1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-24 12:35:25 +01:00

Do not use ApplicationCache when saving OrgUser (#3885)

* Do not use ApplicationCache when saving OrgUser

* dotnet format
This commit is contained in:
Thomas Rittson 2024-03-11 21:01:56 +10:00 committed by GitHub
parent f432c18ab5
commit 1a3c1aeb0c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 20 additions and 22 deletions

View File

@ -1421,18 +1421,18 @@ public class OrganizationService : IOrganizationService
}
// If the organization is using Flexible Collections, prevent use of any deprecated permissions
var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(user.OrganizationId);
if (organizationAbility?.FlexibleCollections == true && user.Type == OrganizationUserType.Manager)
var organization = await _organizationRepository.GetByIdAsync(user.OrganizationId);
if (organization.FlexibleCollections && user.Type == OrganizationUserType.Manager)
{
throw new BadRequestException("The Manager role has been deprecated by collection enhancements. Use the collection Can Manage permission instead.");
}
if (organizationAbility?.FlexibleCollections == true && user.AccessAll)
if (organization.FlexibleCollections && user.AccessAll)
{
throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the user to collections instead.");
}
if (organizationAbility?.FlexibleCollections == true && collections?.Any() == true)
if (organization.FlexibleCollections && collections?.Any() == true)
{
var invalidAssociations = collections.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
if (invalidAssociations.Any())
@ -1449,7 +1449,6 @@ public class OrganizationService : IOrganizationService
var additionalSmSeatsRequired = await _countNewSmSeatsRequiredQuery.CountNewSmSeatsRequiredAsync(user.OrganizationId, 1);
if (additionalSmSeatsRequired > 0)
{
var organization = await _organizationRepository.GetByIdAsync(user.OrganizationId);
var update = new SecretsManagerSubscriptionUpdate(organization, true)
.AdjustSeats(additionalSmSeatsRequired);
await _updateSecretsManagerSubscriptionCommand.UpdateSubscriptionAsync(update);

View File

@ -15,7 +15,6 @@ using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models.Business;
using Bit.Core.Models.Data;
using Bit.Core.Models.Data.Organizations;
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
using Bit.Core.Models.Mail;
using Bit.Core.Models.StaticStore;
@ -1371,7 +1370,7 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
[Theory, BitAutoData]
public async Task SaveUser_WithFlexibleCollections_WhenUpgradingToManager_Throws(
OrganizationAbility organizationAbility,
Organization organization,
[OrganizationUser(type: OrganizationUserType.User)] OrganizationUser oldUserData,
[OrganizationUser(type: OrganizationUserType.Manager)] OrganizationUser newUserData,
[OrganizationUser(type: OrganizationUserType.Owner, status: OrganizationUserStatusType.Confirmed)] OrganizationUser savingUser,
@ -1379,18 +1378,18 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
IEnumerable<Guid> groups,
SutProvider<OrganizationService> sutProvider)
{
organizationAbility.FlexibleCollections = true;
organization.FlexibleCollections = true;
newUserData.Id = oldUserData.Id;
newUserData.UserId = oldUserData.UserId;
newUserData.OrganizationId = oldUserData.OrganizationId = savingUser.OrganizationId = organizationAbility.Id;
newUserData.OrganizationId = oldUserData.OrganizationId = savingUser.OrganizationId = organization.Id;
newUserData.Permissions = CoreHelpers.ClassToJsonData(new Permissions());
sutProvider.GetDependency<IApplicationCacheService>()
.GetOrganizationAbilityAsync(organizationAbility.Id)
.Returns(organizationAbility);
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
sutProvider.GetDependency<ICurrentContext>()
.ManageUsers(organizationAbility.Id)
.ManageUsers(organization.Id)
.Returns(true);
sutProvider.GetDependency<IOrganizationUserRepository>()
@ -1398,7 +1397,7 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
.Returns(oldUserData);
sutProvider.GetDependency<IOrganizationUserRepository>()
.GetManyByOrganizationAsync(organizationAbility.Id, OrganizationUserType.Owner)
.GetManyByOrganizationAsync(organization.Id, OrganizationUserType.Owner)
.Returns(new List<OrganizationUser> { savingUser });
var exception = await Assert.ThrowsAsync<BadRequestException>(
@ -1409,7 +1408,7 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
[Theory, BitAutoData]
public async Task SaveUser_WithFlexibleCollections_WithAccessAll_Throws(
OrganizationAbility organizationAbility,
Organization organization,
[OrganizationUser(type: OrganizationUserType.User)] OrganizationUser oldUserData,
[OrganizationUser(type: OrganizationUserType.User)] OrganizationUser newUserData,
[OrganizationUser(type: OrganizationUserType.Owner, status: OrganizationUserStatusType.Confirmed)] OrganizationUser savingUser,
@ -1417,19 +1416,19 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
IEnumerable<Guid> groups,
SutProvider<OrganizationService> sutProvider)
{
organizationAbility.FlexibleCollections = true;
organization.FlexibleCollections = true;
newUserData.Id = oldUserData.Id;
newUserData.UserId = oldUserData.UserId;
newUserData.OrganizationId = oldUserData.OrganizationId = savingUser.OrganizationId = organizationAbility.Id;
newUserData.OrganizationId = oldUserData.OrganizationId = savingUser.OrganizationId = organization.Id;
newUserData.Permissions = CoreHelpers.ClassToJsonData(new Permissions());
newUserData.AccessAll = true;
sutProvider.GetDependency<IApplicationCacheService>()
.GetOrganizationAbilityAsync(organizationAbility.Id)
.Returns(organizationAbility);
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
sutProvider.GetDependency<ICurrentContext>()
.ManageUsers(organizationAbility.Id)
.ManageUsers(organization.Id)
.Returns(true);
sutProvider.GetDependency<IOrganizationUserRepository>()
@ -1437,7 +1436,7 @@ OrganizationUserInvite invite, SutProvider<OrganizationService> sutProvider)
.Returns(oldUserData);
sutProvider.GetDependency<IOrganizationUserRepository>()
.GetManyByOrganizationAsync(organizationAbility.Id, OrganizationUserType.Owner)
.GetManyByOrganizationAsync(organization.Id, OrganizationUserType.Owner)
.Returns(new List<OrganizationUser> { savingUser });
var exception = await Assert.ThrowsAsync<BadRequestException>(