Ensure that users are confirmed status (#1033)

2024-12-23 17:07:42 +01:00 · 2020-12-09 12:04:14 -05:00 · 2020-12-09 12:04:14 -05:00 · 01d4d97ef1
commit 01d4d97ef1
parent 7eaf7ab770
3 changed files with 6 additions and 3 deletions
--- a/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs
+++ b/bitwarden_license/src/Portal/EnterprisePortalCurrentContext.cs
@ -52,7 +52,8 @@ namespace Bit.Portal

            // TODO: maybe make loading orgs Lazy<T> somehow?
            var orgUserRepo = _serviceProvider.GetRequiredService<IOrganizationUserRepository>();
-            var userOrgs = await orgUserRepo.GetManyDetailsByUserAsync(UserId.Value);
+            var userOrgs = await orgUserRepo.GetManyDetailsByUserAsync(UserId.Value,
+                Core.Enums.OrganizationUserStatusType.Confirmed);
            OrganizationsDetails = userOrgs.ToList();
            Organizations = userOrgs.Select(ou => new CurrentContentOrganization
            {
--- a/src/Api/Controllers/OrganizationsController.cs
+++ b/src/Api/Controllers/OrganizationsController.cs
@ -139,7 +139,8 @@ namespace Bit.Api.Controllers
        public async Task<ListResponseModel<ProfileOrganizationResponseModel>> GetUser()
        {
            var userId = _userService.GetProperUserId(User).Value;
-            var organizations = await _organizationUserRepository.GetManyDetailsByUserAsync(userId);
+            var organizations = await _organizationUserRepository.GetManyDetailsByUserAsync(userId,
+                OrganizationUserStatusType.Confirmed);
            var responses = organizations.Select(o => new ProfileOrganizationResponseModel(o));
            return new ListResponseModel<ProfileOrganizationResponseModel>(responses);
        }
--- a/src/Core/IdentityServer/BaseRequestValidator.cs
+++ b/src/Core/IdentityServer/BaseRequestValidator.cs
@ -301,7 +301,8 @@ namespace Bit.Core.IdentityServer
                if (ssoOrgs.Any())
                {
                    // Parse users orgs and determine if require sso policy is enabled
-                    var userOrgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id);
+                    var userOrgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
+                        OrganizationUserStatusType.Confirmed);
                    foreach (var userOrg in userOrgs.Where(o => o.Enabled && o.UseSso))
                    {
                        var orgPolicy = await _policyRepository.GetByOrganizationIdTypeAsync(userOrg.OrganizationId,