1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-26 17:08:33 +01:00

[AC-2286] [Defect] - CLI: User creating a collection through the CLI does not have access to the collection (#9409)

* Send current Org user Id on collection creation through CLI

* Run npm prettier

* Add organization services to CreateCommand creation on ServeCommand

* Refactor organization data models to include organizationUserId property

* Refactor create command to utilize the OrganizationUserId on the Organization object

* Add users to collection request in edit command

* fix: organization.data test update to correct deserialization, refs AC-2286

---------

Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
This commit is contained in:
Rui Tomé 2024-06-07 20:14:21 +01:00 committed by GitHub
parent 7acc13cbb9
commit eef1e511b5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 29 additions and 0 deletions

View File

@ -9,8 +9,10 @@ export class OrganizationCollectionRequest extends CollectionExport {
req.name = "Collection name";
req.externalId = null;
req.groups = [SelectionReadOnly.template(), SelectionReadOnly.template()];
req.users = [SelectionReadOnly.template(), SelectionReadOnly.template()];
return req;
}
groups: SelectionReadOnly[];
users: SelectionReadOnly[];
}

View File

@ -170,10 +170,17 @@ export class EditCommand {
: req.groups.map(
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
);
const users =
req.users == null
? null
: req.users.map(
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
);
const request = new CollectionRequest();
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
request.externalId = req.externalId;
request.groups = groups;
request.users = users;
const response = await this.apiService.putCollection(req.organizationId, id, request);
const view = CollectionExport.toView(req);
view.id = response.id;

View File

@ -87,6 +87,7 @@ export class ServeCommand {
this.serviceContainer.apiService,
this.serviceContainer.folderApiService,
this.serviceContainer.billingAccountProfileStateService,
this.serviceContainer.organizationService,
);
this.editCommand = new EditCommand(
this.serviceContainer.cipherService,

View File

@ -226,6 +226,7 @@ export class VaultProgram extends BaseProgram {
this.serviceContainer.apiService,
this.serviceContainer.folderApiService,
this.serviceContainer.billingAccountProfileStateService,
this.serviceContainer.organizationService,
);
const response = await command.run(object, encodedJson, cmd);
this.processResponse(response);

View File

@ -4,6 +4,7 @@ import * as path from "path";
import { firstValueFrom } from "rxjs";
import { ApiService } from "@bitwarden/common/abstractions/api.service";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
import { CipherExport } from "@bitwarden/common/models/export/cipher.export";
@ -32,6 +33,7 @@ export class CreateCommand {
private apiService: ApiService,
private folderApiService: FolderApiServiceAbstraction,
private accountProfileService: BillingAccountProfileStateService,
private organizationService: OrganizationService,
) {}
async run(
@ -183,6 +185,8 @@ export class CreateCommand {
if (orgKey == null) {
throw new Error("No encryption key for this organization.");
}
const organization = await this.organizationService.get(req.organizationId);
const currentOrgUserId = organization.organizationUserId;
const groups =
req.groups == null
@ -190,10 +194,17 @@ export class CreateCommand {
: req.groups.map(
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
);
const users =
req.users == null
? [new SelectionReadOnlyRequest(currentOrgUserId, false, false, true)]
: req.users.map(
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
);
const request = new CollectionRequest();
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
request.externalId = req.externalId;
request.groups = groups;
request.users = users;
const response = await this.apiService.postCollection(req.organizationId, request);
const view = CollectionExport.toView(req);
view.id = response.id;

View File

@ -39,6 +39,7 @@ describe("ORGANIZATIONS state", () => {
permissions: undefined,
resetPasswordEnrolled: false,
userId: "userId",
organizationUserId: "organizationUserId",
hasPublicAndPrivateKeys: false,
providerId: "providerId",
providerName: "providerName",

View File

@ -36,6 +36,7 @@ export class OrganizationData {
permissions: PermissionsApi;
resetPasswordEnrolled: boolean;
userId: string;
organizationUserId: string;
hasPublicAndPrivateKeys: boolean;
providerId: string;
providerName: string;
@ -96,6 +97,7 @@ export class OrganizationData {
this.permissions = response.permissions;
this.resetPasswordEnrolled = response.resetPasswordEnrolled;
this.userId = response.userId;
this.organizationUserId = response.organizationUserId;
this.hasPublicAndPrivateKeys = response.hasPublicAndPrivateKeys;
this.providerId = response.providerId;
this.providerName = response.providerName;

View File

@ -43,6 +43,7 @@ export class Organization {
permissions: PermissionsApi;
resetPasswordEnrolled: boolean;
userId: string;
organizationUserId: string;
hasPublicAndPrivateKeys: boolean;
providerId: string;
providerName: string;
@ -113,6 +114,7 @@ export class Organization {
this.permissions = obj.permissions;
this.resetPasswordEnrolled = obj.resetPasswordEnrolled;
this.userId = obj.userId;
this.organizationUserId = obj.organizationUserId;
this.hasPublicAndPrivateKeys = obj.hasPublicAndPrivateKeys;
this.providerId = obj.providerId;
this.providerName = obj.providerName;

View File

@ -36,6 +36,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
permissions: PermissionsApi;
resetPasswordEnrolled: boolean;
userId: string;
organizationUserId: string;
providerId: string;
providerName: string;
providerType?: ProviderType;
@ -86,6 +87,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
this.permissions = new PermissionsApi(this.getResponseProperty("permissions"));
this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
this.userId = this.getResponseProperty("UserId");
this.organizationUserId = this.getResponseProperty("OrganizationUserId");
this.providerId = this.getResponseProperty("ProviderId");
this.providerName = this.getResponseProperty("ProviderName");
this.providerType = this.getResponseProperty("ProviderType");