From 2dc29e51d1346e429dad5548692fba45dda70832 Mon Sep 17 00:00:00 2001
From: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Date: Thu, 18 Nov 2021 21:15:22 +1000
Subject: [PATCH] Fix bug preventing user from leaving org (#1721)
---
.../Controllers/OrganizationsController.cs | 5 ++-
.../OrganizationsControllerTests.cs | 40 +++++++++++++++++--
2 files changed, 39 insertions(+), 6 deletions(-)
diff --git a/src/Api/Controllers/OrganizationsController.cs b/src/Api/Controllers/OrganizationsController.cs
index eb977568fc..e85f05343e 100644
--- a/src/Api/Controllers/OrganizationsController.cs
+++ b/src/Api/Controllers/OrganizationsController.cs
@@ -385,9 +385,10 @@ namespace Bit.Api.Controllers
}
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(orgGuidId);
- if (ssoConfig?.GetData()?.KeyConnectorEnabled == true)
+ if (ssoConfig?.GetData()?.KeyConnectorEnabled == true &&
+ _currentContext.User.UsesKeyConnector)
{
- throw new BadRequestException("You cannot leave an Organization that is using Key Connector.");
+ throw new BadRequestException("You cannot leave this Organization because you are using its Key Connector.");
}
var userId = _userService.GetProperUserId(User);
diff --git a/test/Api.Test/Controllers/OrganizationsControllerTests.cs b/test/Api.Test/Controllers/OrganizationsControllerTests.cs
index 4011c72b03..6b69a7e971 100644
--- a/test/Api.Test/Controllers/OrganizationsControllerTests.cs
+++ b/test/Api.Test/Controllers/OrganizationsControllerTests.cs
@@ -54,8 +54,8 @@ namespace Bit.Api.Test.Controllers
}
[Theory, AutoData]
- public async Task OrganizationsController_WhenUserTriestoLeaveOrganizationUsingKeyConnector_Throws(
- Guid orgId)
+ public async Task OrganizationsController_UserCannotLeaveOrganizationThatProvidesKeyConnector(
+ Guid orgId, User user)
{
var ssoConfig = new SsoConfig
{
@@ -68,18 +68,50 @@ namespace Bit.Api.Test.Controllers
OrganizationId = orgId,
};
+ user.UsesKeyConnector = true;
+
_currentContext.OrganizationUser(orgId).Returns(true);
_ssoConfigRepository.GetByOrganizationIdAsync(orgId).Returns(ssoConfig);
- _userService.GetProperUserId(Arg.Any<ClaimsPrincipal>()).Returns(new Guid());
+ _userService.GetProperUserId(Arg.Any<ClaimsPrincipal>()).Returns(user.Id);
+ _currentContext.User.Returns(user);
var exception = await Assert.ThrowsAsync<BadRequestException>(
() => _sut.Leave(orgId.ToString()));
- Assert.Contains("You cannot leave an Organization that is using Key Connector.",
+ Assert.Contains("You cannot leave this Organization because you are using its Key Connector.",
exception.Message);
await _organizationService.DidNotReceiveWithAnyArgs().DeleteUserAsync(default, default);
}
+
+ [Theory]
+ [InlineAutoData(true, false)]
+ [InlineAutoData(false, true)]
+ [InlineAutoData(false, false)]
+ public async Task OrganizationsController_UserCanLeaveOrganizationThatDoesntProvideKeyConnector(
+ bool keyConnectorEnabled, bool userUsesKeyConnector, Guid orgId, User user)
+ {
+ var ssoConfig = new SsoConfig
+ {
+ Id = default,
+ Data = new SsoConfigurationData
+ {
+ KeyConnectorEnabled = keyConnectorEnabled,
+ }.Serialize(),
+ Enabled = true,
+ OrganizationId = orgId,
+ };
+
+ user.UsesKeyConnector = userUsesKeyConnector;
+
+ _currentContext.OrganizationUser(orgId).Returns(true);
+ _ssoConfigRepository.GetByOrganizationIdAsync(orgId).Returns(ssoConfig);
+ _userService.GetProperUserId(Arg.Any<ClaimsPrincipal>()).Returns(user.Id);
+ _currentContext.User.Returns(user);
+
+ await _organizationService.DeleteUserAsync(orgId, user.Id);
+ await _organizationService.Received(1).DeleteUserAsync(orgId, user.Id);
+ }
}
}