mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-29 12:55:21 +01:00
[AC-2286] [Defect] - CLI: User creating a collection through the CLI does not have access to the collection (#9409)
* Send current Org user Id on collection creation through CLI * Run npm prettier * Add organization services to CreateCommand creation on ServeCommand * Refactor organization data models to include organizationUserId property * Refactor create command to utilize the OrganizationUserId on the Organization object * Add users to collection request in edit command * fix: organization.data test update to correct deserialization, refs AC-2286 --------- Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
This commit is contained in:
parent
7acc13cbb9
commit
eef1e511b5
@ -9,8 +9,10 @@ export class OrganizationCollectionRequest extends CollectionExport {
|
|||||||
req.name = "Collection name";
|
req.name = "Collection name";
|
||||||
req.externalId = null;
|
req.externalId = null;
|
||||||
req.groups = [SelectionReadOnly.template(), SelectionReadOnly.template()];
|
req.groups = [SelectionReadOnly.template(), SelectionReadOnly.template()];
|
||||||
|
req.users = [SelectionReadOnly.template(), SelectionReadOnly.template()];
|
||||||
return req;
|
return req;
|
||||||
}
|
}
|
||||||
|
|
||||||
groups: SelectionReadOnly[];
|
groups: SelectionReadOnly[];
|
||||||
|
users: SelectionReadOnly[];
|
||||||
}
|
}
|
||||||
|
@ -170,10 +170,17 @@ export class EditCommand {
|
|||||||
: req.groups.map(
|
: req.groups.map(
|
||||||
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
||||||
);
|
);
|
||||||
|
const users =
|
||||||
|
req.users == null
|
||||||
|
? null
|
||||||
|
: req.users.map(
|
||||||
|
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
|
||||||
|
);
|
||||||
const request = new CollectionRequest();
|
const request = new CollectionRequest();
|
||||||
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
||||||
request.externalId = req.externalId;
|
request.externalId = req.externalId;
|
||||||
request.groups = groups;
|
request.groups = groups;
|
||||||
|
request.users = users;
|
||||||
const response = await this.apiService.putCollection(req.organizationId, id, request);
|
const response = await this.apiService.putCollection(req.organizationId, id, request);
|
||||||
const view = CollectionExport.toView(req);
|
const view = CollectionExport.toView(req);
|
||||||
view.id = response.id;
|
view.id = response.id;
|
||||||
|
@ -87,6 +87,7 @@ export class ServeCommand {
|
|||||||
this.serviceContainer.apiService,
|
this.serviceContainer.apiService,
|
||||||
this.serviceContainer.folderApiService,
|
this.serviceContainer.folderApiService,
|
||||||
this.serviceContainer.billingAccountProfileStateService,
|
this.serviceContainer.billingAccountProfileStateService,
|
||||||
|
this.serviceContainer.organizationService,
|
||||||
);
|
);
|
||||||
this.editCommand = new EditCommand(
|
this.editCommand = new EditCommand(
|
||||||
this.serviceContainer.cipherService,
|
this.serviceContainer.cipherService,
|
||||||
|
@ -226,6 +226,7 @@ export class VaultProgram extends BaseProgram {
|
|||||||
this.serviceContainer.apiService,
|
this.serviceContainer.apiService,
|
||||||
this.serviceContainer.folderApiService,
|
this.serviceContainer.folderApiService,
|
||||||
this.serviceContainer.billingAccountProfileStateService,
|
this.serviceContainer.billingAccountProfileStateService,
|
||||||
|
this.serviceContainer.organizationService,
|
||||||
);
|
);
|
||||||
const response = await command.run(object, encodedJson, cmd);
|
const response = await command.run(object, encodedJson, cmd);
|
||||||
this.processResponse(response);
|
this.processResponse(response);
|
||||||
|
@ -4,6 +4,7 @@ import * as path from "path";
|
|||||||
import { firstValueFrom } from "rxjs";
|
import { firstValueFrom } from "rxjs";
|
||||||
|
|
||||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||||
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
|
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
|
||||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||||
import { CipherExport } from "@bitwarden/common/models/export/cipher.export";
|
import { CipherExport } from "@bitwarden/common/models/export/cipher.export";
|
||||||
@ -32,6 +33,7 @@ export class CreateCommand {
|
|||||||
private apiService: ApiService,
|
private apiService: ApiService,
|
||||||
private folderApiService: FolderApiServiceAbstraction,
|
private folderApiService: FolderApiServiceAbstraction,
|
||||||
private accountProfileService: BillingAccountProfileStateService,
|
private accountProfileService: BillingAccountProfileStateService,
|
||||||
|
private organizationService: OrganizationService,
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
async run(
|
async run(
|
||||||
@ -183,6 +185,8 @@ export class CreateCommand {
|
|||||||
if (orgKey == null) {
|
if (orgKey == null) {
|
||||||
throw new Error("No encryption key for this organization.");
|
throw new Error("No encryption key for this organization.");
|
||||||
}
|
}
|
||||||
|
const organization = await this.organizationService.get(req.organizationId);
|
||||||
|
const currentOrgUserId = organization.organizationUserId;
|
||||||
|
|
||||||
const groups =
|
const groups =
|
||||||
req.groups == null
|
req.groups == null
|
||||||
@ -190,10 +194,17 @@ export class CreateCommand {
|
|||||||
: req.groups.map(
|
: req.groups.map(
|
||||||
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
||||||
);
|
);
|
||||||
|
const users =
|
||||||
|
req.users == null
|
||||||
|
? [new SelectionReadOnlyRequest(currentOrgUserId, false, false, true)]
|
||||||
|
: req.users.map(
|
||||||
|
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
|
||||||
|
);
|
||||||
const request = new CollectionRequest();
|
const request = new CollectionRequest();
|
||||||
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
||||||
request.externalId = req.externalId;
|
request.externalId = req.externalId;
|
||||||
request.groups = groups;
|
request.groups = groups;
|
||||||
|
request.users = users;
|
||||||
const response = await this.apiService.postCollection(req.organizationId, request);
|
const response = await this.apiService.postCollection(req.organizationId, request);
|
||||||
const view = CollectionExport.toView(req);
|
const view = CollectionExport.toView(req);
|
||||||
view.id = response.id;
|
view.id = response.id;
|
||||||
|
@ -39,6 +39,7 @@ describe("ORGANIZATIONS state", () => {
|
|||||||
permissions: undefined,
|
permissions: undefined,
|
||||||
resetPasswordEnrolled: false,
|
resetPasswordEnrolled: false,
|
||||||
userId: "userId",
|
userId: "userId",
|
||||||
|
organizationUserId: "organizationUserId",
|
||||||
hasPublicAndPrivateKeys: false,
|
hasPublicAndPrivateKeys: false,
|
||||||
providerId: "providerId",
|
providerId: "providerId",
|
||||||
providerName: "providerName",
|
providerName: "providerName",
|
||||||
|
@ -36,6 +36,7 @@ export class OrganizationData {
|
|||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
resetPasswordEnrolled: boolean;
|
resetPasswordEnrolled: boolean;
|
||||||
userId: string;
|
userId: string;
|
||||||
|
organizationUserId: string;
|
||||||
hasPublicAndPrivateKeys: boolean;
|
hasPublicAndPrivateKeys: boolean;
|
||||||
providerId: string;
|
providerId: string;
|
||||||
providerName: string;
|
providerName: string;
|
||||||
@ -96,6 +97,7 @@ export class OrganizationData {
|
|||||||
this.permissions = response.permissions;
|
this.permissions = response.permissions;
|
||||||
this.resetPasswordEnrolled = response.resetPasswordEnrolled;
|
this.resetPasswordEnrolled = response.resetPasswordEnrolled;
|
||||||
this.userId = response.userId;
|
this.userId = response.userId;
|
||||||
|
this.organizationUserId = response.organizationUserId;
|
||||||
this.hasPublicAndPrivateKeys = response.hasPublicAndPrivateKeys;
|
this.hasPublicAndPrivateKeys = response.hasPublicAndPrivateKeys;
|
||||||
this.providerId = response.providerId;
|
this.providerId = response.providerId;
|
||||||
this.providerName = response.providerName;
|
this.providerName = response.providerName;
|
||||||
|
@ -43,6 +43,7 @@ export class Organization {
|
|||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
resetPasswordEnrolled: boolean;
|
resetPasswordEnrolled: boolean;
|
||||||
userId: string;
|
userId: string;
|
||||||
|
organizationUserId: string;
|
||||||
hasPublicAndPrivateKeys: boolean;
|
hasPublicAndPrivateKeys: boolean;
|
||||||
providerId: string;
|
providerId: string;
|
||||||
providerName: string;
|
providerName: string;
|
||||||
@ -113,6 +114,7 @@ export class Organization {
|
|||||||
this.permissions = obj.permissions;
|
this.permissions = obj.permissions;
|
||||||
this.resetPasswordEnrolled = obj.resetPasswordEnrolled;
|
this.resetPasswordEnrolled = obj.resetPasswordEnrolled;
|
||||||
this.userId = obj.userId;
|
this.userId = obj.userId;
|
||||||
|
this.organizationUserId = obj.organizationUserId;
|
||||||
this.hasPublicAndPrivateKeys = obj.hasPublicAndPrivateKeys;
|
this.hasPublicAndPrivateKeys = obj.hasPublicAndPrivateKeys;
|
||||||
this.providerId = obj.providerId;
|
this.providerId = obj.providerId;
|
||||||
this.providerName = obj.providerName;
|
this.providerName = obj.providerName;
|
||||||
|
@ -36,6 +36,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
|
|||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
resetPasswordEnrolled: boolean;
|
resetPasswordEnrolled: boolean;
|
||||||
userId: string;
|
userId: string;
|
||||||
|
organizationUserId: string;
|
||||||
providerId: string;
|
providerId: string;
|
||||||
providerName: string;
|
providerName: string;
|
||||||
providerType?: ProviderType;
|
providerType?: ProviderType;
|
||||||
@ -86,6 +87,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
|
|||||||
this.permissions = new PermissionsApi(this.getResponseProperty("permissions"));
|
this.permissions = new PermissionsApi(this.getResponseProperty("permissions"));
|
||||||
this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
|
this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
|
||||||
this.userId = this.getResponseProperty("UserId");
|
this.userId = this.getResponseProperty("UserId");
|
||||||
|
this.organizationUserId = this.getResponseProperty("OrganizationUserId");
|
||||||
this.providerId = this.getResponseProperty("ProviderId");
|
this.providerId = this.getResponseProperty("ProviderId");
|
||||||
this.providerName = this.getResponseProperty("ProviderName");
|
this.providerName = this.getResponseProperty("ProviderName");
|
||||||
this.providerType = this.getResponseProperty("ProviderType");
|
this.providerType = this.getResponseProperty("ProviderType");
|
||||||
|
Loading…
Reference in New Issue
Block a user