mirror of
https://github.com/bitwarden/server.git
synced 2024-12-10 15:13:29 +01:00
Expand IPolicyStrategy responsibilities
This commit is contained in:
parent
2d0dd90190
commit
267637f212
@ -1,9 +1,12 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
#nullable enable
|
||||
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Enums;
|
||||
using Bit.Core.Entities;
|
||||
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies;
|
||||
|
||||
public interface IPolicyStrategy
|
||||
public interface IPolicyStrategy<TData, TRequirement>
|
||||
{
|
||||
/// <summary>
|
||||
/// The PolicyType that the strategy is responsible for handling.
|
||||
@ -11,20 +14,37 @@ public interface IPolicyStrategy
|
||||
public PolicyType Type { get; }
|
||||
|
||||
/// <summary>
|
||||
/// A method that is called when the policy state changes from disabled to enabled, before
|
||||
/// it is saved to the database.
|
||||
/// For example, this can be used for validation before saving or for side effects.
|
||||
/// A factory that transforms the untyped Policy.Data JSON object to a domain specific object,
|
||||
/// usually used for additional policy configuration.
|
||||
/// </summary>
|
||||
/// <param name="policy">The updated policy object.</param>
|
||||
/// <param name="savingUserId">The current user who is updating the policy.</param>
|
||||
public Task HandleEnable(Policy policy, Guid? savingUserId);
|
||||
public Func<object, TData>? DataFactory { get; }
|
||||
|
||||
/// <summary>
|
||||
/// A method that is called when the policy state changes from enabled to disabled, before
|
||||
/// it is saved to the database.
|
||||
/// For example, this can be used for validation before saving or for side effects.
|
||||
/// A predicate function that returns true if a policy should be enforced against a user
|
||||
/// and false otherwise. This does not need to check Organization.UsePolicies or Policy.Enabled.
|
||||
/// </summary>
|
||||
/// <param name="policy">The updated policy object.</param>
|
||||
/// <param name="savingUserId">The current user who is updating the policy.</param>
|
||||
public Task HandleDisable(Policy policy, Guid? savingUserId);
|
||||
public Predicate<(OrganizationUser, Policy)> Filter { get; }
|
||||
|
||||
/// <summary>
|
||||
/// A reducer function that reduces Policies into policy requirements (as defined by TRequirement).
|
||||
/// This is used to reconcile policies of the same type from different organizations and combine them into
|
||||
/// a single object that represents the requirements of the domain.
|
||||
/// </summary>
|
||||
public (Func<TRequirement, Policy> reducer, TRequirement initialValue) Reducer { get; }
|
||||
|
||||
/// <summary>
|
||||
/// Validates a policy before saving it.
|
||||
/// </summary>
|
||||
/// <param name="currentPolicy">The current policy, if any</param>
|
||||
/// <param name="modifiedPolicy">The modified policy to be saved</param>
|
||||
/// <returns>A sequence of validation errors if validation was unsuccessful</returns>
|
||||
public IEnumerable<string>? Validate(Policy? currentPolicy, Policy modifiedPolicy);
|
||||
|
||||
/// <summary>
|
||||
/// Optionally performs side effects after a policy is validated but before it is saved.
|
||||
/// For example, this can be used to remove non-compliant users from the organization.
|
||||
/// </summary>
|
||||
/// <param name="currentPolicy">The current policy, if any</param>
|
||||
/// <param name="modifiedPolicy">The modified policy to be saved</param>
|
||||
public Task OnSaveSideEffects(Policy? currentPolicy, Policy modifiedPolicy);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user