nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code
bitwarden/test/Core.Test/OrganizationFeatures/OrganizationDomains/GetOrganizationDomainByIdOrganizationIdQueryTests.cs
Rui Tomé 21219262a2
[PM-3779] idor allow the attacker to delete the victim domain (#3308) 
* [PM-3779] Added IOrganizationDomainRepository.GetDomainByIdAndOrganizationIdAsync and SQL stored procedure

* [PM-3779] Changed GetOrganizationDomainByIdQuery to also take OrgId as a parameter. Updated existing unit tests and added new. Updated controller to match command changes

* [PM-3779] Removed type from url routes

* [PM-3779] Renamed IGetOrganizationDomainByIdAndOrganizationIdQuery to IGetOrganizationDomainByIdOrganizationIdQuery

* [PM-3779] Renamed GetOrganizationDomainByIdOrganizationIdQueryTests file and added more tests
2023-10-18 11:57:59 +01:00

81 lines
3.6 KiB
C#
Raw Blame History

using Bit.Core.Entities;
using Bit.Core.OrganizationFeatures.OrganizationDomains;
using Bit.Core.Repositories;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;
namespace Bit.Core.Test.OrganizationFeatures.OrganizationDomains;
[SutProviderCustomize]
public class GetOrganizationDomainByIdOrganizationIdQueryTests
{
[Theory, BitAutoData]
public async Task GetOrganizationDomainByIdAndOrganizationIdAsync_WithExistingParameters_ReturnsExpectedEntity(
OrganizationDomain organizationDomain, SutProvider<GetOrganizationDomainByIdOrganizationIdQuery> sutProvider)
{
sutProvider.GetDependency<IOrganizationDomainRepository>()
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId)
.Returns(organizationDomain);
var result = await sutProvider.Sut.GetOrganizationDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId);
await sutProvider.GetDependency<IOrganizationDomainRepository>().Received(1)
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId);
Assert.Equal(organizationDomain, result);
}
[Theory, BitAutoData]
public async Task GetOrganizationDomainByIdAndOrganizationIdAsync_WithNonExistingParameters_ReturnsNull(
Guid id, Guid organizationId, OrganizationDomain organizationDomain,
SutProvider<GetOrganizationDomainByIdOrganizationIdQuery> sutProvider)
{
sutProvider.GetDependency<IOrganizationDomainRepository>()
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId)
.Returns(organizationDomain);
var result = await sutProvider.Sut.GetOrganizationDomainByIdOrganizationIdAsync(id, organizationId);
await sutProvider.GetDependency<IOrganizationDomainRepository>().Received(1)
.GetDomainByIdOrganizationIdAsync(id, organizationId);
Assert.Null(result);
}
[Theory, BitAutoData]
public async Task GetOrganizationDomainByIdAndOrganizationIdAsync_WithNonExistingId_ReturnsNull(
Guid id, OrganizationDomain organizationDomain,
SutProvider<GetOrganizationDomainByIdOrganizationIdQuery> sutProvider)
{
sutProvider.GetDependency<IOrganizationDomainRepository>()
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId)
.Returns(organizationDomain);
var result = await sutProvider.Sut.GetOrganizationDomainByIdOrganizationIdAsync(id, organizationDomain.OrganizationId);
await sutProvider.GetDependency<IOrganizationDomainRepository>().Received(1)
.GetDomainByIdOrganizationIdAsync(id, organizationDomain.OrganizationId);
Assert.Null(result);
}
[Theory, BitAutoData]
public async Task GetOrganizationDomainByIdAndOrganizationIdAsync_WithNonExistingOrgId_ReturnsNull(
Guid organizationId, OrganizationDomain organizationDomain,
SutProvider<GetOrganizationDomainByIdOrganizationIdQuery> sutProvider)
{
sutProvider.GetDependency<IOrganizationDomainRepository>()
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationDomain.OrganizationId)
.Returns(organizationDomain);
var result = await sutProvider.Sut.GetOrganizationDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationId);
await sutProvider.GetDependency<IOrganizationDomainRepository>().Received(1)
.GetDomainByIdOrganizationIdAsync(organizationDomain.Id, organizationId);
Assert.Null(result);
}
}
View Git Blame Copy Permalink