diff --git a/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs b/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs
index 931f63741..c56117ae7 100644
--- a/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs
@@ -18,7 +18,6 @@ public abstract class MemberBaseModel
Type = user.Type;
ExternalId = user.ExternalId;
- ResetPasswordEnrolled = user.ResetPasswordKey != null;
if (Type == OrganizationUserType.Custom)
{
@@ -35,7 +34,6 @@ public abstract class MemberBaseModel
Type = user.Type;
ExternalId = user.ExternalId;
- ResetPasswordEnrolled = user.ResetPasswordKey != null;
if (Type == OrganizationUserType.Custom)
{
@@ -55,11 +53,7 @@ public abstract class MemberBaseModel
/// external_id_123456
[StringLength(300)]
public string ExternalId { get; set; }
- ///
- /// Returns true if the member has enrolled in Password Reset assistance within the organization
- ///
- [Required]
- public bool ResetPasswordEnrolled { get; set; }
+
///
/// The member's custom permissions if the member has a Custom role. If not supplied, all custom permissions will
/// default to false.
diff --git a/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs b/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs
index 6f73532ad..ab6ecbca4 100644
--- a/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs
@@ -28,6 +28,7 @@ public class MemberResponseModel : MemberBaseModel, IResponseModel
Email = user.Email;
Status = user.Status;
Collections = collections?.Select(c => new AssociationWithPermissionsResponseModel(c));
+ ResetPasswordEnrolled = user.ResetPasswordKey != null;
}
public MemberResponseModel(OrganizationUserUserDetails user, bool twoFactorEnabled,
@@ -45,6 +46,7 @@ public class MemberResponseModel : MemberBaseModel, IResponseModel
TwoFactorEnabled = twoFactorEnabled;
Status = user.Status;
Collections = collections?.Select(c => new AssociationWithPermissionsResponseModel(c));
+ ResetPasswordEnrolled = user.ResetPasswordKey != null;
}
///
@@ -93,4 +95,10 @@ public class MemberResponseModel : MemberBaseModel, IResponseModel
/// The associated collections that this member can access.
///
public IEnumerable Collections { get; set; }
+
+ ///
+ /// Returns true if the member has enrolled in Password Reset assistance within the organization
+ ///
+ [Required]
+ public bool ResetPasswordEnrolled { get; }
}
diff --git a/test/Api.Test/AdminConsole/Public/Models/Response/MemberResponseModelTests.cs b/test/Api.Test/AdminConsole/Public/Models/Response/MemberResponseModelTests.cs
new file mode 100644
index 000000000..a9193258b
--- /dev/null
+++ b/test/Api.Test/AdminConsole/Public/Models/Response/MemberResponseModelTests.cs
@@ -0,0 +1,41 @@
+using Bit.Api.AdminConsole.Public.Models.Response;
+using Bit.Core.Entities;
+using Bit.Core.Models.Data;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Api.Test.AdminConsole.Public.Models.Response;
+
+
+public class MemberResponseModelTests
+{
+ [Fact]
+ public void ResetPasswordEnrolled_ShouldBeTrue_WhenUserHasResetPasswordKey()
+ {
+ // Arrange
+ var user = Substitute.For();
+ var collections = Substitute.For>();
+ user.ResetPasswordKey = "none-empty";
+
+
+ // Act
+ var sut = new MemberResponseModel(user, collections);
+
+ // Assert
+ Assert.True(sut.ResetPasswordEnrolled);
+ }
+
+ [Fact]
+ public void ResetPasswordEnrolled_ShouldBeFalse_WhenUserDoesNotHaveResetPasswordKey()
+ {
+ // Arrange
+ var user = Substitute.For();
+ var collections = Substitute.For>();
+
+ // Act
+ var sut = new MemberResponseModel(user, collections);
+
+ // Assert
+ Assert.False(sut.ResetPasswordEnrolled);
+ }
+}