mirror of
https://github.com/bitwarden/server.git
synced 2024-12-22 16:57:36 +01:00
SM-281: Secrets Manager Trash (#2688)
This commit is contained in:
parent
34544f2292
commit
16bdd67cad
@ -0,0 +1,28 @@
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
|
||||
namespace Bit.Commercial.Core.SecretsManager.Commands.Trash;
|
||||
|
||||
public class EmptyTrashCommand : IEmptyTrashCommand
|
||||
{
|
||||
private readonly ISecretRepository _secretRepository;
|
||||
|
||||
public EmptyTrashCommand(ISecretRepository secretRepository)
|
||||
{
|
||||
_secretRepository = secretRepository;
|
||||
}
|
||||
|
||||
public async Task EmptyTrash(Guid organizationId, List<Guid> ids)
|
||||
{
|
||||
var secrets = await _secretRepository.GetManyByOrganizationIdInTrashByIdsAsync(organizationId, ids);
|
||||
|
||||
var missingId = ids.Except(secrets.Select(_ => _.Id)).Any();
|
||||
if (missingId)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _secretRepository.HardDeleteManyByIdAsync(ids);
|
||||
}
|
||||
}
|
@ -0,0 +1,28 @@
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
|
||||
namespace Bit.Commercial.Core.SecretsManager.Commands.Trash;
|
||||
|
||||
public class RestoreTrashCommand : IRestoreTrashCommand
|
||||
{
|
||||
private readonly ISecretRepository _secretRepository;
|
||||
|
||||
public RestoreTrashCommand(ISecretRepository secretRepository)
|
||||
{
|
||||
_secretRepository = secretRepository;
|
||||
}
|
||||
|
||||
public async Task RestoreTrash(Guid organizationId, List<Guid> ids)
|
||||
{
|
||||
var secrets = await _secretRepository.GetManyByOrganizationIdInTrashByIdsAsync(organizationId, ids);
|
||||
|
||||
var missingId = ids.Except(secrets.Select(_ => _.Id)).Any();
|
||||
if (missingId)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _secretRepository.RestoreManyByIdAsync(ids);
|
||||
}
|
||||
}
|
@ -4,12 +4,14 @@ using Bit.Commercial.Core.SecretsManager.Commands.Porting;
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.Projects;
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.Secrets;
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.ServiceAccounts;
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.Trash;
|
||||
using Bit.Core.SecretsManager.Commands.AccessPolicies.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.AccessTokens.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.Porting.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.Projects.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.ServiceAccounts.Interfaces;
|
||||
using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Bit.Commercial.Core.SecretsManager;
|
||||
@ -32,5 +34,7 @@ public static class SecretsManagerCollectionExtensions
|
||||
services.AddScoped<IUpdateAccessPolicyCommand, UpdateAccessPolicyCommand>();
|
||||
services.AddScoped<IDeleteAccessPolicyCommand, DeleteAccessPolicyCommand>();
|
||||
services.AddScoped<IImportCommand, ImportCommand>();
|
||||
services.AddScoped<IEmptyTrashCommand, EmptyTrashCommand>();
|
||||
services.AddScoped<IRestoreTrashCommand, RestoreTrashCommand>();
|
||||
}
|
||||
}
|
||||
|
@ -8,7 +8,6 @@ using Bit.Infrastructure.EntityFramework.SecretsManager.Models;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
|
||||
namespace Bit.Commercial.Infrastructure.EntityFramework.SecretsManager.Repositories;
|
||||
|
||||
public class SecretRepository : Repository<Core.SecretsManager.Entities.Secret, Secret, Guid>, ISecretRepository
|
||||
@ -72,6 +71,36 @@ public class SecretRepository : Repository<Core.SecretsManager.Entities.Secret,
|
||||
return Mapper.Map<List<Core.SecretsManager.Entities.Secret>>(secrets);
|
||||
}
|
||||
|
||||
public async Task<IEnumerable<Core.SecretsManager.Entities.Secret>> GetManyByOrganizationIdInTrashByIdsAsync(Guid organizationId, IEnumerable<Guid> ids)
|
||||
{
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
{
|
||||
var dbContext = GetDatabaseContext(scope);
|
||||
var secrets = await dbContext.Secret
|
||||
.Where(s => ids.Contains(s.Id) && s.OrganizationId == organizationId && s.DeletedDate != null)
|
||||
.Include("Projects")
|
||||
.OrderBy(c => c.RevisionDate)
|
||||
.ToListAsync();
|
||||
|
||||
return Mapper.Map<List<Core.SecretsManager.Entities.Secret>>(secrets);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<IEnumerable<Core.SecretsManager.Entities.Secret>> GetManyByOrganizationIdInTrashAsync(Guid organizationId)
|
||||
{
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
{
|
||||
var dbContext = GetDatabaseContext(scope);
|
||||
var secrets = await dbContext.Secret
|
||||
.Where(c => c.OrganizationId == organizationId && c.DeletedDate != null)
|
||||
.Include("Projects")
|
||||
.OrderBy(c => c.RevisionDate)
|
||||
.ToListAsync();
|
||||
|
||||
return Mapper.Map<List<Core.SecretsManager.Entities.Secret>>(secrets);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<IEnumerable<Core.SecretsManager.Entities.Secret>> GetManyByProjectIdAsync(Guid projectId, Guid userId, AccessClientType accessType)
|
||||
{
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
@ -168,7 +197,6 @@ public class SecretRepository : Repository<Core.SecretsManager.Entities.Secret,
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
{
|
||||
var dbContext = GetDatabaseContext(scope);
|
||||
var utcNow = DateTime.UtcNow;
|
||||
var secrets = dbContext.Secret.Where(c => ids.Contains(c.Id));
|
||||
await secrets.ForEachAsync(secret =>
|
||||
{
|
||||
@ -179,6 +207,21 @@ public class SecretRepository : Repository<Core.SecretsManager.Entities.Secret,
|
||||
}
|
||||
}
|
||||
|
||||
public async Task RestoreManyByIdAsync(IEnumerable<Guid> ids)
|
||||
{
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
{
|
||||
var dbContext = GetDatabaseContext(scope);
|
||||
var secrets = dbContext.Secret.Where(c => ids.Contains(c.Id));
|
||||
await secrets.ForEachAsync(secret =>
|
||||
{
|
||||
dbContext.Attach(secret);
|
||||
secret.DeletedDate = null;
|
||||
});
|
||||
await dbContext.SaveChangesAsync();
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<IEnumerable<Core.SecretsManager.Entities.Secret>> ImportAsync(IEnumerable<Core.SecretsManager.Entities.Secret> secrets)
|
||||
{
|
||||
using (var scope = ServiceScopeFactory.CreateScope())
|
||||
|
@ -0,0 +1,48 @@
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.Trash;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.SecretsManager.Entities;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
using Bit.Core.Test.SecretsManager.AutoFixture.ProjectsFixture;
|
||||
using Bit.Test.Common.AutoFixture;
|
||||
using Bit.Test.Common.AutoFixture.Attributes;
|
||||
using NSubstitute;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.SecretsManager.Trash;
|
||||
|
||||
[SutProviderCustomize]
|
||||
[ProjectCustomize]
|
||||
public class EmptyTrashCommandTests
|
||||
{
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task EmptyTrash_Throws_NotFoundException(Guid orgId, Secret s1, Secret s2, SutProvider<EmptyTrashCommand> sutProvider)
|
||||
{
|
||||
s1.DeletedDate = DateTime.Now;
|
||||
|
||||
var ids = new List<Guid> { s1.Id, s2.Id };
|
||||
sutProvider.GetDependency<ISecretRepository>()
|
||||
.GetManyByOrganizationIdInTrashByIdsAsync(orgId, ids)
|
||||
.Returns(new List<Secret> { s1 });
|
||||
|
||||
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.EmptyTrash(orgId, ids));
|
||||
|
||||
await sutProvider.GetDependency<ISecretRepository>().DidNotReceiveWithAnyArgs().RestoreManyByIdAsync(default);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task EmptyTrash_Success(Guid orgId, Secret s1, Secret s2, SutProvider<EmptyTrashCommand> sutProvider)
|
||||
{
|
||||
s1.DeletedDate = DateTime.Now;
|
||||
|
||||
var ids = new List<Guid> { s1.Id, s2.Id };
|
||||
sutProvider.GetDependency<ISecretRepository>()
|
||||
.GetManyByOrganizationIdInTrashByIdsAsync(orgId, ids)
|
||||
.Returns(new List<Secret> { s1, s2 });
|
||||
|
||||
await sutProvider.Sut.EmptyTrash(orgId, ids);
|
||||
|
||||
await sutProvider.GetDependency<ISecretRepository>().Received(1).HardDeleteManyByIdAsync(ids);
|
||||
}
|
||||
}
|
@ -0,0 +1,48 @@
|
||||
using Bit.Commercial.Core.SecretsManager.Commands.Trash;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.SecretsManager.Entities;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
using Bit.Core.Test.SecretsManager.AutoFixture.ProjectsFixture;
|
||||
using Bit.Test.Common.AutoFixture;
|
||||
using Bit.Test.Common.AutoFixture.Attributes;
|
||||
using NSubstitute;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.SecretsManager.Trash;
|
||||
|
||||
[SutProviderCustomize]
|
||||
[ProjectCustomize]
|
||||
public class RestoreTrashCommandTests
|
||||
{
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task RestoreTrash_Throws_NotFoundException(Guid orgId, Secret s1, Secret s2, SutProvider<RestoreTrashCommand> sutProvider)
|
||||
{
|
||||
s1.DeletedDate = DateTime.Now;
|
||||
|
||||
var ids = new List<Guid> { s1.Id, s2.Id };
|
||||
sutProvider.GetDependency<ISecretRepository>()
|
||||
.GetManyByOrganizationIdInTrashByIdsAsync(orgId, ids)
|
||||
.Returns(new List<Secret> { s1 });
|
||||
|
||||
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.RestoreTrash(orgId, ids));
|
||||
|
||||
await sutProvider.GetDependency<ISecretRepository>().DidNotReceiveWithAnyArgs().RestoreManyByIdAsync(default);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task RestoreTrash_Success(Guid orgId, Secret s1, Secret s2, SutProvider<RestoreTrashCommand> sutProvider)
|
||||
{
|
||||
s1.DeletedDate = DateTime.Now;
|
||||
|
||||
var ids = new List<Guid> { s1.Id, s2.Id };
|
||||
sutProvider.GetDependency<ISecretRepository>()
|
||||
.GetManyByOrganizationIdInTrashByIdsAsync(orgId, ids)
|
||||
.Returns(new List<Secret> { s1, s2 });
|
||||
|
||||
await sutProvider.Sut.RestoreTrash(orgId, ids);
|
||||
|
||||
await sutProvider.GetDependency<ISecretRepository>().Received(1).RestoreManyByIdAsync(ids);
|
||||
}
|
||||
}
|
@ -70,6 +70,7 @@ public class SecretsController : Controller
|
||||
public async Task<SecretResponseModel> GetAsync([FromRoute] Guid id)
|
||||
{
|
||||
var secret = await _secretRepository.GetByIdAsync(id);
|
||||
|
||||
if (secret == null || !_currentContext.AccessSecretsManager(secret.OrganizationId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
|
80
src/Api/SecretsManager/Controllers/SecretsTrashController.cs
Normal file
80
src/Api/SecretsManager/Controllers/SecretsTrashController.cs
Normal file
@ -0,0 +1,80 @@
|
||||
using Bit.Api.SecretsManager.Models.Response;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace Bit.Api.SecretsManager.Controllers;
|
||||
|
||||
[SecretsManager]
|
||||
[Authorize("secrets")]
|
||||
public class TrashController : Controller
|
||||
{
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly ISecretRepository _secretRepository;
|
||||
private readonly IEmptyTrashCommand _emptyTrashCommand;
|
||||
private readonly IRestoreTrashCommand _restoreTrashCommand;
|
||||
|
||||
public TrashController(
|
||||
ICurrentContext currentContext,
|
||||
ISecretRepository secretRepository,
|
||||
IEmptyTrashCommand emptyTrashCommand,
|
||||
IRestoreTrashCommand restoreTrashCommand)
|
||||
{
|
||||
_currentContext = currentContext;
|
||||
_secretRepository = secretRepository;
|
||||
_emptyTrashCommand = emptyTrashCommand;
|
||||
_restoreTrashCommand = restoreTrashCommand;
|
||||
}
|
||||
|
||||
[HttpGet("secrets/{organizationId}/trash")]
|
||||
public async Task<SecretWithProjectsListResponseModel> ListByOrganizationAsync(Guid organizationId)
|
||||
{
|
||||
if (!_currentContext.AccessSecretsManager(organizationId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
if (!await _currentContext.OrganizationAdmin(organizationId))
|
||||
{
|
||||
throw new UnauthorizedAccessException();
|
||||
}
|
||||
|
||||
var secrets = await _secretRepository.GetManyByOrganizationIdInTrashAsync(organizationId);
|
||||
return new SecretWithProjectsListResponseModel(secrets);
|
||||
}
|
||||
|
||||
[HttpPost("secrets/{organizationId}/trash/empty")]
|
||||
public async Task EmptyTrashAsync(Guid organizationId, [FromBody] List<Guid> ids)
|
||||
{
|
||||
if (!_currentContext.AccessSecretsManager(organizationId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
if (!await _currentContext.OrganizationAdmin(organizationId))
|
||||
{
|
||||
throw new UnauthorizedAccessException();
|
||||
}
|
||||
|
||||
await _emptyTrashCommand.EmptyTrash(organizationId, ids);
|
||||
}
|
||||
|
||||
[HttpPost("secrets/{organizationId}/trash/restore")]
|
||||
public async Task RestoreTrashAsync(Guid organizationId, [FromBody] List<Guid> ids)
|
||||
{
|
||||
if (!_currentContext.AccessSecretsManager(organizationId))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
if (!await _currentContext.OrganizationAdmin(organizationId))
|
||||
{
|
||||
throw new UnauthorizedAccessException();
|
||||
}
|
||||
|
||||
await _restoreTrashCommand.RestoreTrash(organizationId, ids);
|
||||
}
|
||||
}
|
@ -0,0 +1,7 @@
|
||||
namespace Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
|
||||
public interface IEmptyTrashCommand
|
||||
{
|
||||
Task EmptyTrash(Guid organizationId, List<Guid> ids);
|
||||
}
|
||||
|
@ -0,0 +1,6 @@
|
||||
namespace Bit.Core.SecretsManager.Commands.Trash.Interfaces;
|
||||
|
||||
public interface IRestoreTrashCommand
|
||||
{
|
||||
Task RestoreTrash(Guid organizationId, List<Guid> ids);
|
||||
}
|
@ -6,6 +6,8 @@ namespace Bit.Core.SecretsManager.Repositories;
|
||||
public interface ISecretRepository
|
||||
{
|
||||
Task<IEnumerable<Secret>> GetManyByOrganizationIdAsync(Guid organizationId, Guid userId, AccessClientType accessType);
|
||||
Task<IEnumerable<Secret>> GetManyByOrganizationIdInTrashAsync(Guid organizationId);
|
||||
Task<IEnumerable<Secret>> GetManyByOrganizationIdInTrashByIdsAsync(Guid organizationId, IEnumerable<Guid> ids);
|
||||
Task<IEnumerable<Secret>> GetManyByIds(IEnumerable<Guid> ids);
|
||||
Task<IEnumerable<Secret>> GetManyByProjectIdAsync(Guid projectId, Guid userId, AccessClientType accessType);
|
||||
Task<Secret> GetByIdAsync(Guid id);
|
||||
@ -13,5 +15,6 @@ public interface ISecretRepository
|
||||
Task<Secret> UpdateAsync(Secret secret);
|
||||
Task SoftDeleteManyByIdAsync(IEnumerable<Guid> ids);
|
||||
Task HardDeleteManyByIdAsync(IEnumerable<Guid> ids);
|
||||
Task RestoreManyByIdAsync(IEnumerable<Guid> ids);
|
||||
Task<IEnumerable<Secret>> ImportAsync(IEnumerable<Secret> secrets);
|
||||
}
|
||||
|
@ -0,0 +1,227 @@
|
||||
using System.Net;
|
||||
using System.Net.Http.Headers;
|
||||
using Bit.Api.IntegrationTest.Factories;
|
||||
using Bit.Api.SecretsManager.Models.Response;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.SecretsManager.Repositories;
|
||||
using Xunit;
|
||||
using Secret = Bit.Core.SecretsManager.Entities.Secret;
|
||||
|
||||
namespace Bit.Api.IntegrationTest.SecretsManager.Controllers;
|
||||
|
||||
public class SecretsTrashControllerTest : IClassFixture<ApiApplicationFactory>, IAsyncLifetime
|
||||
{
|
||||
private readonly string _mockEncryptedString =
|
||||
"2.3Uk+WNBIoU5xzmVFNcoWzz==|1MsPIYuRfdOHfu/0uY6H2Q==|/98sp4wb6pHP1VTZ9JcNCYgQjEUMFPlqJgCwRk1YXKg=";
|
||||
|
||||
private readonly HttpClient _client;
|
||||
private readonly ApiApplicationFactory _factory;
|
||||
private readonly ISecretRepository _secretRepository;
|
||||
|
||||
private string _email = null!;
|
||||
private SecretsManagerOrganizationHelper _organizationHelper = null!;
|
||||
|
||||
public SecretsTrashControllerTest(ApiApplicationFactory factory)
|
||||
{
|
||||
_factory = factory;
|
||||
_client = _factory.CreateClient();
|
||||
_secretRepository = _factory.GetService<ISecretRepository>();
|
||||
}
|
||||
|
||||
public async Task InitializeAsync()
|
||||
{
|
||||
_email = $"integration-test{Guid.NewGuid()}@bitwarden.com";
|
||||
await _factory.LoginWithNewAccount(_email);
|
||||
_organizationHelper = new SecretsManagerOrganizationHelper(_factory, _email);
|
||||
}
|
||||
|
||||
public Task DisposeAsync()
|
||||
{
|
||||
_client.Dispose();
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
private async Task LoginAsync(string email)
|
||||
{
|
||||
var tokens = await _factory.LoginAsync(email);
|
||||
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokens.Token);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[InlineData(false, false)]
|
||||
[InlineData(true, false)]
|
||||
[InlineData(false, true)]
|
||||
public async Task ListByOrganization_SmNotEnabled_NotFound(bool useSecrets, bool accessSecrets)
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var response = await _client.GetAsync($"/secrets/{org.Id}/trash");
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task ListByOrganization_NotAdmin_Unauthorized()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
|
||||
await LoginAsync(email);
|
||||
|
||||
var response = await _client.GetAsync($"/secrets/{org.Id}/trash");
|
||||
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task ListByOrganization_Success()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
await LoginAsync(_email);
|
||||
|
||||
await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString,
|
||||
DeletedDate = DateTime.Now,
|
||||
});
|
||||
|
||||
await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString,
|
||||
});
|
||||
|
||||
var response = await _client.GetAsync($"/secrets/{org.Id}/trash");
|
||||
|
||||
response.EnsureSuccessStatusCode();
|
||||
var result = await response.Content.ReadFromJsonAsync<SecretWithProjectsListResponseModel>();
|
||||
Assert.Single(result!.Secrets);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[InlineData(false, false)]
|
||||
[InlineData(true, false)]
|
||||
[InlineData(false, true)]
|
||||
public async Task Empty_SmNotEnabled_NotFound(bool useSecrets, bool accessSecrets)
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var ids = new List<Guid> { Guid.NewGuid() };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Empty_NotAdmin_Unauthorized()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
|
||||
await LoginAsync(email);
|
||||
|
||||
var ids = new List<Guid> { Guid.NewGuid() };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
|
||||
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Empty_Invalid_NotFound()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var secret = await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString
|
||||
});
|
||||
|
||||
var ids = new List<Guid> { secret.Id };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Empty_Success()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var secret = await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString,
|
||||
DeletedDate = DateTime.Now,
|
||||
});
|
||||
|
||||
var ids = new List<Guid> { secret.Id };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/empty", ids);
|
||||
response.EnsureSuccessStatusCode();
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[InlineData(false, false)]
|
||||
[InlineData(true, false)]
|
||||
[InlineData(false, true)]
|
||||
public async Task Restore_SmNotEnabled_NotFound(bool useSecrets, bool accessSecrets)
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(useSecrets, accessSecrets);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var ids = new List<Guid> { Guid.NewGuid() };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Restore_NotAdmin_Unauthorized()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
var (email, _) = await _organizationHelper.CreateNewUser(OrganizationUserType.User, true);
|
||||
await LoginAsync(email);
|
||||
|
||||
var ids = new List<Guid> { Guid.NewGuid() };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
|
||||
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Restore_Invalid_NotFound()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var secret = await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString
|
||||
});
|
||||
|
||||
var ids = new List<Guid> { secret.Id };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Restore_Success()
|
||||
{
|
||||
var (org, _) = await _organizationHelper.Initialize(true, true);
|
||||
await LoginAsync(_email);
|
||||
|
||||
var secret = await _secretRepository.CreateAsync(new Secret
|
||||
{
|
||||
OrganizationId = org.Id,
|
||||
Key = _mockEncryptedString,
|
||||
Value = _mockEncryptedString,
|
||||
DeletedDate = DateTime.Now,
|
||||
});
|
||||
|
||||
var ids = new List<Guid> { secret.Id };
|
||||
var response = await _client.PostAsJsonAsync($"/secrets/{org.Id}/trash/restore", ids);
|
||||
response.EnsureSuccessStatusCode();
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user