mirror of
https://github.com/bitwarden/server.git
synced 2024-11-29 13:25:17 +01:00
Added some tests for single org policy validator.
This commit is contained in:
parent
f009db0f05
commit
595e4b9004
@ -95,7 +95,6 @@ public class SingleOrgPolicyValidator : IPolicyValidator
|
|||||||
var commandResult = await _revokeNonCompliantOrganizationUserCommand.RevokeNonCompliantOrganizationUsersAsync(
|
var commandResult = await _revokeNonCompliantOrganizationUserCommand.RevokeNonCompliantOrganizationUsersAsync(
|
||||||
new RevokeOrganizationUsers(organizationId, revocableUsers, new StandardUser(savingUserId ?? Guid.Empty, isOwner)));
|
new RevokeOrganizationUsers(organizationId, revocableUsers, new StandardUser(savingUserId ?? Guid.Empty, isOwner)));
|
||||||
|
|
||||||
// might need to throw if list of errors returned
|
|
||||||
if (commandResult.HasErrors)
|
if (commandResult.HasErrors)
|
||||||
{
|
{
|
||||||
throw new BadRequestException(string.Join(", ", commandResult.ErrorMessages));
|
throw new BadRequestException(string.Join(", ", commandResult.ErrorMessages));
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
using Bit.Core.AdminConsole.Entities;
|
using Bit.Core.AdminConsole.Entities;
|
||||||
using Bit.Core.AdminConsole.Enums;
|
using Bit.Core.AdminConsole.Enums;
|
||||||
|
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers;
|
||||||
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
|
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
|
||||||
|
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Requests;
|
||||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
|
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
|
||||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators;
|
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators;
|
||||||
using Bit.Core.Auth.Entities;
|
using Bit.Core.Auth.Entities;
|
||||||
@ -127,7 +129,70 @@ public class SingleOrgPolicyValidatorTests
|
|||||||
"user3@example.com");
|
"user3@example.com");
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO feature flag is enabled, we call the revoke command
|
[Theory, BitAutoData]
|
||||||
|
public async Task OnSaveSideEffectsAsync_GivenUpdatedSingleOrgPolicy_WhenAccountDeprovisioningIsDisabled_Then(
|
||||||
|
[PolicyUpdate(PolicyType.SingleOrg)] PolicyUpdate policyUpdate,
|
||||||
|
[Policy(PolicyType.SingleOrg, false)] Policy policy,
|
||||||
|
Guid savingUserId,
|
||||||
|
Guid nonCompliantUserId,
|
||||||
|
Organization organization, SutProvider<SingleOrgPolicyValidator> sutProvider)
|
||||||
|
{
|
||||||
|
policy.OrganizationId = organization.Id = policyUpdate.OrganizationId;
|
||||||
|
|
||||||
|
var compliantUser1 = new OrganizationUserUserDetails
|
||||||
|
{
|
||||||
|
OrganizationId = organization.Id,
|
||||||
|
Type = OrganizationUserType.User,
|
||||||
|
Status = OrganizationUserStatusType.Confirmed,
|
||||||
|
UserId = new Guid(),
|
||||||
|
Email = "user1@example.com"
|
||||||
|
};
|
||||||
|
|
||||||
|
var compliantUser2 = new OrganizationUserUserDetails
|
||||||
|
{
|
||||||
|
OrganizationId = organization.Id,
|
||||||
|
Type = OrganizationUserType.User,
|
||||||
|
Status = OrganizationUserStatusType.Confirmed,
|
||||||
|
UserId = new Guid(),
|
||||||
|
Email = "user2@example.com"
|
||||||
|
};
|
||||||
|
|
||||||
|
var nonCompliantUser = new OrganizationUserUserDetails
|
||||||
|
{
|
||||||
|
OrganizationId = organization.Id,
|
||||||
|
Type = OrganizationUserType.User,
|
||||||
|
Status = OrganizationUserStatusType.Confirmed,
|
||||||
|
UserId = nonCompliantUserId,
|
||||||
|
Email = "user3@example.com"
|
||||||
|
};
|
||||||
|
|
||||||
|
sutProvider.GetDependency<IOrganizationUserRepository>()
|
||||||
|
.GetManyDetailsByOrganizationAsync(policyUpdate.OrganizationId)
|
||||||
|
.Returns([compliantUser1, compliantUser2, nonCompliantUser]);
|
||||||
|
|
||||||
|
var otherOrganizationUser = new OrganizationUser
|
||||||
|
{
|
||||||
|
OrganizationId = new Guid(),
|
||||||
|
UserId = nonCompliantUserId,
|
||||||
|
Status = OrganizationUserStatusType.Confirmed
|
||||||
|
};
|
||||||
|
|
||||||
|
sutProvider.GetDependency<IOrganizationUserRepository>()
|
||||||
|
.GetManyByManyUsersAsync(Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(nonCompliantUserId)))
|
||||||
|
.Returns([otherOrganizationUser]);
|
||||||
|
|
||||||
|
sutProvider.GetDependency<ICurrentContext>().UserId.Returns(savingUserId);
|
||||||
|
sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(policyUpdate.OrganizationId)
|
||||||
|
.Returns(organization);
|
||||||
|
|
||||||
|
sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.AccountDeprovisioning).Returns(false);
|
||||||
|
|
||||||
|
await sutProvider.Sut.OnSaveSideEffectsAsync(policyUpdate, policy);
|
||||||
|
|
||||||
|
await sutProvider.GetDependency<IRevokeNonCompliantOrganizationUserCommand>()
|
||||||
|
.DidNotReceive()
|
||||||
|
.RevokeNonCompliantOrganizationUsersAsync(Arg.Any<RevokeOrganizationUsers>());
|
||||||
|
}
|
||||||
// TODO feature flag is enabled and revoke returns errors, we throw
|
// TODO feature flag is enabled and revoke returns errors, we throw
|
||||||
// TODO feature flag is enabled and revoke returns no errors, no throw
|
// TODO feature flag is enabled and revoke returns no errors, no throw
|
||||||
// TODO feature flag is disabled we don't call command
|
// TODO feature flag is disabled we don't call command
|
||||||
|
Loading…
Reference in New Issue
Block a user