1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-10 15:13:29 +01:00

Expand IPolicyStrategy responsibilities

This commit is contained in:
Thomas Rittson 2024-09-26 11:07:28 +10:00
parent 2d0dd90190
commit 267637f212
No known key found for this signature in database
GPG Key ID: CDDDA03861C35E27

View File

@ -1,9 +1,12 @@
using Bit.Core.AdminConsole.Entities;
#nullable enable
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Enums;
using Bit.Core.Entities;
namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies;
public interface IPolicyStrategy
public interface IPolicyStrategy<TData, TRequirement>
{
/// <summary>
/// The PolicyType that the strategy is responsible for handling.
@ -11,20 +14,37 @@ public interface IPolicyStrategy
public PolicyType Type { get; }
/// <summary>
/// A method that is called when the policy state changes from disabled to enabled, before
/// it is saved to the database.
/// For example, this can be used for validation before saving or for side effects.
/// A factory that transforms the untyped Policy.Data JSON object to a domain specific object,
/// usually used for additional policy configuration.
/// </summary>
/// <param name="policy">The updated policy object.</param>
/// <param name="savingUserId">The current user who is updating the policy.</param>
public Task HandleEnable(Policy policy, Guid? savingUserId);
public Func<object, TData>? DataFactory { get; }
/// <summary>
/// A method that is called when the policy state changes from enabled to disabled, before
/// it is saved to the database.
/// For example, this can be used for validation before saving or for side effects.
/// A predicate function that returns true if a policy should be enforced against a user
/// and false otherwise. This does not need to check Organization.UsePolicies or Policy.Enabled.
/// </summary>
/// <param name="policy">The updated policy object.</param>
/// <param name="savingUserId">The current user who is updating the policy.</param>
public Task HandleDisable(Policy policy, Guid? savingUserId);
public Predicate<(OrganizationUser, Policy)> Filter { get; }
/// <summary>
/// A reducer function that reduces Policies into policy requirements (as defined by TRequirement).
/// This is used to reconcile policies of the same type from different organizations and combine them into
/// a single object that represents the requirements of the domain.
/// </summary>
public (Func<TRequirement, Policy> reducer, TRequirement initialValue) Reducer { get; }
/// <summary>
/// Validates a policy before saving it.
/// </summary>
/// <param name="currentPolicy">The current policy, if any</param>
/// <param name="modifiedPolicy">The modified policy to be saved</param>
/// <returns>A sequence of validation errors if validation was unsuccessful</returns>
public IEnumerable<string>? Validate(Policy? currentPolicy, Policy modifiedPolicy);
/// <summary>
/// Optionally performs side effects after a policy is validated but before it is saved.
/// For example, this can be used to remove non-compliant users from the organization.
/// </summary>
/// <param name="currentPolicy">The current policy, if any</param>
/// <param name="modifiedPolicy">The modified policy to be saved</param>
public Task OnSaveSideEffects(Policy? currentPolicy, Policy modifiedPolicy);
}