1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-01 13:43:23 +01:00
bitwarden-server/test/Api.Test/AdminConsole/Controllers/OrganizationAuthRequestsControllerTests.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

65 lines
2.3 KiB
C#
Raw Permalink Normal View History

Allow for bulk processing new login device requests (#4064) * Define a model for updating many auth requests In order to facilitate a command method that can update many auth requests at one time a new model must be defined that accepts valid input for the command's needs. To achieve this a new file has been created at `Core/AdminConsole/OrganizationAuth/Models/OrganizationAuthRequestUpdateCommandModel.cs` that contains a class of the same name. It's properties match those that need to come from any calling API request models to fulfill the request. * Declare a new command interface method Calling API functions of the `UpdateOrganizationAuthRequestCommand` need a function that can accept many auth request response objects and process them as approved or denied. To achieve this a new function has been added to `IUpdateOrganizationAuthRequestCommand` called `UpdateManyAsync()` that accepts an `IEnumberable<OrganizationAuthRequest>` and returns a `Task`. Implementations of this interface method will be used to bulk process auth requests as approved or denied. * Stub out method implementation for unit testing To facilitate a bulk device login request approval workflow in the admin console `UpdateOrganizationAuthRequestCommand` needs to be updated to include an `UpdateMany()` method. It should accept a list of `OrganizationAuthRequestUpdateCommandModel` objects, perform some simple data validation checks, and then pass those along to `AuthRequestRepository` for updating in the database. This commit stubs out this method for the purpose of writing unit tests. At this stage the method throws a `NotImplementedException()`. It will be expand after writing assertions. * Inject `IAuthRequestRepository` into `UpdateOrganizationAuthCommand` The updates to `UpdateOrganizationAuthRequestCommand` require a new direct dependency on `IAuthRequestRepository`. This commit simply registers this dependency in the `UpdateOrganizationAuthRequest` constructor for use in unit tests and the `UpdateManyAsync()` implementation. * Write tests * Rename `UpdateManyAsync()` to `UpdateAsync` * Drop the `CommandModel` suffix * Invert business logic update filters * Rework everything to be more model-centric * Bulk send push notifications * Write tests that validate the command as a whole * Fix a test that I broke by mistake * Swap to using await instead of chained methods for processing * Seperate a function arguement into a variable declaration * Ungeneric-ify the processor * Adjust ternary formatting * Adjust naming of methods regarding logging organization events * Throw an exception if Process is called with no auth request loaded * Rename `_updates` -> `_update` * Rename email methods * Stop returning `this` * Allow callbacks to be null * Make some assertions about the state of a processed auth request * Be more terse about arguements in happy path test * Remove unneeded null check * Expose an endpoint for bulk processing of organization auth requests (#4077) --------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-05-27 03:56:52 +02:00
using Bit.Api.AdminConsole.Controllers;
using Bit.Api.AdminConsole.Models.Request;
using Bit.Core.Context;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;
namespace Bit.Api.Test.AdminConsole.Controllers;
[ControllerCustomize(typeof(OrganizationAuthRequestsController))]
[SutProviderCustomize]
public class OrganizationAuthRequestsControllerTests
{
[Theory]
[BitAutoData]
public async Task ValidateAdminRequest_UserDoesNotHaveManageResetPasswordPermissions_ThrowsUnauthorized(
SutProvider<OrganizationAuthRequestsController> sutProvider,
Guid organizationId
)
{
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(false);
await Assert.ThrowsAsync<UnauthorizedAccessException>(() =>
sutProvider.Sut.ValidateAdminRequest(organizationId));
}
[Theory]
[BitAutoData]
public async Task ValidateAdminRequest_UserHasManageResetPasswordPermissions_DoesNotThrow(
SutProvider<OrganizationAuthRequestsController> sutProvider,
Guid organizationId
)
{
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(true);
await sutProvider.Sut.ValidateAdminRequest(organizationId);
}
[Theory]
[BitAutoData]
public async Task UpdateManyAuthRequests_ValidInput_DoesNotThrow(
SutProvider<OrganizationAuthRequestsController> sutProvider,
IEnumerable<OrganizationAuthRequestUpdateManyRequestModel> request,
Guid organizationId
)
{
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(true);
await sutProvider.Sut.UpdateManyAuthRequests(organizationId, request);
}
[Theory]
[BitAutoData]
public async Task UpdateManyAuthRequests_NotPermissioned_ThrowsUnauthorized(
SutProvider<OrganizationAuthRequestsController> sutProvider,
IEnumerable<OrganizationAuthRequestUpdateManyRequestModel> request,
Guid organizationId
)
{
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(false);
await Assert.ThrowsAsync<UnauthorizedAccessException>(() =>
sutProvider.Sut.UpdateManyAuthRequests(organizationId, request));
}
}