Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Code Issues Projects Releases Wiki Activity

[SM-787] Extract authorization from project delete command (#2987)

Browse Source 
* Extract authorization from project delete command

* Support service account write access

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
This commit is contained in:
Thomas Avery 2023-07-11 15:15:18 -05:00 committed by GitHub
parent 4dea376aa3
commit b629c31de9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 269 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
bitwarden_license/src/Commercial.Core/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandler.cs
View File

@ -39,6 +39,9 @@ public class ProjectAuthorizationHandler : AuthorizationHandler<ProjectOperation
case not null when requirement == ProjectOperations.Update: case not null when requirement == ProjectOperations.Update:
await CanUpdateProjectAsync(context, requirement, resource); await CanUpdateProjectAsync(context, requirement, resource);
break; break;
case not null when requirement == ProjectOperations.Delete:
await CanDeleteProjectAsync(context, requirement, resource);
break;
default: default:
throw new ArgumentException("Unsupported operation requirement type provided.", nameof(requirement)); throw new ArgumentException("Unsupported operation requirement type provided.", nameof(requirement));
} }
@ -75,4 +78,18 @@ public class ProjectAuthorizationHandler : AuthorizationHandler<ProjectOperation
context.Succeed(requirement); context.Succeed(requirement);
} }
} }
private async Task CanDeleteProjectAsync(AuthorizationHandlerContext context,
ProjectOperationRequirement requirement, Project resource)
{
var (accessClient, userId) =
await _accessClientQuery.GetAccessClientAsync(context.User, resource.OrganizationId);
var access = await _projectRepository.AccessToProjectAsync(resource.Id, userId, accessClient);
if (access.Write)
{
context.Succeed(requirement);
}
}
} }

71
bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/DeleteProjectCommand.cs
View File

@ -1,7 +1,4 @@
using Bit.Core.Context; using Bit.Core.SecretsManager.Commands.Projects.Interfaces;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.SecretsManager.Commands.Projects.Interfaces;
using Bit.Core.SecretsManager.Entities; using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories; using Bit.Core.SecretsManager.Repositories;
@ -10,74 +7,14 @@ namespace Bit.Commercial.Core.SecretsManager.Commands.Projects;
public class DeleteProjectCommand : IDeleteProjectCommand public class DeleteProjectCommand : IDeleteProjectCommand
{ {
private readonly IProjectRepository _projectRepository; private readonly IProjectRepository _projectRepository;
private readonly ICurrentContext _currentContext;
private readonly ISecretRepository _secretRepository;
public DeleteProjectCommand(IProjectRepository projectRepository, ICurrentContext currentContext, ISecretRepository secretRepository) public DeleteProjectCommand(IProjectRepository projectRepository)
{ {
_projectRepository = projectRepository; _projectRepository = projectRepository;
_currentContext = currentContext;
_secretRepository = secretRepository;
} }
public async Task<List<Tuple<Project, string>>> DeleteProjects(List<Guid> ids, Guid userId) public async Task DeleteProjects(IEnumerable<Project> projects)
{ {
if (ids.Any() != true || userId == new Guid()) await _projectRepository.DeleteManyByIdAsync(projects.Select(p => p.Id));
{
throw new ArgumentNullException();
}
var projects = (await _projectRepository.GetManyWithSecretsByIds(ids))?.ToList();
if (projects?.Any() != true || projects.Count != ids.Count)
{
throw new NotFoundException();
}
// Ensure all projects belongs to the same organization
var organizationId = projects.First().OrganizationId;
if (projects.Any(p => p.OrganizationId != organizationId))
{
throw new BadRequestException();
}
if (!_currentContext.AccessSecretsManager(organizationId))
{
throw new NotFoundException();
}
var orgAdmin = await _currentContext.OrganizationAdmin(organizationId);
var accessClient = AccessClientHelper.ToAccessClient(_currentContext.ClientType, orgAdmin);
var results = new List<Tuple<Project, string>>(projects.Count);
var deleteIds = new List<Guid>();
foreach (var project in projects)
{
var access = await _projectRepository.AccessToProjectAsync(project.Id, userId, accessClient);
if (!access.Write)
{
results.Add(new Tuple<Project, string>(project, "access denied"));
}
else
{
results.Add(new Tuple<Project, string>(project, ""));
deleteIds.Add(project.Id);
}
}
if (deleteIds.Count > 0)
{
var secretIds = results.SelectMany(projTuple => projTuple.Item1?.Secrets?.Select(s => s.Id) ?? Array.Empty<Guid>()).ToList();
if (secretIds.Count > 0)
{
await _secretRepository.UpdateRevisionDates(secretIds);
}
await _projectRepository.DeleteManyByIdAsync(deleteIds);
}
return results;
} }
} }

23
bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs
View File

@ -60,16 +60,23 @@ public class ProjectRepository : Repository<Core.SecretsManager.Entities.Project
public async Task DeleteManyByIdAsync(IEnumerable<Guid> ids) public async Task DeleteManyByIdAsync(IEnumerable<Guid> ids)
{ {
using (var scope = ServiceScopeFactory.CreateScope()) using var scope = ServiceScopeFactory.CreateScope();
var utcNow = DateTime.UtcNow;
var dbContext = GetDatabaseContext(scope);
var projects = dbContext.Project
.Where(c => ids.Contains(c.Id))
.Include(p => p.Secrets);
await projects.ForEachAsync(project =>
{ {
var dbContext = GetDatabaseContext(scope); foreach (var projectSecret in project.Secrets)
var projects = dbContext.Project.Where(c => ids.Contains(c.Id));
await projects.ForEachAsync(project =>
{ {
dbContext.Remove(project); projectSecret.RevisionDate = utcNow;
}); }
await dbContext.SaveChangesAsync();
} dbContext.Remove(project);
});
await dbContext.SaveChangesAsync();
} }
public async Task<IEnumerable<Core.SecretsManager.Entities.Project>> GetManyWithSecretsByIds(IEnumerable<Guid> ids) public async Task<IEnumerable<Core.SecretsManager.Entities.Project>> GetManyWithSecretsByIds(IEnumerable<Guid> ids)

110
bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandlerTests.cs
View File

@ -191,7 +191,7 @@ public class ProjectAuthorizationHandlerTests
sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(project.OrganizationId).Returns(false); sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(project.OrganizationId).Returns(false);
sutProvider.GetDependency<IAccessClientQuery>().GetAccessClientAsync(default, project.OrganizationId) sutProvider.GetDependency<IAccessClientQuery>().GetAccessClientAsync(default, project.OrganizationId)
.ReturnsForAnyArgs( .ReturnsForAnyArgs(
(AccessClientType.ServiceAccount, new Guid())); (AccessClientType.Organization, new Guid()));
var requirement = ProjectOperations.Update; var requirement = ProjectOperations.Update;
var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
claimsPrincipal, project); claimsPrincipal, project);
@ -202,19 +202,43 @@ public class ProjectAuthorizationHandlerTests
} }
[Theory] [Theory]
[BitAutoData(PermissionType.RunAsUserWithPermission, true, false)] [BitAutoData(PermissionType.RunAsAdmin, true, true, true)]
[BitAutoData(PermissionType.RunAsUserWithPermission, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false, false)]
public async Task CanUpdateProject_ShouldNotSucceed(PermissionType permissionType, bool read, bool write, [BitAutoData(PermissionType.RunAsUserWithPermission, true, true, true)]
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project, ClaimsPrincipal claimsPrincipal, [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true)]
public async Task CanUpdateProject_AccessCheck(PermissionType permissionType, bool read, bool write,
bool expected,
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project,
ClaimsPrincipal claimsPrincipal,
Guid userId) Guid userId)
{ {
var requirement = ProjectOperations.Update;
SetupPermission(sutProvider, permissionType, project.OrganizationId, userId); SetupPermission(sutProvider, permissionType, project.OrganizationId, userId);
sutProvider.GetDependency<IProjectRepository>() sutProvider.GetDependency<IProjectRepository>()
.AccessToProjectAsync(project.Id, userId, Arg.Any<AccessClientType>()) .AccessToProjectAsync(project.Id, userId, Arg.Any<AccessClientType>())
.Returns((read, write)); .Returns((read, write));
var requirement = ProjectOperations.Update; var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
claimsPrincipal, project);
await sutProvider.Sut.HandleAsync(authzContext);
Assert.Equal(expected, authzContext.HasSucceeded);
}
[Theory]
[BitAutoData]
public async Task CanDeleteProject_AccessToSecretsManagerFalse_DoesNotSucceed(
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project,
ClaimsPrincipal claimsPrincipal)
{
var requirement = ProjectOperations.Delete;
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(project.OrganizationId)
.Returns(false);
var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
claimsPrincipal, project); claimsPrincipal, project);
@ -224,26 +248,68 @@ public class ProjectAuthorizationHandlerTests
} }
[Theory] [Theory]
[BitAutoData(PermissionType.RunAsAdmin, true, true)] [BitAutoData]
[BitAutoData(PermissionType.RunAsAdmin, false, true)] public async Task CanDeleteProject_NullResource_DoesNotSucceed(
[BitAutoData(PermissionType.RunAsUserWithPermission, true, true)] SutProvider<ProjectAuthorizationHandler> sutProvider, Project project,
[BitAutoData(PermissionType.RunAsUserWithPermission, false, true)] ClaimsPrincipal claimsPrincipal,
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true)]
public async Task CanUpdateProject_Success(PermissionType permissionType, bool read, bool write,
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project, ClaimsPrincipal claimsPrincipal,
Guid userId) Guid userId)
{ {
SetupPermission(sutProvider, permissionType, project.OrganizationId, userId); var requirement = ProjectOperations.Delete;
sutProvider.GetDependency<IProjectRepository>() SetupPermission(sutProvider, PermissionType.RunAsAdmin, project.OrganizationId, userId);
.AccessToProjectAsync(project.Id, userId, Arg.Any<AccessClientType>()) var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
.Returns((read, write)); claimsPrincipal, null);
var requirement = ProjectOperations.Update;
await sutProvider.Sut.HandleAsync(authzContext);
Assert.False(authzContext.HasSucceeded);
}
[Theory]
[BitAutoData]
public async Task CanDeleteProject_NotSupportedClientType_DoesNotSucceed(
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project, ClaimsPrincipal claimsPrincipal)
{
var requirement = ProjectOperations.Delete;
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(project.OrganizationId)
.Returns(true);
sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(project.OrganizationId).Returns(false);
sutProvider.GetDependency<IAccessClientQuery>().GetAccessClientAsync(default, project.OrganizationId)
.ReturnsForAnyArgs(
(AccessClientType.Organization, new Guid()));
var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement }, var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
claimsPrincipal, project); claimsPrincipal, project);
await sutProvider.Sut.HandleAsync(authzContext); await sutProvider.Sut.HandleAsync(authzContext);
Assert.True(authzContext.HasSucceeded); Assert.False(authzContext.HasSucceeded);
}
[Theory]
[BitAutoData(PermissionType.RunAsAdmin, true, true, true)]
[BitAutoData(PermissionType.RunAsUserWithPermission, false, false, false)]
[BitAutoData(PermissionType.RunAsUserWithPermission, false, true, true)]
[BitAutoData(PermissionType.RunAsUserWithPermission, true, false, false)]
[BitAutoData(PermissionType.RunAsUserWithPermission, true, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true)]
public async Task CanDeleteProject_AccessCheck(PermissionType permissionType, bool read, bool write,
bool expected,
SutProvider<ProjectAuthorizationHandler> sutProvider, Project project,
ClaimsPrincipal claimsPrincipal,
Guid userId)
{
var requirement = ProjectOperations.Delete;
SetupPermission(sutProvider, permissionType, project.OrganizationId, userId);
sutProvider.GetDependency<IProjectRepository>()
.AccessToProjectAsync(project.Id, userId, Arg.Any<AccessClientType>())
.Returns((read, write));
var authzContext = new AuthorizationHandlerContext(new List<IAuthorizationRequirement> { requirement },
claimsPrincipal, project);
await sutProvider.Sut.HandleAsync(authzContext);
Assert.Equal(expected, authzContext.HasSucceeded);
} }
} }

2
bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Secrets/SecretAuthorizationHandlerTests.cs
View File

@ -436,7 +436,7 @@ public class SecretAuthorizationHandlerTests
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true)] [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false)] [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false)]
[BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true)] [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true)]
public async Task CanDeleteProject_AccessCheck(PermissionType permissionType, bool read, bool write, public async Task CanDeleteSecret_AccessCheck(PermissionType permissionType, bool read, bool write,
bool expected, bool expected,
SutProvider<SecretAuthorizationHandler> sutProvider, Secret secret, SutProvider<SecretAuthorizationHandler> sutProvider, Secret secret,
ClaimsPrincipal claimsPrincipal, ClaimsPrincipal claimsPrincipal,

103
bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Projects/DeleteProjectCommandTests.cs
View File

@ -1,114 +1,27 @@
using Bit.Commercial.Core.SecretsManager.Commands.Projects; using Bit.Commercial.Core.SecretsManager.Commands.Projects;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Identity;
using Bit.Core.SecretsManager.Entities; using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories; using Bit.Core.SecretsManager.Repositories;
using Bit.Core.Test.SecretsManager.AutoFixture.ProjectsFixture;
using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes; using Bit.Test.Common.AutoFixture.Attributes;
using Bit.Test.Common.Helpers;
using NSubstitute; using NSubstitute;
using Xunit; using Xunit;
namespace Bit.Commercial.Core.Test.SecretsManager.Commands.Projects; namespace Bit.Commercial.Core.Test.SecretsManager.Commands.Projects;
[SutProviderCustomize] [SutProviderCustomize]
[ProjectCustomize]
public class DeleteProjectCommandTests public class DeleteProjectCommandTests
{ {
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async Task DeleteProjects_Throws_NotFoundException(List<Guid> data, Guid userId, public async Task DeleteProjects_Success(List<Project> data,
SutProvider<DeleteProjectCommand> sutProvider) SutProvider<DeleteProjectCommand> sutProvider)
{ {
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(data).Returns(new List<Project>()); await sutProvider.Sut.DeleteProjects(data);
await sutProvider.GetDependency<IProjectRepository>()
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.DeleteProjects(data, userId)); .Received(1)
.DeleteManyByIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(data.Select(d => d.Id))));
await sutProvider.GetDependency<IProjectRepository>().DidNotReceiveWithAnyArgs().DeleteManyByIdAsync(default);
}
[Theory]
[BitAutoData]
public async Task Delete_OneIdNotFound_Throws_NotFoundException(List<Guid> data, Guid userId,
SutProvider<DeleteProjectCommand> sutProvider)
{
var project = new Project()
{
Id = Guid.NewGuid()
};
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(data).Returns(new List<Project>() { project });
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.DeleteProjects(data, userId));
await sutProvider.GetDependency<IProjectRepository>().DidNotReceiveWithAnyArgs().DeleteManyByIdAsync(default);
}
[Theory]
[BitAutoData]
public async Task DeleteSecrets_User_Success(List<Guid> data, Guid userId, Guid organizationId,
SutProvider<DeleteProjectCommand> sutProvider)
{
var projects = data.Select(id => new Project { Id = id, OrganizationId = organizationId }).ToList();
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(organizationId).Returns(true);
sutProvider.GetDependency<ICurrentContext>().ClientType = ClientType.User;
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(data).Returns(projects);
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), userId, AccessClientType.User)
.Returns((true, true));
var results = await sutProvider.Sut.DeleteProjects(data, userId);
foreach (var result in results)
{
Assert.Equal("", result.Item2);
}
await sutProvider.GetDependency<IProjectRepository>().Received(1).DeleteManyByIdAsync(Arg.Is<List<Guid>>(d => d.SequenceEqual(data)));
}
[Theory]
[BitAutoData]
public async Task Delete_User_No_Permission(List<Guid> data, Guid userId, Guid organizationId,
SutProvider<DeleteProjectCommand> sutProvider)
{
var projects = data.Select(id => new Project { Id = id, OrganizationId = organizationId }).ToList();
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(organizationId).Returns(true);
sutProvider.GetDependency<ICurrentContext>().ClientType = ClientType.User;
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(data).Returns(projects);
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), userId, AccessClientType.User)
.Returns((false, false));
var results = await sutProvider.Sut.DeleteProjects(data, userId);
foreach (var result in results)
{
Assert.Equal("access denied", result.Item2);
}
await sutProvider.GetDependency<IProjectRepository>().DidNotReceiveWithAnyArgs().DeleteManyByIdAsync(default);
}
[Theory]
[BitAutoData]
public async Task Delete_OrganizationAdmin_Success(List<Guid> data, Guid userId, Guid organizationId,
SutProvider<DeleteProjectCommand> sutProvider)
{
var projects = data.Select(id => new Project { Id = id, OrganizationId = organizationId }).ToList();
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(organizationId).Returns(true);
sutProvider.GetDependency<ICurrentContext>().OrganizationAdmin(organizationId).Returns(true);
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(data).Returns(projects);
sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), userId, AccessClientType.NoAccessCheck)
.Returns((true, true));
var results = await sutProvider.Sut.DeleteProjects(data, userId);
await sutProvider.GetDependency<IProjectRepository>().Received(1).DeleteManyByIdAsync(Arg.Is<List<Guid>>(d => d.SequenceEqual(data)));
foreach (var result in results)
{
Assert.Equal("", result.Item2);
}
} }
} }

2
bitwarden_license/test/Commercial.Core.Test/SecretsManager/Enums/PermissionType.cs
View File

@ -4,5 +4,5 @@ public enum PermissionType
{ {
RunAsAdmin, RunAsAdmin,
RunAsUserWithPermission, RunAsUserWithPermission,
RunAsServiceAccountWithPermission RunAsServiceAccountWithPermission,
} }

42
src/Api/SecretsManager/Controllers/ProjectsController.cs
View File

@ -6,6 +6,7 @@ using Bit.Core.Enums;
using Bit.Core.Exceptions; using Bit.Core.Exceptions;
using Bit.Core.SecretsManager.AuthorizationRequirements; using Bit.Core.SecretsManager.AuthorizationRequirements;
using Bit.Core.SecretsManager.Commands.Projects.Interfaces; using Bit.Core.SecretsManager.Commands.Projects.Interfaces;
using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories; using Bit.Core.SecretsManager.Repositories;
using Bit.Core.Services; using Bit.Core.Services;
using Bit.Core.Utilities; using Bit.Core.Utilities;
@ -127,11 +128,44 @@ public class ProjectsController : Controller
} }
[HttpPost("projects/delete")] [HttpPost("projects/delete")]
public async Task<ListResponseModel<BulkDeleteResponseModel>> BulkDeleteAsync([FromBody] List<Guid> ids) public async Task<ListResponseModel<BulkDeleteResponseModel>> BulkDeleteAsync(
[FromBody] List<Guid> ids)
{ {
var userId = _userService.GetProperUserId(User).Value; var projects = (await _projectRepository.GetManyWithSecretsByIds(ids)).ToList();
var results = await _deleteProjectCommand.DeleteProjects(ids, userId); if (!projects.Any() || projects.Count != ids.Count)
var responses = results.Select(r => new BulkDeleteResponseModel(r.Item1.Id, r.Item2)); {
throw new NotFoundException();
}
// Ensure all projects belongs to the same organization
var organizationId = projects.First().OrganizationId;
if (projects.Any(p => p.OrganizationId != organizationId) ||
!_currentContext.AccessSecretsManager(organizationId))
{
throw new NotFoundException();
}
var projectsToDelete = new List<Project>();
var results = new List<(Project Project, string Error)>();
foreach (var project in projects)
{
var authorizationResult =
await _authorizationService.AuthorizeAsync(User, project, ProjectOperations.Delete);
if (authorizationResult.Succeeded)
{
projectsToDelete.Add(project);
results.Add((project, ""));
}
else
{
results.Add((project, "access denied"));
}
}
await _deleteProjectCommand.DeleteProjects(projectsToDelete);
var responses = results.Select(r => new BulkDeleteResponseModel(r.Project.Id, r.Error));
return new ListResponseModel<BulkDeleteResponseModel>(responses); return new ListResponseModel<BulkDeleteResponseModel>(responses);
} }
} }

1
src/Core/SecretsManager/AuthorizationRequirements/ProjectOperationRequirement.cs
View File

@ -10,4 +10,5 @@ public static class ProjectOperations
{ {
public static readonly ProjectOperationRequirement Create = new() { Name = nameof(Create) }; public static readonly ProjectOperationRequirement Create = new() { Name = nameof(Create) };
public static readonly ProjectOperationRequirement Update = new() { Name = nameof(Update) }; public static readonly ProjectOperationRequirement Update = new() { Name = nameof(Update) };
public static readonly ProjectOperationRequirement Delete = new() { Name = nameof(Delete) };
} }

2
src/Core/SecretsManager/Commands/Projects/Interfaces/IDeleteProjectCommand.cs
View File

@ -4,6 +4,6 @@ namespace Bit.Core.SecretsManager.Commands.Projects.Interfaces;
public interface IDeleteProjectCommand public interface IDeleteProjectCommand
{ {
Task<List<Tuple<Project, string>>> DeleteProjects(List<Guid> ids, Guid userId); Task DeleteProjects(IEnumerable<Project> projects);
} }

109
test/Api.Test/SecretsManager/Controllers/ProjectsControllerTests.cs
View File

@ -248,26 +248,107 @@ public class ProjectsControllerTests
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async void BulkDeleteProjects_Success(SutProvider<ProjectsController> sutProvider, List<Project> data) public async void BulkDeleteProjects_NoProjectsFound_ThrowsNotFound(
SutProvider<ProjectsController> sutProvider, List<Project> data)
{ {
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid());
var ids = data.Select(project => project.Id).ToList(); var ids = data.Select(project => project.Id).ToList();
var mockResult = data.Select(project => new Tuple<Project, string>(project, "")).ToList(); sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(new List<Project>());
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.BulkDeleteAsync(ids));
sutProvider.GetDependency<IDeleteProjectCommand>().DeleteProjects(ids, default).ReturnsForAnyArgs(mockResult);
var results = await sutProvider.Sut.BulkDeleteAsync(ids);
await sutProvider.GetDependency<IDeleteProjectCommand>().Received(1)
.DeleteProjects(Arg.Is(ids), Arg.Any<Guid>());
Assert.Equal(data.Count, results.Data.Count());
} }
[Theory] [Theory]
[BitAutoData] [BitAutoData]
public async void BulkDeleteProjects_NoGuids_ThrowsArgumentNullException( public async void BulkDeleteProjects_ProjectsFoundMisMatch_ThrowsNotFound(
SutProvider<ProjectsController> sutProvider) SutProvider<ProjectsController> sutProvider, List<Project> data, Project mockProject)
{ {
sutProvider.GetDependency<IUserService>().GetProperUserId(default).ReturnsForAnyArgs(Guid.NewGuid()); data.Add(mockProject);
await Assert.ThrowsAsync<ArgumentNullException>(() => sutProvider.Sut.BulkDeleteAsync(new List<Guid>())); var ids = data.Select(project => project.Id).ToList();
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(new List<Project> { mockProject });
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.BulkDeleteAsync(ids));
}
[Theory]
[BitAutoData]
public async void BulkDeleteProjects_OrganizationMistMatch_ThrowsNotFound(
SutProvider<ProjectsController> sutProvider, List<Project> data)
{
var ids = data.Select(project => project.Id).ToList();
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(data);
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.BulkDeleteAsync(ids));
}
[Theory]
[BitAutoData]
public async void BulkDeleteProjects_NoAccessToSecretsManager_ThrowsNotFound(
SutProvider<ProjectsController> sutProvider, List<Project> data)
{
var ids = data.Select(project => project.Id).ToList();
var organizationId = data.First().OrganizationId;
foreach (var project in data)
{
project.OrganizationId = organizationId;
}
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(false);
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(data);
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.BulkDeleteAsync(ids));
}
[Theory]
[BitAutoData]
public async void BulkDeleteProjects_ReturnsAccessDeniedForProjectsWithoutAccess_Success(
SutProvider<ProjectsController> sutProvider, List<Project> data)
{
var ids = data.Select(project => project.Id).ToList();
var organizationId = data.First().OrganizationId;
foreach (var project in data)
{
project.OrganizationId = organizationId;
sutProvider.GetDependency<IAuthorizationService>()
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), project,
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Success());
}
sutProvider.GetDependency<IAuthorizationService>()
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), data.First(),
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).Returns(AuthorizationResult.Failed());
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(true);
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(data);
var results = await sutProvider.Sut.BulkDeleteAsync(ids);
Assert.Equal(data.Count, results.Data.Count());
Assert.Equal("access denied", results.Data.First().Error);
data.Remove(data.First());
await sutProvider.GetDependency<IDeleteProjectCommand>().Received(1)
.DeleteProjects(Arg.Is(AssertHelper.AssertPropertyEqual(data)));
}
[Theory]
[BitAutoData]
public async void BulkDeleteProjects_Success(SutProvider<ProjectsController> sutProvider, List<Project> data)
{
var ids = data.Select(project => project.Id).ToList();
var organizationId = data.First().OrganizationId;
foreach (var project in data)
{
project.OrganizationId = organizationId;
sutProvider.GetDependency<IAuthorizationService>()
.AuthorizeAsync(Arg.Any<ClaimsPrincipal>(), project,
Arg.Any<IEnumerable<IAuthorizationRequirement>>()).ReturnsForAnyArgs(AuthorizationResult.Success());
}
sutProvider.GetDependency<IProjectRepository>().GetManyWithSecretsByIds(Arg.Is(ids)).ReturnsForAnyArgs(data);
sutProvider.GetDependency<ICurrentContext>().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(true);
var results = await sutProvider.Sut.BulkDeleteAsync(ids);
await sutProvider.GetDependency<IDeleteProjectCommand>().Received(1)
.DeleteProjects(Arg.Is(AssertHelper.AssertPropertyEqual(data)));
Assert.Equal(data.Count, results.Data.Count());
foreach (var result in results.Data)
{
Assert.Null(result.Error);
}
} }
} }