1
0
mirror of https://github.com/bitwarden/server.git synced 2025-01-11 20:10:38 +01:00

return twofactor enabled property on org users api

This commit is contained in:
Kyle Spearrin 2018-12-19 11:48:36 -05:00
parent 866cfefd80
commit 4a38713c4b
10 changed files with 117 additions and 16 deletions

View File

@ -64,7 +64,9 @@ namespace Bit.Api.Controllers
}
var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId);
var responses = organizationUsers.Select(o => new OrganizationUserUserDetailsResponseModel(o));
var responseTasks = organizationUsers.Select(async o => new OrganizationUserUserDetailsResponseModel(o,
await _userService.TwoFactorIsEnabledAsync(o)));
var responses = await Task.WhenAll(responseTasks);
return new ListResponseModel<OrganizationUserUserDetailsResponseModel>(responses);
}
@ -175,7 +177,7 @@ namespace Bit.Api.Controllers
{
throw new BadRequestException("Only owners can update other owners.");
}
await _organizationService.UpdateUserGroupsAsync(organizationUser, model.GroupIds.Select(g => new Guid(g)));
}

View File

@ -61,7 +61,7 @@ namespace Bit.Core.Models.Api
public class OrganizationUserUserDetailsResponseModel : OrganizationUserResponseModel
{
public OrganizationUserUserDetailsResponseModel(OrganizationUserUserDetails organizationUser,
string obj = "organizationUserUserDetails")
bool twoFactorEnabled, string obj = "organizationUserUserDetails")
: base(organizationUser, obj)
{
if(organizationUser == null)
@ -71,9 +71,11 @@ namespace Bit.Core.Models.Api
Name = organizationUser.Name;
Email = organizationUser.Email;
TwoFactorEnabled = twoFactorEnabled;
}
public string Name { get; set; }
public string Email { get; set; }
public bool TwoFactorEnabled { get; set; }
}
}

View File

@ -1,17 +1,58 @@
using System;
using System.Collections.Generic;
using Bit.Core.Enums;
using Newtonsoft.Json;
namespace Bit.Core.Models.Data
{
public class OrganizationUserUserDetails : IExternal
public class OrganizationUserUserDetails : IExternal, ITwoFactorProvidersUser
{
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
public Guid Id { get; set; }
public Guid OrganizationId { get; set; }
public Guid? UserId { get; set; }
public string Name { get; set; }
public string Email { get; set; }
public Enums.OrganizationUserStatusType Status { get; set; }
public Enums.OrganizationUserType Type { get; set; }
public string TwoFactorProviders { get; set; }
public bool? Premium { get; set; }
public OrganizationUserStatusType Status { get; set; }
public OrganizationUserType Type { get; set; }
public bool AccessAll { get; set; }
public string ExternalId { get; set; }
public Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders()
{
if(string.IsNullOrWhiteSpace(TwoFactorProviders))
{
return null;
}
try
{
if(_twoFactorProviders == null)
{
_twoFactorProviders =
JsonConvert.DeserializeObject<Dictionary<TwoFactorProviderType, TwoFactorProvider>>(
TwoFactorProviders);
}
return _twoFactorProviders;
}
catch(JsonSerializationException)
{
return null;
}
}
public Guid? GetUserId()
{
return UserId;
}
public bool GetPremium()
{
return Premium.GetValueOrDefault(false);
}
}
}

View File

@ -0,0 +1,14 @@
using System;
using System.Collections.Generic;
using Bit.Core.Enums;
namespace Bit.Core.Models
{
public interface ITwoFactorProvidersUser
{
string TwoFactorProviders { get; }
Dictionary<TwoFactorProviderType, TwoFactorProvider> GetTwoFactorProviders();
Guid? GetUserId();
bool GetPremium();
}
}

View File

@ -6,11 +6,10 @@ using Newtonsoft.Json;
using Bit.Core.Services;
using Bit.Core.Exceptions;
using Microsoft.AspNetCore.Identity;
using System.Threading.Tasks;
namespace Bit.Core.Models.Table
{
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable
public class User : ITableObject<Guid>, ISubscriber, IStorable, IStorableSubscriber, IRevisable, ITwoFactorProvidersUser
{
private Dictionary<TwoFactorProviderType, TwoFactorProvider> _twoFactorProviders;
@ -83,6 +82,16 @@ namespace Bit.Core.Models.Table
}
}
public Guid? GetUserId()
{
return Id;
}
public bool GetPremium()
{
return Premium;
}
public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
{
TwoFactorProviders = JsonConvert.SerializeObject(providers, new JsonSerializerSettings

View File

@ -54,8 +54,8 @@ namespace Bit.Core.Services
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null);
Task<bool> CheckPasswordAsync(User user, string password);
Task<bool> CanAccessPremium(User user);
Task<bool> TwoFactorIsEnabledAsync(User user);
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user);
Task<bool> CanAccessPremium(ITwoFactorProvidersUser user);
Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user);
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user);
}
}

View File

@ -900,13 +900,18 @@ namespace Bit.Core.Services
return success;
}
public async Task<bool> CanAccessPremium(User user)
public async Task<bool> CanAccessPremium(ITwoFactorProvidersUser user)
{
if(user.Premium)
var userId = user.GetUserId();
if(!userId.HasValue)
{
return false;
}
if(user.GetPremium())
{
return true;
}
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, user.Id);
var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, userId.Value);
if(!orgs.Any())
{
return false;
@ -916,7 +921,7 @@ namespace Bit.Core.Services
orgAbilities[o.Id].UsersGetPremium && orgAbilities[o.Id].Enabled);
}
public async Task<bool> TwoFactorIsEnabledAsync(User user)
public async Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user)
{
var providers = user.GetTwoFactorProviders();
if(providers == null)
@ -941,7 +946,7 @@ namespace Bit.Core.Services
return false;
}
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, User user)
public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user)
{
var providers = user.GetTwoFactorProviders();
if(providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)

View File

@ -6,6 +6,8 @@ SELECT
OU.[OrganizationId],
U.[Name],
ISNULL(U.[Email], OU.[Email]) Email,
U.[TwoFactorProviders],
U.[Premium],
OU.[Status],
OU.[Type],
OU.[AccessAll],

View File

@ -0,0 +1,25 @@
IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'OrganizationUserUserDetailsView')
BEGIN
DROP VIEW [dbo].[OrganizationUserUserDetailsView]
END
GO
CREATE VIEW [dbo].[OrganizationUserUserDetailsView]
AS
SELECT
OU.[Id],
OU.[UserId],
OU.[OrganizationId],
U.[Name],
ISNULL(U.[Email], OU.[Email]) Email,
U.[TwoFactorProviders],
U.[Premium],
OU.[Status],
OU.[Type],
OU.[AccessAll],
OU.[ExternalId]
FROM
[dbo].[OrganizationUser] OU
LEFT JOIN
[dbo].[User] U ON U.[Id] = OU.[UserId]
GO

View File

@ -15,6 +15,7 @@
<ItemGroup>
<None Remove="DbScripts\2018-09-25_00_OrgPurge.sql" />
<None Remove="DbScripts\2018-10-17_00_ManagerRole.sql" />
<None Remove="DbScripts\2018-12-19_00_OrgUserTwoFactorEnabled.sql" />
</ItemGroup>
<ItemGroup>