mirror of
https://github.com/bitwarden/server.git
synced 2024-12-24 17:17:40 +01:00
return twofactor enabled property on org users api
This commit is contained in:
parent
866cfefd80
commit
4a38713c4b
@ -64,7 +64,9 @@ namespace Bit.Api.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId);
|
var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId);
|
||||||
var responses = organizationUsers.Select(o => new OrganizationUserUserDetailsResponseModel(o));
|
var responseTasks = organizationUsers.Select(async o => new OrganizationUserUserDetailsResponseModel(o,
|
||||||
|
await _userService.TwoFactorIsEnabledAsync(o)));
|
||||||
|
var responses = await Task.WhenAll(responseTasks);
|
||||||
return new ListResponseModel<OrganizationUserUserDetailsResponseModel>(responses);
|
return new ListResponseModel<OrganizationUserUserDetailsResponseModel>(responses);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -175,7 +177,7 @@ namespace Bit.Api.Controllers
|
|||||||
{
|
{
|
||||||
throw new BadRequestException("Only owners can update other owners.");
|
throw new BadRequestException("Only owners can update other owners.");
|
||||||
}
|
}
|
||||||
|
|
||||||
await _organizationService.UpdateUserGroupsAsync(organizationUser, model.GroupIds.Select(g => new Guid(g)));
|
await _organizationService.UpdateUserGroupsAsync(organizationUser, model.GroupIds.Select(g => new Guid(g)));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -61,7 +61,7 @@ namespace Bit.Core.Models.Api
|
|||||||
public class OrganizationUserUserDetailsResponseModel : OrganizationUserResponseModel
|
public class OrganizationUserUserDetailsResponseModel : OrganizationUserResponseModel
|
||||||
{
|
{
|
||||||
public OrganizationUserUserDetailsResponseModel(OrganizationUserUserDetails organizationUser,
|
public OrganizationUserUserDetailsResponseModel(OrganizationUserUserDetails organizationUser,
|
||||||
string obj = "organizationUserUserDetails")
|
bool twoFactorEnabled, string obj = "organizationUserUserDetails")
|
||||||
: base(organizationUser, obj)
|
: base(organizationUser, obj)
|
||||||
{
|
{
|
||||||
if(organizationUser == null)
|
if(organizationUser == null)
|
||||||
@ -71,9 +71,11 @@ namespace Bit.Core.Models.Api
|
|||||||
|
|
||||||
Name = organizationUser.Name;
|
Name = organizationUser.Name;
|
||||||
Email = organizationUser.Email;
|
Email = organizationUser.Email;
|
||||||
|
TwoFactorEnabled = twoFactorEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public string Name { get; set; }
|
public string Name { get; set; }
|
||||||
public string Email { get; set; }
|
public string Email { get; set; }
|
||||||
|
public bool TwoFactorEnabled { get; set; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,17 +1,58 @@
|
|||||||
using System;
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using Bit.Core.Enums;
|
||||||
|
using Newtonsoft.Json;
|
||||||
|
|
||||||
namespace Bit.Core.Models.Data
|
namespace Bit.Core.Models.Data
|
||||||
{
|
{
|
||||||
public class OrganizationUserUserDetails : IExternal
|
public class OrganizationUserUserDetails : IExternal, ITwoFactorProvidersUser
|
||||||
{
|
{
|
||||||
|
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
|
||||||
|
|
||||||
public Guid Id { get; set; }
|
public Guid Id { get; set; }
|
||||||
public Guid OrganizationId { get; set; }
|
public Guid OrganizationId { get; set; }
|
||||||
public Guid? UserId { get; set; }
|
public Guid? UserId { get; set; }
|
||||||
public string Name { get; set; }
|
public string Name { get; set; }
|
||||||
public string Email { get; set; }
|
public string Email { get; set; }
|
||||||
public Enums.OrganizationUserStatusType Status { get; set; }
|
public string TwoFactorProviders { get; set; }
|
||||||
public Enums.OrganizationUserType Type { get; set; }
|
public bool? Premium { get; set; }
|
||||||
|
public OrganizationUserStatusType Status { get; set; }
|
||||||
|
public OrganizationUserType Type { get; set; }
|
||||||
public bool AccessAll { get; set; }
|
public bool AccessAll { get; set; }
|
||||||
public string ExternalId { get; set; }
|
public string ExternalId { get; set; }
|
||||||
|
|
||||||
|
public Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders()
|
||||||
|
{
|
||||||
|
if(string.IsNullOrWhiteSpace(TwoFactorProviders))
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
if(_twoFactorProviders == null)
|
||||||
|
{
|
||||||
|
_twoFactorProviders =
|
||||||
|
JsonConvert.DeserializeObject<Dictionary<TwoFactorProviderType, TwoFactorProvider>>(
|
||||||
|
TwoFactorProviders);
|
||||||
|
}
|
||||||
|
|
||||||
|
return _twoFactorProviders;
|
||||||
|
}
|
||||||
|
catch(JsonSerializationException)
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public Guid? GetUserId()
|
||||||
|
{
|
||||||
|
return UserId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool GetPremium()
|
||||||
|
{
|
||||||
|
return Premium.GetValueOrDefault(false);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
14
src/Core/Models/ITwoFactorProvidersUser.cs
Normal file
14
src/Core/Models/ITwoFactorProvidersUser.cs
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using Bit.Core.Enums;
|
||||||
|
|
||||||
|
namespace Bit.Core.Models
|
||||||
|
{
|
||||||
|
public interface ITwoFactorProvidersUser
|
||||||
|
{
|
||||||
|
string TwoFactorProviders { get; }
|
||||||
|
Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders();
|
||||||
|
Guid? GetUserId();
|
||||||
|
bool GetPremium();
|
||||||
|
}
|
||||||
|
}
|
@ -6,11 +6,10 @@ using Newtonsoft.Json;
|
|||||||
using Bit.Core.Services;
|
using Bit.Core.Services;
|
||||||
using Bit.Core.Exceptions;
|
using Bit.Core.Exceptions;
|
||||||
using Microsoft.AspNetCore.Identity;
|
using Microsoft.AspNetCore.Identity;
|
||||||
using System.Threading.Tasks;
|
|
||||||
|
|
||||||
namespace Bit.Core.Models.Table
|
namespace Bit.Core.Models.Table
|
||||||
{
|
{
|
||||||
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable
|
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable, ITwoFactorProvidersUser
|
||||||
{
|
{
|
||||||
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
|
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
|
||||||
|
|
||||||
@ -83,6 +82,16 @@ namespace Bit.Core.Models.Table
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Guid? GetUserId()
|
||||||
|
{
|
||||||
|
return Id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool GetPremium()
|
||||||
|
{
|
||||||
|
return Premium;
|
||||||
|
}
|
||||||
|
|
||||||
public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
|
public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
|
||||||
{
|
{
|
||||||
TwoFactorProviders = JsonConvert.SerializeObject(providers, new JsonSerializerSettings
|
TwoFactorProviders = JsonConvert.SerializeObject(providers, new JsonSerializerSettings
|
||||||
|
@ -54,8 +54,8 @@ namespace Bit.Core.Services
|
|||||||
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
||||||
Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null);
|
Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null);
|
||||||
Task<bool> CheckPasswordAsync(User user, string password);
|
Task<bool> CheckPasswordAsync(User user, string password);
|
||||||
Task<bool> CanAccessPremium(User user);
|
Task<bool> CanAccessPremium(ITwoFactorProvidersUser user);
|
||||||
Task<bool> TwoFactorIsEnabledAsync(User user);
|
Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user);
|
||||||
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user);
|
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -900,13 +900,18 @@ namespace Bit.Core.Services
|
|||||||
return success;
|
return success;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<bool> CanAccessPremium(User user)
|
public async Task<bool> CanAccessPremium(ITwoFactorProvidersUser user)
|
||||||
{
|
{
|
||||||
if(user.Premium)
|
var userId = user.GetUserId();
|
||||||
|
if(!userId.HasValue)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if(user.GetPremium())
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, user.Id);
|
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, userId.Value);
|
||||||
if(!orgs.Any())
|
if(!orgs.Any())
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
@ -916,7 +921,7 @@ namespace Bit.Core.Services
|
|||||||
orgAbilities[o.Id].UsersGetPremium && orgAbilities[o.Id].Enabled);
|
orgAbilities[o.Id].UsersGetPremium && orgAbilities[o.Id].Enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<bool> TwoFactorIsEnabledAsync(User user)
|
public async Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user)
|
||||||
{
|
{
|
||||||
var providers = user.GetTwoFactorProviders();
|
var providers = user.GetTwoFactorProviders();
|
||||||
if(providers == null)
|
if(providers == null)
|
||||||
@ -941,7 +946,7 @@ namespace Bit.Core.Services
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user)
|
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user)
|
||||||
{
|
{
|
||||||
var providers = user.GetTwoFactorProviders();
|
var providers = user.GetTwoFactorProviders();
|
||||||
if(providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)
|
if(providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)
|
||||||
|
@ -6,6 +6,8 @@ SELECT
|
|||||||
OU.[OrganizationId],
|
OU.[OrganizationId],
|
||||||
U.[Name],
|
U.[Name],
|
||||||
ISNULL(U.[Email], OU.[Email]) Email,
|
ISNULL(U.[Email], OU.[Email]) Email,
|
||||||
|
U.[TwoFactorProviders],
|
||||||
|
U.[Premium],
|
||||||
OU.[Status],
|
OU.[Status],
|
||||||
OU.[Type],
|
OU.[Type],
|
||||||
OU.[AccessAll],
|
OU.[AccessAll],
|
||||||
|
@ -0,0 +1,25 @@
|
|||||||
|
IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'OrganizationUserUserDetailsView')
|
||||||
|
BEGIN
|
||||||
|
DROP VIEW [dbo].[OrganizationUserUserDetailsView]
|
||||||
|
END
|
||||||
|
GO
|
||||||
|
|
||||||
|
CREATE VIEW [dbo].[OrganizationUserUserDetailsView]
|
||||||
|
AS
|
||||||
|
SELECT
|
||||||
|
OU.[Id],
|
||||||
|
OU.[UserId],
|
||||||
|
OU.[OrganizationId],
|
||||||
|
U.[Name],
|
||||||
|
ISNULL(U.[Email], OU.[Email]) Email,
|
||||||
|
U.[TwoFactorProviders],
|
||||||
|
U.[Premium],
|
||||||
|
OU.[Status],
|
||||||
|
OU.[Type],
|
||||||
|
OU.[AccessAll],
|
||||||
|
OU.[ExternalId]
|
||||||
|
FROM
|
||||||
|
[dbo].[OrganizationUser] OU
|
||||||
|
LEFT JOIN
|
||||||
|
[dbo].[User] U ON U.[Id] = OU.[UserId]
|
||||||
|
GO
|
@ -15,6 +15,7 @@
|
|||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<None Remove="DbScripts\2018-09-25_00_OrgPurge.sql" />
|
<None Remove="DbScripts\2018-09-25_00_OrgPurge.sql" />
|
||||||
<None Remove="DbScripts\2018-10-17_00_ManagerRole.sql" />
|
<None Remove="DbScripts\2018-10-17_00_ManagerRole.sql" />
|
||||||
|
<None Remove="DbScripts\2018-12-19_00_OrgUserTwoFactorEnabled.sql" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
Loading…
Reference in New Issue
Block a user