nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Cleanup and xmldocs

Browse Source
This commit is contained in:
Thomas Rittson 2025-03-26 13:33:44 +10:00
parent 72fac5eec3
commit fd8f36ad73
No known key found for this signature in database
GPG Key ID: CDDDA03861C35E27
4 changed files with 37 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/AdminConsole/Controllers/OrganizationUsersController.cs
View File

@ -137,7 +137,7 @@ public class OrganizationUsersController : Controller
return response; return response;
} }
[OrganizationAuthorize<OrganizationMemberRequirement>] [Authorize<OrganizationMemberRequirement>]
[HttpGet("mini-details")] [HttpGet("mini-details")]
public async Task<ListResponseModel<OrganizationUserUserMiniDetailsResponseModel>> GetMiniDetails(Guid orgId) public async Task<ListResponseModel<OrganizationUserUserMiniDetailsResponseModel>> GetMiniDetails(Guid orgId)
{ {
@ -147,7 +147,7 @@ public class OrganizationUsersController : Controller
} }
[HttpGet("")] [HttpGet("")]
[OrganizationAuthorize<ManageUsersRequirement>] [Authorize<ManageUsersRequirement>]
public async Task<ListResponseModel<OrganizationUserUserDetailsResponseModel>> Get(Guid orgId, bool includeGroups = false, bool includeCollections = false) public async Task<ListResponseModel<OrganizationUserUserDetailsResponseModel>> Get(Guid orgId, bool includeGroups = false, bool includeCollections = false)
{ {
var organizationUsers = await _organizationUserUserDetailsQuery.GetOrganizationUserUserDetails( var organizationUsers = await _organizationUserUserDetailsQuery.GetOrganizationUserUserDetails(

21
src/Core/AdminConsole/OrganizationFeatures/Shared/Authorization/AuthorizeAttribute.cs Normal file
View File

@ -0,0 +1,21 @@
#nullable enable
using Microsoft.AspNetCore.Authorization;
namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization;
/// <summary>
/// An attribute which requires authorization using the specified requirement.
/// This uses the standard ASP.NET authorization middleware.
/// </summary>
/// <typeparam name="T">The IAuthorizationRequirement that will be used to authorize the user.</typeparam>
public class AuthorizeAttribute<T>
: AuthorizeAttribute, IAuthorizationRequirementData
where T : IAuthorizationRequirement, new()
{
public IEnumerable<IAuthorizationRequirement> GetRequirements()
{
var requirement = new T();
yield return requirement;
}
}

17
src/Core/AdminConsole/OrganizationFeatures/Shared/Authorization/OrganizationAuthorizeAttribute.cs → src/Core/AdminConsole/OrganizationFeatures/Shared/Authorization/IOrganizationRequirement.cs
View File

@ -5,19 +5,14 @@ using Microsoft.AspNetCore.Authorization;
namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization; namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization;
/// <summary>
/// A requirement that implements this interface will be handled by <see cref="OrganizationRequirementHandler"/>,
/// which calls AuthorizeAsync with the organization details from the route.
/// This is used for simple role-based checks.
/// This may only be used on endpoints with {orgId} in their path.
/// </summary>
public interface IOrganizationRequirement : IAuthorizationRequirement public interface IOrganizationRequirement : IAuthorizationRequirement
{ {
// TODO: avoid injecting all of ICurrentContext? // TODO: avoid injecting all of ICurrentContext?
public Task<bool> AuthorizeAsync(Guid organizationId, CurrentContextOrganization? organizationClaims, ICurrentContext currentContext); public Task<bool> AuthorizeAsync(Guid organizationId, CurrentContextOrganization? organizationClaims, ICurrentContext currentContext);
} }
public class OrganizationAuthorizeAttribute<T>
: AuthorizeAttribute, IAuthorizationRequirementData
where T : IOrganizationRequirement, new()
{
public IEnumerable<IAuthorizationRequirement> GetRequirements()
{
var requirement = new T();
yield return requirement;
}
}

9
src/Core/AdminConsole/OrganizationFeatures/Shared/Authorization/OrganizationRequirementHandler.cs
View File

@ -6,6 +6,13 @@ using Microsoft.AspNetCore.Http;
namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization; namespace Bit.Core.AdminConsole.OrganizationFeatures.Shared.Authorization;
/// <summary>
/// Handles any requirement that implements <see cref="IOrganizationRequirement"/>.
/// Retrieves the Organization ID from the route and then passes it to the requirement's AuthorizeAsync callback to
/// determine whether the action is authorized.
/// </summary>
/// <param name="currentContext"></param>
/// <param name="httpContextAccessor"></param>
public class OrganizationRequirementHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor) public class OrganizationRequirementHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor)
: AuthorizationHandler<IOrganizationRequirement> : AuthorizationHandler<IOrganizationRequirement>
{ {
@ -14,7 +21,7 @@ public class OrganizationRequirementHandler(ICurrentContext currentContext, IHtt
var organizationId = httpContextAccessor.GetOrganizationId(); var organizationId = httpContextAccessor.GetOrganizationId();
if (organizationId is null) if (organizationId is null)
{ {
return; throw new Exception("No organizationId found in route. IOrganizationRequirement cannot be used on this endpoint.");
} }
var organization = currentContext.GetOrganization(organizationId.Value); var organization = currentContext.GetOrganization(organizationId.Value);