diff --git a/src/Api/Controllers/EmergencyAccessController.cs b/src/Api/Controllers/EmergencyAccessController.cs index ebe2e59f0..594cea142 100644 --- a/src/Api/Controllers/EmergencyAccessController.cs +++ b/src/Api/Controllers/EmergencyAccessController.cs @@ -136,8 +136,8 @@ namespace Bit.Api.Controllers public async Task Takeover(string id) { var user = await _userService.GetUserByPrincipalAsync(User); - var (result, grantor) = await _emergencyAccessService.TakeoverAsync(new Guid(id), user); - return new EmergencyAccessTakeoverResponseModel(result, grantor); + var (result, grantor, policy) = await _emergencyAccessService.TakeoverAsync(new Guid(id), user); + return new EmergencyAccessTakeoverResponseModel(result, grantor, policy); } [HttpPost("{id}/password")] diff --git a/src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs b/src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs index 4545f8261..0b728073a 100644 --- a/src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs +++ b/src/Core/Models/Api/Response/EmergencyAccessResponseModel.cs @@ -84,7 +84,7 @@ namespace Bit.Core.Models.Api.Response public class EmergencyAccessTakeoverResponseModel : ResponseModel { - public EmergencyAccessTakeoverResponseModel(EmergencyAccess emergencyAccess, User grantor, string obj = "emergencyAccessTakeover") : base(obj) + public EmergencyAccessTakeoverResponseModel(EmergencyAccess emergencyAccess, User grantor, ICollection policy, string obj = "emergencyAccessTakeover") : base(obj) { if (emergencyAccess == null) { @@ -94,11 +94,13 @@ namespace Bit.Core.Models.Api.Response KeyEncrypted = emergencyAccess.KeyEncrypted; Kdf = grantor.Kdf; KdfIterations = grantor.KdfIterations; + Policy = policy.Select(policy => new PolicyResponseModel(policy)); } public int KdfIterations { get; private set; } public KdfType Kdf { get; private set; } public string KeyEncrypted { get; private set; } + public IEnumerable Policy { get; private set; } } public class EmergencyAccessViewResponseModel : ResponseModel diff --git a/src/Core/Services/IEmergencyAccessService.cs b/src/Core/Services/IEmergencyAccessService.cs index b156d518c..c8a1a4614 100644 --- a/src/Core/Services/IEmergencyAccessService.cs +++ b/src/Core/Services/IEmergencyAccessService.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using System.Threading.Tasks; using Bit.Core.Enums; using Bit.Core.Models.Api.Response; @@ -19,7 +20,7 @@ namespace Bit.Core.Services Task InitiateAsync(Guid id, User initiatingUser); Task ApproveAsync(Guid id, User approvingUser); Task RejectAsync(Guid id, User rejectingUser); - Task<(EmergencyAccess, User)> TakeoverAsync(Guid id, User initiatingUser); + Task<(EmergencyAccess, User, ICollection)> TakeoverAsync(Guid id, User initiatingUser); Task PasswordAsync(Guid id, User user, string newMasterPasswordHash, string key); Task SendNotificationsAsync(); Task HandleTimedOutRequestsAsync(); diff --git a/src/Core/Services/Implementations/EmergencyAccessService.cs b/src/Core/Services/Implementations/EmergencyAccessService.cs index 3d2bf207a..a7bc439c7 100644 --- a/src/Core/Services/Implementations/EmergencyAccessService.cs +++ b/src/Core/Services/Implementations/EmergencyAccessService.cs @@ -20,6 +20,7 @@ namespace Bit.Core.Services private readonly IOrganizationUserRepository _organizationUserRepository; private readonly IUserRepository _userRepository; private readonly ICipherRepository _cipherRepository; + private readonly IPolicyRepository _policyRepository; private readonly IMailService _mailService; private readonly IUserService _userService; private readonly IDataProtector _dataProtector; @@ -32,6 +33,7 @@ namespace Bit.Core.Services IOrganizationUserRepository organizationUserRepository, IUserRepository userRepository, ICipherRepository cipherRepository, + IPolicyRepository policyRepository, IMailService mailService, IUserService userService, IPasswordHasher passwordHasher, @@ -43,6 +45,7 @@ namespace Bit.Core.Services _organizationUserRepository = organizationUserRepository; _userRepository = userRepository; _cipherRepository = cipherRepository; + _policyRepository = policyRepository; _mailService = mailService; _userService = userService; _passwordHasher = passwordHasher; @@ -235,7 +238,7 @@ namespace Bit.Core.Services await _mailService.SendEmergencyAccessRecoveryRejected(emergencyAccess, NameOrEmail(rejectingUser), grantee.Email); } - public async Task<(EmergencyAccess, User)> TakeoverAsync(Guid id, User requestingUser) + public async Task<(EmergencyAccess, User, ICollection)> TakeoverAsync(Guid id, User requestingUser) { var emergencyAccess = await _emergencyAccessRepository.GetByIdAsync(id); @@ -246,8 +249,9 @@ namespace Bit.Core.Services } var grantor = await _userRepository.GetByIdAsync(emergencyAccess.GrantorId); + var policy = await _policyRepository.GetManyByUserIdAsync(grantor.Id); - return (emergencyAccess, grantor); + return (emergencyAccess, grantor, policy); } public async Task PasswordAsync(Guid id, User requestingUser, string newMasterPasswordHash, string key)