From a5db233e5195d4b994a3b2e6dd6de7f272f2877f Mon Sep 17 00:00:00 2001
From: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Date: Tue, 27 Oct 2020 14:08:19 -0500
Subject: [PATCH] [Require SSO] Added service layer dependent policy check
 (#977)

* Added service layer dependent policy check

* Updated to SingleOrg
---
 .../Services/Implementations/PolicyService.cs  | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/Core/Services/Implementations/PolicyService.cs b/src/Core/Services/Implementations/PolicyService.cs
index 25e28239f2..bd9ee6c395 100644
--- a/src/Core/Services/Implementations/PolicyService.cs
+++ b/src/Core/Services/Implementations/PolicyService.cs
@@ -44,6 +44,24 @@ namespace Bit.Core.Services
             {
                 throw new BadRequestException("This organization cannot use policies.");
             }
+            
+            // Handle dependent policy checks
+            switch(policy.Type)
+            {
+               case PolicyType.RequireSso:
+                   if (policy.Enabled)
+                   {
+                       var singleOrg = await _policyRepository.GetByOrganizationIdTypeAsync(org.Id, PolicyType.SingleOrg);
+                       if (singleOrg?.Enabled != true)
+                       {
+                           throw new BadRequestException("Single Organization policy not enabled.");
+                       }
+                   }
+                   break;
+                   
+                default:
+                    break;
+            }
 
             var now = DateTime.UtcNow;
             if (policy.Id == default(Guid))