_SmNotEnabled_NotFound(bool useSecrets, bool accessSecrets)
{
var (_, organizationUser) = await _organizationHelper.Initialize(useSecrets, accessSecrets, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (serviceAccount, request) = await SetupServiceAccountPeopleRequestAsync(PermissionType.RunAsAdmin, organizationUser);
@ -1109,7 +1113,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, organizationUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -1137,7 +1141,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutServiceAccountPeopleAccessPolicies_MismatchedOrgIds_NotFound(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (serviceAccount, request) = await SetupServiceAccountPeopleRequestAsync(permissionType, organizationUser);
var newOrg = await _organizationHelper.CreateSmOrganizationAsync();
@ -1162,7 +1166,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
public async Task PutServiceAccountPeopleAccessPolicies_Success(PermissionType permissionType)
{
var (_, organizationUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (serviceAccount, request) = await SetupServiceAccountPeopleRequestAsync(permissionType, organizationUser);
@ -1173,14 +1177,14 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
Assert.NotNull(result);
Assert.Equal(request.UserAccessPolicyRequests.First().GranteeId,
result.UserAccessPolicies.First().OrganizationUserId);
result!.UserAccessPolicies.First().OrganizationUserId);
Assert.True(result.UserAccessPolicies.First().Read);
Assert.True(result.UserAccessPolicies.First().Write);
var createdAccessPolicy =
await _accessPolicyRepository.GetByIdAsync(result.UserAccessPolicies.First().Id);
Assert.NotNull(createdAccessPolicy);
Assert.Equal(result.UserAccessPolicies.First().Read, createdAccessPolicy.Read);
Assert.Equal(result.UserAccessPolicies.First().Read, createdAccessPolicy!.Read);
Assert.Equal(result.UserAccessPolicies.First().Write, createdAccessPolicy.Write);
Assert.Equal(result.UserAccessPolicies.First().Id, createdAccessPolicy.Id);
}
@ -1229,7 +1233,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
organizationUser = orgUser;
}
@ -1261,7 +1265,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
organizationUser = orgUser;
}
@ -1338,7 +1342,7 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
@ -1357,6 +1361,35 @@ public class AccessPoliciesControllerTests : IClassFixture<ApiApplicationFactory
}
}
private async Task<AccessPoliciesCreateRequest> SetupUserServiceAccountAccessPolicyRequestAsync(
PermissionType permissionType, Guid userId, Guid serviceAccountId)
{
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, newOrgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserServiceAccountAccessPolicy
{
GrantedServiceAccountId = serviceAccountId,
OrganizationUserId = newOrgUser.Id,
Read = true,
Write = true,
},
};
await _accessPolicyRepository.CreateManyAsync(accessPolicies);
}
return new AccessPoliciesCreateRequest
{
UserAccessPolicyRequests = new List<AccessPolicyRequest>
{
new() { GranteeId = userId, Read = true, Write = true },
},
};
}
private class RequestSetupData
{
public Guid ProjectId { get; set; }

59
test/Api.IntegrationTest/SecretsManager/Controllers/ProjectsControllerTests.cs
View File

@ -1,7 +1,7 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Enums;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.Models.Response;
using Bit.Api.SecretsManager.Models.Request;
using Bit.Api.SecretsManager.Models.Response;
@ -10,6 +10,7 @@ using Bit.Core.Enums;
using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories;
using Bit.Test.Common.Helpers;
using Pipelines.Sockets.Unofficial.Arenas;
using Xunit;
namespace Bit.Api.IntegrationTest.SecretsManager.Controllers;
@ -23,7 +24,6 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
private readonly ApiApplicationFactory _factory;
private readonly IProjectRepository _projectRepository;
private readonly IAccessPolicyRepository _accessPolicyRepository;
private readonly LoginHelper _loginHelper;
private string _email = null!;
private SecretsManagerOrganizationHelper _organizationHelper = null!;
@ -34,7 +34,6 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
_client = _factory.CreateClient();
_projectRepository = _factory.GetService<IProjectRepository>();
_accessPolicyRepository = _factory.GetService<IAccessPolicyRepository>();
_loginHelper = new LoginHelper(_factory, _client);
}
public async Task InitializeAsync()
@ -50,6 +49,12 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -61,7 +66,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task ListByOrganization_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response = await _client.GetAsync($"/organizations/{org.Id}/projects");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -72,7 +77,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await CreateProjectsAsync(org.Id);
@ -81,7 +86,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<ProjectResponseModel>>();
Assert.NotNull(result);
Assert.Empty(result.Data);
Assert.Empty(result!.Data);
}
[Theory]
@ -96,7 +101,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<ProjectResponseModel>>();
Assert.NotNull(result);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(projectIds.Count, result.Data.Count());
}
@ -111,7 +116,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Create_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new ProjectCreateRequestModel { Name = _mockEncryptedString };
@ -124,7 +129,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
[InlineData(PermissionType.RunAsUserWithPermission)]
public async Task Create_AtMaxProjects_BadRequest(PermissionType permissionType)
{
var (_, organization) = await SetupProjectsWithAccessAsync(permissionType);
var (_, organization) = await SetupProjectsWithAccessAsync(permissionType, 3);
var request = new ProjectCreateRequestModel { Name = _mockEncryptedString };
var response = await _client.PostAsJsonAsync($"/organizations/{organization.Id}/projects", request);
@ -138,14 +143,14 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Create_Success(PermissionType permissionType)
{
var (org, adminOrgUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var orgUserId = adminOrgUser.Id;
var currentUserId = adminOrgUser.UserId!.Value;
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
orgUserId = orgUser.Id;
currentUserId = orgUser.UserId!.Value;
}
@ -157,7 +162,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
var result = await response.Content.ReadFromJsonAsync<ProjectResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
AssertHelper.AssertRecent(result.RevisionDate);
AssertHelper.AssertRecent(result.CreationDate);
@ -191,7 +196,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Update_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initialProject = await _projectRepository.CreateAsync(new Project
{
@ -239,7 +244,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Update_NonExistingProject_NotFound()
{
await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new ProjectUpdateRequestModel
{
@ -257,7 +262,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -287,7 +292,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Get_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -308,7 +313,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var createdProject = await _projectRepository.CreateAsync(new Project
{
@ -325,7 +330,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var createdProject = await _projectRepository.CreateAsync(new Project
{
@ -333,7 +338,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
Name = _mockEncryptedString,
});
await _client.PostAsync("/projects/delete", JsonContent.Create(createdProject.Id));
var deleteResponse = await _client.PostAsync("/projects/delete", JsonContent.Create(createdProject.Id));
var response = await _client.GetAsync($"/projects/{createdProject.Id}");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -367,7 +372,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
public async Task Delete_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var projectIds = await CreateProjectsAsync(org.Id);
@ -380,7 +385,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var projectIds = await CreateProjectsAsync(org.Id);
@ -389,7 +394,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
var results = await response.Content.ReadFromJsonAsync<ListResponseModel<BulkDeleteResponseModel>>();
Assert.NotNull(results);
Assert.Equal(projectIds.OrderBy(x => x),
results.Data.Select(x => x.Id).OrderBy(x => x));
results!.Data.Select(x => x.Id).OrderBy(x => x));
Assert.All(results.Data, item => Assert.Equal("access denied", item.Error));
}
@ -406,7 +411,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
var results = await response.Content.ReadFromJsonAsync<ListResponseModel<BulkDeleteResponseModel>>();
Assert.NotNull(results);
Assert.Equal(projectIds.OrderBy(x => x),
results.Data.Select(x => x.Id).OrderBy(x => x));
results!.Data.Select(x => x.Id).OrderBy(x => x));
Assert.DoesNotContain(results.Data, x => x.Error != null);
var projects = await _projectRepository.GetManyWithSecretsByIds(projectIds);
@ -433,7 +438,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
int projectsToCreate = 3)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var projectIds = await CreateProjectsAsync(org.Id, projectsToCreate);
if (permissionType == PermissionType.RunAsAdmin)
@ -442,7 +447,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
}
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = projectIds.Select(projectId => new UserProjectAccessPolicy
{
@ -462,7 +467,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
private async Task<Project> SetupProjectWithAccessAsync(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initialProject = await _projectRepository.CreateAsync(new Project
{
@ -476,7 +481,7 @@ public class ProjectsControllerTests : IClassFixture<ApiApplicationFactory>, IAs
}
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{

173
test/Api.IntegrationTest/SecretsManager/Controllers/SecretsControllerTests.cs
View File

@ -1,7 +1,7 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Enums;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.Models.Response;
using Bit.Api.SecretsManager.Models.Request;
using Bit.Api.SecretsManager.Models.Response;
@ -23,7 +23,6 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
private readonly ISecretRepository _secretRepository;
private readonly IProjectRepository _projectRepository;
private readonly IAccessPolicyRepository _accessPolicyRepository;
private readonly LoginHelper _loginHelper;
private string _email = null!;
private SecretsManagerOrganizationHelper _organizationHelper = null!;
@ -35,7 +34,6 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
_secretRepository = _factory.GetService<ISecretRepository>();
_projectRepository = _factory.GetService<IProjectRepository>();
_accessPolicyRepository = _factory.GetService<IAccessPolicyRepository>();
_loginHelper = new LoginHelper(_factory, _client);
}
public async Task InitializeAsync()
@ -51,6 +49,12 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -62,7 +66,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task ListByOrganization_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response = await _client.GetAsync($"/organizations/{org.Id}/secrets");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -73,8 +77,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
[InlineData(PermissionType.RunAsUserWithPermission)]
public async Task ListByOrganization_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
var (org, orgUserOwner) = await _organizationHelper.Initialize(true, true, true);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -86,7 +90,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
@ -118,7 +122,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
var result = await response.Content.ReadFromJsonAsync<SecretWithProjectsListResponseModel>();
Assert.NotNull(result);
Assert.NotEmpty(result.Secrets);
Assert.NotEmpty(result!.Secrets);
Assert.Equal(secretIds.Count, result.Secrets.Count());
}
@ -133,7 +137,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task Create_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new SecretCreateRequestModel
{
@ -150,7 +154,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task CreateWithoutProject_RunAsAdmin_Success()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new SecretCreateRequestModel
{
@ -164,7 +168,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
var result = await response.Content.ReadFromJsonAsync<SecretResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Key, result.Key);
Assert.Equal(request.Key, result!.Key);
Assert.Equal(request.Value, result.Value);
Assert.Equal(request.Note, result.Note);
AssertHelper.AssertRecent(result.RevisionDate);
@ -184,7 +188,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task CreateWithDifferentProjectOrgId_RunAsAdmin_NotFound()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var anotherOrg = await _organizationHelper.CreateSmOrganizationAsync();
var project =
@ -206,7 +210,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task CreateWithMultipleProjects_RunAsAdmin_BadRequest()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var projectA = await _projectRepository.CreateAsync(new Project { OrganizationId = org.Id, Name = "123A" });
var projectB = await _projectRepository.CreateAsync(new Project { OrganizationId = org.Id, Name = "123B" });
@ -227,8 +231,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task CreateWithoutProject_RunAsUser_NotFound()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await LoginAsync(email);
var request = new SecretCreateRequestModel
{
@ -247,9 +251,9 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task CreateWithProject_Success(PermissionType permissionType)
{
var (org, orgAdminUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var accessType = AccessClientType.NoAccessCheck;
AccessClientType accessType = AccessClientType.NoAccessCheck;
var project = await _projectRepository.CreateAsync(new Project()
{
@ -263,12 +267,12 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
accessType = AccessClientType.User;
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
new Core.SecretsManager.Entities.UserProjectAccessPolicy
{
GrantedProjectId = project.Id, OrganizationUserId = orgUser.Id , Read = true, Write = true,
},
@ -292,7 +296,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
var secret = result.Secret;
Assert.NotNull(secretResult);
Assert.Equal(secret.Id, secretResult.Id);
Assert.Equal(secret.Id, secretResult!.Id);
Assert.Equal(secret.OrganizationId, secretResult.OrganizationId);
Assert.Equal(secret.Key, secretResult.Key);
Assert.Equal(secret.Value, secretResult.Value);
@ -312,7 +316,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task Get_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -332,7 +336,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task Get_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project()
{
@ -344,7 +348,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
@ -357,8 +361,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
}
else
{
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.Admin, true);
await _loginHelper.LoginAsync(email);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.Admin, true);
await LoginAsync(email);
}
var secret = await _secretRepository.CreateAsync(new Secret
@ -391,7 +395,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task GetSecretsByProject_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project
{
@ -407,8 +411,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task GetSecretsByProject_UserWithNoPermission_EmptyList()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await LoginAsync(email);
var project = await _projectRepository.CreateAsync(new Project()
{
@ -417,7 +421,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
Name = _mockEncryptedString
});
await _secretRepository.CreateAsync(new Secret
var secret = await _secretRepository.CreateAsync(new Secret
{
OrganizationId = org.Id,
Key = _mockEncryptedString,
@ -430,8 +434,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<SecretWithProjectsListResponseModel>();
Assert.NotNull(result);
Assert.Empty(result.Secrets);
Assert.Empty(result.Projects);
Assert.Empty(result!.Secrets);
Assert.Empty(result!.Projects);
}
[Theory]
@ -440,7 +444,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task GetSecretsByProject_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project()
{
@ -452,7 +456,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
@ -497,7 +501,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task Update_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -521,18 +525,32 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
[Theory]
[InlineData(PermissionType.RunAsAdmin)]
[InlineData(PermissionType.RunAsUserWithPermission)]
[InlineData(PermissionType.RunAsServiceAccountWithPermission)]
public async Task Update_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await LoginAsync(_email);
var project = await _projectRepository.CreateAsync(new Project()
{
Id = Guid.NewGuid(),
Id = new Guid(),
OrganizationId = org.Id,
Name = _mockEncryptedString
});
await SetupProjectPermissionAndLoginAsync(permissionType, project);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
{
GrantedProjectId = project.Id, OrganizationUserId = orgUser.Id, Read = true, Write = true,
},
};
await _accessPolicyRepository.CreateManyAsync(accessPolicies);
}
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -540,7 +558,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
Key = _mockEncryptedString,
Value = _mockEncryptedString,
Note = _mockEncryptedString,
Projects = permissionType != PermissionType.RunAsAdmin ? new List<Project>() { project } : null
Projects = permissionType == PermissionType.RunAsUserWithPermission ? new List<Project>() { project } : null
});
var request = new SecretUpdateRequestModel()
@ -548,7 +566,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
Key = _mockEncryptedString,
Value = "2.3Uk+WNBIoU5xzmVFNcoWzz==|1MsPIYuRfdOHfu/0uY6H2Q==|/98xy4wb6pHP1VTZ9JcNCYgQjEUMFPlqJgCwRk1YXKg=",
Note = _mockEncryptedString,
ProjectIds = permissionType != PermissionType.RunAsAdmin ? new Guid[] { project.Id } : null
ProjectIds = permissionType == PermissionType.RunAsUserWithPermission ? new Guid[] { project.Id } : null
};
var response = await _client.PutAsJsonAsync($"/secrets/{secret.Id}", request);
@ -577,7 +595,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task UpdateWithDifferentProjectOrgId_RunAsAdmin_NotFound()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var anotherOrg = await _organizationHelper.CreateSmOrganizationAsync();
var project = await _projectRepository.CreateAsync(new Project { Name = "123", OrganizationId = anotherOrg.Id });
@ -606,7 +624,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task UpdateWithMultipleProjects_BadRequest()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var projectA = await _projectRepository.CreateAsync(new Project { OrganizationId = org.Id, Name = "123A" });
var projectB = await _projectRepository.CreateAsync(new Project { OrganizationId = org.Id, Name = "123B" });
@ -642,7 +660,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task Delete_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -662,34 +680,33 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var (_, secretIds) = await CreateSecretsAsync(org.Id);
var (_, secretIds) = await CreateSecretsAsync(org.Id, 3);
var response = await _client.PostAsync("/secrets/delete", JsonContent.Create(secretIds));
var results = await response.Content.ReadFromJsonAsync<ListResponseModel<BulkDeleteResponseModel>>();
Assert.NotNull(results);
Assert.Equal(secretIds.OrderBy(x => x),
results.Data.Select(x => x.Id).OrderBy(x => x));
results!.Data.Select(x => x.Id).OrderBy(x => x));
Assert.All(results.Data, item => Assert.Equal("access denied", item.Error));
}
[Theory]
[InlineData(PermissionType.RunAsAdmin)]
[InlineData(PermissionType.RunAsUserWithPermission)]
[InlineData(PermissionType.RunAsServiceAccountWithPermission)]
public async Task Delete_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, secretIds) = await CreateSecretsAsync(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
@ -706,8 +723,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
var results = await response.Content.ReadFromJsonAsync<ListResponseModel<BulkDeleteResponseModel>>();
Assert.NotNull(results?.Data);
Assert.Equal(secretIds.Count, results.Data.Count());
foreach (var result in results.Data)
Assert.Equal(secretIds.Count, results!.Data.Count());
foreach (var result in results!.Data)
{
Assert.Contains(result.Id, secretIds);
Assert.Null(result.Error);
@ -728,7 +745,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task GetSecretsByIds_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -750,14 +767,14 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
public async Task GetSecretsByIds_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var (project, secretIds) = await CreateSecretsAsync(org.Id);
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
@ -771,7 +788,7 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
else
{
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.Admin, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
}
var request = new GetSecretsRequestModel { Ids = secretIds };
@ -780,8 +797,8 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<BaseSecretResponseModel>>();
Assert.NotNull(result);
Assert.NotEmpty(result.Data);
Assert.Equal(secretIds.Count, result.Data.Count());
Assert.NotEmpty(result!.Data);
Assert.Equal(secretIds.Count, result!.Data.Count());
}
private async Task<(Project Project, List<Guid> secretIds)> CreateSecretsAsync(Guid orgId, int numberToCreate = 3)
@ -809,48 +826,4 @@ public class SecretsControllerTests : IClassFixture<ApiApplicationFactory>, IAsy
return (project, secretIds);
}
private async Task SetupProjectPermissionAndLoginAsync(PermissionType permissionType, Project project)
{
switch (permissionType)
{
case PermissionType.RunAsAdmin:
{
await _loginHelper.LoginAsync(_email);
break;
}
case PermissionType.RunAsUserWithPermission:
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{
new UserProjectAccessPolicy
{
GrantedProjectId = project.Id, OrganizationUserId = orgUser.Id, Read = true, Write = true,
},
};
await _accessPolicyRepository.CreateManyAsync(accessPolicies);
break;
}
case PermissionType.RunAsServiceAccountWithPermission:
{
var apiKeyDetails = await _organizationHelper.CreateNewServiceAccountApiKeyAsync();
await _loginHelper.LoginWithApiKeyAsync(apiKeyDetails);
var accessPolicies = new List<BaseAccessPolicy>
{
new ServiceAccountProjectAccessPolicy
{
GrantedProjectId = project.Id, ServiceAccountId = apiKeyDetails.ApiKey.ServiceAccountId, Read = true, Write = true,
},
};
await _accessPolicyRepository.CreateManyAsync(accessPolicies);
break;
}
default:
throw new ArgumentOutOfRangeException(nameof(permissionType), permissionType, null);
}
}
}

1
test/Api.IntegrationTest/SecretsManager/Controllers/SecretsManagerEventsControllerTests.cs
View File

@ -1,7 +1,6 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories;
using Xunit;

19
test/Api.IntegrationTest/SecretsManager/Controllers/SecretsManagerPortingControllerTests.cs
View File

@ -1,7 +1,8 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.SecretsManager.Models.Request;
using Bit.Core.SecretsManager.Repositories;
using Xunit;
namespace Bit.Api.IntegrationTest.SecretsManager.Controllers;
@ -10,7 +11,8 @@ public class SecretsManagerPortingControllerTests : IClassFixture<ApiApplication
{
private readonly HttpClient _client;
private readonly ApiApplicationFactory _factory;
private readonly LoginHelper _loginHelper;
private readonly IProjectRepository _projectRepository;
private readonly IAccessPolicyRepository _accessPolicyRepository;
private string _email = null!;
private SecretsManagerOrganizationHelper _organizationHelper = null!;
@ -19,7 +21,8 @@ public class SecretsManagerPortingControllerTests : IClassFixture<ApiApplication
{
_factory = factory;
_client = _factory.CreateClient();
_loginHelper = new LoginHelper(_factory, _client);
_projectRepository = _factory.GetService<IProjectRepository>();
_accessPolicyRepository = _factory.GetService<IAccessPolicyRepository>();
}
public async Task InitializeAsync()
@ -35,6 +38,12 @@ public class SecretsManagerPortingControllerTests : IClassFixture<ApiApplication
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -46,7 +55,7 @@ public class SecretsManagerPortingControllerTests : IClassFixture<ApiApplication
public async Task Import_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var projectsList = new List<SMImportRequestModel.InnerProjectImportRequestModel>();
var secretsList = new List<SMImportRequestModel.InnerSecretImportRequestModel>();
@ -67,7 +76,7 @@ public class SecretsManagerPortingControllerTests : IClassFixture<ApiApplication
public async Task Export_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response = await _client.GetAsync($"sm/{org.Id}/export");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);

32
test/Api.IntegrationTest/SecretsManager/Controllers/SecretsTrashControllerTests.cs
View File

@ -1,6 +1,6 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.SecretsManager.Models.Response;
using Bit.Core.Enums;
using Bit.Core.SecretsManager.Repositories;
@ -17,7 +17,6 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
private readonly HttpClient _client;
private readonly ApiApplicationFactory _factory;
private readonly ISecretRepository _secretRepository;
private readonly LoginHelper _loginHelper;
private string _email = null!;
private SecretsManagerOrganizationHelper _organizationHelper = null!;
@ -27,7 +26,6 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
_factory = factory;
_client = _factory.CreateClient();
_secretRepository = _factory.GetService<ISecretRepository>();
_loginHelper = new LoginHelper(_factory, _client);
}
public async Task InitializeAsync()
@ -43,6 +41,12 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -54,7 +58,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task ListByOrganization_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response = await _client.GetAsync($"/secrets/{org.Id}/trash");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -65,7 +69,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var response = await _client.GetAsync($"/secrets/{org.Id}/trash");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
@ -75,7 +79,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task ListByOrganization_Success()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
await _secretRepository.CreateAsync(new Secret
{
@ -110,7 +114,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Empty_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var ids = new List<Guid> { Guid.NewGuid() };
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
@ -122,7 +126,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var ids = new List<Guid> { Guid.NewGuid() };
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
@ -133,7 +137,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Empty_Invalid_NotFound()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -151,7 +155,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Empty_Success()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -177,7 +181,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Restore_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var ids = new List<Guid> { Guid.NewGuid() };
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
@ -189,7 +193,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var ids = new List<Guid> { Guid.NewGuid() };
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
@ -200,7 +204,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Restore_Invalid_NotFound()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{
@ -218,7 +222,7 @@ public class SecretsTrashControllerTests : IClassFixture<ApiApplicationFactory>,
public async Task Restore_Success()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var secret = await _secretRepository.CreateAsync(new Secret
{

90
test/Api.IntegrationTest/SecretsManager/Controllers/ServiceAccountsControllerTests.cs
View File

@ -1,7 +1,7 @@
using System.Net;
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Api.IntegrationTest.SecretsManager.Enums;
using Bit.Api.IntegrationTest.SecretsManager.Helpers;
using Bit.Api.Models.Response;
using Bit.Api.SecretsManager.Models.Request;
using Bit.Api.SecretsManager.Models.Response;
@ -24,7 +24,6 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
private readonly HttpClient _client;
private readonly ApiApplicationFactory _factory;
private readonly LoginHelper _loginHelper;
private readonly IAccessPolicyRepository _accessPolicyRepository;
private readonly IApiKeyRepository _apiKeyRepository;
@ -40,7 +39,6 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
_serviceAccountRepository = _factory.GetService<IServiceAccountRepository>();
_accessPolicyRepository = _factory.GetService<IAccessPolicyRepository>();
_apiKeyRepository = _factory.GetService<IApiKeyRepository>();
_loginHelper = new LoginHelper(_factory, _client);
}
public async Task InitializeAsync()
@ -56,6 +54,12 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
return Task.CompletedTask;
}
private async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
[Theory]
[InlineData(false, false, false)]
[InlineData(false, false, true)]
@ -67,7 +71,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task ListByOrganization_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var response = await _client.GetAsync($"/organizations/{org.Id}/service-accounts");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -77,7 +81,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task ListByOrganization_Admin_Success()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccountIds = await SetupGetServiceAccountsByOrganizationAsync(org);
@ -86,7 +90,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<ServiceAccountResponseModel>>();
Assert.NotNull(result);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(serviceAccountIds.Count, result.Data.Count());
}
@ -95,7 +99,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccountIds = await SetupGetServiceAccountsByOrganizationAsync(org);
@ -116,7 +120,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<ListResponseModel<ServiceAccountResponseModel>>();
Assert.NotNull(result);
Assert.NotEmpty(result.Data);
Assert.NotEmpty(result!.Data);
Assert.Equal(2, result.Data.Count());
}
@ -131,7 +135,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task GetByServiceAccountId_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -146,8 +150,8 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
[Fact]
public async Task GetByServiceAccountId_ServiceAccountDoesNotExist_NotFound()
{
await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await LoginAsync(_email);
var response = await _client.GetAsync($"/service-accounts/{new Guid()}");
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
@ -158,7 +162,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -181,7 +185,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ServiceAccountResponseModel>();
Assert.NotNull(result);
Assert.Equal(serviceAccount.Id, result.Id);
Assert.Equal(serviceAccount.Id, result!.Id);
Assert.Equal(serviceAccount.OrganizationId, result.OrganizationId);
Assert.Equal(serviceAccount.Name, result.Name);
Assert.Equal(serviceAccount.CreationDate, result.CreationDate);
@ -199,7 +203,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task Create_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new ServiceAccountCreateRequestModel { Name = _mockEncryptedString };
@ -213,7 +217,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task Create_Success(PermissionType permissionType)
{
var (org, adminOrgUser) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var orgUserId = adminOrgUser.Id;
var currentUserId = adminOrgUser.UserId!.Value;
@ -221,7 +225,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
orgUserId = orgUser.Id;
currentUserId = orgUser.UserId!.Value;
}
@ -233,7 +237,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<ServiceAccountResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
AssertHelper.AssertRecent(result.RevisionDate);
AssertHelper.AssertRecent(result.CreationDate);
@ -266,7 +270,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task Update_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initialServiceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -285,7 +289,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var initialServiceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -303,7 +307,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task Update_NonExistingServiceAccount_NotFound()
{
await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var request = new ServiceAccountUpdateRequestModel { Name = _mockNewName };
@ -324,7 +328,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ServiceAccountResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
Assert.NotEqual(initialServiceAccount.Name, result.Name);
AssertHelper.AssertRecent(result.RevisionDate);
Assert.NotEqual(initialServiceAccount.RevisionDate, result.RevisionDate);
@ -349,7 +353,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task Delete_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initialServiceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -368,7 +372,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -401,12 +405,12 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
if (permissionType == PermissionType.RunAsAdmin)
{
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
}
else
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _accessPolicyRepository.CreateManyAsync(new List<BaseAccessPolicy> {
new UserServiceAccountAccessPolicy
@ -439,7 +443,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task GetAccessTokens_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -456,7 +460,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -481,7 +485,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task GetAccessTokens_Success(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -492,7 +496,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
if (permissionType == PermissionType.RunAsUserWithPermission)
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _accessPolicyRepository.CreateManyAsync(new List<BaseAccessPolicy> {
new UserServiceAccountAccessPolicy
@ -536,7 +540,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task CreateAccessToken_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -561,7 +565,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task CreateAccessToken_Admin()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -583,7 +587,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<AccessTokenCreationResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
Assert.NotNull(result.ClientSecret);
Assert.Equal(mockExpiresAt, result.ExpireAt);
AssertHelper.AssertRecent(result.RevisionDate);
@ -595,7 +599,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -619,7 +623,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<AccessTokenCreationResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
Assert.NotNull(result.ClientSecret);
Assert.Equal(mockExpiresAt, result.ExpireAt);
AssertHelper.AssertRecent(result.RevisionDate);
@ -631,7 +635,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -656,7 +660,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task CreateAccessToken_ExpireAtNull_Admin()
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -677,7 +681,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
var result = await response.Content.ReadFromJsonAsync<AccessTokenCreationResponseModel>();
Assert.NotNull(result);
Assert.Equal(request.Name, result.Name);
Assert.Equal(request.Name, result!.Name);
Assert.NotNull(result.ClientSecret);
Assert.Null(result.ExpireAt);
AssertHelper.AssertRecent(result.RevisionDate);
@ -695,7 +699,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
public async Task RevokeAccessToken_SmAccessDenied_NotFound(bool useSecrets, bool accessSecrets, bool organizationEnabled)
{
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets, organizationEnabled);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -726,7 +730,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var serviceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -778,12 +782,12 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
if (permissionType == PermissionType.RunAsAdmin)
{
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
}
else
{
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
await _accessPolicyRepository.CreateManyAsync(new List<BaseAccessPolicy> {
new UserServiceAccountAccessPolicy
@ -843,7 +847,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
private async Task<ServiceAccount> SetupServiceAccountWithAccessAsync(PermissionType permissionType)
{
var (org, _) = await _organizationHelper.Initialize(true, true, true);
await _loginHelper.LoginAsync(_email);
await LoginAsync(_email);
var initialServiceAccount = await _serviceAccountRepository.CreateAsync(new ServiceAccount
{
@ -857,7 +861,7 @@ public class ServiceAccountsControllerTests : IClassFixture<ApiApplicationFactor
}
var (email, orgUser) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
await _loginHelper.LoginAsync(email);
await LoginAsync(email);
var accessPolicies = new List<BaseAccessPolicy>
{

1
test/Api.IntegrationTest/SecretsManager/Enums/PermissionType.cs
View File

@ -4,5 +4,4 @@ public enum PermissionType
{
RunAsAdmin,
RunAsUserWithPermission,
RunAsServiceAccountWithPermission,
}

30
test/Api.IntegrationTest/SecretsManager/Helpers/LoginHelper.cs
View File

@ -1,30 +0,0 @@
using System.Net.Http.Headers;
using Bit.Api.IntegrationTest.Factories;
using Bit.Core.SecretsManager.Models.Data;
namespace Bit.Api.IntegrationTest.SecretsManager.Helpers;
public class LoginHelper
{
private readonly HttpClient _client;
private readonly ApiApplicationFactory _factory;
public LoginHelper(ApiApplicationFactory factory, HttpClient client)
{
_factory = factory;
_client = client;
}
public async Task LoginAsync(string email)
{
var tokens = await _factory.LoginAsync(email);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
}
public async Task LoginWithApiKeyAsync(ApiKeyClientSecretDetails apiKeyDetails)
{
var token = await _factory.LoginWithClientSecretAsync(apiKeyDetails.ApiKey.Id, apiKeyDetails.ClientSecret);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
_client.DefaultRequestHeaders.Add("service_account_id", apiKeyDetails.ApiKey.ServiceAccountId.ToString());
}
}

43
test/Api.IntegrationTest/SecretsManager/Helpers/SecretsManagerOrganizationHelper.cs → test/Api.IntegrationTest/SecretsManager/SecretsManagerOrganizationHelper.cs
View File

@ -4,12 +4,8 @@ using Bit.Core.AdminConsole.Entities;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Repositories;
using Bit.Core.SecretsManager.Commands.AccessTokens.Interfaces;
using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Models.Data;
using Bit.Core.SecretsManager.Repositories;
namespace Bit.Api.IntegrationTest.SecretsManager.Helpers;
namespace Bit.Api.IntegrationTest.SecretsManager;
public class SecretsManagerOrganizationHelper
{
@ -17,20 +13,17 @@ public class SecretsManagerOrganizationHelper
private readonly string _ownerEmail;
private readonly IOrganizationRepository _organizationRepository;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly IServiceAccountRepository _serviceAccountRepository;
private readonly ICreateAccessTokenCommand _createAccessTokenCommand;
private Organization _organization = null!;
private OrganizationUser _owner = null!;
public Organization _organization = null!;
public OrganizationUser _owner = null!;
public SecretsManagerOrganizationHelper(ApiApplicationFactory factory, string ownerEmail)
{
_factory = factory;
_organizationRepository = factory.GetService<IOrganizationRepository>();
_organizationUserRepository = factory.GetService<IOrganizationUserRepository>();
_ownerEmail = ownerEmail;
_serviceAccountRepository = factory.GetService<IServiceAccountRepository>();
_createAccessTokenCommand = factory.GetService<ICreateAccessTokenCommand>();
}
public async Task<(Organization organization, OrganizationUser owner)> Initialize(bool useSecrets, bool ownerAccessSecrets, bool organizationEnabled)
@ -65,7 +58,8 @@ public class SecretsManagerOrganizationHelper
{
var email = $"integration-test{Guid.NewGuid()}@bitwarden.com";
await _factory.LoginWithNewAccount(email);
var (organization, _) = await OrganizationTestHelpers.SignUpAsync(_factory, ownerEmail: email, billingEmail: email);
var (organization, owner) =
await OrganizationTestHelpers.SignUpAsync(_factory, ownerEmail: email, billingEmail: email);
return organization;
}
@ -77,29 +71,4 @@ public class SecretsManagerOrganizationHelper
return (email, orgUser);
}
public async Task<ApiKeyClientSecretDetails> CreateNewServiceAccountApiKeyAsync()
{
var serviceAccountId = Guid.NewGuid();
var serviceAccount = new ServiceAccount
{
Id = serviceAccountId,
OrganizationId = _organization.Id,
Name = $"integration-test-{serviceAccountId}sa",
CreationDate = DateTime.UtcNow,
RevisionDate = DateTime.UtcNow
};
await _serviceAccountRepository.CreateAsync(serviceAccount);
var apiKey = new ApiKey
{
ServiceAccountId = serviceAccountId,
Name = "integration-token",
Key = Guid.NewGuid().ToString(),
ExpireAt = null,
Scope = "[\"api.secrets\"]",
EncryptedPayload = Guid.NewGuid().ToString()
};
return await _createAccessTokenCommand.CreateAsync(apiKey);
}
}

6
test/Api.Test/AdminConsole/Controllers/OrganizationsControllerTests.cs
View File

@ -56,7 +56,7 @@ public class OrganizationsControllerTests : IDisposable
private readonly IAddSecretsManagerSubscriptionCommand _addSecretsManagerSubscriptionCommand;
private readonly IPushNotificationService _pushNotificationService;
private readonly ICancelSubscriptionCommand _cancelSubscriptionCommand;
private readonly ISubscriberQueries _subscriberQueries;
private readonly IGetSubscriptionQuery _getSubscriptionQuery;
private readonly IReferenceEventService _referenceEventService;
private readonly IOrganizationEnableCollectionEnhancementsCommand _organizationEnableCollectionEnhancementsCommand;
@ -86,7 +86,7 @@ public class OrganizationsControllerTests : IDisposable
_addSecretsManagerSubscriptionCommand = Substitute.For<IAddSecretsManagerSubscriptionCommand>();
_pushNotificationService = Substitute.For<IPushNotificationService>();
_cancelSubscriptionCommand = Substitute.For<ICancelSubscriptionCommand>();
_subscriberQueries = Substitute.For<ISubscriberQueries>();
_getSubscriptionQuery = Substitute.For<IGetSubscriptionQuery>();
_referenceEventService = Substitute.For<IReferenceEventService>();
_organizationEnableCollectionEnhancementsCommand = Substitute.For<IOrganizationEnableCollectionEnhancementsCommand>();
@ -113,7 +113,7 @@ public class OrganizationsControllerTests : IDisposable
_addSecretsManagerSubscriptionCommand,
_pushNotificationService,
_cancelSubscriptionCommand,
_subscriberQueries,
_getSubscriptionQuery,
_referenceEventService,
_organizationEnableCollectionEnhancementsCommand);
}

6
test/Api.Test/Auth/Controllers/AccountsControllerTests.cs
View File

@ -57,7 +57,7 @@ public class AccountsControllerTests : IDisposable
private readonly IRotateUserKeyCommand _rotateUserKeyCommand;
private readonly IFeatureService _featureService;
private readonly ICancelSubscriptionCommand _cancelSubscriptionCommand;
private readonly ISubscriberQueries _subscriberQueries;
private readonly IGetSubscriptionQuery _getSubscriptionQuery;
private readonly IReferenceEventService _referenceEventService;
private readonly ICurrentContext _currentContext;
@ -90,7 +90,7 @@ public class AccountsControllerTests : IDisposable
_rotateUserKeyCommand = Substitute.For<IRotateUserKeyCommand>();
_featureService = Substitute.For<IFeatureService>();
_cancelSubscriptionCommand = Substitute.For<ICancelSubscriptionCommand>();
_subscriberQueries = Substitute.For<ISubscriberQueries>();
_getSubscriptionQuery = Substitute.For<IGetSubscriptionQuery>();
_referenceEventService = Substitute.For<IReferenceEventService>();
_currentContext = Substitute.For<ICurrentContext>();
_cipherValidator =
@ -122,7 +122,7 @@ public class AccountsControllerTests : IDisposable
_rotateUserKeyCommand,
_featureService,
_cancelSubscriptionCommand,
_subscriberQueries,
_getSubscriptionQuery,
_referenceEventService,
_currentContext,
_cipherValidator,

130
test/Api.Test/Billing/Controllers/ProviderBillingControllerTests.cs
View File

@ -1,130 +0,0 @@
using Bit.Api.Billing.Controllers;
using Bit.Api.Billing.Models;
using Bit.Core;
using Bit.Core.Billing.Models;
using Bit.Core.Billing.Queries;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using Microsoft.AspNetCore.Http.HttpResults;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Stripe;
using Xunit;
namespace Bit.Api.Test.Billing.Controllers;
[ControllerCustomize(typeof(ProviderBillingController))]
[SutProviderCustomize]
public class ProviderBillingControllerTests
{
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_FFDisabled_NotFound(
Guid providerId,
SutProvider<ProviderBillingController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(false);
var result = await sutProvider.Sut.GetSubscriptionAsync(providerId);
Assert.IsType<NotFound>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NotProviderAdmin_Unauthorized(
Guid providerId,
SutProvider<ProviderBillingController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(false);
var result = await sutProvider.Sut.GetSubscriptionAsync(providerId);
Assert.IsType<UnauthorizedHttpResult>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NoSubscriptionData_NotFound(
Guid providerId,
SutProvider<ProviderBillingController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
sutProvider.GetDependency<IProviderBillingQueries>().GetSubscriptionData(providerId).ReturnsNull();
var result = await sutProvider.Sut.GetSubscriptionAsync(providerId);
Assert.IsType<NotFound>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_OK(
Guid providerId,
SutProvider<ProviderBillingController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
var configuredPlans = new List<ConfiguredProviderPlan>
{
new (Guid.NewGuid(), providerId, PlanType.TeamsMonthly, 50, 10, 30),
new (Guid.NewGuid(), providerId, PlanType.EnterpriseMonthly, 100, 0, 90)
};
var subscription = new Subscription
{
Status = "active",
CurrentPeriodEnd = new DateTime(2025, 1, 1),
Customer = new Customer { Discount = new Discount { Coupon = new Coupon { PercentOff = 10 } } }
};
var providerSubscriptionData = new ProviderSubscriptionData(
configuredPlans,
subscription);
sutProvider.GetDependency<IProviderBillingQueries>().GetSubscriptionData(providerId)
.Returns(providerSubscriptionData);
var result = await sutProvider.Sut.GetSubscriptionAsync(providerId);
Assert.IsType<Ok<ProviderSubscriptionDTO>>(result);
var providerSubscriptionDTO = ((Ok<ProviderSubscriptionDTO>)result).Value;
Assert.Equal(providerSubscriptionDTO.Status, subscription.Status);
Assert.Equal(providerSubscriptionDTO.CurrentPeriodEndDate, subscription.CurrentPeriodEnd);
Assert.Equal(providerSubscriptionDTO.DiscountPercentage, subscription.Customer!.Discount!.Coupon!.PercentOff);
var teamsPlan = StaticStore.GetPlan(PlanType.TeamsMonthly);
var providerTeamsPlan = providerSubscriptionDTO.Plans.FirstOrDefault(plan => plan.PlanName == teamsPlan.Name);
Assert.NotNull(providerTeamsPlan);
Assert.Equal(50, providerTeamsPlan.SeatMinimum);
Assert.Equal(10, providerTeamsPlan.PurchasedSeats);
Assert.Equal(30, providerTeamsPlan.AssignedSeats);
Assert.Equal(60 * teamsPlan.PasswordManager.SeatPrice, providerTeamsPlan.Cost);
Assert.Equal("Monthly", providerTeamsPlan.Cadence);
var enterprisePlan = StaticStore.GetPlan(PlanType.EnterpriseMonthly);
var providerEnterprisePlan = providerSubscriptionDTO.Plans.FirstOrDefault(plan => plan.PlanName == enterprisePlan.Name);
Assert.NotNull(providerEnterprisePlan);
Assert.Equal(100, providerEnterprisePlan.SeatMinimum);
Assert.Equal(0, providerEnterprisePlan.PurchasedSeats);
Assert.Equal(90, providerEnterprisePlan.AssignedSeats);
Assert.Equal(100 * enterprisePlan.PasswordManager.SeatPrice, providerEnterprisePlan.Cost);
Assert.Equal("Monthly", providerEnterprisePlan.Cadence);
}
}

168
test/Api.Test/Billing/Controllers/ProviderOrganizationControllerTests.cs
View File

@ -1,168 +0,0 @@
using Bit.Api.Billing.Controllers;
using Bit.Api.Billing.Models;
using Bit.Core;
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.Billing.Commands;
using Bit.Core.Context;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Infrastructure.EntityFramework.AdminConsole.Models.Provider;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using Microsoft.AspNetCore.Http.HttpResults;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Xunit;
using ProviderOrganization = Bit.Core.AdminConsole.Entities.Provider.ProviderOrganization;
namespace Bit.Api.Test.Billing.Controllers;
[ControllerCustomize(typeof(ProviderOrganizationController))]
[SutProviderCustomize]
public class ProviderOrganizationControllerTests
{
[Theory, BitAutoData]
public async Task UpdateAsync_FFDisabled_NotFound(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(false);
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
Assert.IsType<NotFound>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NotProviderAdmin_Unauthorized(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(false);
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
Assert.IsType<UnauthorizedHttpResult>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NoProvider_NotFound(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(providerId)
.ReturnsNull();
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
Assert.IsType<NotFound>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NoProviderOrganization_NotFound(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
Provider provider,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(providerId)
.Returns(provider);
sutProvider.GetDependency<IProviderOrganizationRepository>().GetByIdAsync(providerOrganizationId)
.ReturnsNull();
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
Assert.IsType<NotFound>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NoOrganization_ServerError(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
Provider provider,
ProviderOrganization providerOrganization,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(providerId)
.Returns(provider);
sutProvider.GetDependency<IProviderOrganizationRepository>().GetByIdAsync(providerOrganizationId)
.Returns(providerOrganization);
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(providerOrganization.OrganizationId)
.ReturnsNull();
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
Assert.IsType<ProblemHttpResult>(result);
}
[Theory, BitAutoData]
public async Task GetSubscriptionAsync_NoContent(
Guid providerId,
Guid providerOrganizationId,
UpdateProviderOrganizationRequestBody requestBody,
Provider provider,
ProviderOrganization providerOrganization,
Organization organization,
SutProvider<ProviderOrganizationController> sutProvider)
{
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().ProviderProviderAdmin(providerId)
.Returns(true);
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(providerId)
.Returns(provider);
sutProvider.GetDependency<IProviderOrganizationRepository>().GetByIdAsync(providerOrganizationId)
.Returns(providerOrganization);
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(providerOrganization.OrganizationId)
.Returns(organization);
var result = await sutProvider.Sut.UpdateAsync(providerId, providerOrganizationId, requestBody);
await sutProvider.GetDependency<IAssignSeatsToClientOrganizationCommand>().Received(1)
.AssignSeatsToClientOrganization(
provider,
organization,
requestBody.AssignedSeats);
Assert.IsType<Ok>(result);
}
}

339
test/Core.Test/Billing/Commands/AssignSeatsToClientOrganizationCommandTests.cs
View File

@ -1,339 +0,0 @@
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Entities.Provider;
using Bit.Core.Billing;
using Bit.Core.Billing.Commands.Implementations;
using Bit.Core.Billing.Entities;
using Bit.Core.Billing.Queries;
using Bit.Core.Billing.Repositories;
using Bit.Core.Enums;
using Bit.Core.Models.StaticStore;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;
using static Bit.Core.Test.Billing.Utilities;
namespace Bit.Core.Test.Billing.Commands;
[SutProviderCustomize]
public class AssignSeatsToClientOrganizationCommandTests
{
[Theory, BitAutoData]
public Task AssignSeatsToClientOrganization_NullProvider_ArgumentNullException(
Organization organization,
int seats,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
=> Assert.ThrowsAsync<ArgumentNullException>(() =>
sutProvider.Sut.AssignSeatsToClientOrganization(null, organization, seats));
[Theory, BitAutoData]
public Task AssignSeatsToClientOrganization_NullOrganization_ArgumentNullException(
Provider provider,
int seats,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
=> Assert.ThrowsAsync<ArgumentNullException>(() =>
sutProvider.Sut.AssignSeatsToClientOrganization(provider, null, seats));
[Theory, BitAutoData]
public Task AssignSeatsToClientOrganization_NegativeSeats_BillingException(
Provider provider,
Organization organization,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
=> Assert.ThrowsAsync<BillingException>(() =>
sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, -5));
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_CurrentSeatsMatchesNewSeats_NoOp(
Provider provider,
Organization organization,
int seats,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.PlanType = PlanType.TeamsMonthly;
organization.Seats = seats;
await sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats);
await sutProvider.GetDependency<IProviderPlanRepository>().DidNotReceive().GetByProviderId(provider.Id);
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_OrganizationPlanTypeDoesNotSupportConsolidatedBilling_ContactSupport(
Provider provider,
Organization organization,
int seats,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.PlanType = PlanType.FamiliesAnnually;
await ThrowsContactSupportAsync(() => sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats));
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_ProviderPlanIsNotConfigured_ContactSupport(
Provider provider,
Organization organization,
int seats,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.PlanType = PlanType.TeamsMonthly;
sutProvider.GetDependency<IProviderPlanRepository>().GetByProviderId(provider.Id).Returns(new List<ProviderPlan>
{
new ()
{
Id = Guid.NewGuid(),
PlanType = PlanType.TeamsMonthly,
ProviderId = provider.Id
}
});
await ThrowsContactSupportAsync(() => sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats));
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_BelowToBelow_Succeeds(
Provider provider,
Organization organization,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.Seats = 10;
organization.PlanType = PlanType.TeamsMonthly;
// Scale up 10 seats
const int seats = 20;
var providerPlans = new List<ProviderPlan>
{
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.TeamsMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
// 100 minimum
SeatMinimum = 100,
AllocatedSeats = 50
},
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.EnterpriseMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
SeatMinimum = 500,
AllocatedSeats = 0
}
};
var providerPlan = providerPlans.First();
sutProvider.GetDependency<IProviderPlanRepository>().GetByProviderId(provider.Id).Returns(providerPlans);
// 50 seats currently assigned with a seat minimum of 100
sutProvider.GetDependency<IProviderBillingQueries>().GetAssignedSeatTotalForPlanOrThrow(provider.Id, providerPlan.PlanType).Returns(50);
await sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats);
// 50 assigned seats + 10 seat scale up = 60 seats, well below the 100 minimum
await sutProvider.GetDependency<IPaymentService>().DidNotReceiveWithAnyArgs().AdjustSeats(
Arg.Any<Provider>(),
Arg.Any<Plan>(),
Arg.Any<int>(),
Arg.Any<int>());
await sutProvider.GetDependency<IOrganizationRepository>().Received(1).ReplaceAsync(Arg.Is<Organization>(
org => org.Id == organization.Id && org.Seats == seats));
await sutProvider.GetDependency<IProviderPlanRepository>().Received(1).ReplaceAsync(Arg.Is<ProviderPlan>(
pPlan => pPlan.AllocatedSeats == 60));
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_BelowToAbove_Succeeds(
Provider provider,
Organization organization,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.Seats = 10;
organization.PlanType = PlanType.TeamsMonthly;
// Scale up 10 seats
const int seats = 20;
var providerPlans = new List<ProviderPlan>
{
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.TeamsMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
// 100 minimum
SeatMinimum = 100,
AllocatedSeats = 95
},
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.EnterpriseMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
SeatMinimum = 500,
AllocatedSeats = 0
}
};
var providerPlan = providerPlans.First();
sutProvider.GetDependency<IProviderPlanRepository>().GetByProviderId(provider.Id).Returns(providerPlans);
// 95 seats currently assigned with a seat minimum of 100
sutProvider.GetDependency<IProviderBillingQueries>().GetAssignedSeatTotalForPlanOrThrow(provider.Id, providerPlan.PlanType).Returns(95);
await sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats);
// 95 current + 10 seat scale = 105 seats, 5 above the minimum
await sutProvider.GetDependency<IPaymentService>().Received(1).AdjustSeats(
provider,
StaticStore.GetPlan(providerPlan.PlanType),
providerPlan.SeatMinimum!.Value,
105);
await sutProvider.GetDependency<IOrganizationRepository>().Received(1).ReplaceAsync(Arg.Is<Organization>(
org => org.Id == organization.Id && org.Seats == seats));
// 105 total seats - 100 minimum = 5 purchased seats
await sutProvider.GetDependency<IProviderPlanRepository>().Received(1).ReplaceAsync(Arg.Is<ProviderPlan>(
pPlan => pPlan.Id == providerPlan.Id && pPlan.PurchasedSeats == 5 && pPlan.AllocatedSeats == 105));
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_AboveToAbove_Succeeds(
Provider provider,
Organization organization,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.Seats = 10;
organization.PlanType = PlanType.TeamsMonthly;
// Scale up 10 seats
const int seats = 20;
var providerPlans = new List<ProviderPlan>
{
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.TeamsMonthly,
ProviderId = provider.Id,
// 10 additional purchased seats
PurchasedSeats = 10,
// 100 seat minimum
SeatMinimum = 100,
AllocatedSeats = 110
},
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.EnterpriseMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
SeatMinimum = 500,
AllocatedSeats = 0
}
};
var providerPlan = providerPlans.First();
sutProvider.GetDependency<IProviderPlanRepository>().GetByProviderId(provider.Id).Returns(providerPlans);
// 110 seats currently assigned with a seat minimum of 100
sutProvider.GetDependency<IProviderBillingQueries>().GetAssignedSeatTotalForPlanOrThrow(provider.Id, providerPlan.PlanType).Returns(110);
await sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats);
// 110 current + 10 seat scale up = 120 seats
await sutProvider.GetDependency<IPaymentService>().Received(1).AdjustSeats(
provider,
StaticStore.GetPlan(providerPlan.PlanType),
110,
120);
await sutProvider.GetDependency<IOrganizationRepository>().Received(1).ReplaceAsync(Arg.Is<Organization>(
org => org.Id == organization.Id && org.Seats == seats));
// 120 total seats - 100 seat minimum = 20 purchased seats
await sutProvider.GetDependency<IProviderPlanRepository>().Received(1).ReplaceAsync(Arg.Is<ProviderPlan>(
pPlan => pPlan.Id == providerPlan.Id && pPlan.PurchasedSeats == 20 && pPlan.AllocatedSeats == 120));
}
[Theory, BitAutoData]
public async Task AssignSeatsToClientOrganization_AboveToBelow_Succeeds(
Provider provider,
Organization organization,
SutProvider<AssignSeatsToClientOrganizationCommand> sutProvider)
{
organization.Seats = 50;
organization.PlanType = PlanType.TeamsMonthly;
// Scale down 30 seats
const int seats = 20;
var providerPlans = new List<ProviderPlan>
{
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.TeamsMonthly,
ProviderId = provider.Id,
// 10 additional purchased seats
PurchasedSeats = 10,
// 100 seat minimum
SeatMinimum = 100,
AllocatedSeats = 110
},
new()
{
Id = Guid.NewGuid(),
PlanType = PlanType.EnterpriseMonthly,
ProviderId = provider.Id,
PurchasedSeats = 0,
SeatMinimum = 500,
AllocatedSeats = 0
}
};
var providerPlan = providerPlans.First();
sutProvider.GetDependency<IProviderPlanRepository>().GetByProviderId(provider.Id).Returns(providerPlans);
// 110 seats currently assigned with a seat minimum of 100
sutProvider.GetDependency<IProviderBillingQueries>().GetAssignedSeatTotalForPlanOrThrow(provider.Id, providerPlan.PlanType).Returns(110);
await sutProvider.Sut.AssignSeatsToClientOrganization(provider, organization, seats);
// 110 seats - 30 scale down seats = 80 seats, below the 100 seat minimum.
await sutProvider.GetDependency<IPaymentService>().Received(1).AdjustSeats(
provider,
StaticStore.GetPlan(providerPlan.PlanType),
110,
providerPlan.SeatMinimum!.Value);
await sutProvider.GetDependency<IOrganizationRepository>().Received(1).ReplaceAsync(Arg.Is<Organization>(
org => org.Id == organization.Id && org.Seats == seats));
// Being below the seat minimum means no purchased seats.
await sutProvider.GetDependency<IProviderPlanRepository>().Received(1).ReplaceAsync(Arg.Is<ProviderPlan>(
pPlan => pPlan.Id == providerPlan.Id && pPlan.PurchasedSeats == 0 && pPlan.AllocatedSeats == 80));
}
}

11
test/Core.Test/Billing/Commands/RemovePaymentMethodCommandTests.cs
View File

@ -1,13 +1,13 @@
using Bit.Core.AdminConsole.Entities;
using Bit.Core.Billing.Commands.Implementations;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Xunit;
using static Bit.Core.Test.Billing.Utilities;
using BT = Braintree;
using S = Stripe;
@ -355,4 +355,13 @@ public class RemovePaymentMethodCommandTests
return (braintreeGateway, customerGateway, paymentMethodGateway);
}
private static async Task ThrowsContactSupportAsync(Func<Task> function)
{
const string message = "Could not remove your payment method. Please contact support for assistance.";
var exception = await Assert.ThrowsAsync<GatewayException>(function);
Assert.Equal(message, exception.Message);
}
}

104
test/Core.Test/Billing/Queries/GetSubscriptionQueryTests.cs Normal file
View File

@ -0,0 +1,104 @@
using Bit.Core.AdminConsole.Entities;
using Bit.Core.Billing.Queries.Implementations;
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Stripe;
using Xunit;
namespace Bit.Core.Test.Billing.Queries;
[SutProviderCustomize]
public class GetSubscriptionQueryTests
{
[Theory, BitAutoData]
public async Task GetSubscription_NullSubscriber_ThrowsArgumentNullException(
SutProvider<GetSubscriptionQuery> sutProvider)
=> await Assert.ThrowsAsync<ArgumentNullException>(
async () => await sutProvider.Sut.GetSubscription(null));
[Theory, BitAutoData]
public async Task GetSubscription_Organization_NoGatewaySubscriptionId_ThrowsGatewayException(
Organization organization,
SutProvider<GetSubscriptionQuery> sutProvider)
{
organization.GatewaySubscriptionId = null;
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscription(organization));
}
[Theory, BitAutoData]
public async Task GetSubscription_Organization_NoSubscription_ThrowsGatewayException(
Organization organization,
SutProvider<GetSubscriptionQuery> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.ReturnsNull();
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscription(organization));
}
[Theory, BitAutoData]
public async Task GetSubscription_Organization_Succeeds(
Organization organization,
SutProvider<GetSubscriptionQuery> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscription(organization);
Assert.Equivalent(subscription, gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_User_NoGatewaySubscriptionId_ThrowsGatewayException(
User user,
SutProvider<GetSubscriptionQuery> sutProvider)
{
user.GatewaySubscriptionId = null;
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscription(user));
}
[Theory, BitAutoData]
public async Task GetSubscription_User_NoSubscription_ThrowsGatewayException(
User user,
SutProvider<GetSubscriptionQuery> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.ReturnsNull();
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscription(user));
}
[Theory, BitAutoData]
public async Task GetSubscription_User_Succeeds(
User user,
SutProvider<GetSubscriptionQuery> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscription(user);
Assert.Equivalent(subscription, gotSubscription);
}
private static async Task ThrowsContactSupportAsync(Func<Task> function)
{
const string message = "Something went wrong with your request. Please contact support.";
var exception = await Assert.ThrowsAsync<GatewayException>(function);
Assert.Equal(message, exception.Message);
}
}

154
test/Core.Test/Billing/Queries/ProviderBillingQueriesTests.cs
View File

@ -1,154 +0,0 @@
using Bit.Core.AdminConsole.Entities.Provider;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.Billing.Entities;
using Bit.Core.Billing.Models;
using Bit.Core.Billing.Queries;
using Bit.Core.Billing.Queries.Implementations;
using Bit.Core.Billing.Repositories;
using Bit.Core.Enums;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Stripe;
using Xunit;
namespace Bit.Core.Test.Billing.Queries;
[SutProviderCustomize]
public class ProviderBillingQueriesTests
{
#region GetSubscriptionData
[Theory, BitAutoData]
public async Task GetSubscriptionData_NullProvider_ReturnsNull(
SutProvider<ProviderBillingQueries> sutProvider,
Guid providerId)
{
var providerRepository = sutProvider.GetDependency<IProviderRepository>();
providerRepository.GetByIdAsync(providerId).ReturnsNull();
var subscriptionData = await sutProvider.Sut.GetSubscriptionData(providerId);
Assert.Null(subscriptionData);
await providerRepository.Received(1).GetByIdAsync(providerId);
}
[Theory, BitAutoData]
public async Task GetSubscriptionData_NullSubscription_ReturnsNull(
SutProvider<ProviderBillingQueries> sutProvider,
Guid providerId,
Provider provider)
{
var providerRepository = sutProvider.GetDependency<IProviderRepository>();
providerRepository.GetByIdAsync(providerId).Returns(provider);
var subscriberQueries = sutProvider.GetDependency<ISubscriberQueries>();
subscriberQueries.GetSubscription(provider).ReturnsNull();
var subscriptionData = await sutProvider.Sut.GetSubscriptionData(providerId);
Assert.Null(subscriptionData);
await providerRepository.Received(1).GetByIdAsync(providerId);
await subscriberQueries.Received(1).GetSubscription(
provider,
Arg.Is<SubscriptionGetOptions>(
options => options.Expand.Count == 1 && options.Expand.First() == "customer"));
}
[Theory, BitAutoData]
public async Task GetSubscriptionData_Success(
SutProvider<ProviderBillingQueries> sutProvider,
Guid providerId,
Provider provider)
{
var providerRepository = sutProvider.GetDependency<IProviderRepository>();
providerRepository.GetByIdAsync(providerId).Returns(provider);
var subscriberQueries = sutProvider.GetDependency<ISubscriberQueries>();
var subscription = new Subscription();
subscriberQueries.GetSubscription(provider, Arg.Is<SubscriptionGetOptions>(
options => options.Expand.Count == 1 && options.Expand.First() == "customer")).Returns(subscription);
var providerPlanRepository = sutProvider.GetDependency<IProviderPlanRepository>();
var enterprisePlan = new ProviderPlan
{
Id = Guid.NewGuid(),
ProviderId = providerId,
PlanType = PlanType.EnterpriseMonthly,
SeatMinimum = 100,
PurchasedSeats = 0,
AllocatedSeats = 0
};
var teamsPlan = new ProviderPlan
{
Id = Guid.NewGuid(),
ProviderId = providerId,
PlanType = PlanType.TeamsMonthly,
SeatMinimum = 50,
PurchasedSeats = 10,
AllocatedSeats = 60
};
var providerPlans = new List<ProviderPlan>
{
enterprisePlan,
teamsPlan,
};
providerPlanRepository.GetByProviderId(providerId).Returns(providerPlans);
var subscriptionData = await sutProvider.Sut.GetSubscriptionData(providerId);
Assert.NotNull(subscriptionData);
Assert.Equivalent(subscriptionData.Subscription, subscription);
Assert.Equal(2, subscriptionData.ProviderPlans.Count);
var configuredEnterprisePlan =
subscriptionData.ProviderPlans.FirstOrDefault(configuredPlan =>
configuredPlan.PlanType == PlanType.EnterpriseMonthly);
var configuredTeamsPlan =
subscriptionData.ProviderPlans.FirstOrDefault(configuredPlan =>
configuredPlan.PlanType == PlanType.TeamsMonthly);
Compare(enterprisePlan, configuredEnterprisePlan);
Compare(teamsPlan, configuredTeamsPlan);
await providerRepository.Received(1).GetByIdAsync(providerId);
await subscriberQueries.Received(1).GetSubscription(
provider,
Arg.Is<SubscriptionGetOptions>(
options => options.Expand.Count == 1 && options.Expand.First() == "customer"));
await providerPlanRepository.Received(1).GetByProviderId(providerId);
return;
void Compare(ProviderPlan providerPlan, ConfiguredProviderPlan configuredProviderPlan)
{
Assert.NotNull(configuredProviderPlan);
Assert.Equal(providerPlan.Id, configuredProviderPlan.Id);
Assert.Equal(providerPlan.ProviderId, configuredProviderPlan.ProviderId);
Assert.Equal(providerPlan.SeatMinimum!.Value, configuredProviderPlan.SeatMinimum);
Assert.Equal(providerPlan.PurchasedSeats!.Value, configuredProviderPlan.PurchasedSeats);
Assert.Equal(providerPlan.AllocatedSeats!.Value, configuredProviderPlan.AssignedSeats);
}
}
#endregion
}

263
test/Core.Test/Billing/Queries/SubscriberQueriesTests.cs
View File

@ -1,263 +0,0 @@
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Entities.Provider;
using Bit.Core.Billing.Queries.Implementations;
using Bit.Core.Entities;
using Bit.Core.Services;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using NSubstitute.ReturnsExtensions;
using Stripe;
using Xunit;
using static Bit.Core.Test.Billing.Utilities;
namespace Bit.Core.Test.Billing.Queries;
[SutProviderCustomize]
public class SubscriberQueriesTests
{
#region GetSubscription
[Theory, BitAutoData]
public async Task GetSubscription_NullSubscriber_ThrowsArgumentNullException(
SutProvider<SubscriberQueries> sutProvider)
=> await Assert.ThrowsAsync<ArgumentNullException>(
async () => await sutProvider.Sut.GetSubscription(null));
[Theory, BitAutoData]
public async Task GetSubscription_Organization_NoGatewaySubscriptionId_ReturnsNull(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
organization.GatewaySubscriptionId = null;
var gotSubscription = await sutProvider.Sut.GetSubscription(organization);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_Organization_NoSubscription_ReturnsNull(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.ReturnsNull();
var gotSubscription = await sutProvider.Sut.GetSubscription(organization);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_Organization_Succeeds(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscription(organization);
Assert.Equivalent(subscription, gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_User_NoGatewaySubscriptionId_ReturnsNull(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
user.GatewaySubscriptionId = null;
var gotSubscription = await sutProvider.Sut.GetSubscription(user);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_User_NoSubscription_ReturnsNull(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.ReturnsNull();
var gotSubscription = await sutProvider.Sut.GetSubscription(user);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_User_Succeeds(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscription(user);
Assert.Equivalent(subscription, gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_Provider_NoGatewaySubscriptionId_ReturnsNull(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
provider.GatewaySubscriptionId = null;
var gotSubscription = await sutProvider.Sut.GetSubscription(provider);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_Provider_NoSubscription_ReturnsNull(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(provider.GatewaySubscriptionId)
.ReturnsNull();
var gotSubscription = await sutProvider.Sut.GetSubscription(provider);
Assert.Null(gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscription_Provider_Succeeds(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(provider.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscription(provider);
Assert.Equivalent(subscription, gotSubscription);
}
#endregion
#region GetSubscriptionOrThrow
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_NullSubscriber_ThrowsArgumentNullException(
SutProvider<SubscriberQueries> sutProvider)
=> await Assert.ThrowsAsync<ArgumentNullException>(
async () => await sutProvider.Sut.GetSubscriptionOrThrow(null));
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Organization_NoGatewaySubscriptionId_ThrowsGatewayException(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
organization.GatewaySubscriptionId = null;
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(organization));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Organization_NoSubscription_ThrowsGatewayException(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.ReturnsNull();
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(organization));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Organization_Succeeds(
Organization organization,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(organization.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscriptionOrThrow(organization);
Assert.Equivalent(subscription, gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_User_NoGatewaySubscriptionId_ThrowsGatewayException(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
user.GatewaySubscriptionId = null;
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(user));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_User_NoSubscription_ThrowsGatewayException(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.ReturnsNull();
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(user));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_User_Succeeds(
User user,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(user.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscriptionOrThrow(user);
Assert.Equivalent(subscription, gotSubscription);
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Provider_NoGatewaySubscriptionId_ThrowsGatewayException(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
provider.GatewaySubscriptionId = null;
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(provider));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Provider_NoSubscription_ThrowsGatewayException(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(provider.GatewaySubscriptionId)
.ReturnsNull();
await ThrowsContactSupportAsync(async () => await sutProvider.Sut.GetSubscriptionOrThrow(provider));
}
[Theory, BitAutoData]
public async Task GetSubscriptionOrThrow_Provider_Succeeds(
Provider provider,
SutProvider<SubscriberQueries> sutProvider)
{
var subscription = new Subscription();
sutProvider.GetDependency<IStripeAdapter>().SubscriptionGetAsync(provider.GatewaySubscriptionId)
.Returns(subscription);
var gotSubscription = await sutProvider.Sut.GetSubscriptionOrThrow(provider);
Assert.Equivalent(subscription, gotSubscription);
}
#endregion
}

4
test/Core.Test/Billing/Utilities.cs
View File

@ -1,4 +1,4 @@
using Bit.Core.Billing;
using Bit.Core.Exceptions;
using Xunit;
using static Bit.Core.Billing.Utilities;
@ -11,7 +11,7 @@ public static class Utilities
{
var contactSupport = ContactSupport();
var exception = await Assert.ThrowsAsync<BillingException>(function);
var exception = await Assert.ThrowsAsync<GatewayException>(function);
Assert.Equal(contactSupport.Message, exception.Message);
}

19
test/IntegrationTestCommon/Factories/IdentityApplicationFactory.cs
View File

@ -42,23 +42,4 @@ public class IdentityApplicationFactory : WebApplicationFactoryBase<Startup>
return (root.GetProperty("access_token").GetString(), root.GetProperty("refresh_token").GetString());
}
public async Task<string> TokenFromAccessTokenAsync(Guid clientId, string clientSecret,
DeviceType deviceType = DeviceType.SDK)
{
var context = await Server.PostAsync("/connect/token",
new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "scope", "api.secrets" },
{ "client_id", clientId.ToString() },
{ "client_secret", clientSecret },
{ "grant_type", "client_credentials" },
{ "deviceType", ((int)deviceType).ToString() }
}));
using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
var root = body.RootElement;
return root.GetProperty("access_token").GetString();
}
}