[AC-1679] Approve all pending device authorizations (#9407)

* feat: update service container for required service injection, refs AC-1679 * feat: complete approve all command, refs AC-1679 * fix: cast service container to access bit services, refs AC-1679 * fix: override service container from base program, refs AC-1679 * fix: prettier, refs AC-1679 * feat: replace hardcoded strings with i18n translations (future-proofing), refs AC-1679 * chore: remove i18n references, refs AC-1679 * fix: update approve-all and deny-all commands to match desired input, refs AC-1679
2024-11-21 11:35:34 +01:00 · 2024-06-02 19:52:19 -05:00 · 2024-06-02 19:52:19 -05:00 · 2358443102
commit 2358443102
parent 3835a9ddaf
5 changed files with 79 additions and 7 deletions
--- a/bitwarden_license/bit-cli/src/admin-console/device-approval/approve-all.command.ts
+++ b/bitwarden_license/bit-cli/src/admin-console/device-approval/approve-all.command.ts
@ -1,9 +1,52 @@
+import { firstValueFrom } from "rxjs";
+
+import { OrganizationAuthRequestService } from "@bitwarden/bit-common/admin-console/auth-requests";
 import { Response } from "@bitwarden/cli/models/response";
+import { MessageResponse } from "@bitwarden/cli/models/response/message.response";
+import { OrganizationService } from "@bitwarden/common/admin-console/services/organization/organization.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";

 export class ApproveAllCommand {
-  constructor() {}
+  constructor(
+    private organizationAuthRequestService: OrganizationAuthRequestService,
+    private organizationService: OrganizationService,
+  ) {}

  async run(organizationId: string): Promise<Response> {
-    throw new Error("Not implemented");
+    if (organizationId != null) {
+      organizationId = organizationId.toLowerCase();
+    }
+
+    if (!Utils.isGuid(organizationId)) {
+      return Response.badRequest("`" + organizationId + "` is not a GUID.");
+    }
+
+    const organization = await firstValueFrom(this.organizationService.get$(organizationId));
+    if (!organization?.canManageUsersPassword) {
+      return Response.error(
+        "You do not have permission to approve pending device authorization requests.",
+      );
+    }
+
+    try {
+      const pendingApprovals =
+        await this.organizationAuthRequestService.listPendingRequests(organizationId);
+      if (pendingApprovals.length == 0) {
+        const res = new MessageResponse(
+          "No pending device authorization requests to approve.",
+          null,
+        );
+        return Response.success(res);
+      }
+
+      await this.organizationAuthRequestService.approvePendingRequests(
+        organizationId,
+        pendingApprovals,
+      );
+
+      return Response.success();
+    } catch (e) {
+      return Response.error(e);
+    }
  }
 }
--- a/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts
+++ b/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts
@ -3,6 +3,8 @@ import { program, Command } from "commander";
 import { BaseProgram } from "@bitwarden/cli/base-program";
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";

+import { ServiceContainer } from "../../service-container";
+
 import { ApproveAllCommand } from "./approve-all.command";
 import { ApproveCommand } from "./approve.command";
 import { DenyAllCommand } from "./deny-all.command";
@ -10,6 +12,10 @@ import { DenyCommand } from "./deny.command";
 import { ListCommand } from "./list.command";

 export class DeviceApprovalProgram extends BaseProgram {
+  constructor(protected serviceContainer: ServiceContainer) {
+    super(serviceContainer);
+  }
+
  register() {
    program.addCommand(this.deviceApprovalCommand());
  }
@ -53,14 +59,17 @@ export class DeviceApprovalProgram extends BaseProgram {
  }

  private approveAllCommand(): Command {
-    return new Command("approveAll")
+    return new Command("approve-all")
      .description("Approve all pending requests for an organization")
      .argument("<organizationId>")
      .action(async (organizationId: string) => {
        await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval);
        await this.exitIfLocked();

-        const cmd = new ApproveAllCommand();
+        const cmd = new ApproveAllCommand(
+          this.serviceContainer.organizationAuthRequestService,
+          this.serviceContainer.organizationService,
+        );
        const response = await cmd.run(organizationId);
        this.processResponse(response);
      });
@ -81,7 +90,7 @@ export class DeviceApprovalProgram extends BaseProgram {
  }

  private denyAllCommand(): Command {
-    return new Command("denyAll")
+    return new Command("deny-all")
      .description("Deny all pending requests for an organization")
      .argument("<organizationId>")
      .action(async (organizationId: string) => {
--- a/bitwarden_license/bit-cli/src/service-container.ts
+++ b/bitwarden_license/bit-cli/src/service-container.ts
@ -1,7 +1,24 @@
+import {
+  OrganizationAuthRequestService,
+  OrganizationAuthRequestApiService,
+} from "@bitwarden/bit-common/admin-console/auth-requests";
 import { ServiceContainer as OssServiceContainer } from "@bitwarden/cli/service-container";

 /**
 * Instantiates services and makes them available for dependency injection.
 * Any Bitwarden-licensed services should be registered here.
 */
-export class ServiceContainer extends OssServiceContainer {}
+export class ServiceContainer extends OssServiceContainer {
+  organizationAuthRequestApiService: OrganizationAuthRequestApiService;
+  organizationAuthRequestService: OrganizationAuthRequestService;
+
+  constructor() {
+    super();
+    this.organizationAuthRequestApiService = new OrganizationAuthRequestApiService(this.apiService);
+    this.organizationAuthRequestService = new OrganizationAuthRequestService(
+      this.organizationAuthRequestApiService,
+      this.cryptoService,
+      this.organizationUserService,
+    );
+  }
+}
--- a/bitwarden_license/bit-cli/tsconfig.json
+++ b/bitwarden_license/bit-cli/tsconfig.json
@ -21,7 +21,8 @@
      "@bitwarden/vault-export-core": [
        "../../libs/tools/export/vault-export/vault-export-core/src"
      ],
-      "@bitwarden/node/*": ["../../libs/node/src/*"]
+      "@bitwarden/node/*": ["../../libs/node/src/*"],
+      "@bitwarden/bit-common/*": ["../../bitwarden_license/bit-common/src/*"]
    }
  },
  "include": ["src", "src/**/*.spec.ts"]
--- a/bitwarden_license/bit-common/src/admin-console/auth-requests/index.ts
+++ b/bitwarden_license/bit-common/src/admin-console/auth-requests/index.ts
@ -1,2 +1,4 @@
 export * from "./pending-organization-auth-request.response";
 export * from "./organization-auth-request.service";
+export * from "./organization-auth-request-api.service";
+export * from "./pending-auth-request.view";