From 792fb377dd1b8a7b15538708dbeaeb3a17192854 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 22 Jul 2021 22:18:34 +0200 Subject: [PATCH] [Provider] Prevent including pending organizations in SyncResponse (#1482) --- .../Models/Data/Provider/ProviderUserProviderDetails.cs | 1 + .../ProviderUserProviderDetailsReadByUserIdStatusQuery.cs | 3 ++- .../ProviderUserProviderDetails_ReadByUserIdStatus.sql | 1 + src/Sql/dbo/Views/ProviderUserProviderDetailsView.sql | 3 ++- ...021-07-20_00_Provider.sql => 2021-07-22_00_Provider.sql} | 6 ++++-- 5 files changed, 10 insertions(+), 4 deletions(-) rename util/Migrator/DbScripts/{2021-07-20_00_Provider.sql => 2021-07-22_00_Provider.sql} (99%) diff --git a/src/Core/Models/Data/Provider/ProviderUserProviderDetails.cs b/src/Core/Models/Data/Provider/ProviderUserProviderDetails.cs index 8dd964d9c..2c4dbfe5d 100644 --- a/src/Core/Models/Data/Provider/ProviderUserProviderDetails.cs +++ b/src/Core/Models/Data/Provider/ProviderUserProviderDetails.cs @@ -14,5 +14,6 @@ namespace Bit.Core.Models.Data public bool Enabled { get; set; } public string Permissions { get; set; } public bool UseEvents { get; set; } + public ProviderStatusType ProviderStatus { get; set; } } } diff --git a/src/Core/Repositories/EntityFramework/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs b/src/Core/Repositories/EntityFramework/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs index 803e578bb..9dd2f6bd6 100644 --- a/src/Core/Repositories/EntityFramework/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs +++ b/src/Core/Repositories/EntityFramework/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs @@ -21,7 +21,7 @@ namespace Bit.Core.Repositories.EntityFramework.Queries join p in dbContext.Providers on pu.ProviderId equals p.Id into p_g from p in p_g.DefaultIfEmpty() - where pu.UserId == _userId && (_status == null || pu.Status == _status) + where pu.UserId == _userId && p.Status != ProviderStatusType.Pending && (_status == null || pu.Status == _status) select new { pu, p }; return query.Select(x => new ProviderUserProviderDetails() { @@ -34,6 +34,7 @@ namespace Bit.Core.Repositories.EntityFramework.Queries Enabled = x.p.Enabled, Permissions = x.pu.Permissions, UseEvents = x.p.UseEvents, + ProviderStatus = x.p.Status, }); } } diff --git a/src/Sql/dbo/Stored Procedures/ProviderUserProviderDetails_ReadByUserIdStatus.sql b/src/Sql/dbo/Stored Procedures/ProviderUserProviderDetails_ReadByUserIdStatus.sql index 605445e93..59453e22a 100644 --- a/src/Sql/dbo/Stored Procedures/ProviderUserProviderDetails_ReadByUserIdStatus.sql +++ b/src/Sql/dbo/Stored Procedures/ProviderUserProviderDetails_ReadByUserIdStatus.sql @@ -11,5 +11,6 @@ BEGIN [dbo].[ProviderUserProviderDetailsView] WHERE [UserId] = @UserId + AND [ProviderStatus] != 0 -- Not Pending AND (@Status IS NULL OR [Status] = @Status) END diff --git a/src/Sql/dbo/Views/ProviderUserProviderDetailsView.sql b/src/Sql/dbo/Views/ProviderUserProviderDetailsView.sql index afc74f895..07c8e95a9 100644 --- a/src/Sql/dbo/Views/ProviderUserProviderDetailsView.sql +++ b/src/Sql/dbo/Views/ProviderUserProviderDetailsView.sql @@ -9,7 +9,8 @@ SELECT PU.[Type], P.[Enabled], PU.[Permissions], - P.[UseEvents] + P.[UseEvents], + P.[Status] ProviderStatus FROM [dbo].[ProviderUser] PU LEFT JOIN diff --git a/util/Migrator/DbScripts/2021-07-20_00_Provider.sql b/util/Migrator/DbScripts/2021-07-22_00_Provider.sql similarity index 99% rename from util/Migrator/DbScripts/2021-07-20_00_Provider.sql rename to util/Migrator/DbScripts/2021-07-22_00_Provider.sql index e8553c66f..4bdd8f06e 100644 --- a/util/Migrator/DbScripts/2021-07-20_00_Provider.sql +++ b/util/Migrator/DbScripts/2021-07-22_00_Provider.sql @@ -950,7 +950,8 @@ SELECT PU.[Type], P.[Enabled], PU.[Permissions], - P.[UseEvents] + P.[UseEvents], + P.[Status] ProviderStatus FROM [dbo].[ProviderUser] PU LEFT JOIN @@ -976,7 +977,8 @@ BEGIN [dbo].[ProviderUserProviderDetailsView] WHERE [UserId] = @UserId - AND (@Status IS NULL OR [Status] = @Status) + AND [ProviderStatus] != 0 -- Not Pending + AND (@Status IS NULL OR [Status] = @Status) END GO