mirror of
https://github.com/bitwarden/server.git
synced 2024-12-23 17:07:42 +01:00
return twofactor enabled property on org users api
This commit is contained in:
parent
866cfefd80
commit
4a38713c4b
@ -64,7 +64,9 @@ namespace Bit.Api.Controllers
|
||||
}
|
||||
|
||||
var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId);
|
||||
var responses = organizationUsers.Select(o => new OrganizationUserUserDetailsResponseModel(o));
|
||||
var responseTasks = organizationUsers.Select(async o => new OrganizationUserUserDetailsResponseModel(o,
|
||||
await _userService.TwoFactorIsEnabledAsync(o)));
|
||||
var responses = await Task.WhenAll(responseTasks);
|
||||
return new ListResponseModel<OrganizationUserUserDetailsResponseModel>(responses);
|
||||
}
|
||||
|
||||
@ -175,7 +177,7 @@ namespace Bit.Api.Controllers
|
||||
{
|
||||
throw new BadRequestException("Only owners can update other owners.");
|
||||
}
|
||||
|
||||
|
||||
await _organizationService.UpdateUserGroupsAsync(organizationUser, model.GroupIds.Select(g => new Guid(g)));
|
||||
}
|
||||
|
||||
|
@ -61,7 +61,7 @@ namespace Bit.Core.Models.Api
|
||||
public class OrganizationUserUserDetailsResponseModel : OrganizationUserResponseModel
|
||||
{
|
||||
public OrganizationUserUserDetailsResponseModel(OrganizationUserUserDetails organizationUser,
|
||||
string obj = "organizationUserUserDetails")
|
||||
bool twoFactorEnabled, string obj = "organizationUserUserDetails")
|
||||
: base(organizationUser, obj)
|
||||
{
|
||||
if(organizationUser == null)
|
||||
@ -71,9 +71,11 @@ namespace Bit.Core.Models.Api
|
||||
|
||||
Name = organizationUser.Name;
|
||||
Email = organizationUser.Email;
|
||||
TwoFactorEnabled = twoFactorEnabled;
|
||||
}
|
||||
|
||||
public string Name { get; set; }
|
||||
public string Email { get; set; }
|
||||
public bool TwoFactorEnabled { get; set; }
|
||||
}
|
||||
}
|
||||
|
@ -1,17 +1,58 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using Bit.Core.Enums;
|
||||
using Newtonsoft.Json;
|
||||
|
||||
namespace Bit.Core.Models.Data
|
||||
{
|
||||
public class OrganizationUserUserDetails : IExternal
|
||||
public class OrganizationUserUserDetails : IExternal, ITwoFactorProvidersUser
|
||||
{
|
||||
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
|
||||
|
||||
public Guid Id { get; set; }
|
||||
public Guid OrganizationId { get; set; }
|
||||
public Guid? UserId { get; set; }
|
||||
public string Name { get; set; }
|
||||
public string Email { get; set; }
|
||||
public Enums.OrganizationUserStatusType Status { get; set; }
|
||||
public Enums.OrganizationUserType Type { get; set; }
|
||||
public string TwoFactorProviders { get; set; }
|
||||
public bool? Premium { get; set; }
|
||||
public OrganizationUserStatusType Status { get; set; }
|
||||
public OrganizationUserType Type { get; set; }
|
||||
public bool AccessAll { get; set; }
|
||||
public string ExternalId { get; set; }
|
||||
|
||||
public Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders()
|
||||
{
|
||||
if(string.IsNullOrWhiteSpace(TwoFactorProviders))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if(_twoFactorProviders == null)
|
||||
{
|
||||
_twoFactorProviders =
|
||||
JsonConvert.DeserializeObject<Dictionary<TwoFactorProviderType, TwoFactorProvider>>(
|
||||
TwoFactorProviders);
|
||||
}
|
||||
|
||||
return _twoFactorProviders;
|
||||
}
|
||||
catch(JsonSerializationException)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public Guid? GetUserId()
|
||||
{
|
||||
return UserId;
|
||||
}
|
||||
|
||||
public bool GetPremium()
|
||||
{
|
||||
return Premium.GetValueOrDefault(false);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
14
src/Core/Models/ITwoFactorProvidersUser.cs
Normal file
14
src/Core/Models/ITwoFactorProvidersUser.cs
Normal file
@ -0,0 +1,14 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using Bit.Core.Enums;
|
||||
|
||||
namespace Bit.Core.Models
|
||||
{
|
||||
public interface ITwoFactorProvidersUser
|
||||
{
|
||||
string TwoFactorProviders { get; }
|
||||
Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders();
|
||||
Guid? GetUserId();
|
||||
bool GetPremium();
|
||||
}
|
||||
}
|
@ -6,11 +6,10 @@ using Newtonsoft.Json;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Exceptions;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Bit.Core.Models.Table
|
||||
{
|
||||
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable
|
||||
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable, ITwoFactorProvidersUser
|
||||
{
|
||||
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
|
||||
|
||||
@ -83,6 +82,16 @@ namespace Bit.Core.Models.Table
|
||||
}
|
||||
}
|
||||
|
||||
public Guid? GetUserId()
|
||||
{
|
||||
return Id;
|
||||
}
|
||||
|
||||
public bool GetPremium()
|
||||
{
|
||||
return Premium;
|
||||
}
|
||||
|
||||
public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
|
||||
{
|
||||
TwoFactorProviders = JsonConvert.SerializeObject(providers, new JsonSerializerSettings
|
||||
|
@ -54,8 +54,8 @@ namespace Bit.Core.Services
|
||||
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
||||
Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null);
|
||||
Task<bool> CheckPasswordAsync(User user, string password);
|
||||
Task<bool> CanAccessPremium(User user);
|
||||
Task<bool> TwoFactorIsEnabledAsync(User user);
|
||||
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user);
|
||||
Task<bool> CanAccessPremium(ITwoFactorProvidersUser user);
|
||||
Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user);
|
||||
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user);
|
||||
}
|
||||
}
|
||||
|
@ -900,13 +900,18 @@ namespace Bit.Core.Services
|
||||
return success;
|
||||
}
|
||||
|
||||
public async Task<bool> CanAccessPremium(User user)
|
||||
public async Task<bool> CanAccessPremium(ITwoFactorProvidersUser user)
|
||||
{
|
||||
if(user.Premium)
|
||||
var userId = user.GetUserId();
|
||||
if(!userId.HasValue)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
if(user.GetPremium())
|
||||
{
|
||||
return true;
|
||||
}
|
||||
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, user.Id);
|
||||
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, userId.Value);
|
||||
if(!orgs.Any())
|
||||
{
|
||||
return false;
|
||||
@ -916,7 +921,7 @@ namespace Bit.Core.Services
|
||||
orgAbilities[o.Id].UsersGetPremium && orgAbilities[o.Id].Enabled);
|
||||
}
|
||||
|
||||
public async Task<bool> TwoFactorIsEnabledAsync(User user)
|
||||
public async Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user)
|
||||
{
|
||||
var providers = user.GetTwoFactorProviders();
|
||||
if(providers == null)
|
||||
@ -941,7 +946,7 @@ namespace Bit.Core.Services
|
||||
return false;
|
||||
}
|
||||
|
||||
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user)
|
||||
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user)
|
||||
{
|
||||
var providers = user.GetTwoFactorProviders();
|
||||
if(providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)
|
||||
|
@ -6,6 +6,8 @@ SELECT
|
||||
OU.[OrganizationId],
|
||||
U.[Name],
|
||||
ISNULL(U.[Email], OU.[Email]) Email,
|
||||
U.[TwoFactorProviders],
|
||||
U.[Premium],
|
||||
OU.[Status],
|
||||
OU.[Type],
|
||||
OU.[AccessAll],
|
||||
|
@ -0,0 +1,25 @@
|
||||
IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'OrganizationUserUserDetailsView')
|
||||
BEGIN
|
||||
DROP VIEW [dbo].[OrganizationUserUserDetailsView]
|
||||
END
|
||||
GO
|
||||
|
||||
CREATE VIEW [dbo].[OrganizationUserUserDetailsView]
|
||||
AS
|
||||
SELECT
|
||||
OU.[Id],
|
||||
OU.[UserId],
|
||||
OU.[OrganizationId],
|
||||
U.[Name],
|
||||
ISNULL(U.[Email], OU.[Email]) Email,
|
||||
U.[TwoFactorProviders],
|
||||
U.[Premium],
|
||||
OU.[Status],
|
||||
OU.[Type],
|
||||
OU.[AccessAll],
|
||||
OU.[ExternalId]
|
||||
FROM
|
||||
[dbo].[OrganizationUser] OU
|
||||
LEFT JOIN
|
||||
[dbo].[User] U ON U.[Id] = OU.[UserId]
|
||||
GO
|
@ -15,6 +15,7 @@
|
||||
<ItemGroup>
|
||||
<None Remove="DbScripts\2018-09-25_00_OrgPurge.sql" />
|
||||
<None Remove="DbScripts\2018-10-17_00_ManagerRole.sql" />
|
||||
<None Remove="DbScripts\2018-12-19_00_OrgUserTwoFactorEnabled.sql" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
Loading…
Reference in New Issue
Block a user