nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Code Activity

[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140)

Browse Source 
* Keep old endpoints but mark as deprecated
* Do not change existing sproc naming
This commit is contained in:
Thomas Rittson
2022-07-25 10:47:44 +10:00
committed by GitHub
parent cf16be16c6
commit f6a18db582
10 changed files with 93 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Core/Enums/EventType.cs
View File

@ -51,8 +51,8 @@
OrganizationUser_AdminResetPassword = 1508,
OrganizationUser_ResetSsoLink = 1509,
OrganizationUser_FirstSsoLogin = 1510,
OrganizationUser_Deactivated = 1511,
OrganizationUser_Activated = 1512,
OrganizationUser_Revoked = 1511,
OrganizationUser_Restored = 1512,
Organization_Updated = 1600,
Organization_PurgedVault = 1601,

2
src/Core/Enums/OrganizationUserStatusType.cs
View File

@ -5,6 +5,6 @@
Invited = 0,
Accepted = 1,
Confirmed = 2,
Deactivated = -1,
Revoked = -1,
}
}

4
src/Core/Repositories/IOrganizationUserRepository.cs
View File

@ -36,7 +36,7 @@ namespace Bit.Core.Repositories
Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email);
Task<IEnumerable<OrganizationUserPublicKey>> GetManyPublicKeysByOrganizationUserAsync(Guid organizationId, IEnumerable<Guid> Ids);
Task<IEnumerable<OrganizationUserUserDetails>> GetManyByMinimumRoleAsync(Guid organizationId, OrganizationUserType minRole);
Task DeactivateAsync(Guid id);
Task ActivateAsync(Guid id, OrganizationUserStatusType status);
Task RevokeAsync(Guid id);
Task RestoreAsync(Guid id, OrganizationUserStatusType status);
}
}

12
src/Core/Services/IOrganizationService.cs
View File

@ -58,11 +58,11 @@ namespace Bit.Core.Services
Task DeleteSsoUserAsync(Guid userId, Guid? organizationId);
Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey);
Task<bool> HasConfirmedOwnersExceptAsync(Guid organizationId, IEnumerable<Guid> organizationUsersId, bool includeProvider = true);
Task DeactivateUserAsync(OrganizationUser organizationUser, Guid? disablingUserId);
Task<List<Tuple<OrganizationUser, string>>> DeactivateUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? disablingUserId);
Task ActivateUserAsync(OrganizationUser organizationUser, Guid? enablingUserId);
Task<List<Tuple<OrganizationUser, string>>> ActivateUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? enablingUserId);
Task RevokeUserAsync(OrganizationUser organizationUser, Guid? revokingUserId);
Task<List<Tuple<OrganizationUser, string>>> RevokeUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? revokingUserId);
Task RestoreUserAsync(OrganizationUser organizationUser, Guid? restoringUserId);
Task<List<Tuple<OrganizationUser, string>>> RestoreUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? restoringUserId);
}
}

60
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -2213,19 +2213,19 @@ namespace Bit.Core.Services
}
}
public async Task DeactivateUserAsync(OrganizationUser organizationUser, Guid? disablingUserId)
public async Task RevokeUserAsync(OrganizationUser organizationUser, Guid? revokingUserId)
{
if (organizationUser.Status == OrganizationUserStatusType.Deactivated)
if (organizationUser.Status == OrganizationUserStatusType.Revoked)
{
throw new BadRequestException("Already revoked.");
}
if (disablingUserId.HasValue && organizationUser.UserId == disablingUserId.Value)
if (revokingUserId.HasValue && organizationUser.UserId == revokingUserId.Value)
{
throw new BadRequestException("You cannot revoke yourself.");
}
if (organizationUser.Type == OrganizationUserType.Owner && disablingUserId.HasValue &&
if (organizationUser.Type == OrganizationUserType.Owner && revokingUserId.HasValue &&
!await _currentContext.OrganizationOwner(organizationUser.OrganizationId))
{
throw new BadRequestException("Only owners can revoke other owners.");
@ -2236,13 +2236,13 @@ namespace Bit.Core.Services
throw new BadRequestException("Organization must have at least one confirmed owner.");
}
await _organizationUserRepository.DeactivateAsync(organizationUser.Id);
organizationUser.Status = OrganizationUserStatusType.Deactivated;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Deactivated);
await _organizationUserRepository.RevokeAsync(organizationUser.Id);
organizationUser.Status = OrganizationUserStatusType.Revoked;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Revoked);
}
public async Task<List<Tuple<OrganizationUser, string>>> DeactivateUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? disablingUserId)
public async Task<List<Tuple<OrganizationUser, string>>> RevokeUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? revokingUserId)
{
var orgUsers = await _organizationUserRepository.GetManyAsync(organizationUserIds);
var filteredUsers = orgUsers.Where(u => u.OrganizationId == organizationId)
@ -2259,7 +2259,7 @@ namespace Bit.Core.Services
}
var deletingUserIsOwner = false;
if (disablingUserId.HasValue)
if (revokingUserId.HasValue)
{
deletingUserIsOwner = await _currentContext.OrganizationOwner(organizationId);
}
@ -2270,24 +2270,24 @@ namespace Bit.Core.Services
{
try
{
if (organizationUser.Status == OrganizationUserStatusType.Deactivated)
if (organizationUser.Status == OrganizationUserStatusType.Revoked)
{
throw new BadRequestException("Already revoked.");
}
if (disablingUserId.HasValue && organizationUser.UserId == disablingUserId)
if (revokingUserId.HasValue && organizationUser.UserId == revokingUserId)
{
throw new BadRequestException("You cannot revoke yourself.");
}
if (organizationUser.Type == OrganizationUserType.Owner && disablingUserId.HasValue && !deletingUserIsOwner)
if (organizationUser.Type == OrganizationUserType.Owner && revokingUserId.HasValue && !deletingUserIsOwner)
{
throw new BadRequestException("Only owners can revoke other owners.");
}
await _organizationUserRepository.DeactivateAsync(organizationUser.Id);
organizationUser.Status = OrganizationUserStatusType.Deactivated;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Deactivated);
await _organizationUserRepository.RevokeAsync(organizationUser.Id);
organizationUser.Status = OrganizationUserStatusType.Revoked;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Revoked);
result.Add(Tuple.Create(organizationUser, ""));
}
@ -2300,19 +2300,19 @@ namespace Bit.Core.Services
return result;
}
public async Task ActivateUserAsync(OrganizationUser organizationUser, Guid? enablingUserId)
public async Task RestoreUserAsync(OrganizationUser organizationUser, Guid? restoringUserId)
{
if (organizationUser.Status != OrganizationUserStatusType.Deactivated)
if (organizationUser.Status != OrganizationUserStatusType.Revoked)
{
throw new BadRequestException("Already active.");
}
if (enablingUserId.HasValue && organizationUser.UserId == enablingUserId.Value)
if (restoringUserId.HasValue && organizationUser.UserId == restoringUserId.Value)
{
throw new BadRequestException("You cannot restore yourself.");
}
if (organizationUser.Type == OrganizationUserType.Owner && enablingUserId.HasValue &&
if (organizationUser.Type == OrganizationUserType.Owner && restoringUserId.HasValue &&
!await _currentContext.OrganizationOwner(organizationUser.OrganizationId))
{
throw new BadRequestException("Only owners can restore other owners.");
@ -2320,13 +2320,13 @@ namespace Bit.Core.Services
var status = GetPriorActiveOrganizationUserStatusType(organizationUser);
await _organizationUserRepository.ActivateAsync(organizationUser.Id, status);
await _organizationUserRepository.RestoreAsync(organizationUser.Id, status);
organizationUser.Status = status;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Activated);
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Restored);
}
public async Task<List<Tuple<OrganizationUser, string>>> ActivateUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? enablingUserId)
public async Task<List<Tuple<OrganizationUser, string>>> RestoreUsersAsync(Guid organizationId,
IEnumerable<Guid> organizationUserIds, Guid? restoringUserId)
{
var orgUsers = await _organizationUserRepository.GetManyAsync(organizationUserIds);
var filteredUsers = orgUsers.Where(u => u.OrganizationId == organizationId)
@ -2338,7 +2338,7 @@ namespace Bit.Core.Services
}
var deletingUserIsOwner = false;
if (enablingUserId.HasValue)
if (restoringUserId.HasValue)
{
deletingUserIsOwner = await _currentContext.OrganizationOwner(organizationId);
}
@ -2349,26 +2349,26 @@ namespace Bit.Core.Services
{
try
{
if (organizationUser.Status != OrganizationUserStatusType.Deactivated)
if (organizationUser.Status != OrganizationUserStatusType.Revoked)
{
throw new BadRequestException("Already active.");
}
if (enablingUserId.HasValue && organizationUser.UserId == enablingUserId)
if (restoringUserId.HasValue && organizationUser.UserId == restoringUserId)
{
throw new BadRequestException("You cannot restore yourself.");
}
if (organizationUser.Type == OrganizationUserType.Owner && enablingUserId.HasValue && !deletingUserIsOwner)
if (organizationUser.Type == OrganizationUserType.Owner && restoringUserId.HasValue && !deletingUserIsOwner)
{
throw new BadRequestException("Only owners can restore other owners.");
}
var status = GetPriorActiveOrganizationUserStatusType(organizationUser);
await _organizationUserRepository.ActivateAsync(organizationUser.Id, status);
await _organizationUserRepository.RestoreAsync(organizationUser.Id, status);
organizationUser.Status = status;
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Activated);
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Restored);
result.Add(Tuple.Create(organizationUser, ""));
}