[PM-13730] Return Policy object instead of NotFoundException (#4911)

* Return Policy object instead of NotFoundException * Add unit tests, change orgId type to Guid * Fix test cases, throw exception when manage not allowed
2024-11-21 12:05:42 +01:00 · 2024-10-28 12:33:22 -04:00 · 2024-10-28 12:33:22 -04:00 · 7f4bde1b6c
commit 7f4bde1b6c
parent c126fee296
2 changed files with 74 additions and 5 deletions
--- a/src/Api/AdminConsole/Controllers/PoliciesController.cs
+++ b/src/Api/AdminConsole/Controllers/PoliciesController.cs
@ -16,6 +16,7 @@ using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.Mvc;
+using AdminConsoleEntities = Bit.Core.AdminConsole.Entities;

 namespace Bit.Api.AdminConsole.Controllers;

@ -55,17 +56,16 @@ public class PoliciesController : Controller
    }

    [HttpGet("{type}")]
-    public async Task<PolicyResponseModel> Get(string orgId, int type)
+    public async Task<PolicyResponseModel> Get(Guid orgId, int type)
    {
-        var orgIdGuid = new Guid(orgId);
-        if (!await _currentContext.ManagePolicies(orgIdGuid))
+        if (!await _currentContext.ManagePolicies(orgId))
        {
            throw new NotFoundException();
        }
-        var policy = await _policyRepository.GetByOrganizationIdTypeAsync(orgIdGuid, (PolicyType)type);
+        var policy = await _policyRepository.GetByOrganizationIdTypeAsync(orgId, (PolicyType)type);
        if (policy == null)
        {
-            throw new NotFoundException();
+            return new PolicyResponseModel(new AdminConsoleEntities.Policy() { Type = (PolicyType)type, Enabled = false });
        }

        return new PolicyResponseModel(policy);
--- a/test/Api.Test/Controllers/PoliciesControllerTests.cs
+++ b/test/Api.Test/Controllers/PoliciesControllerTests.cs
@ -3,8 +3,10 @@ using System.Text.Json;
 using Bit.Api.AdminConsole.Controllers;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Api.Response;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
 using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
@ -132,4 +134,71 @@ public class PoliciesControllerTests
        // Act & Assert
        await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.GetMasterPasswordPolicy(orgId));
    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task Get_WhenUserCanManagePolicies_WithExistingType_ReturnsExistingPolicy(
+        SutProvider<PoliciesController> sutProvider, Guid orgId, Policy policy, int type)
+    {
+        // Arrange
+        sutProvider.GetDependency<ICurrentContext>()
+        .ManagePolicies(orgId)
+        .Returns(true);
+
+        policy.Type = (PolicyType)type;
+        policy.Enabled = true;
+        policy.Data = null;
+
+        sutProvider.GetDependency<IPolicyRepository>()
+        .GetByOrganizationIdTypeAsync(orgId, (PolicyType)type)
+        .Returns(policy);
+
+        // Act
+        var result = await sutProvider.Sut.Get(orgId, type);
+
+        // Assert
+        Assert.IsType<PolicyResponseModel>(result);
+        Assert.Equal(policy.Id, result.Id);
+        Assert.Equal(policy.Type, result.Type);
+        Assert.Equal(policy.Enabled, result.Enabled);
+        Assert.Equal(policy.OrganizationId, result.OrganizationId);
+    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task Get_WhenUserCanManagePolicies_WithNonExistingType_ReturnsDefaultPolicy(
+        SutProvider<PoliciesController> sutProvider, Guid orgId, int type)
+    {
+        // Arrange
+        sutProvider.GetDependency<ICurrentContext>()
+        .ManagePolicies(orgId)
+        .Returns(true);
+
+        sutProvider.GetDependency<IPolicyRepository>()
+        .GetByOrganizationIdTypeAsync(orgId, (PolicyType)type)
+        .Returns((Policy)null);
+
+        // Act
+        var result = await sutProvider.Sut.Get(orgId, type);
+
+        // Assert
+        Assert.IsType<PolicyResponseModel>(result);
+        Assert.Equal(result.Type, (PolicyType)type);
+        Assert.False(result.Enabled);
+    }
+
+    [Theory]
+    [BitAutoData]
+    public async Task Get_WhenUserCannotManagePolicies_ThrowsNotFoundException(
+        SutProvider<PoliciesController> sutProvider, Guid orgId, int type)
+    {
+        // Arrange
+        sutProvider.GetDependency<ICurrentContext>()
+        .ManagePolicies(orgId)
+        .Returns(false);
+
+        // Act & Assert
+        await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.Get(orgId, type));
+    }
+
 }